- added new file roles/web-app-shopware/files/framework.yaml defining trusted_proxies and trusted_headers for Symfony
- mounted framework.yaml into /var/www/html/config/packages/ in docker-compose
- exposed new role vars SHOPWARE_FRAMEWORK_HOST/DOCKER for mounting path
- rendered framework.yaml via Ansible copy task with proper permissions
- adjusted env.j2 to set TRUSTED_PROXIES and TRUSTED_HOSTS dynamically from domains and networks
- added SHOPWARE_DOMAIN var to vars/main.yml
- removed inline framework.yaml creation from Dockerfile (now managed via mount)
- updated proxy template (html.conf.j2) to include X-Forwarded-Ssl header
- improved init.sh permission handling for shared volumes
See ChatGPT conversation for implementation details and rationale:
https://chatgpt.com/share/690d4fe7-2830-800f-8b6d-b868e7fe0e97
- Added 'font-src data:' to CSP whitelist to allow inline fonts in Admin UI
- Refactored init.sh to run as root only for volume permission setup, then drop privileges to www-data
- Unified all bash invocations to sh for POSIX compliance
- Added missing 'bundles' named volume and mount to Docker Compose
- Set init container to run as root (0:0) for permission setup
- Added admin user rename step via Ansible task
See discussion: https://chatgpt.com/share/69087361-859c-800f-862c-7413350cca3e
- moved init.sh from template to files/ for direct copying and bind mounting
- removed hardcoded user creation from init process
- added database emptiness check before running system:install
- added new task 03_admin.yml to ensure admin user exists and update password/email via Ansible
- switched docker exec shell from bash to sh for Alpine compatibility
- updated Dockerfile and docker-compose.yml accordingly for mount-based init script
