feat: CI/CD pipeline setup complete - Ansible playbooks updated, secrets configured, workflow ready

docker/php/Dockerfile.test

@@ -0,0 +1,68 @@
+# Dockerfile für PHP 8.4 Test-Umgebung
+FROM php:8.4-fpm AS test
+
+# System-Abhängigkeiten
+RUN apt-get update && apt-get install -y \
+    git \
+    unzip \
+    libzip-dev \
+    zip \
+    libpng-dev \
+    libjpeg-dev \
+    libfreetype6-dev \
+    libwebp-dev \
+    libavif-dev \
+    libxpm-dev \
+    libsodium-dev \
+    libpq-dev \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN docker-php-ext-configure gd \
+    --with-freetype \
+    --with-jpeg \
+    --with-webp \
+    --with-avif \
+    --with-xpm \
+    && docker-php-ext-install -j$(nproc) gd
+
+# Install PHP extensions
+RUN docker-php-ext-install -j$(nproc) \
+    zip \
+    pdo \
+    pdo_mysql \
+    pdo_pgsql \
+    pcntl \
+    posix \
+    shmop \
+    bcmath
+
+# Install PECL extensions (stable versions for PHP 8.4)
+RUN pecl install apcu redis \
+    && docker-php-ext-enable apcu redis
+
+RUN echo "apc.enable_cli=1" >> /usr/local/etc/php/conf.d/docker-php-ext-apcu.ini \
+    && echo "apc.shm_size=128M" >> /usr/local/etc/php/conf.d/docker-php-ext-apcu.ini
+
+# Composer installieren
+RUN curl -sS https://getcomposer.org/installer | php \
+    && mv composer.phar /usr/local/bin/composer
+
+WORKDIR /var/www/html
+
+# Kopiere PHP-Konfigurationen
+COPY docker/php/php.common.ini /usr/local/etc/php/php.common.ini
+COPY docker/php/php.development.ini /usr/local/etc/php/php.ini
+
+# Create appuser
+RUN groupadd -g 1000 appuser && useradd -u 1000 -g appuser -m appuser
+
+# Entrypoint
+COPY docker/php/docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
+RUN chmod +x /usr/local/bin/docker-entrypoint.sh
+
+# Install gosu
+RUN apt-get update && apt-get install -y gosu && apt-get clean && rm -rf /var/lib/apt/lists/*
+
+ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
+CMD ["php-fpm"]

docker/php/opcache.ini

@@ -0,0 +1,13 @@
+; OPcache Configuration for Production
+
+[opcache]
+opcache.enable = 1
+opcache.enable_cli = 0
+opcache.memory_consumption = 128
+opcache.interned_strings_buffer = 16
+opcache.max_accelerated_files = 10000
+opcache.revalidate_freq = 60
+opcache.fast_shutdown = 1
+opcache.validate_timestamps = 0
+opcache.save_comments = 1
+opcache.enable_file_override = 1

docker/php/php.production.ini

@@ -1,34 +1,36 @@
-; php.ini für Produktion
-include = php.common.ini
-
-[opcache]
-; Aktiviere OPcache
-opcache.enable=1
-; Aktiviere OPcache für CLI-Anwendungen (optional)
-opcache.enable_cli=0
-; Maximale Speichernutzung für Cache in MB
-opcache.memory_consumption=128
-; Maximale Anzahl an gecachten Dateien
-opcache.max_accelerated_files=10000
-; Wie oft wird der Cache validiert (0 = bei jedem Request)
-; TEMPORÄR: 0 für einfachere Deployments während aktiver Entwicklung
-; SPÄTER: Auf 60 erhöhen wenn System stabil ist
-opcache.revalidate_freq=0
-; Cache-Zeitstempel prüfen
-; TEMPORÄR: 1 aktiviert für Deployment-Flexibilität
-; SPÄTER: Auf 0 setzen für maximale Performance wenn stabil
-opcache.validate_timestamps=1
-; Performance-Optimierungen
-opcache.interned_strings_buffer=16
-; JIT (Just-In-Time Compilation) - Optional für PHP 8.0+
-opcache.jit_buffer_size=100M
-opcache.jit=1255
-
+; Production PHP Configuration for Custom PHP Framework
 
+[PHP]
+; Error handling - Log errors, don't display
 display_errors = Off
 display_startup_errors = Off
+log_errors = On
+error_log = /var/www/html/storage/logs/php-errors.log
 error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
+
+; Performance
 memory_limit = 256M
-upload_max_filesize = 10M
-post_max_size = 12M
 max_execution_time = 30
+max_input_time = 60
+post_max_size = 20M
+upload_max_filesize = 20M
+
+; Session
+session.save_handler = files
+session.save_path = /var/www/html/storage/sessions
+session.gc_maxlifetime = 1440
+session.cookie_httponly = 1
+session.cookie_secure = 1
+session.use_strict_mode = 1
+
+; Security
+expose_php = Off
+allow_url_fopen = On
+allow_url_include = Off
+
+; Timezone
+date.timezone = Europe/Berlin
+
+; Realpath cache (performance)
+realpath_cache_size = 4M
+realpath_cache_ttl = 600

docker/php/www.production.conf

@@ -0,0 +1,29 @@
+[www]
+; Unix user/group of processes
+user = www-data
+group = www-data
+
+; The address on which to accept FastCGI requests
+listen = 9000
+
+; CRITICAL: Keep environment variables from Docker
+clear_env = no
+
+; Process management
+pm = dynamic
+pm.max_children = 50
+pm.start_servers = 5
+pm.min_spare_servers = 5
+pm.max_spare_servers = 35
+pm.max_requests = 500
+
+; Logging
+catch_workers_output = yes
+php_admin_value[error_log] = /proc/self/fd/2
+php_admin_flag[log_errors] = on
+access.log = /proc/self/fd/2
+
+; Security
+php_admin_value[upload_max_filesize] = 50M
+php_admin_value[post_max_size] = 50M
+php_admin_value[memory_limit] = 256M

docker/php/zz-docker.production.conf

@@ -0,0 +1,22 @@
+[global]
+daemonize = no
+error_log = /proc/self/fd/2
+
+[www]
+; Unix user/group of processes (www-data for production)
+user = www-data
+group = www-data
+
+; The address on which to accept FastCGI requests.
+listen = 9000
+
+; Clear environment in FPM workers
+clear_env = no
+
+; Catch output from PHP workers
+catch_workers_output = yes
+
+; Redirect worker stdout and stderr into main error log
+access.log = /proc/self/fd/2
+php_admin_value[error_log] = /proc/self/fd/2
+php_admin_flag[log_errors] = on