feat: update deployment configuration and encrypted env loader

- Update Ansible playbooks and roles for application deployment - Add new Gitea/Traefik troubleshooting playbooks - Update Docker Compose configurations (base, local, staging, production) - Enhance EncryptedEnvLoader with improved error handling - Add deployment scripts (autossh setup, migration, secret testing) - Update CI/CD workflows and documentation - Add Semaphore stack configuration
2025-11-02 20:38:06 +01:00
parent 7b7f0b41d2
commit 24cbbccf4c
44 changed files with 5280 additions and 276 deletions
--- a/src/Framework/Config/EncryptedEnvLoader.php
+++ b/src/Framework/Config/EncryptedEnvLoader.php
@@ -92,10 +92,28 @@ final readonly class EncryptedEnvLoader
            // Development: .env files → System ENV (local development workflow)
            $variables = $systemVariables;

-            // Load base .env file (can override system env for development)
-            $envFile = $baseDir->join('.env');
-            if ($envFile->exists()) {
-                $variables = array_merge($variables, $this->parser->parse($envFile));
+            // Load .env.base file first (shared base configuration)
+            $envBaseFile = $baseDir->join('.env.base');
+            if ($envBaseFile->exists()) {
+                $baseVariables = $this->parser->parse($envBaseFile);
+                $variables = array_merge($variables, $baseVariables);
+            }
+
+            // Load .env.local file (local development overrides)
+            // This overrides values from .env.base
+            $envLocalFile = $baseDir->join('.env.local');
+            if ($envLocalFile->exists()) {
+                $localVariables = $this->parser->parse($envLocalFile);
+                $variables = array_merge($variables, $localVariables);
+            }
+
+            // Fallback: Load legacy .env file if .env.base/.env.local don't exist
+            // This maintains backward compatibility during migration
+            if (!$envBaseFile->exists() && !$envLocalFile->exists()) {
+                $envFile = $baseDir->join('.env');
+                if ($envFile->exists()) {
+                    $variables = array_merge($variables, $this->parser->parse($envFile));
+                }
            }
        }

@@ -121,7 +139,7 @@ final readonly class EncryptedEnvLoader
                    }
                }
            } else {
-                // Development: Allow override
+                // Development/Staging: Allow override
                $variables = array_merge($variables, $this->parser->parse($envSpecificFile));
            }
        }