Merge branch 'main' into docs/add-phpmyadmin-service

Author: navarr

.gitignore

@@ -1 +1,3 @@
 /_build
+/d2lang_svg
+/.venv

architecture.md

@@ -0,0 +1,80 @@
+# Architecture Overview
+
+Warden runs three layers of services on your development machine:
+
+```{mermaid}
+flowchart TB
+    classDef default fill:#ffffff,stroke:#3f51b5,stroke-width:1.5px,color:#000000,font-weight:bold,font-size:12px;
+
+    subgraph DevSys ["Developer's System"]
+        direction TB
+
+        subgraph Host ["Host Services"]
+            direction LR
+            h1["Warden CLI"] ~~~ h2["Docker Engine"] ~~~ h3["Mutagen File Sync"] ~~~ h4["Trusted SSL Root CA"]
+        end
+
+        subgraph Global ["Global Docker Services — warden svc up"]
+            direction LR
+            g1["Traefik<br>Reverse Proxy + SSL"] ~~~ g2["DNSmasq"] ~~~ g3["Mailpit<br>Email Catcher"] ~~~ g4["SSH Tunnel"] ~~~ g5["phpMyAdmin"] ~~~ g6["Portainer"]
+        end
+
+        subgraph Project ["Per-Project Docker Services — warden env up"]
+            direction LR
+            p1["Nginx"] ~~~ p2["PHP-FPM"] ~~~ p3["MariaDB / MySQL"] ~~~ p4["Redis / Valkey"] ~~~ p5["Elasticsearch /<br>OpenSearch"] ~~~ p6["RabbitMQ"] ~~~ p7["Varnish"]
+        end
+
+        Host ~~~ Global ~~~ Project
+    end
+
+    style DevSys fill:#f5f5f5,stroke:#666666,stroke-width:1px,rx:8,ry:8
+    style Host fill:transparent,stroke:none
+    style Global fill:#fff3e0,stroke:#FF9800,stroke-width:1px,rx:8,ry:8
+    style Project fill:#e8f5e9,stroke:#4CAF50,stroke-width:1px,stroke-dasharray: 5 5,rx:8,ry:8
+```
+
+## Host Services
+
+The Warden CLI orchestrates everything via Docker Compose. On your host machine:
+
+- **Warden CLI** — Bash tool that manages all Docker services
+- **Docker Engine** — Runs all containers
+- **Mutagen** — Bi-directional file sync between host and containers (macOS)
+- **Trusted SSL Root CA** — Local certificate authority for `*.test` HTTPS domains
+
+## Global Docker Services
+
+Started once with `warden svc up`, shared across all projects:
+
+| Service | Purpose | URL |
+|---------|---------|-----|
+| Traefik | Reverse proxy + SSL termination | traefik.warden.test |
+| DNSmasq | DNS resolver for `*.test` domains | — |
+| Mailpit | Email catcher (SMTP) | webmail.warden.test |
+| SSH Tunnel | Database access for GUI clients (:2222) | — |
+| phpMyAdmin | Database management UI | phpmyadmin.warden.test |
+| Portainer | Container management UI (opt-in) | portainer.warden.test |
+
+## Per-Project Docker Services
+
+Started per project with `warden env up`, each on an isolated Docker network:
+
+| Service | Default | Toggle Flag |
+|---------|---------|-------------|
+| Nginx | All types | `WARDEN_NGINX` |
+| PHP-FPM | All types | — |
+| MariaDB / MySQL | All types | `WARDEN_DB` |
+| Redis / Valkey | All types | `WARDEN_REDIS` / `WARDEN_VALKEY` |
+| Elasticsearch / OpenSearch | Magento 2 | `WARDEN_ELASTICSEARCH` / `WARDEN_OPENSEARCH` |
+| RabbitMQ | Magento 2 | `WARDEN_RABBITMQ` |
+| Varnish | Magento 2 | `WARDEN_VARNISH` |
+
+### Additional Optional Services
+
+These can be enabled per-project via flags in your `.env` file:
+
+- **Blackfire** / **SPX** — PHP profiling (`WARDEN_BLACKFIRE`, `WARDEN_PHP_SPX`)
+- **Selenium** — Browser automation testing with optional VNC (`WARDEN_SELENIUM`)
+- **Allure** — Test report dashboard (`WARDEN_ALLURE`)
+- **PHP-Debug** — Xdebug-enabled PHP-FPM (used via `warden debug`)
+- **ElasticHQ** — Elasticsearch management UI (`WARDEN_ELASTICHQ`)

conf.py

@@ -23,6 +23,7 @@
   'sphinx_rtd_theme',
   'sphinx_copybutton',
   'sphinx_markdown_tables',
+  'sphinxcontrib.mermaid',
 ]
 
 source_suffix = ['.rst', '.md']
@@ -34,7 +35,7 @@
 version = ''
 release = ''
 
-exclude_patterns = ['_build']
+exclude_patterns = ['_build', '.venv']
 
 html_theme = "sphinx_rtd_theme"
 html_show_sourcelink = False

configuration/blackfire.md

@@ -19,4 +19,23 @@ Note: You can obtain the IDs and Tokens used in the above from within your Black
 
 To use the Blackfire CLI Tool, you can run `warden blackfire [arguments]`.
 
-For more information on the CLI tool, please see [Profiling CLI Commands](https://blackfire.io/docs/cookbooks/profiling-cli) in Blackfire's documentation. 
+For more information on the CLI tool, please see [Profiling CLI Commands](https://blackfire.io/docs/cookbooks/profiling-cli) in Blackfire's documentation.
+
+## Browser Profiling
+
+Blackfire provides browser extensions that let you profile any page directly from the toolbar. Install the extension for your browser, log in to your Blackfire account, navigate to the page you want to profile, and click the **Profile** button in the extension.
+
+For a full walkthrough, see [Profiling HTTP Requests with a Browser](https://docs.blackfire.io/profiling-cookbooks/profiling-http-via-browser) in Blackfire's documentation.
+
+### Browser extensions
+
+  * [Firefox extension](https://docs.blackfire.io/integrations/browsers/firefox) — **recommended**, supports all profiling features including **Profile all requests** (POST, Ajax, API calls)
+  * [Chrome extension](https://docs.blackfire.io/integrations/browsers/chrome) — single-page profiling works, but **Profile all requests** is unavailable (see below)
+
+### Chrome limitation
+
+:::{warning}
+Chrome's Manifest V3 restricts extensions from modifying outgoing request headers, which breaks the **Profile all requests** feature. Chrome can only profile the initial page load — it cannot capture follow-up POST requests, Ajax calls, or API requests within a session. Single-page profiling still works normally.
+
+If your workflow relies on profiling all requests in a session, **use Firefox** where this feature remains fully supported. For more details, see [Announcing changes to the "Profile all requests" feature on Chrome](https://blog.blackfire.io/announcing-changes-to-the-profile-all-requests-feature-on-chrome.html) on the Blackfire blog.
+:::

environments/customizing.md

@@ -1,14 +1,13 @@
 # Customizing An Environment
 
-Further information on customizing or extending an environment is forthcoming. For now, this section is limited to very simple and somewhat common customizations.
+## Version Customization via `.env`
 
 To configure your project with a non-default PHP version, add the following to the project's `.env` file and run `warden env up` to re-create the affected containers:
 
     PHP_VERSION=7.2
 
-The versions of MariaDB, Elasticsearch, Varnish, Redis, NodeJS and Composer may also be similarly configured using variables in the `.env` file:
+The versions of Elasticsearch, Varnish, Redis, NodeJS and Composer may also be similarly configured using variables in the `.env` file:
 
-  * `MARIADB_VERSION`
   * `ELASTICSEARCH_VERSION`
   * `REDIS_VERSION`
   * `VALKEY_VERSION`
@@ -17,24 +16,93 @@ The versions of MariaDB, Elasticsearch, Varnish, Redis, NodeJS and Composer may
   * `NODE_VERSION`
   * `COMPOSER_VERSION`
 
+## Database
+
+Warden supports both **MariaDB** (default) and **MySQL** as the database engine. The distribution and version are controlled via two environment variables in your project's `.env` file:
+
+  * `MYSQL_DISTRIBUTION` — set to `mariadb` (default) or `mysql`
+  * `MYSQL_DISTRIBUTION_VERSION` — the image tag/version to use
+
+For example, to use MariaDB 11.4:
+
+    MYSQL_DISTRIBUTION=mariadb
+    MYSQL_DISTRIBUTION_VERSION=11.4
+
+To use MySQL 8.4 instead:
+
+    MYSQL_DISTRIBUTION=mysql
+    MYSQL_DISTRIBUTION_VERSION=8.4
+
+:::{note}
+Drupal and CakePHP environments use `DB_DISTRIBUTION` and `DB_DISTRIBUTION_VERSION` instead of the `MYSQL_` prefix. The values and behavior are the same.
+:::
+
+After changing the database distribution or version, run `warden env up` to re-create the database container.
+
+:::{warning}
+Switching distributions (e.g. from MariaDB to MySQL) is **not** a drop-in replacement for existing data volumes. If you change the distribution on an existing environment, you should export your database first, remove the db volume (`warden env down -v`), and re-import after the new container is running.
+:::
+
 Start of some environments could be skipped by using variables in `.env` file:
 
   * `WARDEN_DB=0`
   * `WARDEN_REDIS=0`
   * `WARDEN_VALKEY=0`
 
-## Docker Specific Customizations
-To override default docker settings, add a custom configuration file in your project root
-folder: `/.warden/warden-env.yml`
-This file will be merged with the default environment configuration.
-One example for a use case is [the setup of multiple domains](https://docs.warden.dev/configuration/multipledomains.html?highlight=warden%20env%20yml#multiple-domains).
+## Docker Compose Overrides
 
-## PHP Specific Customizations
-To override default php settings, follow the docker customization above and include your custom `php.ini` file.
-In this case the `warden-env.yml` should look like this:
+For customizations beyond `.env` variables, Warden supports per-project Docker Compose override files. Create a `.warden/warden-env.yml` file in your project root to override or extend the default service configuration.
+
+This file is a standard Docker Compose YAML partial. Warden loads it **after** all built-in service definitions, giving it the highest merge precedence — any service, volume, label, or environment variable defined here will override the defaults.
+
+:::{tip}
+Preview the fully merged Docker Compose configuration at any time with:
+
+    warden env config
+:::
+
+### OS-Specific Overrides
+
+In addition to `.warden/warden-env.yml`, Warden also loads OS-specific override files if they exist:
+
+  * `.warden/warden-env.darwin.yml` — applied only on **macOS**
+  * `.warden/warden-env.linux.yml` — applied only on **Linux**
+
+This is useful for platform-specific volume mount options or performance tuning.
+
+### Custom Docker Image
+
+To use a custom PHP-FPM image (e.g., with pre-installed extensions or from a private registry):
+
+```yaml
+services:
+  php-fpm:
+    image: my-registry/custom-php:8.3
+  php-debug:
+    image: my-registry/custom-php:8.3-debug
+```
+
+### Adding Extra Services
+
+You can add services not included by default. For example, to add Adminer with Traefik routing:
 
+```yaml
+services:
+  adminer:
+    image: adminer:latest
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.${WARDEN_ENV_NAME}-adminer.rule=Host(`adminer.${TRAEFIK_DOMAIN}`)
+      - traefik.http.routers.${WARDEN_ENV_NAME}-adminer.tls=true
 ```
-version: "3.5"
+
+After adding this and running `warden env up -d`, Adminer will be accessible at `https://adminer.<project>.test`.
+
+## PHP Specific Customizations
+
+To override default PHP settings, mount a custom `php.ini` file via `.warden/warden-env.yml`:
+
+```yaml
 services:
   php-fpm:
     volumes:
@@ -43,14 +111,18 @@ services:
     volumes:
       - ./.warden/php/zz-config.ini:/etc/php.d/zz-config.ini
 ```
+
 Now add the referenced `.warden/php/zz-config.ini` file with your wanted changes.
 For example you could change the error reporting value:
-```
+
+```ini
 error_reporting=(E_ALL ^ E_DEPRECATED)
 ```
+
 The config file will be merged with the default `01-php.ini` resp. override the values
 included there. The default values are the following:
-```
+
+```ini
 date.timezone = UTC
 max_execution_time = 3600
 max_input_vars = 10000
@@ -60,22 +132,51 @@ post_max_size = 25M
 session.auto_start = Off
 upload_max_filesize = 25M
 ```
+
 ## Nginx Specific Customizations
-To override the default nginx configuration of your project, add a new file 
-`.warden/warden-env.yml` to your project root with the following content:
-```
-version: "3.5"
+
+To override the default nginx configuration of your project, add the following to `.warden/warden-env.yml`:
+
+```yaml
 services:
   nginx:
     volumes:
       - ./.warden/nginx/custom.conf:/etc/nginx/default.d/custom.conf
 ```
+
 There you can specify a custom Nginx configuration which will be included following the `.conf` files within the `/etc/nginx/available.d` directory: `include /etc/nginx/default.d/*.conf`
 
+## Advanced: Project-Level Environment Partials
+
+Beyond `.warden/warden-env.yml`, Warden supports a more granular override mechanism through project-level environment partial directories. For each service partial (e.g., `php-fpm`, `nginx`, `db`), Warden searches the following locations in order:
+
+  1. Built-in includes: `<warden>/environments/includes/`
+  2. Built-in type-specific: `<warden>/environments/<env-type>/`
+  3. User home includes: `~/.warden/environments/includes/`
+  4. User home type-specific: `~/.warden/environments/<env-type>/`
+  5. **Project includes: `.warden/environments/includes/`**
+  6. **Project type-specific: `.warden/environments/<env-type>/`**
+
+Files at each location use suffixes: `.base.yml` (all platforms), `.darwin.yml` (macOS), `.linux.yml` (Linux).
+
+For example, to override just the `php-fpm` partial for a Magento 2 project, create:
+
+    .warden/environments/includes/php-fpm.base.yml
+
+This is loaded in addition to (and after) the built-in `php-fpm.base.yml`, so Docker Compose merge semantics apply.
+
+:::{note}
+The `.warden/warden-env.yml` file is still loaded **after** all partials, so it always has the final say.
+:::
+
+## Multiple Domains
+
+For configuring multiple top-level domains, see [Multiple Domains](../configuration/multipledomains.md).
+
 ## Magento 1 Specific Customizations
 
-If you use a `modman` structure, initialize the environment in your project path. 
-The `.modman` folder and the corresponding `.basedir` file will be recognized and set up automatically. 
+If you use a `modman` structure, initialize the environment in your project path.
+The `.modman` folder and the corresponding `.basedir` file will be recognized and set up automatically.
 
 ## Magento 2 Specific Customizations
 

environments/magento2.md

@@ -234,7 +234,7 @@ In addition to the below manual process, there is a `Github Template available f
      :::
 
      :::{note}
-     Use of 2FA is mandatory on Magento ``2.4.x`` and setup of 2FA should be skipped when installing ``2.3.x`` or earlier. Where 2FA is setup manually via UI upon login rather than using the CLI commands above, the 2FA configuration email may be retrieved from `the Mailhog service <https://mailhog.warden.test/>`_.
+     Use of 2FA is mandatory on Magento ``2.4.x`` and setup of 2FA should be skipped when installing ``2.3.x`` or earlier. Where 2FA is setup manually via UI upon login rather than using the CLI commands above, the 2FA configuration email may be retrieved from [the webmail service](https://webmail.warden.test/).
      :::
 
 11. Launch the application in your browser:

environments/types.md

@@ -96,7 +96,7 @@ Files are currently mounted using a delegated mount on macOS and natively on Lin
 
 ## Commonalities
 
-In addition to the above, each environment type (with the exception of the `local` type) come with PHP setup to use `mhsendmail` to ensure outbound email does not inadvertently leave your network and to support simpler testing of email functionality. Mailhog may be accessed by navigating to [https://mailhog.warden.test/](https://mailhog.warden.test/) in a browser.
+In addition to the above, each environment type (with the exception of the `local` type) come with PHP setup to use `mhsendmail` to ensure outbound email does not inadvertently leave your network and to support simpler testing of email functionality. The webmail interface may be accessed by navigating to [https://webmail.warden.test/](https://webmail.warden.test/) in a browser.
 
 Where PHP is specified in the above list, there should be two `fpm` containers, `php-fpm` and `php-debug` in order to provide Xdebug support. Use of Xdebug is enabled by setting the `XDEBUG_SESSION` cookie in your browser to direct the request to the `php-debug` container. Shell sessions opened in the debug container via `warden debug` will also connect PHP process for commands on the CLI to Xdebug.
 

index.md

@@ -20,6 +20,7 @@ caption: Getting Started
 ---
 
 installing
+architecture
 services
 usage
 environments

requirements.txt

@@ -4,4 +4,5 @@ sphinx-copybutton==0.5.2
 sphinx-markdown-tables==0.0.17
 sphinx-rtd-theme==3.0.2
 myst-parser==4.0.0
-Jinja2==3.1.6
+Jinja2==3.1.6
+sphinxcontrib-mermaid

services.md

@@ -5,7 +5,7 @@ After running `warden svc up` for the first time following installation, the fol
 * [https://traefik.warden.test/](https://traefik.warden.test/)
 * [https://portainer.warden.test/](https://portainer.warden.test/)
 * [https://dnsmasq.warden.test/](https://dnsmasq.warden.test/)
-* [https://mailhog.warden.test/](https://mailhog.warden.test/)
+* [https://webmail.warden.test/](https://webmail.warden.test/)
 * [https://phpmyadmin.warden.test/](https://phpmyadmin.warden.test/)
 
 ## Customizable Settings