4nk/4NK_node
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity

conf exemple
Some checks failed
CI - 4NK_node / Code Quality (push) Failing after 29s
Details
CI - 4NK_node / Unit Tests (push) Failing after 29s
Details
CI - 4NK_node / Integration Tests (push) Failing after 13s
Details
CI - 4NK_node / Security Tests (push) Failing after 28s
Details
CI - 4NK_node / Docker Build & Test (push) Failing after 10s
Details
CI - 4NK_node / Documentation Tests (push) Failing after 3s
Details
CI - 4NK_node / Security Audit (push) Successful in 3s
Details
CI - 4NK_node / Release Guard (push) Has been skipped
Details
CI - 4NK_node / Performance Tests (push) Successful in 29s
Details
CI - 4NK_node / Notify (push) Failing after 2s
Details
CI - 4NK_node / Publish Release (push) Has been skipped
Details

Browse Source
This commit is contained in:
Debian 2025-09-04 10:26:01 +00:00
parent 6b9e606fc1
commit 7a745d9e82
13 changed files with 677 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
conf/bitcoin.conf.exemple Normal file
View File

@ -0,0 +1,54 @@
# Configuration Bitcoin Core Signet pour Docker 4NK_node
# Configuration globale
datadir=/home/bitcoin/.bitcoin
server=1
txindex=1
debug=1
loglevel=debug
logthreadnames=1
signet=1
onion=4nk-tor:9050
listenonion=1
proxy=4nk-tor:9050
listen=1
# Paramètres RPC
rpcuser=EXEMPLE
rpcpassword=EXEMPLE
rpcallowip=172.18.0.0/16
rpcworkqueue=32
rpcthreads=4
rpcdoccheck=1
# Paramètres ZMQ
zmqpubhashblock=tcp://0.0.0.0:29000
zmqpubrawtx=tcp://0.0.0.0:29000
# Configuration spécifique du signet custom
[signet]
whitelist=download@127.0.0.1
txindex=1
proxy=4nk-tor:9050
listenonion=1
listen=1
signetchallenge=0020341c43803863c252df326e73574a27d7e19322992061017b0dc893e2eab90821
# Nœuds onion du réseau signet custom
addnode=6xi33lwwslsx3yi3f7c56wnqtdx4v73vj2up3prrwebpwbz6qisnqbyd.onion:38333
addnode=d6i546e2sjezhyy2eupyc2wqtbgjnkubcjd4prhqurtlmp7nsp6yxqyd.onion:38333
# Ports Signet (P2P et RPC)
port=38333
rpcport=38332
rpcbind=0.0.0.0
rpcuser=bitcoin
rpcpassword=bitcoin
fallbackfee=0.0001
zmqpubrawblock=tcp://0.0.0.0:29000
zmqpubrawtx=tcp://0.0.0.0:29000
#zmqpubhashtx=tcp://0.0.0.0:29000
zmqpubhashblock=tcp://0.0.0.0:29000
#zmqpubsequence=tcp://0.0.0.0:29000
blockfilterindex=1

25
conf/blindbit.toml Normal file
View File

@ -0,0 +1,25 @@
# Configuration pour blindbit-oracle
host = "0.0.0.0:8000"
# Définit la chaîne sur laquelle le wallet fonctionne
chain = "signet"
# Point d'accès RPC Bitcoin (sans cookie, autorisé par rpcallowip)
rpc_endpoint = "http://4nk-bitcoin:38332"
# Auth RPC Bitcoin
rpc_user = "bitcoin"
rpc_pass = "bitcoin"
# Hauteur de départ pour la synchronisation
sync_start_height = 1
# Paramètres de performance
max_parallel_tweak_computations = 4
max_parallel_requests = 4
# Configuration des index
tweaks_only = 0
tweaks_full_basic = 1
tweaks_full_with_dust_filter = 1
tweaks_cut_through_with_dust_filter = 1

25
conf/blindbit.toml.exemple Normal file
View File

@ -0,0 +1,25 @@
# Configuration pour blindbit-oracle
host = "0.0.0.0:8000"
# Définit la chaîne sur laquelle le wallet fonctionne
chain = "signet"
# Point d'accès RPC Bitcoin (sans cookie, autorisé par rpcallowip)
rpc_endpoint = "http://4nk-bitcoin:38332"
# Auth RPC Bitcoin
rpc_user = "EXEMPLE"
rpc_pass = "EXEMPLE"
# Hauteur de départ pour la synchronisation
sync_start_height = 1
# Paramètres de performance
max_parallel_tweak_computations = 4
max_parallel_requests = 4
# Configuration des index
tweaks_only = 0
tweaks_full_basic = 1
tweaks_full_with_dust_filter = 1
tweaks_cut_through_with_dust_filter = 1

43
conf/ihm_client.conf.exemple Normal file
View File

@ -0,0 +1,43 @@
# Configuration ihm_client - Module 4NK_node
# URLs des services
sdk_signer_url = "http://4nk-sdk-signer:9090"
sdk_storage_url = "http://4nk-sdk-storage:8081"
sdk_relay1_url = "http://4nk-sdk-relay1:8091"
sdk_relay2_url = "http://4nk-sdk-relay2:8093"
sdk_relay3_url = "http://4nk-sdk-relay3:8095"
# WebSocket URLs
sdk_relay1_ws = "ws://4nk-sdk-relay1:8090"
sdk_relay2_ws = "ws://4nk-sdk-relay2:8092"
sdk_relay3_ws = "ws://4nk-sdk-relay3:8094"
# Configuration réseau
network_type = "signet"
bitcoin_rpc_url = "http://4nk-bitcoin:18443"
# Ports
ui_port = 8080
api_port = 8080
# Sécurité
cors_enabled = true
cors_origins = ["*"]
rate_limit_enabled = true
rate_limit_requests = 100
rate_limit_window = 60
session_timeout = 3600
# Timeouts
request_timeout = 30
connection_timeout = 10
# Logging
log_level = "info"
log_file = "/app/logs/ihm_client.log"
log_max_size = "100MB"
log_max_files = 5
# Mode développement
dev_mode = true
debug_enabled = true

48
conf/lecoffre-back-mini_env.conf.exemple Normal file
View File

@ -0,0 +1,48 @@
# Configuration OVH
OVH_APP_KEY=EXEMPLE
OVH_APP_SECRET=EXEMPLE
OVH_CONSUMER_KEY=EXEMPLE
OVH_SMS_SERVICE_NAME=sms-tt802880-1
# Configuration SMS Factor
SMS_FACTOR_TOKEN=EXEMPLE
#Configuration Mailchimp
MAILCHIMP_API_KEY=EXEMPLE
MAILCHIMP_KEY=EXEMPLE
MAILCHIMP_LIST_ID=a48d9ad852
#Configuration Stripe
STRIPE_SECRET_KEY=EXEMPLE
STRIPE_WEBHOOK_SECRET=EXEMPLE
STRIPE_STANDARD_SUBSCRIPTION_PRICE_ID=price_1P66fuP5xh1u9BqSHj0O6Uy3
STRIPE_STANDARD_ANNUAL_SUBSCRIPTION_PRICE_ID=price_1P9NsRP5xh1u9BqSFgkUDbQY
STRIPE_UNLIMITED_SUBSCRIPTION_PRICE_ID=price_1P66RqP5xh1u9BqSuUzkQNac
STRIPE_UNLIMITED_ANNUAL_SUBSCRIPTION_PRICE_ID=price_1P9NpKP5xh1u9BqSApFogvUB
# Configuration serveur
APP_HOST=http://localhost
PORT=8080
# Configuration front-end
NEXT_PUBLIC_4NK_URL=https://dev3.4nkweb.com
NEXT_PUBLIC_FRONT_APP_HOST=http://localhost:3000
NEXT_PUBLIC_IDNOT_BASE_URL=https://qual-connexion.idnot.fr
NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT=/IdPOAuth2/authorize/idnot_idp_v1
NEXT_PUBLIC_IDNOT_CLIENT_ID=4501646203F3EF67
NEXT_PUBLIC_BACK_API_PROTOCOL=http
NEXT_PUBLIC_BACK_API_HOST=localhost
BACK_API_PORT=8080
BACK_API_ROOT_URL=/api
BACK_API_VERSION=/v1
# Configuration idnot
IDNOT_ANNUARY_BASE_URL='https://qual-api.notaires.fr/annuaire'
IDNOT_API_KEY='EXEMPLE'
# Configuration PostgreSQL
DB_HOST=miniback-postgres
DB_PORT=5432
DB_NAME=miniback
DB_USER=EXEMPLE
DB_PASSWORD=EXEMPLE

17
conf/lecoffre-front_env.conf.exemple Normal file
View File

@ -0,0 +1,17 @@
# Configuration IHM_client
NEXT_PUBLIC_4NK_URL="http://localhost:3003"
# Configuration lecoffre-front
NEXT_PUBLIC_FRONT_APP_HOST="http://localhost:3000"
# Configuration IDNOT
NEXT_PUBLIC_IDNOT_BASE_URL="https://qual-connexion.idnot.fr"
NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT="/IdPOAuth2/authorize/idnot_idp_v1"
NEXT_PUBLIC_IDNOT_CLIENT_ID="EXEMPLE"
# Configuration mini-back
NEXT_PUBLIC_BACK_API_PROTOCOL=http://
NEXT_PUBLIC_BACK_API_HOST=localhost
NEXT_PUBLIC_BACK_API_PORT=8080
NEXT_PUBLIC_BACK_API_ROOT_URL=/api
NEXT_PUBLIC_BACK_API_VERSION=/v1

320
conf/nginx.conf.exemple Normal file
View File

@ -0,0 +1,320 @@
# Configuration Nginx pour 4NK_node sur l'hôte Debian
# Reverse proxy et équilibreur de charge pour tous les services Docker
# Configuration globale
user www-data;
worker_processes auto;
error_log /var/log/nginx/4nk-node-error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
use epoll;
multi_accept on;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Logging spécifique à 4NK_node
log_format 4nk_main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" '
'upstream: $upstream_addr';
access_log /var/log/nginx/4nk-node-access.log 4nk_main;
# Performance
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
client_max_body_size 100M;
# Gzip compression
gzip on;
gzip_vary on;
gzip_min_length 1024;
gzip_proxied any;
gzip_comp_level 6;
gzip_types
text/plain
text/css
text/xml
text/javascript
application/json
application/javascript
application/xml+rss
application/atom+xml
image/svg+xml;
# Rate limiting
limit_req_zone $binary_remote_addr zone=4nk_api:10m rate=10r/s;
limit_req_zone $binary_remote_addr zone=4nk_login:10m rate=1r/s;
# Upstream servers - ports Docker exposés sur l'hôte
upstream bitcoin_rpc {
server 127.0.0.1:38332;
keepalive 32;
}
upstream bitcoin_p2p {
server 127.0.0.1:38333;
keepalive 32;
}
upstream blindbit_api {
server 127.0.0.1:8000;
keepalive 32;
}
upstream sdk_storage_api {
server 127.0.0.1:8081;
keepalive 32;
}
upstream sdk_relay1_api {
server 127.0.0.1:8090;
keepalive 32;
}
upstream sdk_relay2_api {
server 127.0.0.1:8092;
keepalive 32;
}
upstream sdk_relay3_api {
server 127.0.0.1:8094;
keepalive 32;
}
upstream sdk_signer_api {
server 127.0.0.1:9090;
keepalive 32;
}
upstream ihm_client_web {
server 127.0.0.1:3003;
keepalive 32;
}
upstream ihm_client_http {
server 127.0.0.1:8080;
keepalive 32;
}
upstream grafana_dashboard {
server 127.0.0.1:3000;
keepalive 32;
}
upstream loki_api {
server 127.0.0.1:3100;
keepalive 32;
}
# Le coffre services (backend/frontend)
upstream coffre_backend {
server 127.0.0.1:8082;
keepalive 32;
}
upstream coffre_front {
server 127.0.0.1:8083;
keepalive 32;
}
# Main server block
server {
listen 80;
server_name 4nk-node.local localhost;
# Security headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline'" always;
# Health check endpoint
location /health {
access_log off;
return 200 "4NK Node healthy\n";
add_header Content-Type text/plain;
}
# Bitcoin RPC (JSON-RPC)
location /bitcoin/rpc/ {
limit_req zone=4nk_api burst=20 nodelay;
proxy_pass http://bitcoin_rpc/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Bitcoin RPC specific
proxy_connect_timeout 30s;
proxy_send_timeout 30s;
proxy_read_timeout 30s;
}
# Bitcoin P2P (port 38333)
location /bitcoin/p2p/ {
proxy_pass http://bitcoin_p2p/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# BlindBit API
location /blindbit/ {
limit_req zone=4nk_api burst=20 nodelay;
proxy_pass http://blindbit_api/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 30s;
proxy_send_timeout 30s;
proxy_read_timeout 30s;
}
# SDK Storage API
location /storage/ {
limit_req zone=4nk_api burst=20 nodelay;
proxy_pass http://sdk_storage_api/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# SDK Relay APIs
location /relay1/ {
limit_req zone=4nk_api burst=20 nodelay;
proxy_pass http://sdk_relay1_api/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /relay2/ {
limit_req zone=4nk_api burst=20 nodelay;
proxy_pass http://sdk_relay2_api/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /relay3/ {
limit_req zone=4nk_api burst=20 nodelay;
proxy_pass http://sdk_relay3_api/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# SDK Signer API
location /signer/ {
limit_req zone=4nk_api burst=20 nodelay;
proxy_pass http://sdk_signer_api/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# IHM Client Web (React)
location /ihm/ {
proxy_pass http://ihm_client_web/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# WebSocket support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
# IHM Client HTTP
location /ihm-http/ {
proxy_pass http://ihm_client_http/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# Grafana Dashboard
location /grafana/ {
proxy_pass http://grafana_dashboard/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Grafana specific
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
# Loki API (logs)
location /loki/ {
limit_req zone=4nk_api burst=20 nodelay;
proxy_pass http://loki_api/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# Default route - IHM Client
location / {
proxy_pass http://ihm_client_web/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# WebSocket support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
# Error pages
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
# HTTPS server (commented out - uncomment and configure SSL for production)
# server {
# listen 443 ssl http2;
# server_name 4nk-node.local;
#
# ssl_certificate /etc/ssl/certs/4nk-node.crt;
# ssl_certificate_key /etc/ssl/private/4nk-node.key;
# ssl_protocols TLSv1.2 TLSv1.3;
# ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384;
# ssl_prefer_server_ciphers off;
#
# # Same location blocks as HTTP server
# # ... (copy from above)
# }
}

22
conf/sdk_relay1.conf.exemple Normal file
View File

@ -0,0 +1,22 @@
# Configuration sdk_relay pour Docker
# Services connectés via réseau Docker
# Bitcoin Core RPC (sans cookie, autorisé par rpcallowip)
core_url=http://4nk-bitcoin:38332
rpc_user=EXEMPLE
rpc_password=EXEMPLE
# core_wallet=relay_wallet
ws_url=0.0.0.0:8090
http_url=0.0.0.0:8091
wallet_name=relay_wallet.json
network=signet
blindbit_url=http://blindbit:8000
zmq_url=tcp://4nk-bitcoin:29000
data_dir=.4nk
# cookie non utilisé
# Mode développement
dev_mode=true
standalone=true
blindbit_enabled=true
relay_id=relay-1

22
conf/sdk_relay2.conf.exemple Normal file
View File

@ -0,0 +1,22 @@
# Configuration sdk_relay pour Docker
# Services connectés via réseau Docker
# Bitcoin Core RPC (sans cookie, autorisé par rpcallowip)
core_url=http://4nk-bitcoin:38332
rpc_user=EXEMPLE
rpc_password=EXEMPLE
core_wallet=relay_wallet
ws_url=0.0.0.0:8090
http_url=0.0.0.0:8091
wallet_name=relay_wallet.json
network=signet
blindbit_url=http://blindbit:8000
zmq_url=tcp://4nk-bitcoin:29000
data_dir=.4nk
# cookie non utilisé
# Mode développement
dev_mode=true
standalone=true
blindbit_enabled=true
relay_id=relay-2

22
conf/sdk_relay3.conf.exemple Normal file
View File

@ -0,0 +1,22 @@
# Configuration sdk_relay pour Docker
# Services connectés via réseau Docker
# Bitcoin Core RPC (sans cookie, autorisé par rpcallowip)
core_url=http://4nk-bitcoin:38332
rpc_user=EXEMPLE
rpc_password=EXEMPLE
core_wallet=relay_wallet
ws_url=0.0.0.0:8090
http_url=0.0.0.0:8091
wallet_name=relay_wallet.json
network=signet
blindbit_url=http://blindbit:8000
zmq_url=tcp://4nk-bitcoin:29000
data_dir=.4nk
# cookie non utilisé
# Mode développement
dev_mode=true
standalone=true
blindbit_enabled=true
relay_id=relay-3

31
conf/sdk_signer.conf.exemple Normal file
View File

@ -0,0 +1,31 @@
# Configuration sdk_signer - Module 4NK_node
# Ports
ws_port = 9090
http_port = 9092
# URLs des services
relay_urls = ["http://4nk-sdk-relay1:8091", "http://4nk-sdk-relay2:8093", "http://4nk-sdk-relay3:8095"]
storage_url = "http://4nk-sdk-storage:8081"
blindbit_url = "http://4nk-blindbit:8000"
bitcoin_rpc_url = "http://4nk-bitcoin:38332"
# Authentification Bitcoin
bitcoin_rpc_user = "EXEMPLE"
bitcoin_rpc_password = "EXEMPLE"
# Mode développement
dev_mode = true
debug_level = "info"
# Limites de connexions
max_connections = 100
timeout = 30
# Logging
log_level = "info"
log_file = "/home/bitcoin/logs/sdk_signer.log"
# Sécurité
enable_tls = false
enable_auth = false

33
conf/sdk_storage.conf.exemple Normal file
View File

@ -0,0 +1,33 @@
# Configuration sdk_storage - Module 4NK_node
# Port d'écoute
http_port = 8081
# Base de données
db_path = "/home/bitcoin/.4nk/storage.db"
# URLs des services
relay_urls = ["http://4nk-sdk-relay1:8091", "http://4nk-sdk-relay2:8093", "http://4nk-sdk-relay3:8095"]
bitcoin_rpc_url = "http://4nk-bitcoin:38332"
bitcoin_rpc_user = "EXEMPLE"
bitcoin_rpc_password = "EXEMPLE"
# Mode développement
dev_mode = true
debug_level = "info"
# Limites de connexions
max_connections = 100
timeout = 30
# Logging
log_level = "info"
log_file = "/home/bitcoin/logs/sdk_storage.log"
# Stockage de fichiers
file_storage_path = "/home/bitcoin/.4nk/files"
max_file_size = "100MB"
# Sécurité
enable_tls = false
enable_auth = false

15
conf/tor.conf.exemple Normal file
View File

@ -0,0 +1,15 @@
# Configuration Tor simple pour 4NK_node
# Écoute sur toutes les interfaces pour permettre la connexion depuis d'autres conteneurs
# Ports SOCKS et contrôle
SocksPort 0.0.0.0:9050
ControlPort 0.0.0.0:9051
# Répertoire de données
DataDirectory /var/lib/tor
# Logs sur stdout pour Docker
Log notice stdout
# Désactiver le mode daemon pour Docker
RunAsDaemon 0