Perform crazy refactor to Symfony

Author: filipopo

.dockerignore

@@ -0,0 +1,7 @@
+templates/webserver/website/config/secrets/prod/prod.decrypt.private.php
+templates/webserver/website/public/.tmb/
+templates/webserver/website/public/bundles/
+templates/webserver/website/var/
+templates/webserver/website/vendor/
+templates/webserver/website/.env.local.php
+templates/webserver/website/donation_log.txt

.gitignore

@@ -1,13 +1,10 @@
-MobileForces.zip
+MobileForces*.zip
 hosts
 vars.yml
-templates/gameserver/scripts/compress.sh
-templates/gameserver/services/mobileforces-gameserver.service
-templates/gameserver/services/mobileforces-fastdl.service
-templates/masterserver/services/mobileforces-masterserver.service
-templates/webserver/vhosts/mobileforces.conf
-templates/webserver/website/donations.db
-templates/webserver/website/admin/elFinder-*
-!templates/webserver/website/admin/elFinder-*.zip
-templates/webserver/website/includes/php/kofi.php
-templates/webserver/website/includes/php/variables.php
+templates/webserver/website/.env.local.php
+templates/webserver/website/config/secrets/prod/prod.decrypt.private.php
+templates/webserver/website/public/.tmb/
+templates/webserver/website/public/bundles/
+templates/webserver/website/var/
+templates/webserver/website/vendor/
+templates/webserver/website/donation_log.txt

Dockerfile

@@ -0,0 +1,20 @@
+ARG PHP_VER=8.4
+FROM php:${PHP_VER}-fpm-alpine AS base
+
+WORKDIR /var/www/html
+
+RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
+
+COPY templates/webserver/website .
+
+RUN export APP_ENV=prod APP_DEBUG=0 && \
+    composer install --no-dev --optimize-autoloader && \
+    composer dump-env prod && rm -f .env
+
+FROM php:${PHP_VER}-fpm-alpine
+
+COPY --from=base /var/www/html /var/www/html
+
+EXPOSE 9000
+
+CMD ["sh", "-c", "ADMIN_PASSWORD=${ADMIN_PASSWORD} php bin/console doctrine:migrations:migrate -n; php-fpm"]

README.md

@@ -6,6 +6,8 @@ This project allows you to automatically provision a Mobile Forces game server t
 
 The project is deployed on Hetzner at https://mf.nofisto.com through GitHub Actions and uses Cloudflare as a CDN and domain registrar, the root of the website code can be found at: `templates/webserver`
 
+symfony new website --version="7.2.x"
+
 # Setup instructions
 
 Put your MobileForces.zip in the root folder and run
@@ -17,16 +19,29 @@ You may configure various options in the vars.yml file, by deafult this playbook
 
 The Ansible playbook transfers game files, installs necessary packages and sets up Systemd services for the game server, master server and FastDL of game files through an Apache2 web server which is also used for the website, an SSL certificate is automatically added to it by using Let's Encrypt's certbot tool, these steps are made in a modular way and can be excluded
 
-# Potential improvements
+symfony check:requirements
 
-https://www.ericmacedo.com/generating-code-from-templates-using-python-and-jinja2.html
+```
+export APP_SECRET=secret KOFI_TOKEN=token
+ADMIN_PASSWORD=P@ssword123! php bin/console doctrine:migrations:migrate
+symfony server:start
+```
 
-# Thanks to
+```
+KOFI_NAME=filipmania
+KOFI_TARGET=12.49
+KOFI_CURRENCY=EUR
+KOFI_STARTDATE="2023-10-22 15:35:11"
+```
+
+php bin/console make:migration
 
-https://github.com/333networks/Masterserver-Qt5 for their master server implementing the Gamespy v0 protocol
+curl -L -H "Content-Type: application/json" -d @data.json http://127.0.0.1:8000/donate_notify
+
+# Thanks to
 
-https://github.com/OldUnreal/UnrealTournamentPatches for their updated System64 packages
+https://github.com/333networks/Masterserver-Qt5 for the master server implementing the Gamespy v0 protocol
 
-https://github.com/Studio-42/elFinder for the php file manager
+https://github.com/Studio-42/elFinder and https://github.com/helios-ag/FMElfinderBundle for the file manager
 
-https://github.com/twbs/bootstrap for bootstrap customizeation and compilation with only selected components
+https://github.com/OldUnreal/UnrealTournamentPatches for the updated System64 packages

compose.yml

@@ -0,0 +1,18 @@
+services:
+  app:
+    build:
+      context: .
+    volumes:
+      - .:/src
+
+  apache:
+    image: httpd:alpine
+    depends_on:
+      - app
+    ports:
+      - 80:80
+    volumes:
+      - ./src:/var/www/html
+
+volumes:
+  static:

handlers/apache.yml

@@ -13,13 +13,16 @@
       ansible.builtin.user:
         name: "{{ server_user }}"
 
-    - name: Ensure install directory exists
+    - name: Ensure directories exist
       ansible.builtin.file:
-        path: "{{ install_path }}/"
+        path: "{{ item }}"
         state: directory
         owner: "{{ server_user }}"
         group: "{{ server_user }}"
         mode: "755"
+      loop:
+        - "{{ install_path }}"
+        - "{{ website_path }}"
 
     - name: Install common dependencies
       ansible.builtin.package:
@@ -51,4 +54,3 @@
 
   handlers:
     - ansible.builtin.import_tasks: handlers/systemctl.yml
-    - ansible.builtin.import_tasks: handlers/apache.yml

playbook.yml

@@ -4,9 +4,11 @@
     name: "{{ item }}"
     state: latest
   loop:
+    - composer
     - libapache2-mpm-itk
-    - libapache2-mod-php
+    - php-fpm
     - php-sqlite3
+    - php-xml
     - python3-certbot-apache
 
 - name: Create virtual host for the mf website
@@ -15,95 +17,89 @@
     dest: /etc/apache2/sites-available/mobileforces.conf
     mode: "644"
 
-- name: Ensure website directories exist
-  ansible.builtin.file:
-    path: "{{ website_path }}/{{ item }}"
-    state: directory
-    owner: "{{ server_user }}"
-    group: "{{ server_user }}"
-    mode: "755"
-  loop:
-    - ""
-    - admin
-    - includes/
-    - includes/php/
-    - includes/css
-    - includes/images
-    - includes/js
-
-- name: Copy static files into the webserver folder
+- name: Copy website files
   ansible.builtin.copy:
-    src: "templates/webserver/website/{{ item[0] }}"
-    dest: "{{ website_path }}/{{ item[1] }}"
+    src: "templates/webserver/website/{{ item }}"
+    dest: "{{ website_path }}/"
     owner: "{{ server_user }}"
     group: "{{ server_user }}"
     mode: "644"
   loop:
-    - [index.php, index.php]
-    - [stats.php, stats.php]
-    - [donate_notify.php, donate_notify.php]
-    - [favicon.ico, favicon.ico]
-    - [admin/, admin/]
-    - [includes/css/, includes/css/]
-    - [includes/images/, includes/images/]
-    - [includes/js/, includes/js/]
-    - [includes/php/body.php, includes/php/body.php]
-    - [includes/php/db.php, includes/php/db.php]
+    - bin
+    - config
+    - migrations
+    - public
+    - src
+    - templates
+    - .env
+    - composer.json
+    - composer.lock
+    - symfony.lock
+    - sync_paypal.php
 
-- name: Copy dynamic website files
-  ansible.builtin.template:
-    src: "templates/webserver/website/{{ item[0] }}"
-    dest: "{{ website_path }}/{{ item[1] }}"
-    owner: "{{ server_user }}"
-    group: "{{ server_user }}"
-    mode: "644"
-  loop:
-    - [includes/php/kofi.j2, includes/php/kofi.php]
-    - [includes/php/cookies.j2, includes/php/cookies.php]
-    - [../kofi_sync_paypal.j2, ../kofi_sync_paypal.php]
+- name: Install website
+  ansible.builtin.shell: |
+    cd "{{ website_path }}" &&
+    export APP_ENV=prod APP_DEBUG=0 &&
+    composer install --no-dev --optimize-autoloader &&
+    composer dump-env prod && rm -f .env &&
+    ADMIN_PASSWORD="{{ AdminPassword }}" php bin/console doctrine:migrations:migrate -n
+  become_user: "{{ server_user }}"
 
-- name: Remove previous verisons of elFinder
-  ansible.builtin.shell: "rm -rf {{ website_path }}/admin/elFinder-*"
+- name: Enable the mobileforces website
+  ansible.builtin.shell:
+    cmd: a2enmod proxy_fcgi speling mpm_event && a2dismod mpm_prefork && a2ensite mobileforces.conf
+    creates: /etc/apache2/sites-enabled/mobileforces.conf
 
-- name: Extract elFinder zip onto server
-  ansible.builtin.unarchive:
-    src: "{{ item }}"
-    dest: "{{ website_path }}/admin/"
-    owner: "{{ server_user }}"
-    group: "{{ server_user }}"
-    mode: "755"
-  with_fileglob:
-    - "templates/webserver/elFinder-*.zip"
+- name: Request LE certificate
+  ansible.builtin.command:
+    cmd: "certbot --apache -n --email {{ ServerAdmin }} --agree-tos --no-redirect -d {{ ServerName }}"
+    creates: /etc/apache2/sites-enabled/mobileforces-le-ssl.conf
 
-- name: Install & configure elFinder for MF
-  ansible.builtin.shell: cd "{{ website_path }}"/admin/elFinder-*/php && mv connector.minimal.php-dist connector.minimal.php && sed -i "s/uploadAllow'   => array(/uploadAllow'   => array('application\/octet-stream', 'text\/html', /g" connector.minimal.php
+- name: Get PHP version
+  ansible.builtin.shell: readlink -f /usr/bin/php | grep -oP '/usr/bin/php\K.+'
+  register: php
 
-- name: Create symbolic links for elFinder
-  ansible.builtin.shell: "cd {{ website_path }}/admin/elFinder-*/files && ln -f -s {{ item }} ."
+- name: Configure PHP fpm pool
+  ansible.builtin.replace:
+    path: "/etc/php/{{ php.stdout }}/fpm/pool.d/www.conf"
+    regexp: "{{ item[0] }}"
+    replace: "{{ item[1] }}"
   loop:
-    - "{{ game_path }}"
-    - "{{ website_path }}"
+    - [= www-data, "= {{ server_user }}"]
+    - [/run/php/php8.3-fpm.sock, /run/php/www.sock]
 
-- name: Request LE certificate
-  ansible.builtin.shell: "certbot --apache -n --email {{ ServerAdmin }} --agree-tos --no-redirect -d {{ ServerName }}"
+- name: Reload the apache and PHP fpm services
+  ansible.builtin.service:
+    name: "{{ item }}"
+    state: reloaded
+  loop:
+    - apache2
+    - "php{{ php.stdout }}-fpm"
 
 - name: Allow the website to restart game services
   ansible.builtin.template:
     src: templates/webserver/scripts/01-mobileforces.j2
-    dest: /etc/polkit-1/rules.d/01-mobileforces
+    dest: /etc/polkit-1/rules.d/01-mobileforces.rules
     owner: root
     group: root
-    mode: "440"
-
-- name: Enable the mobileforces website
-  ansible.builtin.shell: a2enmod speling && a2ensite mobileforces.conf
-  notify: Reload apache
+    mode: "644"
 
 - name: Create cron job for syncing paypal
   ansible.builtin.cron:
     name: Gets transfer fees for donations
     minute: 0
     hour: 4
     user: "{{ server_user }}"
-    job: "php {{ install_path }}/kofi_sync_paypal.php" 
+    job: "PAYPAL_CLIENTID={{ paypal_clientid }} PAYPAL_SECRETKEY={{ paypal_secretkey }} php {{ website_path }}/sync_paypal.php"
     cron_file: mobileforces-kofi_sync_paypal
+
+- name: Create cron job for cleaning the site
+  ansible.builtin.cron:
+    name: Clean the site
+    minute: 30
+    hour: 4
+    weekday: 0
+    user: "{{ server_user }}"
+    job: "cd {{ website_path }} && rm -rf donation_log.txt var/cache var/log && php bin/console cache:warmup"
+    cron_file: mobileforces-clean