diff --git a/.gitea/workflows/release-artefact.yml b/.gitea/workflows/release-artefact.yml index faae28c..57e0da3 100644 --- a/.gitea/workflows/release-artefact.yml +++ b/.gitea/workflows/release-artefact.yml @@ -45,6 +45,7 @@ jobs: set -euo pipefail mkdir -p release tar -czf "release/lesstime-${GITHUB_REF_NAME}.tar.gz" \ + .env \ bin \ config \ migrations \ diff --git a/deploy/nginx/lesstime.conf b/deploy/nginx/lesstime.conf index 2202b76..ef9abd4 100644 --- a/deploy/nginx/lesstime.conf +++ b/deploy/nginx/lesstime.conf @@ -1,5 +1,6 @@ server { listen 80; + listen [::]:80; server_name project.malio-dev.fr; root /var/www/lesstime/frontend/.output/public; @@ -37,7 +38,6 @@ server { fastcgi_param SCRIPT_FILENAME /var/www/lesstime/public/index.php; fastcgi_param DOCUMENT_ROOT /var/www/lesstime/public; fastcgi_pass unix:/run/php/php8.4-fpm.sock; - internal; } location ~ \.php$ { diff --git a/docs/deploy.md b/docs/deploy.md new file mode 100644 index 0000000..8693eef --- /dev/null +++ b/docs/deploy.md @@ -0,0 +1,213 @@ +# Deploiement sur serveur Ubuntu (sans Docker) + +## Prerequis + +- Ubuntu 22.04+ avec PHP 8.4, Node 24, PostgreSQL 16, Nginx +- Acces root ou sudo sur le serveur + +## 1. Preparer la BDD + +```bash +sudo -u postgres createuser lesstime +sudo -u postgres createdb -O lesstime lesstime +sudo -u postgres psql -c "ALTER USER lesstime WITH PASSWORD 'ton-mdp';" +``` + +## 2. Creer les dossiers + +```bash +sudo mkdir -p /var/www/lesstime/var/log /var/www/lesstime/var/cache /var/www/lesstime/config/jwt +sudo chown -R www-data:www-data /var/www/lesstime +``` + +## 3. Configurer l'environnement + +```bash +sudo nano /var/www/lesstime/.env +``` + +Contenu minimal : +```ini +APP_ENV=prod +``` + +```bash +sudo nano /var/www/lesstime/.env.local +``` + +Contenu : +```ini +APP_ENV=prod +APP_SECRET= +APP_DEBUG=0 + +DEFAULT_URI=http://project.malio-dev.fr/ +CORS_ALLOW_ORIGIN='^https?://project\.malio-dev\.fr$' + +DATABASE_URL="postgresql://lesstime:@localhost:5432/lesstime?serverVersion=16&charset=utf8" + +JWT_SECRET_KEY=%kernel.project_dir%/config/jwt/private.pem +JWT_PUBLIC_KEY=%kernel.project_dir%/config/jwt/public.pem +JWT_PASSPHRASE= +JWT_COOKIE_SECURE=0 +JWT_TOKEN_TTL=86400 +JWT_COOKIE_TTL=86400 + +ENCRYPTION_KEY= +``` + +> `JWT_COOKIE_SECURE=0` car HTTP. Passer a `1` si HTTPS. + +## 4. Installer le script de deploy + +```bash +sudo cp script/deploy-release.sh /usr/local/bin/deploy-lesstime +sudo chmod +x /usr/local/bin/deploy-lesstime +``` + +Si le repo Gitea est prive, configurer un token : +```bash +echo "ton-token-gitea" | sudo tee /etc/lesstime-release-token +sudo chmod 600 /etc/lesstime-release-token +``` + +## 5. Deployer une release + +```bash +sudo /usr/local/bin/deploy-lesstime v0.1.2 +``` + +Le script telecharge l'artefact, extrait les fichiers, clear le cache et lance les migrations. + +## 6. Generer les cles JWT + +```bash +cd /var/www/lesstime +sudo -u www-data php bin/console lexik:jwt:generate-keypair --skip-if-exists --env=prod +``` + +## 7. Configurer Nginx + +```bash +sudo cp deploy/nginx/lesstime.conf /etc/nginx/sites-available/lesstime +sudo ln -sf /etc/nginx/sites-available/lesstime /etc/nginx/sites-enabled/ +sudo nginx -t && sudo systemctl reload nginx +``` + +## 8. Creer le premier user admin + +Hasher un mot de passe : +```bash +php /var/www/lesstime/bin/console security:hash-password --env=prod +``` + +Choisir `App\Entity\User`, taper le mdp, copier le hash. Puis : +```bash +sudo -u postgres psql lesstime -c "INSERT INTO \"user\" (username, roles, password, created_at) VALUES ('admin', '[\"ROLE_ADMIN\"]', '', NOW());" +``` + +## 9. Tester + +```bash +curl http://project.malio-dev.fr/api/version +curl http://project.malio-dev.fr/ +``` + +--- + +# Connecter le serveur MCP a Claude Code + +Le serveur MCP expose 22 tools (projets, taches, time tracking, metadonnees) via le endpoint HTTP `/_mcp`. + +## 1. Generer un token API + +Sur le serveur (ou en local via Docker) : + +```bash +# Production (serveur) +php /var/www/lesstime/bin/console app:generate-api-token admin --env=prod + +# Dev (Docker) +docker exec -it php-lesstime-fpm php bin/console app:generate-api-token admin +``` + +La commande affiche un token de 64 caracteres. Ce token est lie a l'utilisateur et stocke en base (champ `apiToken` de l'entite `User`). + +## 2. Configurer Claude Code + +### Transport HTTP (recommande pour la prod) + +Creer ou modifier `.mcp.json` a la racine du projet : + +```json +{ + "mcpServers": { + "lesstime": { + "type": "http", + "url": "http://project.malio-dev.fr/_mcp", + "headers": { + "Authorization": "Bearer " + } + } + } +} +``` + +### Transport STDIO (dev local via Docker) + +```json +{ + "mcpServers": { + "lesstime-local": { + "command": "docker", + "args": [ + "exec", + "-i", + "php-lesstime-fpm", + "php", + "bin/console", + "mcp:server" + ] + } + } +} +``` + +### Transport STDIO via SSH (prod sans endpoint HTTP) + +```json +{ + "mcpServers": { + "lesstime": { + "command": "ssh", + "args": [ + "user@serveur", + "php", + "/var/www/lesstime/bin/console", + "mcp:server", + "--env=prod" + ] + } + } +} +``` + +## 3. Redemarrer Claude Code + +Apres modification de `.mcp.json`, relancer Claude Code pour qu'il detecte le serveur. + +## 4. Verifier + +Demander a Claude d'utiliser un outil MCP, par exemple : +- "Liste les projets sur Lesstime" +- "Cree une tache dans le projet LT" + +## Tools disponibles + +| Domaine | Tools | +|---------|-------| +| Projets | list-projects, get-project, create-project, update-project | +| Taches | list-tasks, get-task, create-task, update-task, delete-task | +| Metadonnees | list-statuses, list-priorities, list-efforts, list-tags, list-groups, create-group, update-group | +| Time tracking | list-time-entries, create-time-entry, update-time-entry, delete-time-entry | +| Reference | list-users, list-clients |