mirror of
https://codeberg.org/PostERG/xamxam.git
synced 2026-06-25 16:19:19 +02:00
be50ac5eb0
- Fix 413 Request Entity Too Large: bump client_max_body_size to 256M, PHP post_max_size/upload_max_filesize to 256M, fastcgi timeouts to 300s - Fix missing v_smtp_active view: add IF NOT EXISTS to all CREATE VIEW statements in schema.sql for idempotent migrates - Fix bars.svg 404: create animated SVG spinner in app/public/assets/img/ - Fix nginx rate limiting: increase admin zone from 60r/m (1 r/s) to 300r/m (5 r/s) with burst=30 to handle ~11 concurrent HTMX fragment GETs on contenus.php page load - Add deploy-nginx recipe to justfile for uploading nginx config to server - Database readonly issue mitigated by existing --chown + deploy-server.sh permissions fix - Add comprehensive PHP/JS debugging logs for settings checkboxes: per-field raw POST values in error_log, console.log on htmx:beforeSend, htmx:sendError, htmx:afterRequest, toast lifecycle - Fix toast auto-remove script: use getElementById with unique ID instead of querySelector which could remove wrong toast on rapid clicks
XAMXAM
(Anciennement Posterg)
Répertoire des travaux de fin d'études de l'ERG (École de Recherche Graphique).
Requirements
- PHP 8.4
- SQLite3 (
php8.4-sqlite3) - nginx (production)
Development
MacOS
Logiciels:
- un IDE pour éditer → VSCode
- git (ou une interface graphique) pour partager les modifications → git-gui (officiel) ou Github Desktop
- un server web avec PHP pour visualiser le project dans le navigateur → MAMP
Workflow
- Faire un changement dans ton IDE
- Démarrer le site via MAMP, en sélectionnant le dossier
public - Vérifier que ça marche sur le site en local, depuis ton navigateur
- Une fois qu'un changement spécifique est fait,
commitles changements sur les fichiers qui sont relatif à ce changement - Vérifier que vous avez syncroniser avec le
remote→pull+rebase! pas merge pushles changements vers le remote
just serve # http://localhost:8000 (public) and /admin/
Deployment
Files are pushed to the server with rsync — there is no repo on the remote.
just deploy # rsync app files → xamxam:/var/www/xamxam/
just deploy-db # push local xamxam.db → remote (only if remote DB is absent)
deploy-db refuses to run if a database already exists on the server, to avoid
accidental overwrites of production data.
First-time server setup
ssh xamxam
sudo mkdir -p /var/www/xamxam
sudo chown www-data:xamxam /var/www/xamxam
sudo chmod 775 /var/www/xamxam
exit
Then deploy once and apply nginx config:
just deploy
just deploy-nginx
Admin users (htpasswd)
just manage-admin-users
# Then on server:
ssh xamxam "sudo bash /tmp/manage-admin-users.sh"
Security notes
- Admin panel protected by nginx
auth_basic+ PHP session (AdminAuth) - Uploads stored outside webroot, served via controlled
media.php - Rate limiting on public search (
src/RateLimit.php) - See
nginx/docs/SECURITY_HEADERS.mdfor security headers reference