docs(config): centralisation conf monitoring + ports prometheus(9092) signer(9093)

- docker-compose: montages depuis conf/monitoring pour grafana/prometheus/promtail/loki - script: scripts/setup-monitoring-symlinks.sh (liens symboliques idempotents) - bitcoin: bind/rpcbind/zmq sur 0.0.0.0 pour éviter erreurs de bind - docs: CONFIGURATION.md (ports, montages, bitcoin), CHANGELOG.md (Unreleased)
2025-09-11 15:21:52 +02:00 · 2025-09-11 15:21:52 +02:00 · 9e0c5634d7
commit 9e0c5634d7
parent 75e7bc3215
7 changed files with 130 additions and 18 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -6,9 +6,15 @@
 - Entrypoints d’attente:
  - `bitcoin.local`: attente brève réseau/DNS avant lancement.
  - `blindbit-oracle.local`, `sdk_relay1/2/3.local`: attente de la résolution `bitcoin.local` et du cookie RPC avant lancement.
+- Ports: `prometheus.local` écoute maintenant `9092 -> 9090` côté hôte; `sdk-signer.local` écoute `9093 -> 9090` (conflit 9090 résolu).
+- Monitoring: centralisation des fichiers de configuration sous `conf/monitoring` et mise à jour des montages Compose (`grafana.ini`, `datasources.yml`, `prometheus.yml`, `promtail-config.yml`, `loki-config.yaml`).

 ### Docs
 - `docs/CONFIGURATION.md`: documentation du réseau, DNS, extra_hosts et attentes de démarrage.
+- `docs/CONFIGURATION.md`: ajout de la table des ports exposés (prometheus 9092, sdk-signer 9093) et de la centralisation `conf/monitoring` avec chemins de montage.
+
+### Added
+- Script `scripts/setup-monitoring-symlinks.sh` pour aligner via liens symboliques `conf/monitoring` avec `modules/grafana-central/conf` (idempotent).

 ## Changed (2025-09-11)
 # Changelog - 4NK Node
--- a/conf/dnsmasq/dnsmasq.conf.exemple
+++ b/conf/dnsmasq/dnsmasq.conf.exemple
@ -1,6 +1,6 @@
-# dnsmasq config for 4NK - listens on all interfaces:5353
+# dnsmasq config for 4NK - listens on all interfaces:53
 no-dhcp-interface=
-port=5353
+port=53
 interface=*
 bind-interfaces
 log-queries
--- a/conf/monitoring/grafana.ini
+++ b/conf/monitoring/grafana.ini
@ -0,0 +1,49 @@
+[paths]
+data = /var/lib/grafana/data
+logs = /var/lib/grafana/logs
+plugins = /var/lib/grafana/plugins
+provisioning = /etc/grafana/provisioning
+
+[server]
+http_port = 3000
+http_addr = 0.0.0.0
+root_url = http://grafana-central.local:3000/
+serve_from_sub_path = false
+
+[database]
+type = sqlite3
+path = grafana.db
+
+[security]
+admin_user = admin
+admin_password = admin
+secret_key = SW2YcwTIb9zpOOhoPsMm
+
+[users]
+allow_sign_up = false
+auto_assign_org = true
+auto_assign_org_role = Viewer
+
+[log]
+mode = console
+level = info
+
+[alerting]
+enabled = true
+
+[explore]
+enabled = true
+
+[panels]
+disable_sanitize_html = false
+
+[plugins]
+enable_alpha = false
+app_tls_skip_verify_insecure = false
+
+[auth]
+disable_login_form = false
+disable_signout_menu = false
+
+[auth.anonymous]
+enabled = false
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -61,7 +61,7 @@ services:
    image: git.4nkweb.com/4nk/blindbit-oracle:dev
    container_name: blindbit-oracle.local
    hostname: blindbit-oracle.local
-    entrypoint: ["/bin/sh","-c","for i in $(seq 1 30); do if getent hosts bitcoin.local >/dev/null 2>&1 && [ -f /home/bitcoin/.bitcoin/signet/.cookie ]; then break; fi; sleep 1; done; exec \"$@\"","--"]
+    entrypoint: ["/bin/sh","-c","for i in $(seq 1 300); do if getent hosts bitcoin.local >/dev/null 2>&1 && [ -f /home/bitcoin/.bitcoin/signet/.cookie ]; then break; fi; sleep 1; done; exec \"$@\"","--"]
    ports:
      - "8000:8000"
    command: [ "/main", "--datadir", "/blindbit-oracle" ]
@ -111,7 +111,7 @@ services:
    image: git.4nkweb.com/4nk/sdk_relay:dev
    container_name: sdk-relay1.local
    hostname: sdk-relay1.local
-    entrypoint: ["/bin/sh","-c","for i in $(seq 1 30); do if getent hosts bitcoin.local >/dev/null 2>&1 && [ -f /home/bitcoin/.bitcoin/signet/.cookie ]; then break; fi; sleep 1; done; exec \"$@\""]
+    entrypoint: ["/bin/sh","-c","for i in $(seq 1 300); do if getent hosts bitcoin.local >/dev/null 2>&1 && [ -f /home/bitcoin/.bitcoin/signet/.cookie ]; then break; fi; sleep 1; done; exec \"$@\""]
    ports:
      - "8090:8090"
      - "8091:8091"
@ -144,7 +144,7 @@ services:
    image: git.4nkweb.com/4nk/sdk_relay:dev
    container_name: sdk-relay2.local
    hostname: sdk-relay2.local
-    entrypoint: ["/bin/sh","-c","for i in $(seq 1 30); do if getent hosts bitcoin.local >/dev/null 2>&1 && [ -f /home/bitcoin/.bitcoin/signet/.cookie ]; then break; fi; sleep 1; done; exec \"$@\""]
+    entrypoint: ["/bin/sh","-c","for i in $(seq 1 300); do if getent hosts bitcoin.local >/dev/null 2>&1 && [ -f /home/bitcoin/.bitcoin/signet/.cookie ]; then break; fi; sleep 1; done; exec \"$@\""]
    ports:
      - "8092:8090"
      - "8093:8091"
@ -177,7 +177,7 @@ services:
    image: git.4nkweb.com/4nk/sdk_relay:dev
    container_name: sdk-relay3.local
    hostname: sdk-relay3.local
-    entrypoint: ["/bin/sh","-c","for i in $(seq 1 30); do if getent hosts bitcoin.local >/dev/null 2>&1 && [ -f /home/bitcoin/.bitcoin/signet/.cookie ]; then break; fi; sleep 1; done; exec \"$@\""]
+    entrypoint: ["/bin/sh","-c","for i in $(seq 1 300); do if getent hosts bitcoin.local >/dev/null 2>&1 && [ -f /home/bitcoin/.bitcoin/signet/.cookie ]; then break; fi; sleep 1; done; exec \"$@\""]
    ports:
      - "8094:8090"
      - "8095:8091"
@ -211,7 +211,7 @@ services:
    container_name: sdk-signer.local
    hostname: sdk-signer.local
    ports:
-      - "9090:9090"
+      - "9093:9090"
    volumes:
      - ./modules/sdk_signer/conf/sdk_signer.conf:/usr/local/bin/sdk_signer.conf:ro
      - ./modules/sdk_signer/data:/app/data
@ -295,7 +295,7 @@ services:
      - "3100:3100"
    command: -config.file=/etc/loki/local-config.yaml
    volumes:
-      - ./modules/grafana-central/conf/loki-config.yaml:/etc/loki/local-config.yaml:ro
+      - ./conf/monitoring/loki-config.yaml:/etc/loki/local-config.yaml:ro
      - loki_data:/loki
    networks:
      4nk_network:
@ -308,7 +308,7 @@ services:
    container_name: prometheus.local
    hostname: prometheus.local
    ports:
-      - "9091:9090"
+      - "9092:9091"
    command:
      - '--config.file=/etc/prometheus/prometheus.yml'
      - '--storage.tsdb.path=/prometheus'
@ -317,7 +317,7 @@ services:
      - '--storage.tsdb.retention.time=200h'
      - '--web.enable-lifecycle'
    volumes:
-      - ./modules/grafana-central/conf/prometheus.yml:/etc/prometheus/prometheus.yml:ro
+      - ./conf/monitoring/prometheus.yml:/etc/prometheus/prometheus.yml:ro
      - prometheus_data:/prometheus
    networks:
      4nk_network:
@ -331,7 +331,7 @@ services:
    hostname: promtail.local
    command: -config.file=/etc/promtail/config.yml
    volumes:
-      - ./modules/grafana-central/conf/promtail-config.yml:/etc/promtail/config.yml:ro
+      - ./conf/monitoring/promtail-config.yml:/etc/promtail/config.yml:ro
      - /var/lib/docker/containers:/var/lib/docker/containers:ro
      - /var/log/docker:/var/log/docker:ro
      - ./modules:/workspace/modules:ro
@ -358,8 +358,8 @@ services:
      - GF_SERVER_SERVE_FROM_SUB_PATH=false
    volumes:
      - grafana_central_data:/var/lib/grafana
-      - ./modules/grafana-central/conf/grafana.ini:/etc/grafana/grafana.ini:ro
-      - ./modules/grafana-central/conf/datasources.yml:/etc/grafana/provisioning/datasources/datasources.yml:ro
+      - ./conf/monitoring/grafana.ini:/etc/grafana/grafana.ini:ro
+      - ./conf/monitoring/datasources.yml:/etc/grafana/provisioning/datasources/datasources.yml:ro
      - ./modules/grafana-central/dashboards:/etc/grafana/provisioning/dashboards:ro
      - ./modules/grafana-central/logs:/var/log/grafana
    networks:
@ -393,3 +393,4 @@ networks:
    ipam:
      config:
        - subnet: 172.21.0.0/16
+          gateway: 172.21.0.1
--- a/docs/CONFIGURATION.md
+++ b/docs/CONFIGURATION.md
@ -55,7 +55,13 @@

 ### Montages (configuration, données, logs)

- Configuration : montée en lecture seule lorsque possible depuis `modules/*/conf` et `projects/*/*/conf`.
+- Configuration : montée en lecture seule lorsque possible depuis `conf/monitoring` (centralisé) et `projects/*/*/conf`. Les fichiers suivants sont référencés par `docker-compose.yml` :
+  - `conf/monitoring/grafana.ini` → `/etc/grafana/grafana.ini`
+  - `conf/monitoring/datasources.yml` → `/etc/grafana/provisioning/datasources/datasources.yml`
+  - `conf/monitoring/prometheus.yml` → `/etc/prometheus/prometheus.yml`
+  - `conf/monitoring/promtail-config.yml` → `/etc/promtail/config.yml`
+  - `conf/monitoring/loki-config.yaml` → `/etc/loki/local-config.yaml`
+  - Un script idempotent `scripts/setup-monitoring-symlinks.sh` assure l’alignement par liens symboliques avec `modules/grafana-central/conf`.
 - Données : volumes persistants locaux (`modules/*/data`, `projects/*/*/data`).
 - Journaux : `modules/*/logs`, `projects/*/*/logs`, et `./log` pour la stack d’observabilité.

@ -88,6 +94,17 @@ Nota : ces variables sont documentées pour référence et ne modifient pas la
 - Démarrer la stack : `docker-compose up -d`.
 - Consulter les logs : `docker-compose logs --tail=100`.

+### Paramètres Bitcoin (signet)
+
+- Liaison RPC et P2P : `rpcbind=0.0.0.0:38332`, `bind=0.0.0.0:38333`.
+- ZMQ publication : `zmqpubhashblock=tcp://0.0.0.0:29000`, `zmqpubrawtx=tcp://0.0.0.0:29000`.
+- Ces paramètres évitent les erreurs de bind/résolution liées à l’hôte `bitcoin.local`.
+
+### Ports exposés (hôte → conteneur)
+
+- `prometheus.local` : 9092 → 9090 (au lieu de 9091 → 9090 précédemment)
+- `sdk-signer.local` : 9093 → 9090 (conflit évité avec 9090 hôte)
+
 ### Conclusion

 Cette page consolide les paramètres clefs (tags `:dev`, topologie réseau, montages, variables, healthchecks, routage) afin d’harmoniser l’usage sans modifier les fichiers de configuration. Les évolutions futures seront répercutées dans `docs/ARCHITECTURE.md` et consignées dans `CHANGELOG.md`.
--- a/modules/bitcoin/conf/bitcoin.conf
+++ b/modules/bitcoin/conf/bitcoin.conf
@ -17,13 +17,13 @@ rpcthreads=4
 rpcdoccheck=1

 # Paramètres ZMQ
-zmqpubhashblock=tcp://bitcoin.local:29000
-zmqpubrawtx=tcp://bitcoin.local:29000
+zmqpubhashblock=tcp://0.0.0.0:29000
+zmqpubrawtx=tcp://0.0.0.0:29000

 [signet]
 listen=1
-bind=bitcoin.local:38333
-rpcbind=bitcoin.local:38332
+bind=0.0.0.0:38333
+rpcbind=0.0.0.0:38332
 rpcport=38332
 fallbackfee=0.0001
 blockfilterindex=1
--- a/scripts/setup-monitoring-symlinks.sh
+++ b/scripts/setup-monitoring-symlinks.sh
@ -0,0 +1,39 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+SRC_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
+CONF_DIR="$SRC_DIR/conf/monitoring"
+MOD_DIR="$SRC_DIR/modules/grafana-central/conf"
+
+mkdir -p "$CONF_DIR"
+
+link_file() {
+  if [ "$#" -lt 2 ]; then
+    echo "[WARN] link_file: arguments insuffisants ($#)" >&2
+    return 0
+  fi
+  local src="$1"
+  local dst="$2"
+  if [ ! -f "$src" ]; then
+    echo "[WARN] Source introuvable: $src" >&2
+    return 0
+  fi
+  if [ -L "$dst" ] || [ -f "$dst" ]; then
+    if cmp -s "$src" "$dst" 2>/dev/null; then
+      echo "[OK] Déjà aligné: $dst"
+      return 0
+    fi
+    echo "[INFO] Remplacement: $dst"
+    rm -f "$dst"
+  fi
+  ln -s "$src" "$dst"
+  echo "[OK] Lien créé: $dst -> $src"
+}
+
+link_file "$MOD_DIR/grafana.ini" "$CONF_DIR/grafana.ini"
+link_file "$MOD_DIR/datasources.yml" "$CONF_DIR/datasources.yml"
+link_file "$MOD_DIR/prometheus.yml" "$CONF_DIR/prometheus.yml"
+link_file "$MOD_DIR/promtail-config.yml" "$CONF_DIR/promtail-config.yml"
+link_file "$MOD_DIR/loki-config.yaml" "$CONF_DIR/loki-config.yaml"
+
+echo "[DONE] Liens symboliques de monitoring synchronisés."