refactor(web-app-shopware): externalize trusted proxy and host configuration with mounted framework.yaml

- added new file roles/web-app-shopware/files/framework.yaml defining trusted_proxies and trusted_headers for Symfony - mounted framework.yaml into /var/www/html/config/packages/ in docker-compose - exposed new role vars SHOPWARE_FRAMEWORK_HOST/DOCKER for mounting path - rendered framework.yaml via Ansible copy task with proper permissions - adjusted env.j2 to set TRUSTED_PROXIES and TRUSTED_HOSTS dynamically from domains and networks - added SHOPWARE_DOMAIN var to vars/main.yml - removed inline framework.yaml creation from Dockerfile (now managed via mount) - updated proxy template (html.conf.j2) to include X-Forwarded-Ssl header - improved init.sh permission handling for shared volumes See ChatGPT conversation for implementation details and rationale: https://chatgpt.com/share/690d4fe7-2830-800f-8b6d-b868e7fe0e97
2025-11-14 00:56:44 +00:00 · 2025-11-07 02:48:49 +01:00
parent 2fcbae8fc7
commit 493d5bbbda
8 changed files with 34 additions and 11 deletions
--- a/roles/web-app-shopware/templates/docker-compose.yml.j2
+++ b/roles/web-app-shopware/templates/docker-compose.yml.j2
@@ -8,6 +8,7 @@ x-environment: &shopware
    - sitemap:/var/www/html/public/sitemap
    - "{{ SHOPWARE_INIT_HOST }}:{{ SHOPWARE_INIT_DOCKER }}:ro"
    - bundles:/var/www/html/public/bundles
+    - "{{ SHOPWARE_FRAMEWORK_HOST }}:{{ SHOPWARE_FRAMEWORK_DOCKER }}:ro"
  working_dir: {{ SHOPWARE_ROOT }}

 {% include 'roles/docker-compose/templates/base.yml.j2' %}