From fe7810671dbfdba0dc346daa1d47d22f7c191a63 Mon Sep 17 00:00:00 2001
From: Archicratia <area.technik@proton.me>
Date: Sat, 21 Feb 2026 12:31:23 +0100
Subject: [PATCH] fix(seo): enforce PUBLIC_SITE at docker build
 (canonical/sitemap) + set per blue/green

---
 Dockerfile         | 18 +++++++++++++++---
 docker-compose.yml |  6 +++++-
 2 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 54e94d3..7df0ae6 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -12,7 +12,7 @@ ENV npm_config_update_notifier=false \
 # (Optionnel mais propre) git + certificats
 RUN apt-get -o Acquire::Retries=5 -o Acquire::ForceIPv4=true update \
  && apt-get install -y --no-install-recommends ca-certificates git \
- && rm -rf /var/lib/apt/lists/*	
+ && rm -rf /var/lib/apt/lists/*
 
 # Déps d’abord (cache Docker)
 COPY package.json package-lock.json ./
@@ -25,9 +25,21 @@ COPY . .
 ARG PUBLIC_GITEA_BASE
 ARG PUBLIC_GITEA_OWNER
 ARG PUBLIC_GITEA_REPO
+
+# ✅ Canonical + sitemap base (astro.config.mjs lit process.env.PUBLIC_SITE)
+ARG PUBLIC_SITE
+
+# ✅ Garde-fou : si 1 → build fail si PUBLIC_SITE absent
+ARG REQUIRE_PUBLIC_SITE=0
+
 ENV PUBLIC_GITEA_BASE=$PUBLIC_GITEA_BASE \
     PUBLIC_GITEA_OWNER=$PUBLIC_GITEA_OWNER \
-    PUBLIC_GITEA_REPO=$PUBLIC_GITEA_REPO
+    PUBLIC_GITEA_REPO=$PUBLIC_GITEA_REPO \
+    PUBLIC_SITE=$PUBLIC_SITE \
+    REQUIRE_PUBLIC_SITE=$REQUIRE_PUBLIC_SITE
+
+# ✅ antifragile : refuse de builder sans PUBLIC_SITE quand on l’exige
+RUN node -e "if (process.env.REQUIRE_PUBLIC_SITE==='1' && !process.env.PUBLIC_SITE) { console.error('FATAL: PUBLIC_SITE is required (canonical/sitemap).'); process.exit(1) }"
 
 # Build Astro (postbuild tourne via npm scripts)
 RUN npm run build
@@ -38,4 +50,4 @@ COPY nginx.conf /etc/nginx/conf.d/default.conf
 COPY --from=build /app/dist/ /usr/share/nginx/html/
 RUN find /usr/share/nginx/html -type d -exec chmod 755 {} \; \
  && find /usr/share/nginx/html -type f -exec chmod 644 {} \;
-EXPOSE 80
+EXPOSE 80
\ No newline at end of file
diff --git a/docker-compose.yml b/docker-compose.yml
index 1a0b284..5dd80f1 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -5,6 +5,8 @@ services:
       dockerfile: Dockerfile
       network: host
       args:
+        REQUIRE_PUBLIC_SITE: "1"
+        PUBLIC_SITE: "https://staging.archicratie.trans-hands.synology.me"
         PUBLIC_GITEA_BASE: ${PUBLIC_GITEA_BASE}
         PUBLIC_GITEA_OWNER: ${PUBLIC_GITEA_OWNER}
         PUBLIC_GITEA_REPO: ${PUBLIC_GITEA_REPO}
@@ -20,6 +22,8 @@ services:
       dockerfile: Dockerfile
       network: host
       args:
+        REQUIRE_PUBLIC_SITE: "1"
+        PUBLIC_SITE: "https://archicratie.trans-hands.synology.me"
         PUBLIC_GITEA_BASE: ${PUBLIC_GITEA_BASE}
         PUBLIC_GITEA_OWNER: ${PUBLIC_GITEA_OWNER}
         PUBLIC_GITEA_REPO: ${PUBLIC_GITEA_REPO}
@@ -27,4 +31,4 @@ services:
     container_name: archicratie-web-green
     ports:
       - "127.0.0.1:8082:80"
-    restart: unless-stopped
+    restart: unless-stopped
\ No newline at end of file