feat: CI/CD pipeline setup complete - Ansible playbooks updated, secrets configured, workflow ready

docker/entrypoint.sh

@@ -0,0 +1,40 @@
+#!/bin/bash
+set -e
+
+echo "🔐 Loading secrets from /run/secrets/..."
+
+# Function to load secret from file if *_FILE env var is set
+load_secret() {
+    local var_name="$1"
+    local file_var="${var_name}_FILE"
+
+    if [ -n "${!file_var}" ] && [ -f "${!file_var}" ]; then
+        export "$var_name"="$(cat "${!file_var}")"
+        echo "✅ Loaded $var_name from ${!file_var}"
+    fi
+}
+
+# Load database password from secret file
+load_secret "DB_PASSWORD"
+
+# Load other secrets
+load_secret "APP_KEY"
+load_secret "VAULT_ENCRYPTION_KEY"
+load_secret "SHOPIFY_WEBHOOK_SECRET"
+load_secret "RAPIDMAIL_PASSWORD"
+
+echo "✅ All secrets loaded"
+echo ""
+echo "📊 Environment variables:"
+env | grep -E "DB_|APP_" | grep -v "PASSWORD\|KEY\|SECRET" || true
+
+# Start PHP-FPM in background (inherits all environment variables)
+echo "🚀 Starting PHP-FPM..."
+php-fpm &
+
+# Wait for PHP-FPM to be ready
+sleep 2
+
+# Start nginx in foreground (inherits all environment variables)
+echo "🚀 Starting nginx..."
+exec nginx -g 'daemon off;'