[dsfr] Squelette pour tests

docker/nginx/Dockerfile

@@ -0,0 +1,18 @@
+FROM debian:bookworm-slim
+
+MAINTAINER Jérôme Fix <jerome.fix@zapoyok.info>
+
+RUN apt-get update && apt-get upgrade --no-install-recommends --no-install-suggests -y && apt-get install --no-install-recommends --no-install-suggests -y \
+    nginx \
+    ca-certificates \
+    gettext-base
+
+# SSL
+ADD "ssl/scc-crm.localhost+1-key.pem" "/etc/ssl/private/scc-crm.localhost+1-key.pem"
+ADD "ssl/scc-crm.localhost+1.pem" "/etc/ssl/certs/scc-crm.localhost+1.pem"
+
+RUN usermod -u 1000 www-data
+
+EXPOSE 80 443
+
+CMD ["nginx"]

docker/nginx/dev/conf.d/default.conf

@@ -0,0 +1,3 @@
+upstream php-upstream {
+    server php:9000;
+}

docker/nginx/dev/nginx.conf

@@ -0,0 +1,45 @@
+user www-data;
+worker_processes 4;
+pid /run/nginx.pid;
+daemon off;
+
+events {
+  worker_connections  2048;
+  multi_accept on;
+  use epoll;
+}
+
+http {
+  server_tokens off;
+  sendfile off;
+  tcp_nopush on;
+  tcp_nodelay on;
+  keepalive_timeout 15;
+  types_hash_max_size 2048;
+  include /etc/nginx/mime.types;
+  default_type application/octet-stream;
+  access_log off;
+  error_log off;
+
+  include /etc/nginx/conf.d/*.conf;
+  include /etc/nginx/sites-enabled/*;
+  open_file_cache max=100;
+  client_max_body_size 500M;
+
+  gzip on;
+  gzip_disable "msie6";
+
+  gzip_vary on;
+  gzip_proxied any;
+  gzip_comp_level 6;
+  gzip_buffers 16 8k;
+  gzip_http_version 1.1;
+  gzip_min_length 256;
+  gzip_types text/plain text/css application/json application/x-javascript application/javascript text/xml application/xml application/xml+rss text/javascript application/vnd.ms-fontobject application/x-font-ttf font/opentype image/svg+xml image/x-icon;
+
+  fastcgi_buffers 16 16k;
+  fastcgi_buffer_size 32k;
+  rewrite_log on;
+
+}
+

docker/nginx/dev/sites/default

@@ -0,0 +1,67 @@
+server {
+    listen 80;
+
+    server_name localhost;
+    root /var/www/public;
+
+    include /etc/nginx/snippets/expires.conf;
+
+    location / {
+        try_files $uri @rewriteapp;
+    }
+
+    location @rewriteapp {
+        rewrite ^(.*)$ /index.php/$1 last;
+    }
+
+    location ~ ^/index\.php(/|$) {
+        fastcgi_pass php-upstream;
+        fastcgi_split_path_info ^(.+\.php)(/.*)$;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_param HTTPS off;
+    }
+
+    error_log /var/log/nginx/crm_error.log;
+    access_log /var/log/nginx/crm_access.log;
+
+}
+
+server {
+    listen 443 ssl;
+
+    ssl_certificate           /etc/ssl/certs/scc-crm.localhost+1.pem;
+    ssl_certificate_key       /etc/ssl/private/scc-crm.localhost+1-key.pem;
+    ssl_session_cache         shared:SSL:10m;
+    ssl_session_timeout       5m;
+    ssl_protocols             TLSv1 TLSv1.1 TLSv1.2;
+    ssl_ciphers               ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;
+    ssl_prefer_server_ciphers on;
+
+    server_name localhost;
+    root /var/www/public;
+
+    include /etc/nginx/snippets/expires.conf;
+
+    location / {
+        try_files $uri @rewriteapp;
+    }
+
+    location @rewriteapp {
+        rewrite ^(.*)$ /index.php/$1 last;
+    }
+
+    location ~ ^/index\.php(/|$) {
+        fastcgi_pass php-upstream;
+        fastcgi_split_path_info ^(.+\.php)(/.*)$;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_param HTTPS on;
+    }
+
+    error_page 497 https://$host:$server_port/error.html;
+
+    error_log /var/log/nginx/crm_error.log;
+    access_log /var/log/nginx/crm_access.log;
+
+}

docker/nginx/dev/snippets/expires.conf

@@ -0,0 +1,55 @@
+# Expire rules for static content
+
+# No default expire rule. This config mirrors that of apache as outlined in the
+# html5-boilerplate .htaccess file. However, nginx applies rules by location,
+# the apache rules are defined by type. A consequence of this difference is that
+# if you use no file extension in the url and serve html, with apache you get an
+# expire time of 0s, with nginx you'd get an expire header of one month in the
+# future (if the default expire rule is 1 month). Therefore, do not use a
+# default expire rule with nginx unless your site is completely static
+
+# cache.appcache, your document html and data
+location ~* \.(?:manifest|appcache|html?|json)$ {
+  expires -1;
+  access_log /var/log/nginx/static.log;
+}
+
+# Feed
+location ~* \.(?:rss|atom)$ {
+  expires 1h;
+  add_header Cache-Control "public";
+}
+
+# Media: images, icons, video, audio, HTC
+location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ {
+  expires 1M;
+  access_log off;
+  add_header Cache-Control "public";
+}
+
+# CSS and Javascript
+location ~ '^/css/compiled' {
+  expires 1y;
+  access_log off;
+  add_header Cache-Control "public";
+}
+
+location ~ '^/js/compiled' {
+  expires 1y;
+  access_log off;
+  add_header Cache-Control "public";
+}
+
+# Cross domain webfont access
+location ~* \.(ttf|ttc|otf|eot|woff|font.css)$ {
+  add_header "Access-Control-Allow-Origin" "*";
+
+  # Also, set cache rules for webfonts.
+  #
+  # See http://wiki.nginx.org/HttpCoreModule#location
+  # And https://github.com/h5bp/server-configs/issues/85
+  # And https://github.com/h5bp/server-configs/issues/86
+  expires 1M;
+  access_log off;
+  add_header Cache-Control "public";
+}

docker/nginx/ssl/scc-crm.localhost+1-key.pem

@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDS2F+031v2GnVk
+IiH/FL59vd/zLnol7wBpNHkOy0glDCtV4r7oNKOlBh3xziOu0C/ScwgKvB4uSn0G
+mMEw9aBw1nWP95pchWkyIHEectAxtl8ISfJWbhu5qvGfgf837LWd6KBpcVfrDmj+
+fLiUGS4gC/8UzrPP+qJy8/BQ5wgM1qiClCWXfs7c3NG4KpO/xge/RgjcXzUG5brN
+7elL/SpOX2RDmIa4YJzJPIp3oLMlTZxMmMMYBxbCFVdjKu2QJiVlhniZOJZt3lsA
+0lYbBvkK/5S0i8SKp2CznbbSaEYbbrzJ8yqCg2LU2yLBWyJjhmtiC/rveRSvtE5I
+MeRWg+p9AgMBAAECggEBAI/XOYPFlZFR/6AugQ7qcgKKlMvsezyBzr/3Ildra26K
+3M2dASydLL8aazdZsJJESTvDaksYh2aBPsZPVA04pRoV1OJAwzg3c8rUwxdIsKwZ
+hL+84uz/9T43VtvA7gKTJFv0JeuJfbdIf2yOXcX7X7JRPNZPJfDPRiAyN1KaKq3G
+TpUBchIvoVxr9D79FUD5Es+NCrsPBsq97x6tZzZR1pZptBDNvc9XRerBTf7MwIbn
+8g7OhQORCY/P8v+MKKmcVL0DWfX/gxEXTAylEXyry/OvhxoVeXPQG9jnowyz4aea
+Xh+WZSHeHgBUnQollyGehRzZ1FDzalLtqLNY/UbbZQECgYEA89ulviuZXS4pJCMw
+0IAMlXsfjMoaAQSnBM/1BftrsPH+Em0F+41YlelM0ngNVTiPU52nRazGYymKb04B
+2s69NOYIMU3eSbFoFrR55Kr+QSAkuRhGqErTZIyxPwxaRIJeEUQhW1pRGa7sVd/k
+K+eHfBusQVINVnEOKJ6fc0+O7N0CgYEA3VftOtHXBIaUV7xK8QgxntUJWainYN2t
+CUOyp/OKhIwwVqr3R5YNNQwe/I7vBIklbygHa7Pvg823DyiHpo/00YZ3flt06Djk
+ifhOsnMhTShFz6JhvfAvUx73wmbRbOQD+7T5ZKflssZjh6Pf3/awpcJmiyPUXnBZ
+VQJHGRdlyiECgYEAlbYU1GLZ/g337hq4vljO4Pq9DOeK/XMIwviVOj34CKMY0+Eh
+GiXV6/tWUaSosthNjg0tA6amCX0YY2sl0lq4aICNKQ/gV6fV+pKEfzHHdN4yDXzs
+7Cc8DvAdZVLFHGhZLgqA3B/fyH/O0o3o/Fdho30tzNB+JcK06ZUw2U9PtPUCgYBH
+UfaZtlWfGrIf1wcaxTYf5Ksfna1ZE/SWgJ7HaTzf2sAUnQASq/HTfvVZEcFIZ9yN
+BYvmk1MA2D88/iU/cTFEdhx4tYVk8jgJkN3iuCAp2WktLzhpWEQXd2oD1Nd0S8BQ
+0Y5udX8Y7L3TTeVsJ/PhZVNfUAs05uSR9KruFdDxoQKBgAJvVJDJrmYnQQaV7Wfj
+si+gUx6/6PKXe6uobV4f6UWfFi7/NPYBTJZULPqUW6/SHKPQ0Iy0MiOEeaaV796E
+xlcarfgz9nq/a+NGN1lPoZ+xZ3MrI8KG7Gvf6W/uoR5uak0qHvSTCbTDGGT6NJ8u
+67N/3DzYAg4z0RUUKDuHyXqW
+-----END PRIVATE KEY-----

docker/nginx/ssl/scc-crm.localhost+1.pem

@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIEOzCCAqOgAwIBAgIRAMM9dYoFxmrS6W14NyNIDtowDQYJKoZIhvcNAQELBQAw
+YTEeMBwGA1UEChMVbWtjZXJ0IGRldmVsb3BtZW50IENBMRswGQYDVQQLDBJqZXJv
+bWVAamVyb21lLXQ1NjAxIjAgBgNVBAMMGW1rY2VydCBqZXJvbWVAamVyb21lLXQ1
+NjAwHhcNMTkwNjAxMDAwMDAwWhcNMzAwMjI4MTk0OTQ4WjBGMScwJQYDVQQKEx5t
+a2NlcnQgZGV2ZWxvcG1lbnQgY2VydGlmaWNhdGUxGzAZBgNVBAsMEmplcm9tZUBq
+ZXJvbWUtdDU2MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANLYX7Tf
+W/YadWQiIf8Uvn293/MueiXvAGk0eQ7LSCUMK1Xivug0o6UGHfHOI67QL9JzCAq8
+Hi5KfQaYwTD1oHDWdY/3mlyFaTIgcR5y0DG2XwhJ8lZuG7mq8Z+B/zfstZ3ooGlx
+V+sOaP58uJQZLiAL/xTOs8/6onLz8FDnCAzWqIKUJZd+ztzc0bgqk7/GB79GCNxf
+NQblus3t6Uv9Kk5fZEOYhrhgnMk8inegsyVNnEyYwxgHFsIVV2Mq7ZAmJWWGeJk4
+lm3eWwDSVhsG+Qr/lLSLxIqnYLOdttJoRhtuvMnzKoKDYtTbIsFbImOGa2IL+u95
+FK+0Tkgx5FaD6n0CAwEAAaOBiDCBhTAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAww
+CgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBRpjqQM9ohW6s1o
+Cgy7t63uvAPCkTAvBgNVHREEKDAmghdzY2MtY29ycG9yYXRlLmxvY2FsaG9zdIIL
+Ki5sb2NhbGhvc3QwDQYJKoZIhvcNAQELBQADggGBANMFJgufAgSlTU9M6/L1z2tc
+0xVblcBM307XGpBXcBmg9l1tT7DqChw8nfUFlxTV9g1yT+6BIR42mcAEnyaJxQe+
+FuT9mphZ1oTE00Sjw1IepuJeMli7lxbbUr5mrxoDCYAonZ9e0j7JSjaalvr3I40K
+JdiZNSySoIbVPf9itP3YxJNqfIx23YFs4JlQGTvZzOYFfXKMuDjaGyqy3+OCBir5
+pxLSqTXC9FGoRC6T+S/WwCODq4bcJz0cKgvYp0f+xaZ5/POMbXC+hpJ1ojcwF+D4
+f5vRQlzfnGSFgsc8FHff5/1dS5ZaAFDRLYQ4K1M7FNafAtitnG/vx5xAz7VSTi3G
+TxWhGrSmbJX0GmLDQIfOQyUYipW3RHvhw+JpPZ7ShR4G/Iacaslcjb8qDwgPNm7g
+UnBMo9DEXEYK4XUaF7ZYLKUCqu41ECS+4EB+vASiMuYBIRDEGU5Uj1NG4eq4tCx9
+6+M3w76jVd3c+MAqAed69Sqyx5Sx0Zzz/bKnU6T2WA==
+-----END CERTIFICATE-----

docker/node/Dockerfile

@@ -0,0 +1,3 @@
+FROM node:lts-buster
+
+WORKDIR /var/www

docker/php-fpm/Dockerfile

@@ -0,0 +1,33 @@
+FROM php:8.2-fpm-alpine
+
+### Install XDEBUG extension.
+RUN apk add --update linux-headers
+
+RUN apk add --no-cache $PHPIZE_DEPS \
+    && pecl install -f xdebug \
+    && docker-php-ext-enable xdebug \
+    && apk del $PHPIZE_DEPS
+
+### Install INTL extension.
+RUN apk add --no-cache icu-dev icu-data-full && \
+    docker-php-ext-install intl
+
+RUN docker-php-ext-install sysvsem
+
+### Install composer / composer-normalize.
+COPY --from=composer:2 /usr/bin/composer /usr/local/bin/composer
+ADD https://github.com/ergebnis/composer-normalize/releases/download/2.28.3/composer-normalize.phar /usr/local/bin/composer-normalize
+RUN chmod 755 /usr/local/bin/composer-normalize
+
+### Install tools
+RUN apk add --no-cache \
+    yamllint \
+    libxml2-utils \
+    make \
+    git
+
+WORKDIR /var/www
+
+CMD ["php-fpm"]
+
+EXPOSE 9000

docker/php-fpm/php.ini

@@ -0,0 +1,19 @@
+[PHP]
+date.timezone=Europe/Paris
+;log_errors=On
+;error_reporting=E_ALL & ~E_DEPRECATED & ~E_STRICT
+;display_errors=Off
+max_execution_time=30
+memory_limit=-1
+upload_max_filesize = 100M
+post_max_size = 100M
+
+[opcache]
+; http://symfony.com/doc/current/performance.html
+opcache.enable_cli=1
+opcache.memory_consumption=256
+opcache.max_accelerated_files=20000
+realpath_cache_size=4096K
+realpath_cache_ttl=600
+
+xdebug.mode=develop,coverage