Initial commit

2025-10-01 01:39:07 +00:00
commit b430bf3b96
826 changed files with 255287 additions and 0 deletions
--- a/docs/DEPLOYMENT_GUIDE.md
+++ b/docs/DEPLOYMENT_GUIDE.md
@@ -0,0 +1,304 @@
+# 🚀 Guide de Déploiement BTP Xpress
+
+## 📋 Prérequis
+
+### Environnement de Production
+- **Node.js**: 18.x ou supérieur
+- **Java**: 17 ou supérieur (pour Quarkus)
+- **PostgreSQL**: 14 ou supérieur
+- **Keycloak**: 22.x ou supérieur
+- **Docker**: 24.x ou supérieur (optionnel)
+- **Nginx**: 1.20 ou supérieur (reverse proxy)
+
+### Domaines et Certificats SSL
+- `btpxpress.lions.dev` (Frontend)
+- `api.lions.dev` (Backend API)
+- `security.lions.dev` (Keycloak)
+
+## 🏗️ Architecture de Déploiement
+
+```
+Internet
+    ↓
+[Nginx Reverse Proxy]
+    ↓
+┌─────────────────┬─────────────────┐
+│   Frontend      │   Backend API   │
+│   Next.js       │   Quarkus       │
+│   Port 3000     │   Port 8080     │
+└─────────────────┴─────────────────┘
+    ↓                       ↓
+[PostgreSQL]           [Keycloak]
+Port 5432              Port 8180
+```
+
+## 🐳 Déploiement avec Docker
+
+### 1. Construction des Images
+
+```bash
+# Frontend
+cd btpxpress-client
+docker build -f Dockerfile.prod -t btpxpress-frontend:latest .
+
+# Backend
+cd btpxpress-server
+docker build -f Dockerfile.prod -t btpxpress-backend:latest .
+```
+
+### 2. Docker Compose Production
+
+```yaml
+# docker-compose.prod.yml
+version: '3.8'
+
+services:
+  postgres:
+    image: postgres:14-alpine
+    environment:
+      POSTGRES_DB: btpxpress
+      POSTGRES_USER: btpxpress_user
+      POSTGRES_PASSWORD: ${DB_PASSWORD}
+    volumes:
+      - postgres_data:/var/lib/postgresql/data
+    ports:
+      - "5432:5432"
+    restart: unless-stopped
+
+  keycloak:
+    image: quay.io/keycloak/keycloak:22.0
+    environment:
+      KEYCLOAK_ADMIN: admin
+      KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD}
+      KC_DB: postgres
+      KC_DB_URL: jdbc:postgresql://postgres:5432/keycloak
+      KC_DB_USERNAME: keycloak_user
+      KC_DB_PASSWORD: ${KEYCLOAK_DB_PASSWORD}
+      KC_HOSTNAME: security.lions.dev
+      KC_PROXY: edge
+    ports:
+      - "8180:8080"
+    depends_on:
+      - postgres
+    restart: unless-stopped
+    command: start
+
+  backend:
+    image: btpxpress-backend:latest
+    environment:
+      DB_URL: jdbc:postgresql://postgres:5432/btpxpress
+      DB_USERNAME: btpxpress_user
+      DB_PASSWORD: ${DB_PASSWORD}
+      KEYCLOAK_SERVER_URL: https://security.lions.dev
+      KEYCLOAK_REALM: btpxpress
+      KEYCLOAK_CLIENT_ID: btpxpress-backend
+      KEYCLOAK_CLIENT_SECRET: ${KEYCLOAK_CLIENT_SECRET}
+    ports:
+      - "8080:8080"
+    depends_on:
+      - postgres
+      - keycloak
+    restart: unless-stopped
+
+  frontend:
+    image: btpxpress-frontend:latest
+    environment:
+      NEXT_PUBLIC_API_URL: https://api.lions.dev
+      NEXT_PUBLIC_KEYCLOAK_URL: https://security.lions.dev
+      NEXT_PUBLIC_KEYCLOAK_REALM: btpxpress
+      NEXT_PUBLIC_KEYCLOAK_CLIENT_ID: btpxpress-frontend
+    ports:
+      - "3000:3000"
+    depends_on:
+      - backend
+    restart: unless-stopped
+
+volumes:
+  postgres_data:
+```
+
+### 3. Lancement
+
+```bash
+# Variables d'environnement
+export DB_PASSWORD="your-secure-db-password"
+export KEYCLOAK_ADMIN_PASSWORD="your-keycloak-admin-password"
+export KEYCLOAK_DB_PASSWORD="your-keycloak-db-password"
+export KEYCLOAK_CLIENT_SECRET="your-client-secret"
+
+# Démarrage
+docker-compose -f docker-compose.prod.yml up -d
+```
+
+## 🌐 Configuration Nginx
+
+```nginx
+# /etc/nginx/sites-available/btpxpress
+server {
+    listen 80;
+    server_name btpxpress.lions.dev;
+    return 301 https://$server_name$request_uri;
+}
+
+server {
+    listen 443 ssl http2;
+    server_name btpxpress.lions.dev;
+
+    ssl_certificate /path/to/ssl/cert.pem;
+    ssl_certificate_key /path/to/ssl/key.pem;
+
+    # Frontend
+    location / {
+        proxy_pass http://localhost:3000;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection 'upgrade';
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_cache_bypass $http_upgrade;
+    }
+}
+
+server {
+    listen 443 ssl http2;
+    server_name api.lions.dev;
+
+    ssl_certificate /path/to/ssl/cert.pem;
+    ssl_certificate_key /path/to/ssl/key.pem;
+
+    # Backend API
+    location / {
+        proxy_pass http://localhost:8080;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}
+```
+
+## 🔧 Configuration Keycloak
+
+### 1. Création du Realm
+
+1. Accéder à https://security.lions.dev
+2. Créer le realm `btpxpress`
+3. Configurer les clients :
+   - `btpxpress-frontend` (Public)
+   - `btpxpress-backend` (Confidential)
+
+### 2. Configuration des Rôles
+
+```json
+{
+  "roles": [
+    "super_admin",
+    "admin", 
+    "directeur",
+    "manager",
+    "chef_chantier",
+    "conducteur_travaux",
+    "chef_equipe",
+    "commercial",
+    "comptable",
+    "logisticien",
+    "employe",
+    "ouvrier",
+    "client_entreprise",
+    "client_particulier",
+    "viewer",
+    "guest"
+  ]
+}
+```
+
+## 📊 Monitoring et Logs
+
+### Health Checks
+
+```bash
+# Frontend
+curl https://btpxpress.lions.dev/_next/static/health
+
+# Backend
+curl https://api.lions.dev/api/health
+
+# Keycloak
+curl https://security.lions.dev/health
+```
+
+### Logs
+
+```bash
+# Docker logs
+docker-compose logs -f frontend
+docker-compose logs -f backend
+docker-compose logs -f keycloak
+
+# Application logs
+tail -f /var/log/btpxpress/application.log
+```
+
+## 🔒 Sécurité
+
+### Firewall
+
+```bash
+# Ouvrir les ports nécessaires
+ufw allow 80/tcp
+ufw allow 443/tcp
+ufw allow 22/tcp
+ufw enable
+```
+
+### Backup
+
+```bash
+# Base de données
+pg_dump -h localhost -U btpxpress_user btpxpress > backup_$(date +%Y%m%d).sql
+
+# Volumes Docker
+docker run --rm -v btpxpress_postgres_data:/data -v $(pwd):/backup alpine tar czf /backup/postgres_backup_$(date +%Y%m%d).tar.gz /data
+```
+
+## 🚀 Mise en Production
+
+### Checklist
+
+- [ ] SSL/TLS configuré
+- [ ] Base de données initialisée
+- [ ] Keycloak configuré
+- [ ] Variables d'environnement définies
+- [ ] Nginx configuré
+- [ ] Monitoring activé
+- [ ] Backups programmés
+- [ ] Tests de charge effectués
+- [ ] Documentation à jour
+
+### Commandes de Déploiement
+
+```bash
+# 1. Arrêt des services
+docker-compose down
+
+# 2. Mise à jour du code
+git pull origin main
+
+# 3. Reconstruction des images
+docker-compose build
+
+# 4. Redémarrage
+docker-compose up -d
+
+# 5. Vérification
+docker-compose ps
+curl -f https://btpxpress.lions.dev/api/health
+```
+
+## 📞 Support
+
+- **Documentation**: https://docs.btpxpress.lions.dev
+- **Support**: support@btpxpress.com
+- **Urgences**: +33 1 23 45 67 89