From 9cf41a3b7ee0691659bef10f571dd3562acff1cf Mon Sep 17 00:00:00 2001
From: dahoud <dahoud@dgbf.ci>
Date: Sat, 10 Jan 2026 16:08:08 +0000
Subject: [PATCH] =?UTF-8?q?fix(config):=20Correction=20propri=C3=A9t=C3=A9?=
 =?UTF-8?q?s=20multipart=20et=20ingress=20align=C3=A9=20sur=20btpxpress?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Remplacement des propriétés obsolètes multipart par quarkus.http.limits.max-body-size
- Mise à jour de l'ingress avec le bon nom de service et annotations lionsctl
- Utilisation du certificat partagé api-lions-dev-tls
- Ajout du support WebSocket dans l'ingress
---
 kubernetes/afterwork-ingress.yaml         | 43 ++++++++++++++++-------
 src/main/resources/application.properties |  3 +-
 2 files changed, 32 insertions(+), 14 deletions(-)

diff --git a/kubernetes/afterwork-ingress.yaml b/kubernetes/afterwork-ingress.yaml
index a98c32a..a1cafd0 100644
--- a/kubernetes/afterwork-ingress.yaml
+++ b/kubernetes/afterwork-ingress.yaml
@@ -1,36 +1,55 @@
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
-  name: afterwork-api
+  name: mic-after-work-server-impl-quarkus-main-ingress
   namespace: applications
+  labels:
+    app: mic-after-work-server-impl-quarkus-main
   annotations:
     # SSL/TLS
     cert-manager.io/cluster-issuer: "letsencrypt-prod"
-    nginx.ingress.kubernetes.io/ssl-redirect: "true"
-    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
+    nginx.ingress.kubernetes.io/ssl-redirect: "false"
+    nginx.ingress.kubernetes.io/force-ssl-redirect: "false"
+
+    # Metadata
+    description: "Ingress for afterwork-api application on api.lions.dev/afterwork"
+    kubernetes.io/ingress.class: nginx
+    lionsctl.lions.dev/deployed-by: lionsctl
+    lionsctl.lions.dev/domain: api.lions.dev
+    lionsctl.lions.dev/path: /afterwork
 
     # Proxy settings
-    nginx.ingress.kubernetes.io/proxy-body-size: "10m"
+    nginx.ingress.kubernetes.io/proxy-body-size: "50m"
+    nginx.ingress.kubernetes.io/proxy-buffering: "on"
+    nginx.ingress.kubernetes.io/proxy-connect-timeout: "60"
     nginx.ingress.kubernetes.io/proxy-read-timeout: "300"
     nginx.ingress.kubernetes.io/proxy-send-timeout: "300"
 
     # WebSocket support
-    nginx.ingress.kubernetes.io/websocket-services: "afterwork-api"
     nginx.ingress.kubernetes.io/proxy-http-version: "1.1"
     nginx.ingress.kubernetes.io/configuration-snippet: |
       proxy_set_header Upgrade $http_upgrade;
       proxy_set_header Connection "upgrade";
 
-    # Security headers
+    # Security headers and CORS
     nginx.ingress.kubernetes.io/enable-cors: "true"
-    nginx.ingress.kubernetes.io/cors-allow-origin: "https://afterwork.lions.dev"
+    nginx.ingress.kubernetes.io/cors-allow-origin: "*"
     nginx.ingress.kubernetes.io/cors-allow-methods: "GET, POST, PUT, DELETE, OPTIONS, PATCH"
     nginx.ingress.kubernetes.io/cors-allow-credentials: "true"
-    nginx.ingress.kubernetes.io/cors-allow-headers: "DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,Accept,Origin"
+    nginx.ingress.kubernetes.io/cors-allow-headers: "DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization"
     nginx.ingress.kubernetes.io/cors-expose-headers: "Content-Length,Content-Range,Content-Disposition"
     nginx.ingress.kubernetes.io/cors-max-age: "86400"
 
+    # Compression
+    nginx.ingress.kubernetes.io/enable-compression: "true"
+    nginx.ingress.kubernetes.io/compression-types: "text/plain,text/css,application/json,application/javascript,text/xml,application/xml,application/xml+rss,text/javascript"
+
+    # Rate limiting
+    nginx.ingress.kubernetes.io/rate-limit: "1000"
+    nginx.ingress.kubernetes.io/rate-limit-window: "1m"
+
     # Rewrite (important pour /afterwork)
+    nginx.ingress.kubernetes.io/use-regex: "true"
     nginx.ingress.kubernetes.io/rewrite-target: /$2
 
 spec:
@@ -38,15 +57,15 @@ spec:
   tls:
   - hosts:
     - api.lions.dev
-    secretName: afterwork-api-tls
+    secretName: api-lions-dev-tls
   rules:
   - host: api.lions.dev
     http:
       paths:
       - path: /afterwork(/|$)(.*)
-        pathType: Prefix
+        pathType: ImplementationSpecific
         backend:
           service:
-            name: afterwork-api
+            name: mic-after-work-server-impl-quarkus-main-service
             port:
-              number: 8080
+              number: 80
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index f83ac92..7fa4cd6 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -56,8 +56,7 @@ quarkus.hibernate-orm.log.sql=false
 
 # Activer le support multipart pour l'upload de fichiers
 quarkus.http.body.uploads-directory=/tmp/uploads
-quarkus.http.body.multipart.max-request-size=10M
-quarkus.http.body.multipart.max-file-size=5M
+quarkus.http.limits.max-body-size=10M
 
 # Écouter sur toutes les interfaces réseau (0.0.0.0) pour être accessible depuis le Samsung
 quarkus.http.host=0.0.0.0