693e4a03bf
All checks were successful
CI / secret-scan (pull_request) Successful in 15s
CI / php-lint (pull_request) Successful in 28s
CI / static-tests (pull_request) Successful in 1m6s
CI / js-tests (pull_request) Successful in 40s
CI / secret-scan (push) Successful in 14s
CI / php-lint (push) Successful in 33s
CI / static-tests (push) Successful in 1m11s
CI / js-tests (push) Successful in 38s
Client SMTP maison (zero lib, contrainte from-scratch) : ESMTP + STARTTLS + AUTH LOGIN, conduit par SmtpClient contre un SmtpTransport injectable (seam de test). SmtpMailer assemble un message text/plain UTF-8 (dot-stuffing, en-tetes RFC2047) et implemente l'interface Mailer existante. PasswordResetController choisit SmtpMailer si SMTP_HOST+USER+PASSWORD presents, sinon garde LogMailer (dev sans infra mail inchange). STARTTLS exige avant AUTH (pas d'auth en clair). Garde anti-injection CRLF sur les adresses (SmtpClient) + filter_var du destinataire (SmtpMailer). readReply borne (anti-boucle sur reponse malformee). Secrets uniquement en .env (hote) : placeholders dans .env.example / .env.prod.example, rien de versionne. Revue compliance : verdict block initial (injection CRLF + readReply non borne), 2 must_fix corriges + tests de regression. 8 tests SMTP, 429 total, PHPStan L6.
75 lines
2.3 KiB
Text
75 lines
2.3 KiB
Text
# Modele de configuration de PRODUCTION (derriere Traefik).
|
|
#
|
|
# cp .env.prod.example .env
|
|
# puis renseigner les lignes <REMPLIR> (domaines, mots de passe, reseau Traefik).
|
|
#
|
|
# Difference avec .env.example (dev) : APP_ENV=prod, APP_DEBUG=false, URLs en HTTPS,
|
|
# mots de passe forts, REVERSE_PROXY_NETWORK renseigne.
|
|
|
|
APP_ENV=prod
|
|
APP_DEBUG=false
|
|
APP_TIMEZONE=Europe/Paris
|
|
|
|
# Domaines publics (doivent resoudre en DNS vers l'hote de prod).
|
|
APP_HOST_KIOSK=<REMPLIR-domaine-borne>
|
|
APP_HOST_ADMIN=<REMPLIR-domaine-admin>
|
|
APP_URL_KIOSK=https://<REMPLIR-domaine-borne>
|
|
APP_URL_ADMIN=https://<REMPLIR-domaine-admin>
|
|
|
|
# Base de donnees : mots de passe FORTS en prod (openssl rand -base64 24).
|
|
DB_HOST=wakdo-db
|
|
DB_PORT=3306
|
|
DB_NAME=wakdo
|
|
DB_USER=wakdo
|
|
DB_PASSWORD=<REMPLIR-mot-de-passe-fort>
|
|
DB_ROOT_PASSWORD=<REMPLIR-autre-mot-de-passe-fort>
|
|
|
|
SESSION_LIFETIME_IDLE=14400
|
|
SESSION_LIFETIME_ABSOLUTE=36000
|
|
SESSION_NAME=WAKDO_SID
|
|
|
|
# Doit correspondre EXACTEMENT a APP_URL_KIOSK (pas de wildcard).
|
|
CORS_ALLOWED_ORIGIN=https://<REMPLIR-domaine-borne>
|
|
|
|
ARGON2_MEMORY_COST=65536
|
|
ARGON2_TIME_COST=4
|
|
ARGON2_THREADS=1
|
|
|
|
ACCOUNT_LOCKOUT_THRESHOLD=5
|
|
ACCOUNT_LOCKOUT_BASE_SECONDS=60
|
|
ACCOUNT_LOCKOUT_MAX_SECONDS=900
|
|
IP_THROTTLE_WINDOW_SECONDS=900
|
|
IP_THROTTLE_MAX_ATTEMPTS=20
|
|
|
|
STAFF_PIN_MIN_LENGTH=4
|
|
STAFF_PIN_MAX_LENGTH=12
|
|
PIN_THROTTLE_THRESHOLD=5
|
|
PIN_THROTTLE_BASE_SECONDS=30
|
|
PIN_THROTTLE_MAX_SECONDS=300
|
|
PIN_THROTTLE_WINDOW_SECONDS=900
|
|
PASSWORD_RESET_TTL=3600
|
|
|
|
AUDIT_LOG_RETENTION_DAYS=365
|
|
THROTTLE_PURGE_AFTER_HOURS=24
|
|
ORDER_RETENTION_DAYS=1095
|
|
|
|
UPLOAD_MAX_SIZE_MB=5
|
|
UPLOAD_ALLOWED_MIME=image/jpeg,image/png,image/webp
|
|
|
|
CRON_TIMEZONE=Europe/Paris
|
|
|
|
# Nom du reseau Docker externe du Traefik de l'hote (doit exister avant le up).
|
|
REVERSE_PROXY_NETWORK=<REMPLIR-reseau-traefik>
|
|
|
|
# ===================================================================
|
|
# Envoi d'email (reinitialisation mot de passe) - relais SMTP
|
|
# ===================================================================
|
|
# Si SMTP_HOST + SMTP_USER + SMTP_PASSWORD sont presents, l'app envoie via le
|
|
# relais ; sinon elle se rabat sur le journal (LogMailer). Renseigner ces 3
|
|
# valeurs UNIQUEMENT ici (jamais dans le depot). Exemple : relais Brevo.
|
|
SMTP_HOST=smtp-relay.brevo.com
|
|
SMTP_PORT=587
|
|
SMTP_USER=<REMPLIR-login-smtp>
|
|
SMTP_PASSWORD=<REMPLIR-cle-smtp-secrete>
|
|
MAIL_FROM_EMAIL=noreply@a3n.fr
|
|
MAIL_FROM_NAME=Wakdo
|