Files
Vasyka eaa05d68c1 Deploy 2: 2FA (App + Email) + REST API + CSV import-export + auto backup
- Filament v5 multiFactorAuthentication enabled on both panels (App + Email)
- HasAppAuthentication + HasEmailAuthentication on User and SuperAdmin
- Migration: app_authentication_secret + recovery_codes + email_authentication_at
- Sanctum REST API: /api/v1/login, /me, clients, vehicles, work-orders
- EnsureTokenMatchesTenant middleware blocks cross-tenant token usage
- CsvImportExport service: clients + vehicles bulk via plain CSV
- Import/Export buttons on Client + Vehicle list pages
- ApiTokens page in tenant panel (generate/revoke + last-used)
- BackupAllTenantsCommand + scheduler (daily 03:00, retain 14 days)
- Background scheduler in entrypoint.sh
2026-05-07 19:25:27 +00:00

53 lines
2.0 KiB
Bash

#!/bin/sh
set -e
cd /app
# Ensure storage subdirs exist
mkdir -p storage/framework/{cache,sessions,views,testing} storage/logs storage/app/public bootstrap/cache
chown -R www-data:www-data storage bootstrap/cache 2>/dev/null || true
# DESTRUCTIVE: drops all tables + re-runs migrations + seed.
# Set in Coolify only when intentionally resetting DB. Remove after.
if [ "${RUN_FRESH_MIGRATE:-false}" = "true" ]; then
echo "[entrypoint] !!! RUN_FRESH_MIGRATE=true — dropping all tables !!!"
php artisan migrate:fresh --force --seed --no-interaction || echo "[entrypoint] fresh failed"
elif [ "${RUN_MIGRATIONS:-true}" = "true" ]; then
echo "[entrypoint] Running migrations..."
php artisan migrate --force --no-interaction || echo "[entrypoint] migrate failed (non-fatal)"
fi
# Run seeders if requested. Uses firstOrCreate so it's idempotent.
if [ "${RUN_SEED:-false}" = "true" ] && [ "${RUN_FRESH_MIGRATE:-false}" != "true" ]; then
echo "[entrypoint] Running database seed..."
php artisan db:seed --force --no-interaction || echo "[entrypoint] seed failed (non-fatal)"
fi
# Production caches
if [ "${APP_ENV:-production}" = "production" ]; then
echo "[entrypoint] Caching config/routes/views..."
php artisan config:cache --no-interaction || true
php artisan route:cache --no-interaction || true
php artisan view:cache --no-interaction || true
php artisan event:cache --no-interaction || true
php artisan filament:cache-components --no-interaction || true
fi
# Storage symlink (idempotent)
php artisan storage:link --no-interaction 2>/dev/null || true
# Background scheduler — fires every minute. Drives backup:tenants and other cron jobs.
# Skipped if RUN_SCHEDULER=false (e.g., when running multiple replicas).
if [ "${RUN_SCHEDULER:-true}" = "true" ]; then
echo "[entrypoint] Starting Laravel scheduler in background..."
(
while true; do
php artisan schedule:run --no-interaction >> storage/logs/scheduler.log 2>&1 || true
sleep 60
done
) &
fi
echo "[entrypoint] Starting: $@"
exec "$@"