Merge branch 'master' into master

Author: poespas

.github/workflows/deploy.yaml

@@ -34,7 +34,7 @@ jobs:
           echo "DOCS_INDEX_FOLLOW=1" >> $GITHUB_ENV
       - run: hypernode-deploy build -vvv
       - name: archive production artifacts
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: deployment-build
           path: build/build.tgz
@@ -53,7 +53,7 @@ jobs:
         with:
           fetch-depth: 0
       - name: download build artifact
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4
         with:
           name: deployment-build
           path: build/
@@ -106,7 +106,7 @@ jobs:
     steps:
       - uses: actions/checkout@v3
       - name: download build artifact
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4
         with:
           name: deployment-build
           path: build/

.github/workflows/test.yaml

@@ -8,7 +8,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        python-version: ['3.7', '3.8', '3.9', '3.10', '3.11']
+        python-version: ['3.8', '3.9', '3.10', '3.11']
 
     steps:
       - uses: actions/checkout@v3

docs/about-hypernode/security-policies/hypernode-security-statement.md

@@ -30,9 +30,10 @@ We currently run Hypernodes at several different hosting suppliers:
   - Datacenter certified with ISO 14001, ISO 27001, ISO 23301, and PCI-DSS
 - Amazon Web Services (AWS)
   - [ISO 9001](https://aws.amazon.com/compliance/iso-9001-faqs/), [ISO 27001](https://aws.amazon.com/compliance/iso-27001-faqs/), [ISO 27017](https://aws.amazon.com/compliance/iso-27017-faqs/), [ISO 27018](https://aws.amazon.com/compliance/iso-27018-faqs/), certified.
-  - Datacenter certified with ISO 9001 and ISO 27001.
+  - Datacenter certified with ISO 9001 and ISO 27001, and PCI-DSS
 - Dedicated (TBBM)
   - Both ISO 27001 and ISO 9001 certified.
+  - Datacenter certified with ISO 9001, ISO 14001, ISO 27001, and PCI-DSS
 
 ## Infrastructure Hardening
 

docs/ecommerce-applications/magento-2/how-to-configure-remote-storage-for-magento-2-x.md

@@ -16,6 +16,7 @@ This can be useful for many reasons, such as:
 - Offloading storage from your server, reducing the load on your server, and improving performance.
 - Allows you to make use of [horizontal scaling](../../hypernode-platform/autoscaling/how-does-horizontal-autoscaling-work), as you can easily add more servers without having to worry about syncing files between them.
 - Allows for effortless storage capacity scaling, as you can easily increase the storage capacity of your remote storage location.
+- **Note:** Staging ports (8888, 8443) will not be available when horizontal autoscaling is enabled.
 - Serving assets from a CDN, which can improve the performance of your website.
 
 ## Configuring the application
@@ -70,29 +71,109 @@ Magento's S3 implementation creates a test file called `storage.flag`, which is
 
 ## Serving assets from your S3 bucket
 
-To start serving media assets from your S3 bucket, you need to make some adjustments to your nginx configuration.
+To start serving media assets from your S3 bucket, you need to make some adjustments to your nginx configuration. Create the following file at `/data/web/nginx/example.com/server.assets.conf` for each relevant vhost:
 
 ```nginx
-location /media {
-    # ...
-    location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
-        resolver 8.8.8.8;
-        set $bucket "<my_bucket_name>";
-        proxy_pass https://s3.amazonaws.com/$bucket$uri;
-        proxy_pass_request_body off;
-        proxy_pass_request_headers off;
-        proxy_intercept_errors on;
-        proxy_hide_header "x-amz-id-2";
-        proxy_hide_header "x-amz-request-id";
-        proxy_hide_header "x-amz-storage-class";
-        proxy_hide_header "Set-Cookie";
-        proxy_ignore_headers "Set-Cookie";
+set $backend "haproxy";
+
+location @object_storage_fallback {
+    # Proxy to object storage
+    set $bucket "my_bucket_name";
+    proxy_cache_key "$bucket$uri";
+    proxy_cache_valid 200 302 7d;
+    proxy_cache_methods GET HEAD;
+    proxy_cache_background_update on;
+    proxy_cache_use_stale updating;
+    proxy_cache asset_cache;
+    resolver 8.8.8.8;
+    proxy_pass https://$bucket.s3.amazonaws.com$uri;
+    proxy_pass_request_body off;
+    proxy_pass_request_headers off;
+    proxy_intercept_errors on;
+    proxy_hide_header "x-amz-id-2";
+    proxy_hide_header "x-amz-request-id";
+    proxy_hide_header "x-amz-storage-class";
+    proxy_hide_header "x-amz-server-side-encryption";
+    proxy_hide_header "Set-Cookie";
+    proxy_ignore_headers "Set-Cookie";
+    add_header Cache-Control "public";
+    add_header X-Frame-Options "SAMEORIGIN";
+    add_header X-Cache-Status $upstream_cache_status;
+    expires +1y;
+
+    # If object storage fails, fallback to PHP handler
+    error_page 404 = @asset_fallback;
+    error_page 403 = @asset_fallback;
+}
+
+location @php_asset_fallback {
+    # Handle with phpfpm
+    rewrite ^/media /get.php?$args last;
+    rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+    echo_exec @phpfpm;
+}
+
+location @haproxy {
+    # Handle with haproxy
+    include /etc/nginx/proxy_to_haproxy.conf;
+    proxy_pass http://127.0.0.1:8080;
+}
+
+location @asset_fallback {
+    try_files "" $asset_fallback_handler;
+}
+
+location ~ ^/static/ {
+    expires max;
+
+    # Remove signature of the static files that is used to overcome the browser cache
+    location ~ ^/static/version\d*/ {
+        rewrite ^/static/version\d*/(.*)$ /static/$1 last;
+    }
+
+    location ~* \.(ico|jpg|jpeg|png|gif|svg|svgz|webp|avif|avifs|js|css|eot|ttf|otf|woff|woff2|html|json|webmanifest)$ {
+        add_header Cache-Control "public";
+        add_header X-Frame-Options "SAMEORIGIN";
+        expires +1y;
+
+        try_files $uri $uri/ @asset_fallback;
+    }
+    location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+        add_header Cache-Control "no-store";
+        add_header X-Frame-Options "SAMEORIGIN";
+        expires    off;
+
+        try_files $uri $uri/ @asset_fallback;
+    }
+    try_files $uri $uri/ @asset_fallback;
+    add_header X-Frame-Options "SAMEORIGIN";
+}
+
+location /media/ {
+    try_files $uri $uri/ @asset_fallback;
+
+    location ~ ^/media/theme_customization/.*\.xml {
+        deny all;
+    }
+
+    location ~* \.(ico|jpg|jpeg|png|gif|svg|svgz|webp|avif|avifs|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+        add_header Cache-Control "public";
+        add_header X-Frame-Options "SAMEORIGIN";
+        expires +1y;
+	      try_files $uri $uri/ @object_storage_fallback;
+    }
+    location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+        add_header Cache-Control "no-store";
+        add_header X-Frame-Options "SAMEORIGIN";
+        expires    off;
+	      try_files $uri $uri/ @object_storage_fallback;
     }
-    # ...
+    add_header X-Frame-Options "SAMEORIGIN";
 }
 ```
 
-Also make sure your S3 bucket policies are configured correctly, so that only `/media` is publicly readable. For example:
+Make sure to change the string `my_bucket_name` to the name of your bucket and keep in mind that your bucket URL might be different depending on your AWS region. For example, you might need to change it from `https://$bucket.s3.amazonaws.com$uri` to `https://s3.amazonaws.com/$bucket$uri` instead.
+Furthermore, ensure that your S3 bucket policies are configured correctly, so that only `/media` is publicly readable. For example:
 
 ```json
 {

docs/hypernode-deploy/applications/config-for-magento-2.md

@@ -70,5 +70,5 @@ If you add these folders be aware that your new folders will be empty on your fi
 ```
 
 ```php
-$configuration->addSharedFile('var/reports');
+$configuration->addSharedFolder('var/reports');
 ```

docs/hypernode-platform/autoscaling/pricing-for-horizontal-autoscaling.md

@@ -14,7 +14,7 @@ Horizontal autoscaling pricing has two parts.
 
 ## Fixed license
 
-The fixed license costs 25 euros per month and is added to your normal Hypernode subscription when you enable Horizontal autoscaling. If you enable it in the middle of the month, you will only pay for the remaining days of that month accordingly.
+The fixed license costs 25 euros per month and is added to your normal Hypernode subscription when you enable Horizontal autoscaling.
 
 ## Variable Pricing Table
 

docs/hypernode-platform/nginx/how-to-configure-nginx-for-a-multistore.md

@@ -42,6 +42,14 @@ You'd have to prefix the file with `varnish` instead of `server`, like `varnish.
 This way these multistore requests will go through varnish and will then be rewritten accordingly with the `varnish.storecode` configuration.
 ```
 
+### Use a different Store Type
+
+Magento uses a default store type of `store`, you can change this to `website` too if this better fits your need, more information about this can be found on `MAGE_RUN_TYPE` in [the Magento 2 official documentation](https://experienceleague.adobe.com/en/docs/commerce-operations/configuration-guide/multi-sites/ms-overview).
+
+```nginx
+set $storetype "store";
+```
+
 ### Using Subdirectories
 
 Another option is to use subdirectories instead. Once you have added the required vhost you need to add a `server.storecode` file to the specific vhost directory (`/data/web/nginx/example.com/`) with the following content: