diff --git a/.spellcheck.yml b/.spellcheck.yml index 232535dce1..fa6f4b2eec 100644 --- a/.spellcheck.yml +++ b/.spellcheck.yml @@ -29,5 +29,5 @@ matrix: - open: '# {' close: '}' sources: - - '**/*.md|!resources/references/adr/*|!resources/guidelines/code/core/*' + - '**/*.md|!resources/references/adr/*|!resources/guidelines/code/core/*|!CLAUDE.md|!AGENTS.md' default_encoding: utf-8 diff --git a/.wordlist.txt b/.wordlist.txt index f0ef19def8..73b19c24f2 100644 --- a/.wordlist.txt +++ b/.wordlist.txt @@ -627,6 +627,7 @@ MyTestClass MyTestInterface NATS NFS +NGWAF NPM NUR NVDA @@ -1097,6 +1098,7 @@ VueJs VueX Vuei Vuex +WAF WASM WCAG WMA @@ -1431,6 +1433,7 @@ fetchable fieldset fileSize fileinfo +filesize filesystem filesystems firstname @@ -1695,6 +1698,7 @@ onboarded onboarding onlyAvailable onlyOnFeature +ons onwards oop opcache diff --git a/products/paas/shopware/cdn/fastly-snippets.md b/products/paas/shopware/cdn/fastly-snippets.md new file mode 100644 index 0000000000..93ed5554a2 --- /dev/null +++ b/products/paas/shopware/cdn/fastly-snippets.md @@ -0,0 +1,22 @@ +--- +nav: + title: Fastly Snippets + position: 43 +--- + +# Fastly Snippets + +This section provides comprehensive information about Fastly snippets configuration. + +## Storefront service + +To deploy Fastly snippets for the `storefront` service, you need to install the following recipe: `shopware/fastly-meta`. +For more information about this recipe, please have a look at the [shopware/fastly-meta recipe documentation](https://github.com/shopware/fastly-meta). + +The `FASTLY_API_KEY` and `FASTLY_SERVICE_ID` are automatically provided to the Shopware instance. + +The snippets are automatically installed and configured during the application deployment, and no further action is needed. + +## Limitations + + For now only the snippets for the `storefront` service can be configured. We are working on providing a unified experience in regard to snippet management for both services (`storefront` and `cdn`). diff --git a/products/paas/shopware/cdn/index.md b/products/paas/shopware/cdn/index.md index 981c4375c6..b0ea8b0ba2 100644 --- a/products/paas/shopware/cdn/index.md +++ b/products/paas/shopware/cdn/index.md @@ -25,12 +25,17 @@ Fastly is fully integrated into Shopware PaaS Native. The integration includes: - Automatic cache invalidation mechanisms - Soft purge capabilities to maintain performance during cache updates -- Deployment helper integration for seamless VCL snippet management +- Deployment helper integration for seamless VCL snippet management. See the [Fastly snippets documentation](./fastly-snippets.md) for more details. ### Configuration Fastly is automatically configured and enabled by default in Shopware PaaS Native environments. No additional Shopware configuration is required - the PaaS platform handles all Fastly setup and cache management automatically. +We configure two different Fastly services: + +- `storefront`: Service that proxies the storefront and admin Shopware instances. +- `cdn`: Service that proxies all the CDN assets hosted on S3 (public bucket). + ## Custom Domains ### Prerequisites diff --git a/products/paas/shopware/cdn/security-features.md b/products/paas/shopware/cdn/security-features.md new file mode 100644 index 0000000000..a7ef7d8d2a --- /dev/null +++ b/products/paas/shopware/cdn/security-features.md @@ -0,0 +1,30 @@ +--- +nav: + title: Security Features + position: 42 +--- + +# Web Application Firewall + +This section provides comprehensive information about the Web Application Firewall solutions for Shopware PaaS Native. + +## Overview + +Shopware PaaS Native includes a Web Application Firewall (WAF) by default, powered by Fastly [NGWAF](https://docs.fastly.com/products/fastly-next-gen-waf). The enabled default feature set is the NGWAF `Core` feature set. + +This provides protection by default against OWASP Top 10 categories. + +Customers do not need to take any action; this is automatically enabled and configured for every application. + +We have the possibility of adding more add-ons from the different feature sets provided by Fastly on our roadmap (with no timeline at this stage). + + diff --git a/products/paas/shopware/fundamentals/application-yaml.md b/products/paas/shopware/fundamentals/application-yaml.md index cf4762026b..7849b664c9 100644 --- a/products/paas/shopware/fundamentals/application-yaml.md +++ b/products/paas/shopware/fundamentals/application-yaml.md @@ -29,6 +29,7 @@ The file consists of two main sections: app: php: version: "8.3" + extensions: [] environment_variables: [] services: mysql: @@ -43,6 +44,8 @@ services: app: php: version: "8.3" + extensions: + - imagick environment_variables: - name: INSTALL_LOCALE value: fr-FR @@ -69,6 +72,18 @@ app: version: "8.3" ``` +### `app.php.extensions` + +The PHP extensions to install during build time. We use [this](https://github.com/mlocati/docker-php-extension-installer) installer to install extensions. + +```yaml +app: + php: + extensions: + - extension1 + - extension2 +``` + ### `app.environment_variables` A list of environment variables is passed to the application. Each entry requires: diff --git a/products/paas/shopware/fundamentals/php-settings.md b/products/paas/shopware/fundamentals/php-settings.md new file mode 100644 index 0000000000..9cf40d4493 --- /dev/null +++ b/products/paas/shopware/fundamentals/php-settings.md @@ -0,0 +1,23 @@ +--- +nav: + title: PHP settings + position: 85 +--- + +# PHP settings configuration + +We use the official Shopware [Docker](https://github.com/shopware/docker) image as a base image during the build phase. + +Among other parameters, you can configure the following using environment variables: + +- `PHP_MAX_UPLOAD_SIZE`: upload_max_filesize +- `PHP_MAX_UPLOAD_SIZE`: post_max_size +- `PHP_MAX_EXECUTION_TIME`: max_execution_time + +For the exhaustive list, please refer to this [page](https://github.com/shopware/docker/blob/main/fpm/rootfs/usr/local/etc/php/conf.d/docker.ini). + +## Note + +The following variable is natively managed by our automation and should not be updated: + +- `PHP_SESSION_HANDLER`