From 1b6cd3723c0fb7fdf07959a78f6621813d7ef517 Mon Sep 17 00:00:00 2001
From: Baptiste-Ferrand <baptiste.ferrand@ynov.com>
Date: Sun, 1 Mar 2026 23:42:24 +0100
Subject: [PATCH 1/8] create template for docker compose

---
 .../roles/deploy/templates/docker-compose.j2  | 21 +++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 ansible/roles/deploy/templates/docker-compose.j2

diff --git a/ansible/roles/deploy/templates/docker-compose.j2 b/ansible/roles/deploy/templates/docker-compose.j2
new file mode 100644
index 0000000..a86164f
--- /dev/null
+++ b/ansible/roles/deploy/templates/docker-compose.j2
@@ -0,0 +1,21 @@
+networks:
+  {{ docker_network_name }}:
+    external: true
+
+services:
+
+  front:
+    image: {{ front_image }}
+    container_name: {{ front_container }}
+    restart: unless-stopped
+    expose:
+      - "80"
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.front.rule=Host(`{{ domain_front }}`)"
+      - "traefik.http.routers.front.entrypoints=websecure"
+      - "traefik.http.routers.front.tls.certresolver=letsencrypt"
+      - "traefik.http.services.front.loadbalancer.server.port=80"
+      - "com.centurylinklabs.watchtower.enable=true"
+    networks:
+      - {{ docker_network_name }}
\ No newline at end of file

From 1027e1079afd23f98e2439a8b14e6b3afbbb8e99 Mon Sep 17 00:00:00 2001
From: Baptiste-Ferrand <baptiste.ferrand@ynov.com>
Date: Sun, 1 Mar 2026 23:42:46 +0100
Subject: [PATCH 2/8] create roles for deploy

---
 ansible/playbooks/site.yml             |  6 +++++
 ansible/roles/deploy/defaults/main.yml |  1 +
 ansible/roles/deploy/tasks/main.yml    | 33 ++++++++++++++++++++++++++
 3 files changed, 40 insertions(+)
 create mode 100644 ansible/playbooks/site.yml
 create mode 100644 ansible/roles/deploy/defaults/main.yml
 create mode 100644 ansible/roles/deploy/tasks/main.yml

diff --git a/ansible/playbooks/site.yml b/ansible/playbooks/site.yml
new file mode 100644
index 0000000..0032537
--- /dev/null
+++ b/ansible/playbooks/site.yml
@@ -0,0 +1,6 @@
+---
+- name: 🚀 Test rôle Docker
+  hosts: all
+  become: true
+  roles:
+    - { role: deploy,    tags: deploy}
\ No newline at end of file
diff --git a/ansible/roles/deploy/defaults/main.yml b/ansible/roles/deploy/defaults/main.yml
new file mode 100644
index 0000000..c8df435
--- /dev/null
+++ b/ansible/roles/deploy/defaults/main.yml
@@ -0,0 +1 @@
+project_root: /opt/projects/portfolio
diff --git a/ansible/roles/deploy/tasks/main.yml b/ansible/roles/deploy/tasks/main.yml
new file mode 100644
index 0000000..2a2b76b
--- /dev/null
+++ b/ansible/roles/deploy/tasks/main.yml
@@ -0,0 +1,33 @@
+---
+  - name: Création du répertoire de déploiement
+    ansible.builtin.file:
+      path: "{{ project_root }}/{{ inventory_hostname }}"
+      state: directory
+      owner: user
+      group: user
+      mode: '0755'
+      
+  - name: Génération de docker-compose.yml
+    ansible.builtin.template:
+      src: docker-compose.j2
+      dest: "{{ project_root }}/{{ inventory_hostname }}/docker-compose.yml"
+      mode: '0644'
+  
+  - name: Vérifier si des services Docker Compose tournent
+    command:
+      cmd: docker compose -f "{{ project_root }}/{{ inventory_hostname }}/docker-compose.yml" ps -q
+    register: compose_ps
+    changed_when: false
+    failed_when: false
+
+  - name: Arrêt des services existants (Compose CLI)
+    shell: docker compose down
+    args:
+      chdir: "{{ project_root }}/{{ inventory_hostname }}"
+    when: compose_ps.stdout_lines | length > 0
+
+  - name: Démarrage et construction des services (Compose CLI)
+    shell: docker compose up --build -d
+    args:
+      chdir: "{{ project_root }}/{{ inventory_hostname }}"
+    when: not ansible_check_mode

From a1e92620ac0183a249abf4ae2de6c2bba3fb2fc8 Mon Sep 17 00:00:00 2001
From: Baptiste-Ferrand <baptiste.ferrand@ynov.com>
Date: Sun, 1 Mar 2026 23:42:57 +0100
Subject: [PATCH 3/8] create config

---
 ansible/ansible.cfg |  3 +++
 ansible/hosts       | 11 +++++++++++
 2 files changed, 14 insertions(+)
 create mode 100644 ansible/ansible.cfg
 create mode 100644 ansible/hosts

diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg
new file mode 100644
index 0000000..a574eda
--- /dev/null
+++ b/ansible/ansible.cfg
@@ -0,0 +1,3 @@
+[defaults]
+inventory = hosts
+roles_path  = roles
\ No newline at end of file
diff --git a/ansible/hosts b/ansible/hosts
new file mode 100644
index 0000000..32d73da
--- /dev/null
+++ b/ansible/hosts
@@ -0,0 +1,11 @@
+
+[all:vars]
+ansible_user              = user
+ansible_ssh_private_key_file = ../../../key/id_runner
+ansible_connection        = ssh
+
+[pre_prod]
+pre-prod.whoami.coak.fr ansible_host=ssh.coak.fr
+
+[prod]
+whoami.coak.fr        ansible_host=ssh.coak.fr

From b6c91db801a5d0a54a9ba3a14a218df42a5ac9d5 Mon Sep 17 00:00:00 2001
From: Baptiste-Ferrand <baptiste.ferrand@ynov.com>
Date: Sun, 1 Mar 2026 23:44:47 +0100
Subject: [PATCH 4/8] commit secret encrypt

---
 ansible/host_vars/whoami.coak.fr.yml | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 ansible/host_vars/whoami.coak.fr.yml

diff --git a/ansible/host_vars/whoami.coak.fr.yml b/ansible/host_vars/whoami.coak.fr.yml
new file mode 100644
index 0000000..d2e4c0d
--- /dev/null
+++ b/ansible/host_vars/whoami.coak.fr.yml
@@ -0,0 +1,26 @@
+$ANSIBLE_VAULT;1.1;AES256
+34623130363638326539336534393332626266353865623338653764326262396263633862623532
+6666346333356562316131663233373064396464363866630a613630323236386535646330626533
+32386363316639653835333232633066326562306461313164376366313739393035336264396433
+3630343631376530380a643335346639326431333266653839303737383736393663666439663631
+61663435633739393266386433613836623230363864373265396532343538633863346230613330
+35383134316533663234363438366431663038376632386535323461373766373732363063633230
+39633632386232336239363134333661356436633532383735636661336365656564326566373364
+65343539303134373430383364653666393834323037653166306165306265656133643935353634
+32373163386365323730623631373161633864663265303762333132633336636430636531383835
+30383864646538633938616433386261343832343232383435303031353236633736373261393235
+32343831666666656266613737383437663861303132393936643665306435343432343265633731
+65386530313932663332303532386139343966383864663761633534316234313133343533323038
+61666266303531636430386366333139636335393532656232653832326663663364313634663636
+39636665633761656164333835356636363464623566333837343461626237393065653231626533
+32626334633337656135623965646461653338336238333136616263666562623962326537623333
+63316530636130623166633164666333303662623862343631333534393031376336376564396661
+35336162303431306532623666316539663131343232326339316264623730653962343436323066
+64363931373838633866623530353132666561333662653130643164346264383566613066663866
+64313664393332396639663563633536326233666461663832333962613564633361623339316537
+34333932376436313333303966643465343436613631623638616663323131383963616261353165
+63636236373937336535353465653635373863623630623966366431333837376362613937623934
+63613764323564363765396439326331323739343731633566666362363630626466636266623330
+39653663646565616638363031313439616466356236356330653433663432393631383661353438
+37393830656139616531626666363634666233373733343936323762353831346264343333633536
+6664

From 91e357d3b673f0138c3b8e57502423d7cbd1e8cd Mon Sep 17 00:00:00 2001
From: Baptiste-Ferrand <baptiste.ferrand@ynov.com>
Date: Sun, 1 Mar 2026 23:45:19 +0100
Subject: [PATCH 5/8] create pipeline for deploy

---
 .github/workflows/Deploy.yml | 43 ++++++++++++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)
 create mode 100644 .github/workflows/Deploy.yml

diff --git a/.github/workflows/Deploy.yml b/.github/workflows/Deploy.yml
new file mode 100644
index 0000000..4d2dad1
--- /dev/null
+++ b/.github/workflows/Deploy.yml
@@ -0,0 +1,43 @@
+name: 🚀 Ansible Deploy
+
+on:
+  workflow_dispatch:
+    inputs:
+      dry_run:
+        description: 'Mode check (dry-run)'
+        required: false
+        default: false
+        type: boolean
+
+env:
+  ANSIBLE_HOST_KEY_CHECKING: "False"
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: 📥 Checkout repository
+        uses: actions/checkout@v4
+
+      - name: 🐍 Setup Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.11'
+
+      - name: 📦 Install Ansible
+        run: pip install ansible
+
+      - name: 🔑 Load SSH key
+        uses: webfactory/ssh-agent@v0.9.0
+        with:
+          ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
+
+      - name: 🚀 Deploy to server
+        working-directory: ansible
+        run: |
+          echo '${{ secrets.VAULT_PASSWORD }}' > vault_pass.txt
+          ansible-playbook -i hosts playbooks/site.yml \
+            --vault-password-file vault_pass.txt \
+            ${{ inputs.dry_run == 'true' && '--check' || '' }}
+          rm vault_pass.txt
\ No newline at end of file

From 63a1c890127873b71aafe7ea1b379443d0585714 Mon Sep 17 00:00:00 2001
From: Baptiste-Ferrand <baptiste.ferrand@ynov.com>
Date: Sun, 1 Mar 2026 23:52:15 +0100
Subject: [PATCH 6/8] update secret

---
 ansible/host_vars/whoami.coak.fr.yml | 50 ++++++++++++++--------------
 1 file changed, 25 insertions(+), 25 deletions(-)

diff --git a/ansible/host_vars/whoami.coak.fr.yml b/ansible/host_vars/whoami.coak.fr.yml
index d2e4c0d..77ca2a2 100644
--- a/ansible/host_vars/whoami.coak.fr.yml
+++ b/ansible/host_vars/whoami.coak.fr.yml
@@ -1,26 +1,26 @@
 $ANSIBLE_VAULT;1.1;AES256
-34623130363638326539336534393332626266353865623338653764326262396263633862623532
-6666346333356562316131663233373064396464363866630a613630323236386535646330626533
-32386363316639653835333232633066326562306461313164376366313739393035336264396433
-3630343631376530380a643335346639326431333266653839303737383736393663666439663631
-61663435633739393266386433613836623230363864373265396532343538633863346230613330
-35383134316533663234363438366431663038376632386535323461373766373732363063633230
-39633632386232336239363134333661356436633532383735636661336365656564326566373364
-65343539303134373430383364653666393834323037653166306165306265656133643935353634
-32373163386365323730623631373161633864663265303762333132633336636430636531383835
-30383864646538633938616433386261343832343232383435303031353236633736373261393235
-32343831666666656266613737383437663861303132393936643665306435343432343265633731
-65386530313932663332303532386139343966383864663761633534316234313133343533323038
-61666266303531636430386366333139636335393532656232653832326663663364313634663636
-39636665633761656164333835356636363464623566333837343461626237393065653231626533
-32626334633337656135623965646461653338336238333136616263666562623962326537623333
-63316530636130623166633164666333303662623862343631333534393031376336376564396661
-35336162303431306532623666316539663131343232326339316264623730653962343436323066
-64363931373838633866623530353132666561333662653130643164346264383566613066663866
-64313664393332396639663563633536326233666461663832333962613564633361623339316537
-34333932376436313333303966643465343436613631623638616663323131383963616261353165
-63636236373937336535353465653635373863623630623966366431333837376362613937623934
-63613764323564363765396439326331323739343731633566666362363630626466636266623330
-39653663646565616638363031313439616466356236356330653433663432393631383661353438
-37393830656139616531626666363634666233373733343936323762353831346264343333633536
-6664
+62663832636563633265666234633662663865346232616236356536643162373533316362346437
+3833343330386333373233306666636563386665303733300a333933363933353932383635656331
+39343733343866393063623661383038636335663534303236343837303563386263373663353735
+3930623465366531620a323464353232633663313365353161303065653136383563366666653963
+32396363346136383737633165663135383238306663316462656664393532396538303636373935
+39646331343232656665636530366235363633636164623164333634363061373132306664346533
+35613763646165363863633933623862356134393534353665666165636161656237363962393832
+33636134646336313437333839363438336563653330666138343166356533666633353231353537
+63393932613361323234336330316565666462633463323730303438373666363764356330333935
+31326139653861333830626162643562353735623633643833653962613661373537326136323139
+37356265336664396135663031366362326138303930393633306262653435373135333963663031
+64323532393661333161623336613930386334396130396262306161656336323037636335623633
+31626466396136323231613535303837383736613563643435663362363139616432323166623031
+36663532373633646437316566306537616136343032373766366566616535333965303730363135
+62643463323661333034643432306563376337333134323039356366623335323439653739323464
+63336365376464653266663261303535653933316133643531643561623437316436646134366438
+35343363623430613731653863323938663937646233643866363562646264343763396663373634
+37316234346437373739343064616531353637306662383261303639636239633637326133623633
+37653866366536346361353130303866356636336438396666633731343164396662616466343465
+35383430323137333866373930313230333134613539366236613535323863653938353736353436
+37303338373861363538343133653162313439353535666531383062623130663935653362306466
+62616137656565646365313465356435346439343164313035313664613133653338363037383639
+66653264353638316338363530383536636233623839663736366163323761396532303561656266
+65393137313038393934646364303562623666353162303965306132346161656566663337316363
+6530

From 252e39c37091ccdb465712e1c94276843cbbdd3a Mon Sep 17 00:00:00 2001
From: Baptiste-Ferrand <baptiste.ferrand@ynov.com>
Date: Sun, 1 Mar 2026 23:56:34 +0100
Subject: [PATCH 7/8] update hosts

---
 ansible/hosts | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/ansible/hosts b/ansible/hosts
index 32d73da..d663464 100644
--- a/ansible/hosts
+++ b/ansible/hosts
@@ -4,8 +4,5 @@ ansible_user              = user
 ansible_ssh_private_key_file = ../../../key/id_runner
 ansible_connection        = ssh
 
-[pre_prod]
-pre-prod.whoami.coak.fr ansible_host=ssh.coak.fr
-
 [prod]
 whoami.coak.fr        ansible_host=ssh.coak.fr

From e21bdf32ae38fc97b4c1e7da582a011cadd01acd Mon Sep 17 00:00:00 2001
From: Baptiste-Ferrand <baptiste.ferrand@ynov.com>
Date: Mon, 2 Mar 2026 00:15:20 +0100
Subject: [PATCH 8/8] update template

---
 ansible/roles/deploy/templates/docker-compose.j2 | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/ansible/roles/deploy/templates/docker-compose.j2 b/ansible/roles/deploy/templates/docker-compose.j2
index a86164f..7e762af 100644
--- a/ansible/roles/deploy/templates/docker-compose.j2
+++ b/ansible/roles/deploy/templates/docker-compose.j2
@@ -4,7 +4,7 @@ networks:
 
 services:
 
-  front:
+  portfolio-front:
     image: {{ front_image }}
     container_name: {{ front_container }}
     restart: unless-stopped
@@ -12,10 +12,10 @@ services:
       - "80"
     labels:
       - "traefik.enable=true"
-      - "traefik.http.routers.front.rule=Host(`{{ domain_front }}`)"
-      - "traefik.http.routers.front.entrypoints=websecure"
-      - "traefik.http.routers.front.tls.certresolver=letsencrypt"
-      - "traefik.http.services.front.loadbalancer.server.port=80"
+      - "traefik.http.routers.portfolio-front.rule=Host(`{{ domain_front }}`)"
+      - "traefik.http.routers.portfolio-front.entrypoints=websecure"
+      - "traefik.http.routers.portfolio-front.tls.certresolver=letsencrypt"
+      - "traefik.http.services.portfolio-front.loadbalancer.server.port=80"
       - "com.centurylinklabs.watchtower.enable=true"
     networks:
       - {{ docker_network_name }}
\ No newline at end of file