Mathias STRASSER
9ccad77bf0
Les événements métier (emails d'invitation, reset password, activation) bloquaient la réponse API en étant traités de manière synchrone. Ce commit route ces événements vers un transport AMQP asynchrone avec un worker dédié, garantissant des réponses API rapides et une gestion robuste des échecs. Le retry utilise une stratégie Fibonacci (1s, 1s, 2s, 3s, 5s, 8s, 13s) qui offre un bon compromis entre réactivité et protection des services externes. Les messages qui épuisent leurs tentatives arrivent dans une dead-letter queue Doctrine avec alerte email à l'admin. La commande console CreateTestActivationTokenCommand détecte désormais les comptes déjà actifs et génère un token de réinitialisation de mot de passe au lieu d'un token d'activation, évitant une erreur bloquante lors de la ré-invitation par un admin.
105 lines
3.6 KiB
Bash
105 lines
3.6 KiB
Bash
# In all environments, the following files are loaded if they exist,
|
|
# the latter taking precedence over the former:
|
|
#
|
|
# * .env contains default values for the environment variables needed by the app
|
|
# * .env.local uncommitted file with local overrides
|
|
# * .env.$APP_ENV committed environment-specific defaults
|
|
# * .env.$APP_ENV.local uncommitted environment-specific overrides
|
|
#
|
|
# Real environment variables win over .env files.
|
|
#
|
|
# DO NOT DEFINE PRODUCTION SECRETS IN THIS FILE NOR IN ANY OTHER COMMITTED FILES.
|
|
# https://symfony.com/doc/current/configuration/secrets.html
|
|
#
|
|
# Run "composer dump-env prod" to compile .env files for production use (requires symfony/flex >=1.2).
|
|
|
|
###> symfony/framework-bundle ###
|
|
APP_ENV=dev
|
|
APP_SECRET=change_me_in_production_12345678
|
|
TRUSTED_PROXIES=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
|
|
TRUSTED_HOSTS=^(localhost|php|127\.0\.0\.1|(.+\.)?classeo\.local)$
|
|
###< symfony/framework-bundle ###
|
|
|
|
###> doctrine/doctrine-bundle ###
|
|
DATABASE_URL="postgresql://classeo:classeo@db:5432/classeo_master?serverVersion=18&charset=utf8"
|
|
###< doctrine/doctrine-bundle ###
|
|
|
|
###> symfony/messenger ###
|
|
MESSENGER_TRANSPORT_DSN=amqp://guest:guest@rabbitmq:5672/%2f/messages
|
|
###< symfony/messenger ###
|
|
|
|
###> lexik/jwt-authentication-bundle ###
|
|
JWT_SECRET_KEY=%kernel.project_dir%/config/jwt/private.pem
|
|
JWT_PUBLIC_KEY=%kernel.project_dir%/config/jwt/public.pem
|
|
JWT_PASSPHRASE=classeo_jwt_passphrase_change_me
|
|
###< lexik/jwt-authentication-bundle ###
|
|
|
|
###> redis ###
|
|
REDIS_URL=redis://redis:6379
|
|
###< redis ###
|
|
|
|
###> mercure ###
|
|
MERCURE_URL=http://mercure/.well-known/mercure
|
|
MERCURE_PUBLIC_URL=http://localhost:3000/.well-known/mercure
|
|
MERCURE_JWT_SECRET=mercure_publisher_secret_change_me_in_production
|
|
###< mercure ###
|
|
|
|
###> meilisearch ###
|
|
MEILISEARCH_URL=http://meilisearch:7700
|
|
MEILISEARCH_API_KEY=masterKey
|
|
###< meilisearch ###
|
|
|
|
###> symfony/mailer ###
|
|
MAILER_DSN=smtp://mailpit:1025
|
|
###< symfony/mailer ###
|
|
|
|
###> messenger-alerting ###
|
|
# Admin email for dead-letter queue alerts
|
|
ADMIN_ALERT_EMAIL=admin@classeo.local
|
|
###< messenger-alerting ###
|
|
|
|
###> symfony/routing ###
|
|
# Configure how to generate URLs in non-HTTP contexts, such as CLI commands.
|
|
# See https://symfony.com/doc/current/routing.html#generating-urls-in-commands
|
|
DEFAULT_URI=http://localhost
|
|
###< symfony/routing ###
|
|
|
|
###> multi-tenant ###
|
|
# Base domain for tenant resolution (e.g., classeo.fr, classeo.local)
|
|
TENANT_BASE_DOMAIN=classeo.local
|
|
###< multi-tenant ###
|
|
|
|
###> app ###
|
|
# Frontend URL for emails and links
|
|
APP_URL=http://localhost:5174
|
|
###< app ###
|
|
|
|
###> nelmio/cors-bundle ###
|
|
CORS_ALLOW_ORIGIN='^https?://(localhost|127\.0\.0\.1|[\w-]+\.classeo\.local)(:[0-9]+)?$'
|
|
###< nelmio/cors-bundle ###
|
|
|
|
###> cloudflare/turnstile ###
|
|
# Cloudflare Turnstile CAPTCHA (anti-bot protection)
|
|
# Get keys from: https://dash.cloudflare.com/?to=/:account/turnstile
|
|
# Cloudflare Turnstile - use test keys for local dev
|
|
# Test secret that always passes: 1x0000000000000000000000000000000AA
|
|
# Real key for production: set in .env.local
|
|
TURNSTILE_SECRET_KEY=1x0000000000000000000000000000000AA
|
|
# Fail open on API errors: true=allow through (dev), false=block (prod)
|
|
TURNSTILE_FAIL_OPEN=true
|
|
###< cloudflare/turnstile ###
|
|
|
|
###> symfony/lock ###
|
|
# Choose one of the stores below
|
|
# postgresql+advisory://db_user:db_password@localhost/db_name
|
|
LOCK_DSN=flock
|
|
###< symfony/lock ###
|
|
|
|
###> sentry/sentry-symfony ###
|
|
# GlitchTip DSN for error tracking (Sentry-compatible)
|
|
# Set this after creating a project in GlitchTip UI at http://localhost:8081
|
|
SENTRY_DSN=
|
|
# Environment label for error reports
|
|
SENTRY_ENVIRONMENT=development
|
|
###< sentry/sentry-symfony ###
|