Bundle grouping all vendor, generic utils and services that we use on each project
- Config IniOverrideConfig service to easily override php.ini options
- Monitoring routes for uptime tracking, phpinfo debugging and more
- DataFixtures abstract helper
- Query functions to extends Doctrine DQL capacity
- SentryCallback with special CleverCloud dedicated behavior
- Utils for Array, Date, Math, Regex and String
- Validator constraints for EmailChain, Modulo, Password and more
composer require smartbooster/core-bundleTo enable the monitoring routes, add the following codes to your config/routes.yaml file :
_smart_core:
resource: .
type: smart_core
# We recommand to restrict thoses routes on a secure subdomain
host: "admin.%domain%"The path ^/anonymous must have PUBLIC_ACCESS in the project security.yaml config for the probe route to be accessible without user
# security.yaml
access_control:
- { path: ^/anonymous, roles: PUBLIC_ACCESS }Add the following code to your config/packages/doctrine.yaml according to your missing functions needs:
doctrine:
# ...
orm:
# ...
dql:
string_functions:
group_concat: Smart\CoreBundle\Query\MySQL\GroupConcatTo use our SentryCallback add the following to your config/packages/sentry.yaml :
when@prod:
sentry:
dsn: '%env(SENTRY_DSN)%'
options:
environment: '%env(ENVIRONMENT)%'
before_send: 'sentry.callback.before_send'
integrations:
- 'Sentry\Integration\IgnoreErrorsIntegration'
register_error_listener: false
services:
Sentry\Integration\IgnoreErrorsIntegration:
arguments:
$options:
ignore_exceptions:
- 'Symfony\Component\Security\Core\Exception\AccessDeniedException'
sentry.callback.before_send:
class: 'Smart\CoreBundle\Sentry\SentryCallback'
factory: [ '@Smart\CoreBundle\Sentry\SentryCallback', 'getBeforeSend' ]Also declare the following in your config/packages/monolog.yaml :
when@prod:
monolog:
handlers:
# other handlers
sentry:
type: service
id: Sentry\Monolog\HandlerAnd define the Sentry\Monolog\Handler service in your services.yaml :
services:
# other services
Sentry\Monolog\Handler:
arguments:
$hub: '@Sentry\State\HubInterface'
$level: !php/const Monolog\Logger::ERRORWe recommand to setup a Content Security Policy in addition to the config generated by the nelmio security recipe:
nelmio_security:
# ...
# Content Security Policy
csp:
enabled: true
hosts: []
content_types: []
enforce:
# see full description below
level1_fallback: true
# only send directives supported by the browser, defaults to false
# this is a port of https://github.com/twitter/secureheaders/blob/83a564a235c8be1a8a3901373dbc769da32f6ed7/lib/secure_headers/headers/policy_management.rb#L97
browser_adaptive:
enabled: true
# this is a full list of known case, you must keep only useful script in project
script-src:
- 'self'
- 'unsafe-inline'
- 'unsafe-eval'
- 'https://maps.googleapis.com'
- 'https://use.fontawesome.com'
- 'https://www.google-analytics.com'
- 'https://www.youtube.com'
- 'https://www.youtube-nocookie.com'
- 'https://js.stripe.com'
- 'https://canny.io/'
- 'https://www.google.com/'
- 'https://www.gstatic.com/'
- 'https://code.iconify.design'
- 'https://cdn.jsdelivr.net'
- 'http://embed.typeform.com'
- 'https://embed.typeform.com'
block-all-mixed-content: true # defaults to false, blocks HTTP content over HTTPS transportPull requests are welcome.
Thanks to everyone who has contributed already.
This project is supported by SmartBooster