chore: complete update

.archive/docker/nginx/docker-entrypoint.sh

@@ -0,0 +1,58 @@
+#!/bin/sh
+set -e
+#!/bin/sh
+set -e
+
+# Umgebungsvariablen-Substitution in Nginx-Konfiguration
+if [ -n "$APP_ENV" ]; then
+    echo "Setting APP_ENV to: $APP_ENV"
+    sed -i "s/\${APP_ENV}/$APP_ENV/g" /etc/nginx/conf.d/default.conf
+fi
+
+# Warte auf PHP-FPM Container
+echo "Waiting for PHP-FPM to be ready..."
+while ! nc -z php 9000; do
+    sleep 1
+done
+echo "PHP-FPM is ready!"
+
+# SSL-Zertifikate prüfen
+if [ ! -f "/var/www/ssl/fullchain.pem" ] || [ ! -f "/var/www/ssl/privkey.pem" ]; then
+    echo "Warning: SSL certificates not found. HTTPS may not work properly."
+fi
+
+# Nginx-Konfiguration testen
+echo "Testing Nginx configuration..."
+nginx -t
+
+# Nginx starten
+echo "Starting Nginx..."
+exec "$@"
+until nc -z -w 2 php 9000; do
+  echo "Warte auf PHP-FPM..."
+  sleep 1
+done
+
+# Optional: eigene Umgebungsvariable mit Default setzen
+export APP_ENV="${APP_ENV:-production}"
+
+echo "Starte Nginx mit APP_ENV=$APP_ENV"
+
+# Ersetze Platzhalter in temporäre Datei
+envsubst '${APP_ENV}' < /etc/nginx/conf.d/default.conf > /tmp/default.conf
+
+# Ersetzte Originalkonfiguration
+cp /tmp/default.conf /etc/nginx/conf.d/default.conf
+
+# WICHTIG: Rechte für stdout/stderr anpassen
+chmod a+rw /dev/stdout /dev/stderr
+
+# Nginx-Ordner Rechte anpassen
+mkdir -p /var/cache/nginx /var/log/nginx
+chown -R nginx:nginx /var/cache/nginx /var/log/nginx
+
+# Stelle sicher, dass das SSL-Verzeichnis existiert
+mkdir -p /var/www/ssl
+
+# Jetzt kann nginx sicher starten
+exec nginx -g 'daemon off;'

.archive/docker/nginx/nginx.conf

@@ -0,0 +1,78 @@
+# Standard Nginx User
+user nginx;
+worker_processes auto;
+error_log /var/log/nginx/error.log notice;
+pid /var/run/nginx.pid;
+
+# Worker-Prozess-Einstellungen
+events {
+    worker_connections 1024;
+    use epoll;
+    multi_accept on;
+}
+
+http {
+    # MIME-Types
+    include /etc/nginx/mime.types;
+    default_type application/octet-stream;
+
+    # Server-Tokens für Sicherheit ausblenden
+    server_tokens off;
+
+    # Rate-Limiting
+    limit_req_zone $binary_remote_addr zone=mylimit:10m rate=10r/s;
+
+    # Logging-Format
+    log_format main '$remote_addr - $remote_user [$time_local] "$request" '
+                    '$status $body_bytes_sent "$http_referer" '
+                    '"$http_user_agent" "$http_x_forwarded_for" '
+                    'rt=$request_time uct="$upstream_connect_time" '
+                    'uht="$upstream_header_time" urt="$upstream_response_time"';
+
+    # Container-optimierte Logs
+    access_log /dev/stdout main;
+    error_log /dev/stderr warn;
+
+    # Performance-Optimierungen
+    sendfile on;
+    tcp_nopush on;
+    tcp_nodelay on;
+    keepalive_timeout 65;
+    types_hash_max_size 2048;
+    client_max_body_size 64M;
+
+    # Gzip-Kompression
+    gzip on;
+    gzip_vary on;
+    gzip_min_length 1024;
+    gzip_proxied any;
+    gzip_comp_level 6;
+    gzip_types
+        text/plain
+        text/css
+        text/xml
+        text/javascript
+        application/json
+        application/javascript
+        application/xml+rss
+        application/atom+xml
+        image/svg+xml
+        application/rss+xml
+        application/vnd.ms-fontobject
+        application/x-font-ttf
+        font/opentype;
+
+    # Basis-Sicherheits-Header
+    add_header X-Frame-Options "SAMEORIGIN" always;
+    add_header X-XSS-Protection "1; mode=block" always;
+    add_header X-Content-Type-Options "nosniff" always;
+    add_header Referrer-Policy "no-referrer-when-downgrade" always;
+
+    # SSL-Session-Cache
+    ssl_session_cache shared:SSL:10m;
+    ssl_session_timeout 10m;
+    ssl_session_tickets off;
+
+    # Server-Konfigurationen einbinden
+    include /etc/nginx/conf.d/*.conf;
+}

.archive/docker/nginx/ssl/localhost+2-key.pem

@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDAzwS8FGSCDwDg
+7QX8OpGkX1SbSwbUyzXNjEta319BvAH2OfcFFCj6u/iqfL7gKOM83t8u71VBFsCx
+ZlxX2Ilyu2+r72sCdGBXcK6riTHrkjTs4uV6YV98eJuYhvAzSijpsRQjwnwQ587c
+axtCXZhOzee3Tnbtzq4plqmOKR10D+cvrOZxuoKI914blXpGe8ds3vWEixewrex0
+CYhzPj/zEF3yfCoSXeTmFBUbmmH/JwcCK8uO5t6XR1Dyo3M4GOMrmGtO7U4nuL6e
+7JsbZfPaEW9wKtDjEwFDJSLy0ALEpiNWvbW4OaZWNkJk0jfKYwyBunNSs62B4307
+oF8lqVo1AgMBAAECggEAbPlU0ryv5fZ256nvlRTBVmbvGep4zPKh0TA3MwBHBY8u
+iK1QWVWAp95v+GQTOfzCGphZCl0JEYW7mUiibqAbZ3Za8pGaKMP/48vzXU5ooZ18
+PlsrmlTItEAyqS2zOznyD8se9+snViK+f0QmHwdpWzjze15kx5nmQ+k8ofXJCNwq
+q3dJIMI/WNuc0e/mMHYjZBsIwuoUi6YJHCE6RkWhGcnvlyXdKUV73/n8Loy6DUtW
+VmshXag7+GfbVZIesMCjfnJ0gr9OG+XrFl6AcggzFA1ZHRoQliraVYGB2duQlIpW
+o1wJMhFSGFPZxvl67hwXHJeo7ghHHfqNYXS1OuhV7QKBgQDBrvyzLtav51LzqOUY
+2HPvaH86arbARc4Fy6ZJ0TaSlmKQ5GzRG0lG2CR03oZz+OcMV/BU8xUMM7CX0zUq
+9RAmbE7rvXYOvqTe8pcdHeKKflzsr5p0HNROaeZdpMu8xoK1KLelAo6UCEBUGEny
+oMtQWapuYvmdlHR2el2ICRGNzwKBgQD+1/iM1LcF9CYvEc8Sly9XuoRsdUCxavQa
+sssv7eG5kkL8HroNs1pGZU8lNuZaT1V0ekWVOFk+X3+dGgCXg5/e/CluK9K7qOHX
+3IkyUnZLEH5sDXGMGBzYA9AQTaB1PMTQYku6GNWYab6LFQTvpvvLcIILaFHokq8p
+D/dGVJH8uwKBgQCBOxDBPe9hTye6DGdQPJyekUrS34EwqWLd2xQJDN8sz8rUgpVY
+sKwj6PPqRs/PcbQ4ODTTeZ4BljuuEe7XyswL1xiRksjC7dF0MMlDVD1jywyVoFWe
+Q94ks+RRdzO5sXplBdYC88HOY/MIKWytxzvhUPK21LNYwUU0CFGAAw0DYQKBgQD4
+mT/qSdscoLXa9tl0fiz9vIJPtvXb3MSxgra5U6n9t9NGVMcUdGBdCZjyaaK+eGOZ
+U2mrjiNouAop++KV6x26jWvxACj7TVy6kXT4tP6WbUmWKGsaya7hfp6qOL+NfjFU
+Qn8y0+URYB4zWNbO3asFIwSJEkPMx8K9IMkMP5WF3wKBgCYiqAhPDF4WxA3fAqP7
+95px8Clrety0mwOtE/rMQRf1nKJ78oA4pr+/VXRbyghAxtD4psbmBQofX3iwnn3B
+o1DV3FLpNw004mvcKGScUcNwHQtWAtWX2nVDcxes5R2DgN+lpmWmf5Tq47p0r5ZP
+nRb92drrnf8FoBv78CxLjIu+
+-----END PRIVATE KEY-----

.archive/docker/nginx/ssl/localhost+2.pem

@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIEHjCCAoagAwIBAgIQLqhFNHvvWJKUpuypArU2CjANBgkqhkiG9w0BAQsFADBb
+MR4wHAYDVQQKExVta2NlcnQgZGV2ZWxvcG1lbnQgQ0ExGDAWBgNVBAsMD21pY2hh
+ZWxATWlrZS1QQzEfMB0GA1UEAwwWbWtjZXJ0IG1pY2hhZWxATWlrZS1QQzAeFw0y
+NTA1MTgxOTUyMDlaFw0yNzA4MTgxOTUyMDlaMEMxJzAlBgNVBAoTHm1rY2VydCBk
+ZXZlbG9wbWVudCBjZXJ0aWZpY2F0ZTEYMBYGA1UECwwPbWljaGFlbEBNaWtlLVBD
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwM8EvBRkgg8A4O0F/DqR
+pF9Um0sG1Ms1zYxLWt9fQbwB9jn3BRQo+rv4qny+4CjjPN7fLu9VQRbAsWZcV9iJ
+crtvq+9rAnRgV3Cuq4kx65I07OLlemFffHibmIbwM0oo6bEUI8J8EOfO3GsbQl2Y
+Ts3nt0527c6uKZapjikddA/nL6zmcbqCiPdeG5V6RnvHbN71hIsXsK3sdAmIcz4/
+8xBd8nwqEl3k5hQVG5ph/ycHAivLjubel0dQ8qNzOBjjK5hrTu1OJ7i+nuybG2Xz
+2hFvcCrQ4xMBQyUi8tACxKYjVr21uDmmVjZCZNI3ymMMgbpzUrOtgeN9O6BfJala
+NQIDAQABo3YwdDAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEw
+HwYDVR0jBBgwFoAUhhzxUvThIGRX4MSoX91Vzm1zZ9AwLAYDVR0RBCUwI4IJbG9j
+YWxob3N0hwR/AAABhxAAAAAAAAAAAAAAAAAAAAABMA0GCSqGSIb3DQEBCwUAA4IB
+gQDUFLYZPo8RrfZh/vwT15LcIce8brdVegms6DvPK9lMZX6C4sGf4+rTJCwPuqHW
+dqVZAhHdvcsyGI15xvVPT4qSh89RN1JB9uIHCk+weIzp+Rn06MMrB49m4abAvWp2
+hB8bCo80hMVIsCb3Wr9sHg7CsJItsdGz8jHYCvHpvPLR7gWhYjm1g0meglT3tZqd
+TsKDMb3Vj/vsivEueM6Oj/of8xbamVSSkqljWbRls7Ti7xqXMbmf7nl0WvG9IXg3
+5Ucv1AWJIFEeLnMM5V0nEbO3sAhbNMLXieGPBWHXOgHuvVnQyu1mBESjgc5bjwfN
+UjYBHluFkF9aYw3mGcFqAlb1FpGoMtHwTw0uGZzHzj5FY8oZix5edq/upriV6cU2
+t0tidlfhvkJNSSO4zjAPjU1wd+/QRZwY2PcB5kBxs5MzSmiMlEjTkGgHWqMWMBf1
+NPbyaxtjL69xBVonxpqD6BLJ2qLatgCs6fkZZF7AT38OFXr8Cv5vxt1rR5fs1P6X
+mI0=
+-----END CERTIFICATE-----

.archive/docker/nginx/vite-proxy.inc.dev

@@ -0,0 +1,4 @@
+location / {
+    try_files $uri $uri/ /index.php?$query_string;
+    autoindex off;
+}

.archive/docker/nginx/vite-proxy.inc.prod

@@ -0,0 +1,4 @@
+location / {
+    try_files $uri $uri/ /index.php?$query_string;
+    autoindex off;
+}