feat(docs): adding haproxy configuration example

.github/workflows/backend-test.yml

@@ -5,39 +5,33 @@ permissions:
 
 on:
   pull_request:
-    paths:
-      - 'backend/server/**'
-      - '.github/workflows/backend-test.yml'
   push:
-    paths:
-      - 'backend/server/**'
-      - '.github/workflows/backend-test.yml'
 
 jobs:
   build:
+    name: Build and Test Backend
     runs-on: ubuntu-latest
+
     steps:
       - uses: actions/checkout@v4
 
       - name: set up python 3.12
         uses: actions/setup-python@v5
         with:
-          python-version: '3.12'
+          python-version: "3.12"
 
       - name: install dependencies
         run: |
           sudo apt update -q
-          sudo apt install -y -q \
-            python3-gdal
+          sudo apt install -y -q python3-gdal
 
       - name: start database
         run: |
           docker compose -f .github/.docker-compose-database.yml up -d
 
-      - name: install python libreries
+      - name: install python libraries
         working-directory: backend/server
-        run: |
-          pip install -r requirements.txt
+        run: pip install -r requirements.txt
 
       - name: run server
         working-directory: backend/server

.github/workflows/frontend-test.yml

@@ -5,17 +5,13 @@ permissions:
 
 on:
   pull_request:
-    paths:
-      - "frontend/**"
-      - ".github/workflows/frontend-test.yml"
   push:
-    paths:
-      - "frontend/**"
-      - ".github/workflows/frontend-test.yml"
 
 jobs:
   build:
+    name: Build and Test Frontend
     runs-on: ubuntu-latest
+
     steps:
       - uses: actions/checkout@v4
 

.github/workflows/trivy_security_scans.yml

@@ -0,0 +1,75 @@
+name: Trivy Security Scans
+
+on:
+  push:
+    branches:
+      - main
+      - development
+  pull_request:
+    branches:
+      - main
+      - development
+  schedule:
+    - cron: "0 8 * * 1" # Weekly scan on Mondays at 8 AM UTC
+
+jobs:
+  filesystem-scan:
+    name: Trivy Filesystem Scan (Source Code)
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Scan source code (Filesystem) with Trivy
+        uses: aquasecurity/trivy-action@master
+        with:
+          scan-type: fs
+          scan-ref: .
+          format: table
+          exit-code: 1
+          ignore-unfixed: true
+          severity: CRITICAL,HIGH
+
+  image-scan:
+    name: Trivy Docker Image Scan (Backend & Frontend)
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      # Optional login step (remove if you're not pushing images to GHCR)
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build backend Docker image
+        run: docker build -t adventurelog-backend ./backend
+
+      - name: Build frontend Docker image
+        run: docker build -t adventurelog-frontend ./frontend
+
+      - name: Scan backend Docker image with Trivy
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: adventurelog-backend
+          format: table
+          exit-code: 1
+          ignore-unfixed: true
+          severity: CRITICAL,HIGH
+
+      - name: Scan frontend Docker image with Trivy
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: adventurelog-frontend
+          format: table
+          exit-code: 1
+          ignore-unfixed: true
+          severity: CRITICAL,HIGH

backend/server/requirements.txt

@@ -1,4 +1,4 @@
-Django==5.2.1
+Django==5.2.2
 djangorestframework>=3.15.2
 django-allauth==0.63.3
 drf-yasg==1.21.4

documentation/.vitepress/config.mts

@@ -149,6 +149,7 @@ export default defineConfig({
               },
               { text: "Traefik", link: "/docs/install/traefik" },
               { text: "Caddy", link: "/docs/install/caddy" },
+              { text: "HAProxy", link: "/docs/install/haproxy" },
             ],
           },
         ],

documentation/docs/install/getting_started.md

@@ -24,3 +24,4 @@ Perfect for Docker beginners.
 - [Nginx Proxy Manager](nginx_proxy_manager.md) — Easy reverse proxy config
 - [Traefik](traefik.md) — Dynamic reverse proxy with automation
 - [Caddy](caddy.md) — Automatic HTTPS with a clean config
+- [HAProxy](haproxy.md) — High-performance reverse proxy with advanced control

documentation/docs/install/haproxy.md

@@ -0,0 +1,23 @@
+# Installation with Haproxy
+
+HAProxy is a free and open source software that provides a high availability load balancer and Proxy for TCP and HTTP-based applications.
+
+You need to make the frontend and the backend available in order to have your AdventureLog working properly.
+To do this, you will need to add 2 ACLs and 2 corresponding HAProxy backends in your haproxy configuration :
+- One for your regular Adventurelog domain that will direct the requests to the frontend.
+- One for the URLs that need to access the backend.
+
+Example :
+
+```
+acl is_adventurelog hdr_sub(Host) -i adventurelog
+acl is_adventurelog_backend path_beg /media/ or /admin/
+
+use_backend adventurelog_media if is_adventurelog is_adventurelog_backend
+use_backend adventurelog if is_adventurelog
+
+backend alog
+    server adventurelog 192.168.1.100:3000 check
+backend adventurelog_backend
+    server adventurelog_media 192.168.1.100:8000 check
+```

frontend/package.json

@@ -50,5 +50,13 @@
 		"qrcode": "^1.5.4",
 		"svelte-i18n": "^4.0.1",
 		"svelte-maplibre": "^0.9.8"
+	},
+	"overrides": {
+		"esbuild": "^0.25.0"
+	},
+	"pnpm": {
+		"overrides": {
+			"esbuild": "^0.25.0"
+		}
 	}
 }