docs(index,network,usage,readme): centraliser l’index, cartographie réseau, routes nginx, grafana

.cursorignore

@@ -105,5 +105,7 @@ backups/sql/
 
 !AGENTS.md
 
-certs/
-log/
+*/certs/
+*/log/
+*/conf/
+*/archive/

.gitea/workflows/LOCAL_OVERRIDES.yml

@@ -1,15 +0,0 @@
-# LOCAL_OVERRIDES.yml — dérogations locales contrôlées
-overrides:
-  - path: ".gitea/workflows/ci.yml"
-    reason: "spécificité d’environnement"
-    owner: "@maintainer_handle"
-    expires: "2025-12-31"
-  - path: "scripts/auto-ssh-push.sh"
-    reason: "flux particulier temporaire"
-    owner: "@maintainer_handle"
-    expires: "2025-10-01"
-policy:
-  allow_only_listed_paths: true
-  require_expiry: true
-  audit_in_ci: true
-

.gitea/workflows/ci.yml

@@ -1,394 +0,0 @@
-name: CI - 4NK_node
-
-on:
-  push:
-    branches: [ main, develop, docker-support-v2 ]
-    tags:
-      - v*
-  pull_request:
-    branches: [ main, develop, docker-support-v2 ]
-
-env:
-  RUST_VERSION: '1.70'
-  DOCKER_COMPOSE_VERSION: '2.20.0'
-
-jobs:
-  # Job de vérification du code
-  code-quality:
-    name: Code Quality
-    runs-on: ubuntu-latest
-
-    steps:
-    - name: Checkout code
-      uses: actions/checkout@v3
-
-    - name: Setup Rust
-      uses: actions-rs/toolchain@v1
-      with:
-        toolchain: ${{ env.RUST_VERSION }}
-        override: true
-
-    - name: Cache Rust dependencies
-      uses: actions/cache@v3
-      with:
-        path: |
-          ~/.cargo/registry
-          ~/.cargo/git
-          target
-        key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
-        restore-keys: |
-          ${{ runner.os }}-cargo-
-
-    - name: Run clippy
-      run: |
-        cd modules/sdk_relay1
-        cargo clippy --all-targets --all-features -- -D warnings
-
-    - name: Run rustfmt
-      run: |
-        cd modules/sdk_relay1
-        cargo fmt --all -- --check
-
-    - name: Check documentation
-      run: |
-        cd modules/sdk_relay1
-        cargo doc --no-deps
-
-    - name: Check for TODO/FIXME
-      run: |
-        if grep -r "TODO\|FIXME" . --exclude-dir=.git --exclude-dir=target; then
-          echo "Found TODO/FIXME comments. Please address them."
-          exit 1
-        fi
-
-  # Job de tests unitaires
-  unit-tests:
-    name: Unit Tests
-    runs-on: ubuntu-latest
-
-    steps:
-    - name: Checkout code
-      uses: actions/checkout@v3
-
-    - name: Setup Rust
-      uses: actions-rs/toolchain@v1
-      with:
-        toolchain: ${{ env.RUST_VERSION }}
-        override: true
-
-    - name: Cache Rust dependencies
-      uses: actions/cache@v3
-      with:
-        path: |
-          ~/.cargo/registry
-          ~/.cargo/git
-          target
-        key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
-        restore-keys: |
-          ${{ runner.os }}-cargo-
-
-    - name: Run unit tests
-      run: |
-        cd modules/sdk_relay1
-        cargo test --lib --bins
-
-    - name: Run integration tests
-      run: |
-        cd modules/sdk_relay1
-        cargo test --tests
-
-  # Job de tests d'intégration
-  integration-tests:
-    name: Integration Tests
-    runs-on: ubuntu-latest
-
-    services:
-      docker:
-        image: docker:24.0.5
-        options: >-
-          --health-cmd "docker info"
-          --health-interval 10s
-          --health-timeout 5s
-          --health-retries 5
-        ports:
-          - 2375:2375
-
-    steps:
-    - name: Checkout code
-      uses: actions/checkout@v3
-
-    - name: Setup Docker Buildx
-      uses: docker/setup-buildx-action@v3
-
-    - name: Build Docker images
-      run: |
-        docker build -t 4nk-node-bitcoin ./modules/bitcoin
-        docker build -t 4nk-node-blindbit ./modules/blindbit
-        docker build -t 4nk-node-sdk-relay ./modules/sdk_relay1 ..
-
-    - name: Run integration tests
-      run: |
-        # Tests de connectivité de base
-        ./tests/run_connectivity_tests.sh || true
-
-        # Tests d'intégration
-        ./tests/run_integration_tests.sh || true
-
-    - name: Upload test results
-      uses: actions/upload-artifact@v3
-      if: always()
-      with:
-        name: test-results
-        path: |
-          tests/logs/
-          tests/reports/
-        retention-days: 7
-
-  # Job de tests de sécurité
-  security-tests:
-    name: Security Tests
-    runs-on: ubuntu-latest
-
-    steps:
-    - name: Checkout code
-      uses: actions/checkout@v3
-
-    - name: Setup Rust
-      uses: actions-rs/toolchain@v1
-      with:
-        toolchain: ${{ env.RUST_VERSION }}
-        override: true
-
-    - name: Run cargo audit
-      run: |
-        cd modules/sdk_relay1
-        cargo audit --deny warnings
-
-    - name: Check for secrets
-      run: |
-        # Vérifier les secrets potentiels
-        if grep -r "password\|secret\|key\|token" . --exclude-dir=.git --exclude-dir=target --exclude=*.md; then
-          echo "Potential secrets found. Please review."
-          exit 1
-        fi
-
-    - name: Check file permissions
-      run: |
-        # Vérifier les permissions sensibles
-        find . -type f -perm /0111 -name "*.conf" -o -name "*.key" -o -name "*.pem" | while read file; do
-          if [[ $(stat -c %a "$file") != "600" ]]; then
-            echo "Warning: $file has insecure permissions"
-          fi
-        done
-
-  # Job de build et test Docker
-  docker-build:
-    name: Docker Build & Test
-    runs-on: ubuntu-latest
-
-    services:
-      docker:
-        image: docker:24.0.5
-        options: >-
-          --health-cmd "docker info"
-          --health-interval 10s
-          --health-timeout 5s
-          --health-retries 5
-        ports:
-          - 2375:2375
-
-    steps:
-    - name: Checkout code
-      uses: actions/checkout@v3
-
-    - name: Setup Docker Buildx
-      uses: docker/setup-buildx-action@v3
-
-    - name: Build and test Bitcoin Core
-      run: |
-        docker build -t 4nk-node-bitcoin:test ./modules/bitcoin
-        docker run --rm 4nk-node-bitcoin:test bitcoin-cli --version
-
-    - name: Build and test Blindbit
-      run: |
-        docker build -t 4nk-node-blindbit:test ./modules/blindbit
-        docker run --rm 4nk-node-blindbit:test --version || true
-
-    - name: Build and test SDK Relay
-      run: |
-        docker build -t 4nk-node-sdk-relay:test ./modules/sdk_relay1 ..
-        docker run --rm 4nk-node-sdk-relay:test --version || true
-
-    - name: Test Docker Compose
-      run: |
-        docker-compose config
-        docker-compose build --no-cache
-
-  # Job de tests de documentation
-  documentation-tests:
-    name: Documentation Tests
-    runs-on: ubuntu-latest
-
-    steps:
-    - name: Checkout code
-      uses: actions/checkout@v3
-
-    - name: Check markdown links
-      run: |
-        # Vérification basique des liens markdown
-        find . -name "*.md" -exec grep -l "\[.*\](" {} \; | while read file; do
-          echo "Checking links in $file"
-        done
-
-    - name: Check documentation structure
-      run: |
-        # Vérifier la présence des fichiers de documentation essentiels
-        required_files=(
-          "README.md"
-          "LICENSE"
-          "CONTRIBUTING.md"
-          "CHANGELOG.md"
-          "CODE_OF_CONDUCT.md"
-          "SECURITY.md"
-          "README_4NK_NODE.md"
-          "ARCHITECTURE_CORRECTION.md"
-          "BRANCHES_DOCKER_SUPPORT_V2.md"
-        )
-
-        for file in "${required_files[@]}"; do
-          if [[ ! -f "$file" ]]; then
-            echo "Missing required documentation file: $file"
-            exit 1
-          fi
-        done
-
-    - name: Validate documentation
-      run: |
-        # Vérifier la cohérence de la documentation
-        if ! grep -q "4NK_node" README.md; then
-          echo "README.md should mention '4NK_node'"
-          exit 1
-        fi
-
-  security-audit:
-    name: Security Audit
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v3
-      - name: Ensure scripts executable
-        run: |
-          chmod +x scripts/security/audit.sh || true
-      - name: Run template security audit
-        run: |
-          if [ -f scripts/security/audit.sh ]; then
-            ./scripts/security/audit.sh
-          else
-            echo "No security audit script (ok)"
-          fi
-
-  # Job de release guard (cohérence release)
-  release-guard:
-    name: Release Guard
-    runs-on: ubuntu-latest
-    needs: [code-quality, unit-tests, documentation-tests, security-audit]
-    steps:
-    - name: Checkout code
-      uses: actions/checkout@v3
-
-    - name: Ensure guard scripts are executable
-      run: |
-        chmod +x scripts/release/guard.sh || true
-        chmod +x scripts/checks/version_alignment.sh || true
-
-    - name: Version alignment check
-      run: |
-        if [ -f scripts/checks/version_alignment.sh ]; then
-          ./scripts/checks/version_alignment.sh
-        else
-          echo "No version alignment script (ok)"
-        fi
-
-    - name: Release guard (CI verify)
-      env:
-        RELEASE_TYPE: ci-verify
-      run: |
-        if [ -f scripts/release/guard.sh ]; then
-          ./scripts/release/guard.sh
-        else
-          echo "No guard script (ok)"
-        fi
-
-  # Job de tests de performance
-  performance-tests:
-    name: Performance Tests
-    runs-on: ubuntu-latest
-
-    steps:
-    - name: Checkout code
-      uses: actions/checkout@v3
-
-    - name: Setup Rust
-      uses: actions-rs/toolchain@v1
-      with:
-        toolchain: ${{ env.RUST_VERSION }}
-        override: true
-
-    - name: Run performance tests
-      run: |
-        cd modules/sdk_relay1
-        cargo test --release --test performance_tests || true
-
-    - name: Check memory usage
-      run: |
-        # Tests de base de consommation mémoire
-        echo "Performance tests completed"
-
-  # Job de notification
-  notify:
-    name: Notify
-    runs-on: ubuntu-latest
-    needs: [code-quality, unit-tests, integration-tests, security-tests, docker-build, documentation-tests]
-    if: always()
-
-    steps:
-    - name: Notify success
-      if: needs.code-quality.result == 'success' && needs.unit-tests.result == 'success' && needs.integration-tests.result == 'success' && needs.security-tests.result == 'success' && needs.docker-build.result == 'success' && needs.documentation-tests.result == 'success'
-      run: |
-        echo "✅ All tests passed successfully!"
-
-    - name: Notify failure
-      if: needs.code-quality.result == 'failure' || needs.unit-tests.result == 'failure' || needs.integration-tests.result == 'failure' || needs.security-tests.result == 'failure' || needs.docker-build.result == 'failure' || needs.documentation-tests.result == 'failure'
-      run: |
-        echo "❌ Some tests failed!"
-        exit 1
-
-  publish-release:
-    name: Publish Release
-    runs-on: ubuntu-latest
-    needs: [release-guard]
-    if: startsWith(github.ref, 'refs/tags/')
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v3
-
-      - name: Create Gitea release
-        env:
-          TOKEN: ${{ secrets.RELEASE_TOKEN }}
-          TAG_REF: ${{ github.ref }}
-          API: https://git.4nkweb.com/api/v1/repos/4nk/4NK_node
-        run: |
-          set -e
-          if [ -z "$TOKEN" ]; then
-            echo "Missing RELEASE_TOKEN secret" >&2
-            exit 1
-          fi
-          TAG="${TAG_REF##*/}"
-          STATUS=$(curl -s -o /dev/null -w "%{http_code}" -H "Authorization: token $TOKEN" "$API/releases/tags/$TAG")
-          if [ "$STATUS" != "200" ]; then
-            BODY="Release ${TAG} - voir CHANGELOG.md"
-            curl -s -H "Authorization: token $TOKEN" -H "Content-Type: application/json" \
-              -X POST "$API/releases" \
-              -d "{\"tag_name\":\"$TAG\",\"target_commitish\":\"main\",\"name\":\"$TAG\",\"body\":\"$BODY\",\"draft\":false,\"prerelease\":false}"
-          fi
-          curl -s -H "Authorization: token $TOKEN" "$API/releases/tags/$TAG" >/dev/null

.gitea/workflows/template-sync.yml

@@ -1,40 +0,0 @@
-# .gitea/workflows/template-sync.yml — synchronisation et contrôles d’intégrité
-name: 4NK Template Sync
-on:
-  schedule:        # planification régulière
-    - cron: "0 4 * * 1"   # exécution hebdomadaire (UTC)
-  workflow_dispatch: {}   # déclenchement manuel
-
-jobs:
-  check-and-sync:
-    runs-on: self-hosted
-    steps:
-      - name: Lire TEMPLATE_VERSION et .4nk-sync.yml
-        # Doit charger ref courant, source_repo et périmètre paths
-
-      - name: Récupérer la version publiée du template/4NK_rules
-        # Doit comparer TEMPLATE_VERSION avec ref amont
-
-      - name: Créer branche de synchronisation si divergence
-        # Doit créer chore/template-sync-<date> et préparer un commit
-
-      - name: Synchroniser les chemins autoritatifs
-        # Doit mettre à jour .cursor/**, .gitea/**, AGENTS.md, scripts/**, docs/SSH_UPDATE.md
-
-      - name: Contrôles post-sync (bloquants)
-        # 1) Vérifier présence et exécutable des scripts/*.sh
-        # 2) Vérifier mise à jour CHANGELOG.md et docs/INDEX.md
-        # 3) Vérifier docs/SSH_UPDATE.md si scripts/** a changé
-        # 4) Vérifier absence de secrets en clair dans scripts/**
-        # 5) Vérifier manifest_checksum si publié
-
-      - name: Tests, lint, sécurité statique
-        # Doit exiger un état vert
-
-      - name: Ouvrir PR de synchronisation
-        # Titre: "[template-sync] chore: aligner .cursor/.gitea/AGENTS.md/scripts"
-        # Doit inclure résumé des fichiers modifiés et la version appliquée
-
-      - name: Mettre à jour TEMPLATE_VERSION (dans PR)
-        # Doit remplacer la valeur par la ref appliquée
-

.gitignore

@@ -1,3 +1,5 @@
+archive/
+
 # Dépendances
 node_modules/
 
@@ -17,7 +19,6 @@ pnpm-debug.log*
 
 # Environnements
 .env
-.env.*
 
 # Éditeurs / OS
 .DS_Store
@@ -27,11 +28,27 @@ pnpm-debug.log*
 # Tests
 tests/logs/
 tests/reports/
-certs/
-log/
 
-# Ignore real configuration files, but keep example configs
-*.log
+# Sauvegardes locales
+*.backup
 *.conf
 *.toml
-*.backup
+*.yml
+*.yaml
+*.json
+*.csv
+*.txt
+*.log
+*.log.*
+*.log.*.*
+*.log.*.*.*
+*.log.*.*.*.*
+*.log.*.*.*.*.*
+*.log.*.*.*.*.*.*
+*.log.*.*.*.*.*.*.*
+*.log.*.*.*.*.*.*.*.*
+
+certs/
+*.log
+# Ignore real configuration files, but keep example configs
+tor_data/

CHANGELOG.md

@@ -1,4 +1,11 @@
+## Changed (2025-09-08)
 # Changelog - 4NK Node
+
+## [1.1.3] - 2025-09-07
+
+### Added
+- Mise à jour mineure de versionnage et documentation (ALIGNEMENT VERSION / TESTS)
+
 ## [1.1.2] - 2025-08-27
 
 ### Added

README.md

@@ -51,11 +51,11 @@ git clone git@git.4nkweb.com:4nk/4NK_node.git
 cd 4NK_node
 
 # 2. Amorcer l’environnement (git, Docker, Compose, Node/npm)
-./scripts/bootstrap.sh
+./scripts/orchestrate_start.sh
 # Astuce: se déconnecter/reconnecter pour activer le groupe docker
 
 # 3. Démarrer tous les services
-./restart_4nk_node.sh
+./scripts/restart_4nk_node.sh
 
 # 4. Vérifier le statut
 docker ps
@@ -81,10 +81,10 @@ cat ~/.ssh/id_ed25519_4nk.pub
 
 ### 📖 Guides Principaux
 
-- **[Guide d'Installation](docs/INSTALLATION.md)** - Installation et configuration complète
+- **[Index de la documentation](docs/INDEX.md)** - Table des matières centrale
 - **[Guide d'Utilisation](docs/USAGE.md)** - Utilisation quotidienne et cas d'usage
 - **[Guide de Configuration](docs/CONFIGURATION.md)** - Configuration avancée
-- **[Guide de Développement](docs/DEVELOPMENT.md)** - Développement et contribution
+- **[Architecture](docs/ARCHITECTURE.md)** - Architecture détaillée
 
 ### 🔧 Guides Techniques
 
@@ -101,9 +101,7 @@ cat ~/.ssh/id_ed25519_4nk.pub
 
 ### 🌐 Guides Réseau
 
-- **[Réseau de Relais](docs/RELAY_NETWORK.md)** - Configuration du réseau mesh
-- **[Nœuds Externes](docs/EXTERNAL_NODES.md)** - Ajout et gestion de nœuds externes
-- **[Synchronisation](docs/SYNCHRONIZATION.md)** - Protocole de synchronisation
+- **[Réseau et cartographie](docs/NETWORK.md)** - Hostnames, IP, ports, montages et routes Nginx
 
 ## 🔧 Configuration
 
@@ -182,13 +180,13 @@ L'infrastructure supporte un réseau mesh de relais avec :
 
 ```bash
 # Ajouter un nœud externe
-./add_external_node.sh add external-relay-1 external-relay-1.example.com:8090
+./scripts/add_external_node.sh add external-relay-1 external-relay-1.example.com:8090
 
 # Lister les nœuds configurés
-./add_external_node.sh list
+./scripts/add_external_node.sh list
 
 # Tester la connectivité
-./add_external_node.sh test external-relay-1
+./scripts/add_external_node.sh test external-relay-1
 ```
 
 ### Configuration Externe

TEMPLATE_VERSION

@@ -1 +1 @@
-v2025.08.5
+v2025.08.6

VERSION

@@ -1 +1 @@
-v1.1.2
+v1.1.3

build_modules.sh

@@ -1,90 +0,0 @@
-#!/bin/bash
-
-# Script de construction des modules 4NK_node et des projets 4NK_node
-set -e
-
-echo "🏗️  Construction des modules 4NK_node et projets 4NK_node..."
-
-# Fonction pour construire un module spécifique
-build_module() {
-    local module_name="$1"
-    local module_dir="modules/$module_name"
-
-    if [ ! -d "$module_dir" ]; then
-        echo "❌ Module $module_name non trouvé dans $module_dir"
-        return 1
-    fi
-
-    echo "🔨 Construction de $module_name..."
-
-    # Construire l'image Docker
-    docker build -t "4nk-node-$module_name:latest" "$module_dir"
-
-    if [ $? -eq 0 ]; then
-        echo "✅ Module $module_name construit avec succès"
-    else
-        echo "❌ Échec de la construction du module $module_name"
-        return 1
-    fi
-}
-
-build_project() {
-    local project_name="$1"
-    local project_dir="projects/$project_name"
-    if [ ! -d "$project_dir" ]; then
-        echo "❌ Project $project_name non trouvé dans $project_dir"
-        return 1
-    fi
-    echo "🔨 Construction de $project_name (project)..."
-    docker build -t "4nk-node-$project_name:latest" "$project_dir"
-    if [ $? -eq 0 ]; then
-        echo "✅ Project $project_name construit avec succès"
-    else
-        echo "❌ Échec de la construction du project $project_name"
-        return 1
-    fi
-}
-
-# Construction de tous les modules si aucun argument n'est fourni
-if [ $# -eq 0 ]; then
-    echo "📦 Construction de tous les modules et projets..."
-
-    # Modules de base (existence check pour éviter les erreurs sur des dépôts partiels)
-    if [ -d "modules/tor" ]; then
-        build_module "tor"
-    else
-        echo "⚠️ Tor module absent, skipping"
-    fi
-
-    if [ -d "modules/bitcoin" ]; then
-        build_module "bitcoin"
-    else
-        echo "⚠️ Bitcoin module absent, skipping"
-    fi
-
-    # Modules applicatifs
-    if [ -d "modules/blindbit" ]; then build_module "blindbit"; else echo "⚠️ blindbit module absent"; fi
-    if [ -d "modules/sdk_relay1" ]; then build_module "sdk_relay1"; fi
-    if [ -d "modules/sdk_relay2" ]; then build_module "sdk_relay2"; fi
-    if [ -d "modules/sdk_relay3" ]; then build_module "sdk_relay3"; fi
-    if [ -d "modules/sdk_storage" ]; then build_module "sdk_storage"; fi
-    if [ -d "modules/sdk_signer" ]; then build_module "sdk_signer"; fi
-    if [ -d "modules/ihm_client" ]; then build_module "ihm_client"; fi
-
-    # Projets nouvellement ajoutés (Le coffre)
-    # Le coffre-back et le coffre-front dans 4NK_node/projects
-    if [ -d "projects/lecoffre-back" ]; then build_project "lecoffre-back"; else echo "⚠️ lecoffre-back project absent"; fi
-    if [ -d "projects/lecoffre-front" ]; then build_project "lecoffre-front"; else echo "⚠️ lecoffre-front project absent"; fi
-
-    echo "🎉 Tous les modules et projets ont été construits !"
-else
-    # Construction d'un module ou d'un projet spécifique
-    if [ -d "modules/$1" ]; then
-        build_module "$1"
-    elif [ -d "projects/$1" ]; then
-        build_project "$1"
-    else
-        echo "Module ou projet inconnu: $1"
-        exit 1
-    fi
-fi

conf/nginx/nginx.conf.exemple

@@ -0,0 +1,18 @@
+worker_processes  1;
+
+events {
+    worker_connections  1024;
+}
+
+http {
+    include       mime.types;
+    default_type  application/octet-stream;
+    sendfile      on;
+    keepalive_timeout  65;
+
+    # Logs Nginx locaux (facultatif, peut être redirigé ailleurs)
+    access_log    /var/log/nginx/4nk_node.access.log;
+    error_log     /var/log/nginx/4nk_node.error.log;
+
+    include /etc/nginx/sites-enabled/*.conf;
+}

conf/nginx/sites-enabled/4nk_node.conf.exemple

@@ -0,0 +1,90 @@
+server {
+    listen 80 default_server;
+    server_name _;
+
+    # Format de logs dédié Grafana/Promtail
+    access_log  /var/log/nginx/4nk_node.access.log;
+    error_log   /var/log/nginx/4nk_node.error.log;
+
+    # ihm_client (HTTP)
+    location / {
+        proxy_pass http://ihm-client.4nk.local:80/;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+    # sdk_storage
+    location /sdk_storage/ {
+        proxy_pass http://sdk-storage.4nk.local:8081/;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+    # blindbit
+    location /blindbit/ {
+        proxy_pass http://blindbit.4nk.local:8000/;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+    # relais (HTTP API)
+    location /relay1/ { proxy_pass http://sdk-relay1.4nk.local:8091/; }
+    location /relay2/ { proxy_pass http://sdk-relay2.4nk.local:8093/; }
+    location /relay3/ { proxy_pass http://sdk-relay3.4nk.local:8095/; }
+
+    # relais (WebSocket)
+    location /relay1/ws/ {
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "Upgrade";
+        proxy_pass http://sdk-relay1.4nk.local:8090/;
+    }
+    location /relay2/ws/ {
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "Upgrade";
+        proxy_pass http://sdk-relay2.4nk.local:8092/;
+    }
+    location /relay3/ws/ {
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "Upgrade";
+        proxy_pass http://sdk-relay3.4nk.local:8094/;
+    }
+
+    # sdk_signer (WS et HTTP si exposés sur 9090/9092)
+    location /signer/ws/ {
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "Upgrade";
+        proxy_pass http://sdk-signer.4nk.local:9090/;
+    }
+    location /signer/ {
+        proxy_pass http://sdk-signer.4nk.local:9092/;
+    }
+
+    # lecoffre-front
+    location /coffre/ {
+        proxy_pass http://coffre-front.4nk.local:3003/;
+    }
+
+    # miniback (expose /logs si nécessaire)
+    location /miniback/ {
+        proxy_pass http://miniback.4nk.local:8081/;
+    }
+
+    # Grafana (sous-chemin /grafana)
+    location /grafana/ {
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_pass http://127.0.0.1:3000/;
+    }
+}

docker-compose.yml

@@ -1,38 +1,47 @@
 version: '3.8'
 
+# Updated to use newer Go-based images for builds; placeholder for future dynamic tag adjustments
+
 services:
   tor:
-    image: 4nk-node-tor:docker-support-v2
+    image: torproject/tor:latest
     container_name: 4nk-tor
+    hostname: tor.4nk.local
     ports:
       - "9050:9050"
       - "9051:9051"
     volumes:
-      - tor_data:/var/lib/tor
-      - ./conf/tor.conf:/etc/tor/torrc:ro
+      - ./modules/tor/conf/tor.conf:/etc/tor/torrc:ro
+      - ./modules/tor/data:/var/lib/tor
+      - ./modules/tor/log:/var/log/tor
     networks:
-      - 4nk_network
+      4nk_network:
+        ipv4_address: 172.20.0.10
     restart: unless-stopped
 
   bitcoin:
-    image: 4nk-node-bitcoin:docker-support-v2
+    image: ruimarinho/bitcoin-core:latest
     container_name: 4nk-bitcoin
+    hostname: bitcoin.4nk.local
     ports:
       - "38333:38333"
       - "38332:38332"
       - "29000:29000"
     volumes:
-      - bitcoin_data:/home/bitcoin/.bitcoin
-      - ./conf/bitcoin.conf:/home/bitcoin/bitcoin.conf:ro
+      - ./modules/bitcoin/data:/home/bitcoin/.bitcoin
+      - ./modules/bitcoin/conf/bitcoin.conf:/home/bitcoin/.bitcoin/bitcoin.conf:ro
+      - ./modules/bitcoin/logs:/home/bitcoin/.bitcoin/logs
     networks:
-      - 4nk_network
+      4nk_network:
+        ipv4_address: 172.20.0.11
     restart: unless-stopped
     depends_on:
       - tor
 
   blindbit:
-    image: 4nk-node-blindbit:docker-support-v2
+    image: 4nk-node-blindbit:latest
     container_name: 4nk-blindbit
+    hostname: blindbit.4nk.local
     ports:
       - "8000:8000"
 
@@ -49,9 +58,12 @@ services:
     command: ["/main", "--datadir", "/blindbit"]
     working_dir: /
     volumes:
-      - ./conf/blindbit.toml:/blindbit/blindbit.toml:ro
+      - ./modules/blindbit/conf/blindbit.toml:/blindbit/blindbit.toml:ro
+      - ./modules/blindbit/data:/blindbit
+      - ./modules/blindbit/logs:/blindbit/logs
     networks:
-      - 4nk_network
+      4nk_network:
+        ipv4_address: 172.20.0.12
     restart: unless-stopped
     depends_on:
       - bitcoin
@@ -63,14 +75,17 @@ services:
       start_period: 40s
 
   sdk_storage:
-    image: 4nk-node-sdk_storage:docker-support-v2
+    image: 4nk-node-sdk_storage:dev
     container_name: 4nk-sdk-storage
+    hostname: sdk-storage.4nk.local
     ports:
       - "8081:8081"
     volumes:
-      - ./conf/sdk_storage.conf:/usr/local/bin/sdk_storage.conf:ro
+      - ./modules/sdk_storage/conf/sdk_storage.conf:/usr/local/bin/sdk_storage.conf:ro
+      - ./modules/sdk_storage/log:/app/logs
     networks:
-      - 4nk_network
+      4nk_network:
+        ipv4_address: 172.20.0.13
     restart: unless-stopped
     depends_on:
       - blindbit
@@ -82,8 +97,9 @@ services:
       start_period: 40s
 
   sdk_relay1:
-    image: 4nk-node-sdk_relay1:docker-support-v2
+    image: 4nk-node-sdk_relay1:dev
     container_name: 4nk-sdk-relay1
+    hostname: sdk-relay1.4nk.local
     ports:
       - "8090:8090"
       - "8091:8091"
@@ -91,10 +107,12 @@ services:
       - RELAY_RPC_USER=bitcoin
       - RELAY_RPC_PASSWORD=bitcoin
     volumes:
-      - ./conf/sdk_relay1.conf:/home/bitcoin/.conf:ro
+      - ./modules/sdk_relay1/conf/sdk_relay1.conf:/home/bitcoin/.conf:ro
+      - ./modules/sdk_relay1/logs:/home/bitcoin/logs
     working_dir: /home/bitcoin
     networks:
-      - 4nk_network
+      4nk_network:
+        ipv4_address: 172.20.0.14
     restart: unless-stopped
     depends_on:
       - sdk_storage
@@ -106,8 +124,9 @@ services:
       start_period: 40s
 
   sdk_relay2:
-    image: 4nk-node-sdk_relay2:docker-support-v2
+    image: 4nk-node-sdk_relay2:dev
     container_name: 4nk-sdk-relay2
+    hostname: sdk-relay2.4nk.local
     ports:
       - "8092:8090"
       - "8093:8091"
@@ -115,10 +134,12 @@ services:
       - RELAY_RPC_USER=bitcoin
       - RELAY_RPC_PASSWORD=bitcoin
     volumes:
-      - ./conf/sdk_relay2.conf:/home/bitcoin/.conf:ro
+      - ./modules/sdk_relay2/conf/sdk_relay2.conf:/home/bitcoin/.conf:ro
+      - ./modules/sdk_relay2/logs:/home/bitcoin/logs
     working_dir: /home/bitcoin
     networks:
-      - 4nk_network
+      4nk_network:
+        ipv4_address: 172.20.0.15
     restart: unless-stopped
     depends_on:
       - sdk_storage
@@ -130,8 +151,9 @@ services:
       start_period: 40s
 
   sdk_relay3:
-    image: 4nk-node-sdk_relay3:docker-support-v2
+    image: 4nk-node-sdk_relay3:dev
     container_name: 4nk-sdk-relay3
+    hostname: sdk-relay3.4nk.local
     ports:
       - "8094:8090"
       - "8095:8091"
@@ -139,10 +161,12 @@ services:
       - RELAY_RPC_USER=bitcoin
       - RELAY_RPC_PASSWORD=bitcoin
     volumes:
-      - ./conf/sdk_relay3.conf:/home/bitcoin/.conf:ro
+      - ./modules/sdk_relay3/conf/sdk_relay3.conf:/home/bitcoin/.conf:ro
+      - ./modules/sdk_relay3/logs:/home/bitcoin/logs
     working_dir: /home/bitcoin
     networks:
-      - 4nk_network
+      4nk_network:
+        ipv4_address: 172.20.0.16
     restart: unless-stopped
     depends_on:
       - sdk_storage
@@ -154,15 +178,18 @@ services:
       start_period: 40s
 
   sdk_signer:
-    image: 4nk-node-sdk_signer:docker-support-v2
+    image: 4nk-node-sdk_signer:dev
     container_name: 4nk-sdk-signer
+    hostname: sdk-signer.4nk.local
     ports:
       - "9090:9090"
     volumes:
-      - ./conf/sdk_signer.conf:/usr/local/bin/sdk_signer.conf:ro
-      - sdk_signer_data:/app/data
+      - ./modules/sdk_signer/conf/sdk_signer.conf:/usr/local/bin/sdk_signer.conf:ro
+      - ./modules/sdk_signer/data:/app/data
+      - ./modules/sdk_signer/logs:/usr/src/app/logs
     networks:
-      - 4nk_network
+      4nk_network:
+        ipv4_address: 172.20.0.17
     restart: unless-stopped
     depends_on:
       - sdk_relay1
@@ -176,13 +203,17 @@ services:
       start_period: 40s
 
   ihm_client:
-    image: 4nk-node-ihm_client:docker-support-v2
+    image: 4nk-node-ihm_client:dev
     container_name: 4nk-ihm-client
+    hostname: ihm-client.4nk.local
     ports:
       - "8080:80"
       - "3003:3003"
+    volumes:
+      - ./modules/ihm_client/logs:/var/log/ihm_client
     networks:
-      - 4nk_network
+      4nk_network:
+        ipv4_address: 172.20.0.18
     restart: unless-stopped
     depends_on:
       - sdk_signer
@@ -196,6 +227,7 @@ services:
   miniback-postgres:
     image: postgres:15
     container_name: miniback-postgres
+    hostname: miniback-postgres.4nk.local
     environment:
       - POSTGRES_USER=miniback
       - POSTGRES_PASSWORD=minibackpassword
@@ -203,45 +235,74 @@ services:
     volumes:
       - miniback_pg_data:/var/lib/postgresql/data
     networks:
-      - 4nk_network
+      4nk_network:
+        ipv4_address: 172.20.0.30
     restart: unless-stopped
     ports:
       - "5432:5432"
 
   miniback:
-    image: 4nk-node-miniback:latest
+    image: 4nk-node-miniback:dev
     container_name: miniback
+    hostname: miniback.4nk.local
     env_file:
-      - ./conf/miniback_env.conf
+      - ./projects/lecoffre/lecoffre-back-mini/conf/lecoffre-back-mini_env.conf
     depends_on:
       - miniback-postgres
     networks:
-      - 4nk_network
+      4nk_network:
+        ipv4_address: 172.20.0.31
     restart: unless-stopped
     volumes:
-      - ./logs/miniback:/logs
-      - ./conf/miniback_env.conf:/app/.env:ro
+      - ./projects/lecoffre/lecoffre-back-mini/logs:/logs
+      - ./projects/lecoffre/lecoffre-back-mini/conf/lecoffre-back-mini_env.conf:/app/.env:ro
 
   coffre_front:
-    image: lecoffre-front:latest
+    image: lecoffre-front:dev
     container_name: coffre-front
+    hostname: coffre-front.4nk.local
+    volumes:
+      - ./projects/lecoffre/lecoffre-front/logs:/logs
     networks:
-      - 4nk_network
+      4nk_network:
+        ipv4_address: 172.20.0.32
     restart: unless-stopped
 
   coffre_back_mini:
-    image: lecoffre-back-mini:latest
+    image: lecoffre-back-mini:dev
     container_name: coffre-back-mini
+    hostname: coffre-back-mini.4nk.local
     networks:
-      - 4nk_network
+      4nk_network:
+        ipv4_address: 172.20.0.33
+    restart: unless-stopped
+
+  nginx:
+    image: nginx:1.25
+    container_name: 4nk-nginx
+    hostname: nginx.4nk.local
+    ports:
+      - "80:80"
+    volumes:
+      - ./conf/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
+      - ./conf/nginx/sites-enabled:/etc/nginx/sites-enabled:ro
+      - ./log/nginx:/var/log/nginx
+    networks:
+      4nk_network:
+        ipv4_address: 172.20.0.40
     restart: unless-stopped
 
 volumes:
-  tor_data:
-  bitcoin_data:
-  sdk_signer_data:
   miniback_pg_data:
 
 networks:
   4nk_network:
     driver: bridge
+    ipam:
+      config:
+        - subnet: 172.20.0.0/16
+  4nk_projects_net:
+    driver: bridge
+    ipam:
+      config:
+        - subnet: 172.21.0.0/16

docs/ARCHITECTURE.md

@@ -11,3 +11,10 @@
 ## Sécurité
 
 ## Observabilité
+
+### Politique des images
+
+- Externes : Tor (`torproject/tor:latest`), Bitcoin Core (`ruimarinho/bitcoin-core:latest`), Blindbit (`4nk-node-blindbit:latest`).
+- Internes : images taguées `:dev` en cours de création (sdk_storage, sdk_relay1/2/3, sdk_signer, ihm_client, miniback, lecoffre-front, lecoffre-back-mini).
+
+Les hostnames internes sont fixés en `.4nk.local` et une IP statique est réservée par service sur `4nk_network`.

docs/CONFIGURATION.md

@@ -0,0 +1,34 @@
+## Configuration des images et tags
+
+### Introduction
+
+Ce document précise l'état courant de la politique de tags d'images et leur utilisation dans l'orchestrateur de `4NK_node`.
+
+### Politique de tags (en cours de création)
+
+- Les tags de build « dev » sont en cours de création pour les services applicatifs internes.
+- À date, l'orchestrateur référence :
+  - Images externes stables (inchangées) : `torproject/tor:latest`, `ruimarinho/bitcoin-core:latest` et `4nk-node-blindbit:latest`.
+  - Images internes basculées sur le tag « dev » (en attente de disponibilité sur le registre) :
+    - `4nk-node-sdk_storage:dev`
+    - `4nk-node-sdk_relay1:dev`, `4nk-node-sdk_relay2:dev`, `4nk-node-sdk_relay3:dev`
+    - `4nk-node-sdk_signer:dev`
+    - `4nk-node-ihm_client:dev`
+    - `4nk-node-miniback:dev`
+    - `lecoffre-front:dev`, `lecoffre-back-mini:dev`
+
+Lorsque les tags « dev » seront effectivement publiés, un `docker compose pull` puis un redémarrage permettront d'aligner les environnements.
+
+### Réseaux et adresses
+
+- Réseau principal `4nk_network` : `172.20.0.0/16`, IP et hostnames statiques par service.
+- Réseau réservé projets `4nk_projects_net` : `172.21.0.0/16` (aucun service attaché pour l'instant).
+
+### Montages de configuration et journaux
+
+- Les fichiers de configuration sont montés depuis `modules/*/conf` et `projects/*/*/conf`.
+- Les journaux applicatifs sont montés depuis `modules/*/logs` et `projects/*/*/logs` pour observabilité.
+
+### Conclusion
+
+Les tags « dev » sont en cours de création et déjà référencés dans l'orchestrateur afin d'anticiper leur disponibilité. Cette page sera actualisée dès publication effective. Les mises à jour corrélées sont reflétées dans `docs/ARCHITECTURE.md` et le `CHANGELOG.md`.

docs/INDEX.md

@@ -0,0 +1,25 @@
+## Index de la documentation 4NK_node
+
+### Guides principaux
+- Configuration: `docs/CONFIGURATION.md`
+- Architecture: `docs/ARCHITECTURE.md`
+- Usage: `docs/USAGE.md`
+- Réseau et cartographie: `docs/NETWORK.md`
+
+### Monitoring et logs
+- Stack monitoring (Loki/Promtail/Grafana): `log-monitoring.yml`
+- Provisioning Grafana: `log/grafana-datasources.yml`, `log/grafana-dashboards.yml`
+- Collecte Promtail: `log/promtail-config.yml`
+
+### Reverse proxy
+- Nginx conf: `conf/nginx/nginx.conf`
+- Virtual host: `conf/nginx/sites-enabled/4nk_node.conf`
+
+### Répertoires par service
+- Modules: `modules/<service>/{conf,data,logs,scripts}`
+- Projets: `projects/<projet>/<image>/{conf,data,logs,scripts}`
+
+### Notes
+- Les images internes référencées en `:dev` sont en cours de création.
+- Grafana est servi sous `/grafana` via Nginx.
+

docs/NETWORK.md

@@ -0,0 +1,50 @@
+## Réseau et cartographie des services
+
+### Sous-réseaux
+- 4nk_network: 172.20.0.0/16 (services applicatifs, IP statiques et hostnames fixés)
+- 4nk_projects_net: 172.21.0.0/16 (réservé, aucun service attaché pour l’instant)
+
+### Tableau de mapping
+
+| Service | Hostname | IP | Ports exposés | Montages conf/data/logs | Nginx (routes) | Dépendances |
+|---|---|---|---|---|---|---|
+| tor | tor.4nk.local | 172.20.0.10 | 9050, 9051 | conf:/etc/tor/torrc(ro), data:/var/lib/tor, logs:/var/log/tor | — | — |
+| bitcoin | bitcoin.4nk.local | 172.20.0.11 | 38333, 38332, 29000 | conf:/home/bitcoin/.bitcoin/bitcoin.conf(ro), data:/home/bitcoin/.bitcoin, logs:/home/bitcoin/.bitcoin/logs | — | tor |
+| blindbit | blindbit.4nk.local | 172.20.0.12 | 8000 | conf:/blindbit/blindbit.toml(ro), data:/blindbit, logs:/blindbit/logs | /blindbit/ → :8000 | bitcoin |
+| sdk_storage | sdk-storage.4nk.local | 172.20.0.13 | 8081 | conf:/usr/local/bin/sdk_storage.conf(ro), logs:/app/logs | /sdk_storage/ → :8081 | blindbit |
+| sdk_relay1 | sdk-relay1.4nk.local | 172.20.0.14 | 8090(ws), 8091(http) | conf:/home/bitcoin/.conf(ro), logs:/home/bitcoin/logs | /relay1/, /relay1/ws/ | sdk_storage |
+| sdk_relay2 | sdk-relay2.4nk.local | 172.20.0.15 | 8092(ws), 8093(http) | conf:/home/bitcoin/.conf(ro), logs:/home/bitcoin/logs | /relay2/, /relay2/ws/ | sdk_storage |
+| sdk_relay3 | sdk-relay3.4nk.local | 172.20.0.16 | 8094(ws), 8095(http) | conf:/home/bitcoin/.conf(ro), logs:/home/bitcoin/logs | /relay3/, /relay3/ws/ | sdk_storage |
+| sdk_signer | sdk-signer.4nk.local | 172.20.0.17 | 9090(ws), 9092(http) | conf:/usr/local/bin/sdk_signer.conf(ro), data:/app/data, logs:/usr/src/app/logs | /signer/, /signer/ws/ | sdk_relay1/2/3 |
+| ihm_client | ihm-client.4nk.local | 172.20.0.18 | 80, 3003 | logs:/var/log/ihm_client | / (→:80), /coffre/ (→coffre_front:3003) | sdk_signer |
+| miniback-postgres | miniback-postgres.4nk.local | 172.20.0.30 | 5432 | data:/var/lib/postgresql/data(volume) | — | — |
+| miniback | miniback.4nk.local | 172.20.0.31 | — | logs:/logs, env:.env(ro) | /miniback/ (si HTTP) | miniback-postgres |
+| coffre_front | coffre-front.4nk.local | 172.20.0.32 | 3003 | logs:/logs | /coffre/ → :3003 | — |
+| coffre_back_mini | coffre-back-mini.4nk.local | 172.20.0.33 | — | — | — | — |
+| nginx | nginx.4nk.local | 172.20.0.40 | 80 | conf:/etc/nginx, logs:/var/log/nginx | reverse proxy + /grafana/ | — |
+
+### Observabilité
+- Promtail lit: `./log/**/*.log`, `./modules/*/logs/**/*.log`, `./projects/*/*/logs/**/*.log` et pousse vers Loki.
+- Grafana est servi via Nginx sous `/grafana/` et provisionné avec datasources/dashboards.
+
+### Liens entre services (flux réseau et dépendances)
+- Tor → Bitcoin Core
+  - Bitcoin utilise Tor comme proxy (`proxy=tor.4nk.local:9050`) et active `listenonion=1`.
+- Bitcoin Core → Blindbit
+  - Blindbit lit l’endpoint RPC de Bitcoin (`http://bitcoin.4nk.local:38332`) et s’appuie sur ZMQ (`tcp://bitcoin.4nk.local:29000`).
+- Blindbit → SDK Storage
+  - SDK Storage consomme les index/infos de Blindbit (config via `sdk_storage.conf`).
+- SDK Storage → SDK Relays (1/2/3)
+  - Les relais interrogent Storage côté API HTTP (8091/8093/8095) et exposent WS séparés (8090/8092/8094).
+- SDK Relays (1/2/3) → SDK Signer
+  - Signer se connecte aux trois relais (WS et/ou HTTP) et à Storage; il consomme également Blindbit et Bitcoin RPC (pour certaines opérations).
+- SDK Signer → IHM Client
+  - L’application front s’appuie sur Signer (WS 9090, HTTP 9092) pour l’orchestration fonctionnelle.
+- Miniback → Postgres
+  - Miniback utilise `miniback-postgres` (5432) comme base de données.
+- Nginx → Tous services HTTP/WS
+  - Reverse‑proxy vers: IHM (`/`), Storage (`/sdk_storage/`), Blindbit (`/blindbit/`), Relais (`/relayX/` + `/relayX/ws/`), Signer (`/signer/` + `/signer/ws/`), Coffre (`/coffre/`), Miniback (`/miniback/`), Grafana (`/grafana/`).
+
+### Notes
+- Les services internes utilisent des hostnames Docker `.4nk.local` résolus par le DNS du réseau `4nk_network`.
+- Les tags d’images `:dev` sont en cours de création; voir `docs/CONFIGURATION.md`.

docs/RELEASE_NOTES.md

@@ -0,0 +1,5 @@
+# Release 1.1.3 - 2025-09-07
+
+- Mise à jour des versions `VERSION` et `TEMPLATE_VERSION`.
+- Ajout des notes de release dédiées dans `docs/RELEASE_NOTES.md` et `tests/RELEASE_NOTES.md`.
+- Mise à jour du changelog pour refléter cette release.

docs/USAGE.md

@@ -2,10 +2,39 @@
 
 ## Prérequis
 
+- Docker et docker compose installés
+- Nginx utilisé via le service `nginx` de l'orchestrateur
+
 ## Installation locale
 
+- Cloner le dépôt et se placer à la racine
+- Vérifier la présence des répertoires `modules/` et `projects/` avec `conf/`, `data/`, `logs/`, `scripts/`
+- Vérifier la disponibilité des images taggées `:dev` (en cours de création) ou utiliser des tags stables le cas échéant
+
 ## Démarrage
 
+- Démarrer la stack applicative : `docker compose up -d`
+- Démarrer la stack de monitoring (Loki/Promtail/Grafana) si souhaité : `docker compose -f log-monitoring.yml up -d`
+- Accéder aux services via Nginx :
+  - IHM: `http://localhost/`
+  - Blindbit: `http://localhost/blindbit/`
+  - SDK Storage: `http://localhost/sdk_storage/`
+  - Relais HTTP: `http://localhost/relay1/`, `/relay2/`, `/relay3/`
+  - Relais WebSocket: `ws://localhost/relay1/ws/` (idem `relay2`, `relay3`)
+  - Signer WS: `ws://localhost/signer/ws/`; HTTP: `http://localhost/signer/`
+  - Coffre front: `http://localhost/coffre/`
+  - Grafana: `http://localhost/grafana/`
+
 ## Commandes utiles
 
+- Mettre à jour les images: `docker compose pull`
+- Voir les logs Nginx: `tail -f log/nginx/4nk_node.access.log`
+- Voir les logs des services (montés): `tail -f modules/<service>/logs/*`
+- Logs Promtail/Loki/Grafana: voir `log/` et `log-monitoring.yml`
+
 ## Dépannage
+
+- Vérifier les hostnames Docker internes (DNS du réseau `4nk_network`): voir `docker-compose.yml`
+- Les tags `:dev` sont en cours de création; en cas d’indisponibilité, utiliser des tags stables temporaires
+- Conf Tor: `modules/tor/conf/tor.conf` est montée si l'image Tor supporte `/etc/tor/torrc`
+- Le reverse proxy Nginx s’appuie sur les hostnames Docker (`*.4nk.local`); en cas de changement d’IP/hostnames, mettre à jour `docker-compose.yml` et relancer `nginx`.

log-monitoring.yml

@@ -22,6 +22,9 @@ services:
       - ./log/promtail-config.yml:/etc/promtail/config.yml:ro
       - /var/lib/docker/containers:/var/lib/docker/containers:ro
       - /var/log/docker:/var/log/docker:ro
+      - ./modules:/workspace/modules:ro
+      - ./projects:/workspace/projects:ro
+      - ./log:/workspace/logs:ro
     networks:
       - 4nk_network
     restart: unless-stopped
@@ -36,6 +39,8 @@ services:
     environment:
       - GF_SECURITY_ADMIN_PASSWORD=admin
       - GF_USERS_ALLOW_SIGN_UP=false
+      - GF_SERVER_ROOT_URL=%(protocol)s://%(domain)s/grafana
+      - GF_SERVER_SERVE_FROM_SUB_PATH=true
     volumes:
       - grafana_data:/var/lib/grafana
       - ./log/grafana-datasources.yml:/etc/grafana/provisioning/datasources/datasources.yml:ro

log/README.md

@@ -0,0 +1,203 @@
+# 📊 Monitoring des Logs 4NK_node
+
+Ce répertoire contient la configuration complète pour surveiller et analyser les logs de tous les services 4NK_node en temps réel.
+
+## 🚀 Démarrage Rapide
+
+### 1. Démarrer le monitoring
+```bash
+cd 4NK_node
+./log/start-monitoring.sh
+```
+
+### 2. Accéder à Grafana
+- **URL**: http://localhost:3000
+- **Utilisateur**: `admin`
+- **Mot de passe**: `admin`
+
+### 3. Dashboard principal
+Le dashboard principal est automatiquement configuré et accessible à :
+http://localhost:3000/d/4nk-node-logs/4nk-node-vue-d-ensemble-des-logs
+
+## 🏗️ Architecture
+
+```
+┌─────────────────┐    ┌─────────────────┐    ┌─────────────────┐
+│   Services      │    │   Promtail      │    │     Loki        │
+│   4NK_node      │───▶│  (Collecteur)   │───▶│  (Stockage)     │
+│                 │    │                 │    │                 │
+└─────────────────┘    └─────────────────┘    └─────────────────┘
+                                │                       │
+                                ▼                       ▼
+                       ┌─────────────────┐    ┌─────────────────┐
+                       │   Grafana       │    │   Dashboards    │
+                       │ (Visualisation) │◄───│   (Analyses)    │
+                       └─────────────────┘    └─────────────────┘
+```
+
+## 📁 Structure des Fichiers
+
+```
+log/
+├── README.md                           # Ce fichier
+├── start-monitoring.sh                 # Script de démarrage
+├── log-monitoring.yml                  # Docker Compose pour le monitoring
+├── loki-config.yaml                    # Configuration Loki
+├── promtail-config.yml                 # Configuration Promtail
+├── grafana-datasources.yml             # Sources de données Grafana
+├── grafana-dashboards.yml              # Configuration des dashboards
+└── dashboards/
+    └── 4nk-node-overview.json         # Dashboard principal
+```
+
+## 🔧 Services de Monitoring
+
+### Loki (Port 3100)
+- **Rôle**: Stockage et indexation des logs
+- **Fonctionnalités**: Requêtes LogQL, rétention configurable
+- **Stockage**: Fichiers locaux avec compression
+
+### Promtail (Port 9080)
+- **Rôle**: Collecte des logs Docker
+- **Fonctionnalités**: Parsing JSON, étiquetage automatique
+- **Collecte**: Logs de tous les conteneurs 4NK_node
+
+### Grafana (Port 3000)
+- **Rôle**: Interface de visualisation
+- **Fonctionnalités**: Dashboards, alertes, requêtes temps réel
+- **Accès**: Interface web avec authentification
+
+## 📊 Dashboards Disponibles
+
+### Dashboard Principal : "4NK Node - Vue d'ensemble des Logs"
+- **Log Rate par Service**: Graphique temporel des logs par service
+- **Total Logs (5m)**: Statistique du nombre total de logs
+- **Logs en Temps Réel**: Affichage en direct des logs de tous les services
+- **Répartition par Service**: Graphique circulaire des logs par service
+- **Répartition par Niveau**: Graphique circulaire des logs par niveau (info, error, debug)
+
+## 🔍 Requêtes LogQL Utiles
+
+### Logs d'un service spécifique
+```logql
+{job="4nk_node", service="bitcoin"}
+```
+
+### Logs d'erreur
+```logql
+{job="4nk_node"} |= "error"
+```
+
+### Logs des dernières 5 minutes
+```logql
+{job="4nk_node"} [5m]
+```
+
+### Recherche de texte
+```logql
+{job="4nk_node"} |~ "connection.*failed"
+```
+
+## 🛠️ Commandes Utiles
+
+### Démarrer le monitoring
+```bash
+docker compose -f log-monitoring.yml up -d
+```
+
+### Voir les logs des services de monitoring
+```bash
+docker compose -f log-monitoring.yml logs -f
+```
+
+### Arrêter le monitoring
+```bash
+docker compose -f log-monitoring.yml down
+```
+
+### Redémarrer un service spécifique
+```bash
+docker compose -f log-monitoring.yml restart grafana
+```
+
+### Vérifier le statut
+```bash
+docker compose -f log-monitoring.yml ps
+```
+
+## 📈 Métriques Surveillées
+
+### Services 4NK_node
+- **bitcoin**: Logs de synchronisation, connexions RPC
+- **blindbit**: Logs de traitement des blocs, erreurs
+- **sdk_relay1/2/3**: Logs de connexion Bitcoin, erreurs RPC
+- **sdk_signer**: Logs de connexion aux relays, erreurs WebSocket
+- **sdk_storage**: Logs de base de données, erreurs de stockage
+- **ihm_client**: Logs de l'interface utilisateur
+- **tor**: Logs de connexion, erreurs de proxy
+
+### Niveaux de Log
+- **INFO**: Informations générales, statut des services
+- **ERROR**: Erreurs critiques, échecs de connexion
+- **DEBUG**: Informations détaillées pour le débogage
+- **WARN**: Avertissements, problèmes non critiques
+
+## 🔒 Sécurité
+
+- **Grafana**: Authentification requise (admin/admin)
+- **Loki**: Pas d'authentification (accès local uniquement)
+- **Promtail**: Pas d'authentification (collecte locale uniquement)
+- **Ports exposés**: 3000 (Grafana), 3100 (Loki), 9080 (Promtail)
+
+## 🚨 Dépannage
+
+### Grafana ne démarre pas
+```bash
+docker compose -f log-monitoring.yml logs grafana
+```
+
+### Promtail ne collecte pas de logs
+```bash
+docker compose -f log-monitoring.yml logs promtail
+```
+
+### Loki ne stocke pas de logs
+```bash
+docker compose -f log-monitoring.yml logs loki
+```
+
+### Vérifier les permissions
+```bash
+ls -la log/
+chmod +x log/start-monitoring.sh
+```
+
+## 📝 Personnalisation
+
+### Ajouter un nouveau service
+1. Modifier `promtail-config.yml`
+2. Ajouter une nouvelle section `static_configs`
+3. Redémarrer Promtail
+
+### Créer un nouveau dashboard
+1. Créer un fichier JSON dans `dashboards/`
+2. Modifier `grafana-dashboards.yml` si nécessaire
+3. Redémarrer Grafana
+
+### Modifier la rétention des logs
+1. Modifier `loki-config.yaml`
+2. Ajuster `retention_period` et `chunk_retain_period`
+3. Redémarrer Loki
+
+## 🌟 Fonctionnalités Avancées
+
+- **Alertes**: Configuration d'alertes sur des patterns de logs
+- **Rétention**: Gestion automatique de la rétention des logs
+- **Compression**: Compression automatique des anciens logs
+- **Recherche**: Recherche full-text dans tous les logs
+- **Filtrage**: Filtrage par service, niveau, timestamp
+- **Export**: Export des logs en différents formats
+
+---
+
+**Note**: Ce système de monitoring est conçu pour un environnement de développement. Pour la production, considérez l'ajout d'authentification et de chiffrement.

log/dashboards/4nk-node-overview.json

@@ -0,0 +1,347 @@
+{
+  "annotations": {
+    "list": [
+      {
+        "builtIn": 1,
+        "datasource": {
+          "type": "grafana",
+          "uid": "-- Grafana --"
+        },
+        "enable": true,
+        "hide": true,
+        "iconColor": "rgba(0, 211, 255, 1)",
+        "name": "Annotations & Alerts",
+        "type": "dashboard"
+      }
+    ]
+  },
+  "editable": true,
+  "fiscalYearStartMonth": 0,
+  "graphTooltip": 0,
+  "id": null,
+  "links": [],
+  "liveNow": false,
+  "panels": [
+    {
+      "datasource": {
+        "type": "loki",
+        "uid": "loki"
+      },
+      "fieldConfig": {
+        "defaults": {
+          "color": {
+            "mode": "palette-classic"
+          },
+          "custom": {
+            "axisLabel": "",
+            "axisPlacement": "auto",
+            "barAlignment": 0,
+            "drawStyle": "line",
+            "fillOpacity": 10,
+            "gradientMode": "none",
+            "hideFrom": {
+              "legend": false,
+              "tooltip": false,
+              "vis": false
+            },
+            "lineInterpolation": "linear",
+            "lineWidth": 1,
+            "pointSize": 5,
+            "scaleDistribution": {
+              "type": "linear"
+            },
+            "showPoints": "never",
+            "spanNulls": false,
+            "stacking": {
+              "group": "A",
+              "mode": "none"
+            },
+            "thresholdsStyle": {
+              "mode": "off"
+            }
+          },
+          "mappings": [],
+          "thresholds": {
+            "mode": "absolute",
+            "steps": [
+              {
+                "color": "green",
+                "value": null
+              },
+              {
+                "color": "red",
+                "value": 80
+              }
+            ]
+          },
+          "unit": "short"
+        },
+        "overrides": []
+      },
+      "gridPos": {
+        "h": 8,
+        "w": 12,
+        "x": 0,
+        "y": 0
+      },
+      "id": 1,
+      "options": {
+        "legend": {
+          "calcs": [],
+          "displayMode": "list",
+          "placement": "bottom",
+          "showLegend": true
+        },
+        "tooltip": {
+          "mode": "single",
+          "sort": "none"
+        }
+      },
+      "targets": [
+        {
+          "datasource": {
+            "type": "loki",
+            "uid": "loki"
+          },
+          "editorMode": "code",
+          "expr": "rate({job=\"4nk_node\"} [5m])",
+          "queryType": "",
+          "refId": "A"
+        }
+      ],
+      "title": "Log Rate par Service",
+      "type": "timeseries"
+    },
+    {
+      "datasource": {
+        "type": "loki",
+        "uid": "loki"
+      },
+      "fieldConfig": {
+        "defaults": {
+          "color": {
+            "mode": "thresholds"
+          },
+          "mappings": [],
+          "thresholds": {
+            "mode": "absolute",
+            "steps": [
+              {
+                "color": "green",
+                "value": null
+              },
+              {
+                "color": "red",
+                "value": 80
+              }
+            ]
+          }
+        },
+        "overrides": []
+      },
+      "gridPos": {
+        "h": 8,
+        "w": 12,
+        "x": 12,
+        "y": 0
+      },
+      "id": 2,
+      "options": {
+        "colorMode": "value",
+        "graphMode": "area",
+        "justifyMode": "auto",
+        "orientation": "auto",
+        "reduceOptions": {
+          "calcs": [
+            "lastNotNull"
+          ],
+          "fields": "",
+          "values": false
+        },
+        "textMode": "auto"
+      },
+      "pluginVersion": "10.0.0",
+      "targets": [
+        {
+          "datasource": {
+            "type": "loki",
+            "uid": "loki"
+          },
+          "editorMode": "code",
+          "expr": "count_over_time({job=\"4nk_node\"} [5m])",
+          "queryType": "",
+          "refId": "A"
+        }
+      ],
+      "title": "Total Logs (5m)",
+      "type": "stat"
+    },
+    {
+      "datasource": {
+        "type": "loki",
+        "uid": "loki"
+      },
+      "gridPos": {
+        "h": 8,
+        "w": 24,
+        "x": 0,
+        "y": 8
+      },
+      "id": 3,
+      "options": {
+        "dedupStrategy": "none",
+        "enableLogDetails": true,
+        "prettifyLogMessage": false,
+        "showCommonLabels": false,
+        "showLabels": false,
+        "showTime": false,
+        "sortOrder": "Descending",
+        "wrapLogMessage": false
+      },
+      "targets": [
+        {
+          "datasource": {
+            "type": "loki",
+            "uid": "loki"
+          },
+          "editorMode": "code",
+          "expr": "{job=\"4nk_node\"} | json | line_format \"{{.service}}: {{.msg}}\"",
+          "maxLines": 100,
+          "queryType": "",
+          "refId": "A"
+        }
+      ],
+      "title": "Logs en Temps Réel - Tous les Services",
+      "type": "logs"
+    },
+    {
+      "datasource": {
+        "type": "loki",
+        "uid": "loki"
+      },
+      "fieldConfig": {
+        "defaults": {
+          "color": {
+            "mode": "palette-classic"
+          },
+          "custom": {
+            "hideFrom": {
+              "legend": false,
+              "tooltip": false,
+              "vis": false
+            }
+          },
+          "mappings": []
+        },
+        "overrides": []
+      },
+      "gridPos": {
+        "h": 8,
+        "w": 12,
+        "x": 0,
+        "y": 16
+      },
+      "id": 4,
+      "options": {
+        "legend": {
+          "displayMode": "list",
+          "placement": "bottom",
+          "showLegend": true
+        },
+        "pieType": "pie",
+        "reduceOptions": {
+          "calcs": [
+            "lastNotNull"
+          ],
+          "fields": "",
+          "values": false
+        },
+        "tooltip": {
+          "mode": "single",
+          "sort": "none"
+        }
+      },
+      "targets": [
+        {
+          "datasource": {
+            "type": "loki",
+            "uid": "loki"
+          },
+          "editorMode": "code",
+          "expr": "count_over_time({job=\"4nk_node\"} [5m]) by (service)",
+          "queryType": "",
+          "refId": "A"
+        }
+      ],
+      "title": "Répartition des Logs par Service",
+      "type": "piechart"
+    },
+    {
+      "datasource": {
+        "type": "loki",
+        "uid": "loki"
+      },
+      "gridPos": {
+        "h": 8,
+        "w": 12,
+        "x": 12,
+        "y": 16
+      },
+      "id": 5,
+      "options": {
+        "legend": {
+          "displayMode": "list",
+          "placement": "bottom",
+          "showLegend": true
+        },
+        "pieType": "pie",
+        "reduceOptions": {
+          "calcs": [
+            "lastNotNull"
+          ],
+          "fields": "",
+          "values": false
+        },
+        "tooltip": {
+          "mode": "single",
+          "sort": "none"
+        }
+      },
+      "targets": [
+        {
+          "datasource": {
+            "type": "loki",
+            "uid": "loki"
+          },
+          "editorMode": "code",
+          "expr": "count_over_time({job=\"4nk_node\"} [5m]) by (level)",
+          "queryType": "",
+          "refId": "A"
+        }
+      ],
+      "title": "Répartition des Logs par Niveau",
+      "type": "piechart"
+    }
+  ],
+  "refresh": "5s",
+  "schemaVersion": 38,
+  "style": "dark",
+  "tags": [
+    "4nk_node",
+    "monitoring",
+    "logs"
+  ],
+  "templating": {
+    "list": []
+  },
+  "time": {
+    "from": "now-1h",
+    "to": "now"
+  },
+  "timepicker": {},
+  "timezone": "",
+  "title": "4NK Node - Vue d'ensemble des Logs",
+  "uid": "4nk-node-logs",
+  "version": 1,
+  "weekStart": ""
+}

log/grafana-dashboards.yml

@@ -0,0 +1,13 @@
+apiVersion: 1
+
+providers:
+  - name: '4NK Dashboards'
+    orgId: 1
+    folder: '4NK'
+    type: file
+    disableDeletion: false
+    editable: true
+    updateIntervalSeconds: 30
+    options:
+      path: /etc/grafana/provisioning/dashboards/dashboards
+EOF

log/grafana-datasources.yml

@@ -0,0 +1,11 @@
+apiVersion: 1
+
+datasources:
+  - name: Loki
+    type: loki
+    access: proxy
+    url: http://loki:3100
+    isDefault: true
+    jsonData:
+      maxLines: 5000
+EOF

log/loki-config.yaml

@@ -0,0 +1,45 @@
+server:
+  http_listen_port: 3100
+  grpc_listen_port: 9096
+  log_level: info
+  chunk_target_size: 1048576
+schema_config:
+  configs:
+    - from: 2020-10-15
+      store: boltdb-shipper
+      object_store: filesystem
+      schema: v11
+      index:
+        prefix: index_
+        period: 24h
+storage_config:
+  boltdb_shipper:
+    active_index_directory: /loki/index
+    cache_location: /loki/boltdb-cache
+    shared_store: filesystem
+  filesystem:
+    directory: /loki/chunks
+limits_config:
+  enforce_metric_name: false
+  reject_old_samples: true
+  reject_old_samples_max_age: 168h
+chunk_store_config:
+  max_look_back_period: 168h
+compactor:
+  working_directory: /loki/boltdb-shipper-compactor
+  shared_store: filesystem
+  compactor_ring:
+    kvstore:
+      store: inmemory
+ruler:
+  storage:
+    type: local
+    local:
+      directory: /loki/rules
+  ring:
+    kvstore:
+      store: inmemory
+  rule_path: /loki/rules-temp
+  alertmanager_url: http://localhost:9093
+  enable_api: true
+EOF

log/promtail-config.yml

@@ -0,0 +1,32 @@
+server:
+  http_listen_port: 9080
+  grpc_listen_port: 0
+
+positions:
+  filename: /tmp/positions.yaml
+
+clients:
+  - url: http://loki:3100/loki/api/v1/push
+
+scrape_configs:
+  - job_name: 4nk_node_core_logs
+    static_configs:
+      - targets: [localhost]
+        labels:
+          job: 4nk_node_core
+          __path__: /workspace/logs/**/*.log
+
+  - job_name: 4nk_modules_logs
+    static_configs:
+      - targets: [localhost]
+        labels:
+          job: 4nk_modules
+          __path__: /workspace/modules/*/logs/**/*.log
+
+  - job_name: 4nk_projects_logs
+    static_configs:
+      - targets: [localhost]
+        labels:
+          job: 4nk_projects
+          __path__: /workspace/projects/*/*/logs/**/*.log
+EOF

log/start-monitoring.sh

@@ -0,0 +1,49 @@
+#!/bin/bash
+
+# Script de démarrage du monitoring des logs 4NK_node
+# Auteur: Assistant IA
+# Date: $(date)
+
+echo "🚀 Démarrage du monitoring des logs 4NK_node..."
+
+# Vérifier que nous sommes dans le bon répertoire
+if [ ! -f "log-monitoring.yml" ]; then
+    echo "❌ Erreur: Ce script doit être exécuté depuis le répertoire 4NK_node"
+    exit 1
+fi
+
+# Démarrer les services de monitoring
+echo "📊 Démarrage de Loki (stockage des logs)..."
+docker compose -f log-monitoring.yml up -d loki
+
+echo "⏳ Attente du démarrage de Loki..."
+sleep 10
+
+echo "📥 Démarrage de Promtail (collecte des logs)..."
+docker compose -f log-monitoring.yml up -d promtail
+
+echo "⏳ Attente du démarrage de Promtail..."
+sleep 5
+
+echo "📈 Démarrage de Grafana (visualisation)..."
+docker compose -f log-monitoring.yml up -d grafana
+
+echo "⏳ Attente du démarrage de Grafana..."
+sleep 10
+
+# Vérifier le statut des services
+echo "🔍 Vérification du statut des services..."
+docker compose -f log-monitoring.yml ps
+
+echo ""
+echo "✅ Monitoring des logs démarré avec succès !"
+echo ""
+echo "🌐 Accès aux services :"
+echo "   - Grafana: http://localhost:3000 (admin/admin)"
+echo "   - Loki: http://localhost:3100"
+echo "   - Promtail: http://localhost:9080"
+echo ""
+echo "📊 Dashboard principal: http://localhost:3000/d/4nk-node-logs/4nk-node-vue-d-ensemble-des-logs"
+echo ""
+echo "📝 Pour arrêter: docker compose -f log-monitoring.yml down"
+echo "📝 Pour voir les logs: docker compose -f log-monitoring.yml logs -f"

manage_services.sh

@@ -1 +0,0 @@
-#!/bin/bash

modules/bitcoin/Dockerfile

@@ -1,8 +0,0 @@
-FROM alpine:latest
-RUN apk add --no-cache bitcoin curl
-RUN addgroup -g 1001 bitcoinuser && adduser -D -s /bin/sh -u 1001 -G bitcoinuser bitcoinuser
-RUN mkdir -p /home/bitcoin/.bitcoin/signet && chown -R bitcoinuser:bitcoinuser /home/bitcoin
-USER bitcoinuser
-WORKDIR /home/bitcoin
-EXPOSE 38333 18443 29000
-CMD ["bitcoind", "-signet", "-conf=/home/bitcoin/bitcoin.conf"]

modules/bitcoin/conf/bitcoin.conf.exemple

@@ -0,0 +1,19 @@
+listen=1
+daemon=1
+
+[signet]
+whitelist=download@bitcoin.4nk.local
+txindex=1
+proxy=tor.4nk.local:9050
+listenonion=1
+signetchallenge=0020341c43803863c252df326e73574a27d7e19322992061017b0dc893e2eab90821
+addnode=6xi33lwwslsx3yi3f7c56wnqtdx4v73vj2up3prrwebpwbz6qisnqbyd.onion:38333
+addnode=d6i546e2sjezhyy2eupyc2wqtbgjnkubcjd4prhqurtlmp7nsp6yxqyd.onion:38333
+
+fallbackfee=0.0001
+
+zmqpubrawblock=tcp://bitcoin.4nk.local:29000
+zmqpubrawtx=tcp://bitcoin.4nk.local:29000
+zmqpubhashblock=tcp://bitcoin.4nk.local:29000
+
+blockfilterindex=1

modules/blindbit/Dockerfile

@@ -1,15 +0,0 @@
-FROM rust:1.75-alpine AS builder
-WORKDIR /app
-RUN apk add --no-cache musl-dev openssl-dev pkgconfig
-COPY Cargo.toml ./
-COPY src ./src
-RUN cargo build --release
-
-FROM alpine:3.19 AS runtime
-WORKDIR /home/bitcoin
-RUN adduser -D blindbit && \
-    mkdir -p /home/bitcoin/.bitcoin && chown -R blindbit:blindbit /home/bitcoin
-COPY --from=builder /app/target/release/blindbit /usr/local/bin/blindbit
-EXPOSE 8000
-USER blindbit
-CMD ["/usr/local/bin/blindbit", "--config", "/home/bitcoin/blindbit.toml"]

modules/blindbit/conf/blindbit.toml

@@ -0,0 +1,50 @@
+# 0.0.0.0:8000 to expose outside of localhost
+# default: "127.0.0.1:8000"
+host = "blindbit.4nk.local:8000"
+
+# Defines on which chain the wallet runs. Allowed values: main, testnet, signet, regtest.
+# default: signet
+chain = "signet"
+
+# default: http://bitcoin.4nk.local:8332
+rpc_endpoint = "http://bitcoin.4nk.local:38332"
+
+# required, unless rpc_user and rpc_pass are set
+cookie_path = "$HOME/.bitcoin/signet/.cookie"
+
+# required, unless cookie_path is set
+rpc_pass = ""
+
+# required, unless cookie_path is set
+rpc_user = ""
+
+# required (has to be >= 1)
+sync_start_height = 1
+
+# the default for this is 1, but should be set to a higher value to increase performance,
+# one should set this in accordance to how many cores one wants to use
+max_parallel_tweak_computations = 4
+
+# (depends on max-rpc-workers of the underlying full node)
+max_parallel_requests = 4
+
+# optional - will only generate tweaks (still both cut-through and full-index)
+# default: 0
+tweaks_only = 0
+
+# The base index. Only includes the tweaks. No dust filtering or cut-through possible
+# default: 1
+tweaks_full_basic = 1
+
+# if this is set a full non-cut-through index will be created.
+# This index can be used to filter for dust (?dustLimit=). If this is active the base index will not be created.
+# All full index queries will be served from this with or without (?dustLimit=) set in the query.
+# default 0
+tweaks_full_with_dust_filter = 0
+
+# This index applies cut-through and dust filtering.
+# Beware that it will be stored in addition to any full index (with or without dust) if activated.
+# It has more storage requirements than the simple indices.
+# Currently still requires tweaks_only=0.
+# default: 0
+tweaks_cut_through_with_dust_filter = 0

modules/blindbit/conf/blindbit.toml.exemple

@@ -0,0 +1,50 @@
+# 0.0.0.0:8000 to expose outside of localhost
+# default: "127.0.0.1:8000"
+host = "blindbit.4nk.local:8000"
+
+# Defines on which chain the wallet runs. Allowed values: main, testnet, signet, regtest.
+# default: signet
+chain = "signet"
+
+# default: http://bitcoin.4nk.local:8332
+rpc_endpoint = "http://bitcoin.4nk.local:38332"
+
+# required, unless rpc_user and rpc_pass are set
+cookie_path = "$HOME/.bitcoin/signet/.cookie"
+
+# required, unless cookie_path is set
+rpc_pass = ""
+
+# required, unless cookie_path is set
+rpc_user = ""
+
+# required (has to be >= 1)
+sync_start_height = 1
+
+# the default for this is 1, but should be set to a higher value to increase performance,
+# one should set this in accordance to how many cores one wants to use
+max_parallel_tweak_computations = 4
+
+# (depends on max-rpc-workers of the underlying full node)
+max_parallel_requests = 4
+
+# optional - will only generate tweaks (still both cut-through and full-index)
+# default: 0
+tweaks_only = 0
+
+# The base index. Only includes the tweaks. No dust filtering or cut-through possible
+# default: 1
+tweaks_full_basic = 1
+
+# if this is set a full non-cut-through index will be created.
+# This index can be used to filter for dust (?dustLimit=). If this is active the base index will not be created.
+# All full index queries will be served from this with or without (?dustLimit=) set in the query.
+# default 0
+tweaks_full_with_dust_filter = 0
+
+# This index applies cut-through and dust filtering.
+# Beware that it will be stored in addition to any full index (with or without dust) if activated.
+# It has more storage requirements than the simple indices.
+# Currently still requires tweaks_only=0.
+# default: 0
+tweaks_cut_through_with_dust_filter = 0

modules/ihm_client/Dockerfile

@@ -1,44 +0,0 @@
-# Dockerfile: construction des artefacts (dist/) sans serveur — Nginx géré par 4NK_node
-FROM node:20-alpine AS builder
-
-WORKDIR /app
-
-# Installation des dépendances système
-RUN apk update && apk add --no-cache \
-    git \
-    build-base \
-    python3 \
-    make \
-    g++ \
-    curl \
-    ca-certificates
-
-# Copie des fichiers de dépendances
-COPY package*.json ./
-
-# Installation des dépendances (inclut les devDependencies nécessaires au build)
-RUN npm install
-
-# Copie du code source
-COPY . .
-
-# Préparation des dépendances wasm (pkg/sdk_client)
-ARG SDK_CLIENT_PKG_URL=""
-ARG SDK_CLIENT_PKG_TARBALL=""
-ARG SDK_CLIENT_PKG_BASE="https://git.4nkweb.com/4nk/ihm_client/raw/branch/docker-support/pkg"
-ENV SDK_CLIENT_PKG_URL=${SDK_CLIENT_PKG_URL}
-ENV SDK_CLIENT_PKG_TARBALL=${SDK_CLIENT_PKG_TARBALL}
-ENV SDK_CLIENT_PKG_BASE=${SDK_CLIENT_PKG_BASE}
-RUN chmod +x ./scripts/setup-remote-deps.sh && npm run build_wasm
-
-# Build de l'application
-RUN npm run build
-
-# Stage artefacts uniquement (pas de serveur ici)
-FROM alpine:3.19 AS dist
-WORKDIR /opt/ihm_client
-COPY --from=builder /app/dist ./dist
-COPY --from=builder /app/package*.json ./
-
-# Conteneur neutre (aucun port exposé, artefacts montables dans 4NK_node)
-CMD ["sh", "-c", "echo 'dist prêt dans /opt/ihm_client/dist'; tail -f /dev/null"]

modules/ihm_client/conf/.env.exemple

@@ -0,0 +1,16 @@
+
+[PROD]
+U32_MAX=4294967295
+BASEURL="http://ihm-client.4nk.local"
+BOOTSTRAPURL=["http://sdk-relay1.4nk.local:8090"]
+STORAGEURL="http://sdk-storage.4nk.local/storage"
+BLINDBITURL="http://blindbit.4nk.local:8000"
+DEFAULTAMOUNT=1000
+
+[DEV]
+U32_MAX=4294967295
+BASEURL="http://ihm-client.4nk.local"
+BOOTSTRAPURL=["http://sdk-relay1.4nk.local:8090"]
+STORAGEURL="http://sdk-storage.4nk.local/storage"
+BLINDBITURL="http://blindbit.4nk.local:8000"
+DEFAULTAMOUNT=1000

modules/ihm_client/conf/config.ts

@@ -0,0 +1,7 @@
+const U32_MAX = import.meta.env.U32_MAX;
+const BASEURL = import.meta.env.DEV.BASEURL;
+const BOOTSTRAPURL = import.meta.env.DEV.BOOTSTRAPURL;
+const STORAGEURL = import.meta.env.DEV.STORAGEURL;
+const BLINDBITURL = import.meta.env.DEV.BLINDBITURL;
+const DEFAULTAMOUNT = import.meta.env.DEV.DEFAULTAMOUNT;
+const EMPTY32BYTES = import.meta.env.DEV.EMPTY32BYTES;

modules/ihm_client/conf/config.ts.exemple

@@ -0,0 +1,7 @@
+const U32_MAX = import.meta.env.U32_MAX;
+const BASEURL = import.meta.env.DEV.BASEURL;
+const BOOTSTRAPURL = import.meta.env.DEV.BOOTSTRAPURL;
+const STORAGEURL = import.meta.env.DEV.STORAGEURL;
+const BLINDBITURL = import.meta.env.DEV.BLINDBITURL;
+const DEFAULTAMOUNT = import.meta.env.DEV.DEFAULTAMOUNT;
+const EMPTY32BYTES = import.meta.env.DEV.EMPTY32BYTES;

modules/sdk_relay1/Dockerfile

@@ -1,46 +0,0 @@
-FROM rust:1.75-alpine AS builder
-
-# Install build dependencies
-RUN apk add --no-cache musl-dev openssl-dev
-
-# Set working directory
-WORKDIR /app
-
-# Copy source code
-COPY . .
-
-# Build the application
-RUN cargo build --release
-
-# Runtime stage
-FROM alpine:latest
-
-# Install runtime dependencies
-RUN apk add --no-cache libgcc
-
-# Create app user
-RUN addgroup -g 1001 appuser && adduser -D -s /bin/sh -u 1001 -G appuser appuser
-
-# Set working directory
-WORKDIR /app
-
-# Copy binary from builder
-COPY --from=builder /app/target/release/sdk_relay /usr/local/bin/sdk_relay
-
-# Configuration file will be mounted via docker-compose
-
-# Set permissions
-RUN chown -R appuser:appuser /app
-
-# Switch to app user
-USER appuser
-
-# Expose ports
-EXPOSE 8090 8091
-
-# Health check
-HEALTHCHECK --interval=30s --timeout=10s --start-period=40s --retries=3 \
-  CMD wget --quiet --tries=1 --timeout=5 --spider http://localhost:8091 || exit 1
-
-# Run the application
-CMD ["/usr/local/bin/sdk_relay"]

modules/sdk_relay1/conf/sdk_relay1.conf.exemple

@@ -0,0 +1,6 @@
+core_url="http://bitcoin.4nk.local:38332"
+ws_url="sdk-relay1.4nk.local:8090"
+wallet_name="default"
+network="signet"
+blindbit_url="http://blindbit.4nk.local:8000"
+zmq_url="tcp://bitcoin.4nk.local:29000"

modules/sdk_relay2/Dockerfile

@@ -1,46 +0,0 @@
-FROM rust:1.75-alpine AS builder
-
-# Install build dependencies
-RUN apk add --no-cache musl-dev openssl-dev
-
-# Set working directory
-WORKDIR /app
-
-# Copy source code
-COPY . .
-
-# Build the application
-RUN cargo build --release
-
-# Runtime stage
-FROM alpine:latest
-
-# Install runtime dependencies
-RUN apk add --no-cache libgcc
-
-# Create app user
-RUN addgroup -g 1001 appuser && adduser -D -s /bin/sh -u 1001 -G appuser appuser
-
-# Set working directory
-WORKDIR /app
-
-# Copy binary from builder
-COPY --from=builder /app/target/release/sdk_relay /usr/local/bin/sdk_relay
-
-# Configuration file will be mounted via docker-compose
-
-# Set permissions
-RUN chown -R appuser:appuser /app
-
-# Switch to app user
-USER appuser
-
-# Expose ports
-EXPOSE 8090 8091
-
-# Health check
-HEALTHCHECK --interval=30s --timeout=10s --start-period=40s --retries=3 \
-  CMD wget --quiet --tries=1 --timeout=5 --spider http://localhost:8091 || exit 1
-
-# Run the application
-CMD ["/usr/local/bin/sdk_relay"]

modules/sdk_relay2/conf/sdk_relay2.conf.exemple

@@ -0,0 +1,6 @@
+core_url="http://bitcoin.4nk.local:38332"
+ws_url="sdk-relay2.4nk.local:8090"
+wallet_name="default"
+network="signet"
+blindbit_url="http://blindbit.4nk.local:8000"
+zmq_url="tcp://bitcoin.4nk.local:29000"

modules/sdk_relay3/Dockerfile

@@ -1,46 +0,0 @@
-FROM rust:1.75-alpine AS builder
-
-# Install build dependencies
-RUN apk add --no-cache musl-dev openssl-dev
-
-# Set working directory
-WORKDIR /app
-
-# Copy source code
-COPY . .
-
-# Build the application
-RUN cargo build --release
-
-# Runtime stage
-FROM alpine:latest
-
-# Install runtime dependencies
-RUN apk add --no-cache libgcc
-
-# Create app user
-RUN addgroup -g 1001 appuser && adduser -D -s /bin/sh -u 1001 -G appuser appuser
-
-# Set working directory
-WORKDIR /app
-
-# Copy binary from builder
-COPY --from=builder /app/target/release/sdk_relay /usr/local/bin/sdk_relay
-
-# Configuration file will be mounted via docker-compose
-
-# Set permissions
-RUN chown -R appuser:appuser /app
-
-# Switch to app user
-USER appuser
-
-# Expose ports
-EXPOSE 8090 8091
-
-# Health check
-HEALTHCHECK --interval=30s --timeout=10s --start-period=40s --retries=3 \
-  CMD wget --quiet --tries=1 --timeout=5 --spider http://localhost:8091 || exit 1
-
-# Run the application
-CMD ["/usr/local/bin/sdk_relay"]

modules/sdk_relay3/conf/sdk_relay3.conf.exemple

@@ -0,0 +1,6 @@
+core_url="http://bitcoin.4nk.local:38332"
+ws_url="sdk-relay3.4nk.local:8090"
+wallet_name="default"
+network="signet"
+blindbit_url="http://blindbit.4nk.local:8000"
+zmq_url="tcp://bitcoin.4nk.local:29000"

modules/sdk_signer/Dockerfile

@@ -1,35 +0,0 @@
-FROM node:20-alpine AS base
-
-# Install production dependencies only by default
-ENV NODE_ENV=production
-
-WORKDIR /app
-
-# Install build dependencies
-FROM base AS deps
-ENV NODE_ENV=development
-RUN apk add --no-cache python3 make g++
-COPY package.json package-lock.json* ./
-RUN npm ci
-
-# Build TypeScript
-FROM deps AS build
-COPY tsconfig.json ./
-COPY src ./src
-COPY pkg ./pkg
-RUN npm run build
-
-# Runtime image
-FROM base AS runner
-WORKDIR /app
-ENV NODE_ENV=production
-RUN addgroup -S nodejs && adduser -S nodejs -G nodejs
-COPY --from=deps /app/node_modules ./node_modules
-COPY --from=build /app/dist ./dist
-COPY --from=build /app/pkg ./pkg
-EXPOSE 9090
-USER nodejs
-CMD ["node", "dist/index.js"]
-
-
-

modules/sdk_signer/conf/sdk_signer.conf.exemple

@@ -0,0 +1,31 @@
+# Configuration sdk_signer - Module 4NK_node
+
+# Ports
+ws_port = 9090
+http_port = 9092
+
+# URLs des services
+relay_urls = ["http://4nk-sdk-relay1:8091", "http://4nk-sdk-relay2:8093", "http://4nk-sdk-relay3:8095"]
+storage_url = "http://4nk-sdk-storage:8081"
+blindbit_url = "http://4nk-blindbit:8000"
+bitcoin_rpc_url = "http://4nk-bitcoin:38332"
+
+# Authentification Bitcoin
+bitcoin_rpc_user = "bitcoin"
+bitcoin_rpc_password = "bitcoin"
+
+# Mode développement
+dev_mode = true
+debug_level = "info"
+
+# Limites de connexions
+max_connections = 100
+timeout = 30
+
+# Logging
+log_level = "info"
+log_file = "$HOME/bitcoin/logs/sdk_signer.log"
+
+# Sécurité
+enable_tls = false
+enable_auth = false

modules/sdk_storage/Dockerfile

@@ -1,19 +0,0 @@
-# syntax=docker/dockerfile:1
-
-FROM rust:1 as builder
-WORKDIR /app
-COPY Cargo.toml Cargo.lock ./
-COPY src ./src
-RUN cargo build --release
-
-FROM debian:stable-slim
-RUN useradd -m -u 10001 appuser && \
-    apt-get update && apt-get install -y ca-certificates && rm -rf /var/lib/apt/lists/*
-WORKDIR /app
-COPY --from=builder /app/target/release/sdk_storage /usr/local/bin/sdk_storage
-RUN mkdir -p /app/storage && chown -R appuser:appuser /app
-USER appuser
-EXPOSE 8081
-ENV RUST_LOG=info
-ENTRYPOINT ["/usr/local/bin/sdk_storage"]
-CMD ["--permanent"]

modules/sdk_storage/conf/sdk_storage.conf.exemple

@@ -0,0 +1,33 @@
+# Configuration sdk_storage - Module 4NK_node
+
+# Port d'écoute
+http_port = 8081
+
+# Base de données
+db_path = "$HOME/bitcoin/.4nk/storage.db"
+
+# URLs des services
+relay_urls = ["http://4nk-sdk-relay1:8091", "http://4nk-sdk-relay2:8093", "http://4nk-sdk-relay3:8095"]
+bitcoin_rpc_url = "http://4nk-bitcoin:38332"
+bitcoin_rpc_user = "bitcoin"
+bitcoin_rpc_password = "bitcoin"
+
+# Mode développement
+dev_mode = true
+debug_level = "info"
+
+# Limites de connexions
+max_connections = 100
+timeout = 30
+
+# Logging
+log_level = "info"
+log_file = "$HOME/bitcoin/logs/sdk_storage.log"
+
+# Stockage de fichiers
+file_storage_path = "$HOME/bitcoin/.4nk/files"
+max_file_size = "100MB"
+
+# Sécurité
+enable_tls = false
+enable_auth = false

modules/tor/Dockerfile

@@ -1,9 +0,0 @@
-FROM alpine:latest
-RUN apk add --no-cache tor curl
-
-RUN addgroup -g 1001 toruser && adduser -D -s /bin/sh -u 1001 -G toruser toruser
-RUN mkdir -p /var/lib/tor && chown -R toruser:toruser /var/lib/tor
-
-USER toruser
-EXPOSE 9050 9051
-CMD ["tor", "-f", "/etc/tor/torrc"]

modules/tor/conf/tor.conf.exemple

@@ -0,0 +1,16 @@
+# Configuration Tor pour 4NK_node (conteneur)
+
+# Ports d\écoute
+
+# Ports d\'écoute
+SocksPort tor.4nk.local:9050
+ControlPort tor.4nk.local:9051
+
+# Répertoires
+DataDirectory /var/lib/tor
+
+# Logs (fichier monté par docker-compose)
+Log notice file /var/log/tor/notices.log
+
+# Exécution en avant-plan dans un conteneur
+RunAsDaemon 0

modules/tor/entrypoint.sh

@@ -0,0 +1,19 @@
+#!/bin/sh
+set -e
+
+TORRC_PATH=/etc/tor/torrc
+if [ ! -f "$TORRC_PATH" ]; then
+  mkdir -p /etc/tor
+  cat > "$TORRC_PATH" << 'EOF'
+Log notice file /var/log/tor/notices.log
+DataDirectory /var/lib/tor
+SocksPort 0.0.0.0:9050
+ControlPort 9051
+EOF
+fi
+
+# Ensure permissions for Tor data directories when running as root
+chown -R 0:0 /var/lib/tor /var/log/tor /etc/tor 2>/dev/null || true
+chmod -R a+rwX /var/lib/tor /var/log/tor /etc/tor 2>/dev/null || true
+
+tor -f "$TORRC_PATH"

modules/tor/tor.conf.exemple

@@ -0,0 +1,15 @@
+# Configuration Tor simple pour 4NK_node
+# Écoute sur toutes les interfaces pour permettre la connexion depuis d'autres conteneurs
+
+# Ports SOCKS et contrôle
+SocksPort tor.4nk.local:9050
+ControlPort tor.4nk.local:9051
+
+# Répertoire de données
+DataDirectory /var/lib/tor
+
+# Logs sur stdout pour Docker
+Log notice stdout
+
+# Désactiver le mode daemon pour Docker
+RunAsDaemon 0

monitor_sync.sh

@@ -1,99 +0,0 @@
-#!/bin/bash
-
-set -e
-
-echo "🔍 Surveillance de la synchronisation entre 3 relais"
-echo "=================================================="
-echo ""
-
-# Fonction pour vérifier si Bitcoin Core a terminé l'IBD
-check_bitcoin_ready() {
-    local bitcoin_status=$(docker exec bitcoin-signet bitcoin-cli -signet getblockchaininfo 2>/dev/null | grep -o '"initialblockdownload":false' || echo "still_downloading")
-    if [[ "$bitcoin_status" == "still_downloading" ]]; then
-        return 1
-    else
-        return 0
-    fi
-}
-
-# Fonction pour afficher les logs de synchronisation
-show_sync_logs() {
-    echo "📡 Logs de synchronisation des relais :"
-    echo "----------------------------------------"
-
-    for i in {1..3}; do
-        echo "🔸 Relais $i :"
-        docker logs sdk_relay_$i 2>&1 | grep -E "(🧪|📊|🏥|📈|🔄|🎉|❌|Relay|Sync|Mesh|Topology|🔍|✅|discover|relay)" | tail -3 || echo "   Aucun message de synchronisation trouvé"
-        echo ""
-    done
-}
-
-# Fonction pour vérifier la connectivité entre relais
-check_relay_connectivity() {
-    echo "🌐 Vérification de la connectivité entre relais :"
-    echo "------------------------------------------------"
-
-    for i in {1..3}; do
-        echo "🔸 Relais $i (port $((8090 + i - 1))) :"
-        if curl -s http://localhost:$((8090 + i - 1)) >/dev/null 2>&1; then
-            echo "   ✅ Port WebSocket accessible"
-        else
-            echo "   ❌ Port WebSocket non accessible"
-        fi
-    done
-    echo ""
-}
-
-# Fonction pour afficher les métriques de synchronisation
-show_sync_metrics() {
-    echo "📊 Métriques de synchronisation :"
-    echo "--------------------------------"
-
-    for i in {1..3}; do
-        echo "🔸 Relais $i :"
-        docker logs sdk_relay_$i 2>&1 | grep -E "(SyncMetrics|known_relays|mesh_connections|sync_cache)" | tail -2 || echo "   Aucune métrique trouvée"
-        echo ""
-    done
-}
-
-# Attendre que Bitcoin Core soit prêt
-echo "⏳ Attente que Bitcoin Core termine le téléchargement initial..."
-while ! check_bitcoin_ready; do
-    echo "   Bitcoin Core télécharge encore les blocs..."
-    sleep 30
-done
-
-echo "✅ Bitcoin Core est prêt !"
-echo ""
-
-# Attendre un peu pour que les relais se stabilisent
-echo "⏳ Attente de stabilisation des relais..."
-sleep 10
-
-# Boucle de surveillance
-echo "🚀 Démarrage de la surveillance de synchronisation..."
-echo "Appuyez sur Ctrl+C pour arrêter"
-echo ""
-
-while true; do
-    clear
-    echo "🔍 Surveillance de la synchronisation entre 3 relais"
-    echo "=================================================="
-    echo "⏰ $(date)"
-    echo ""
-
-    # Vérifier la connectivité
-    check_relay_connectivity
-
-    # Afficher les logs de synchronisation
-    show_sync_logs
-
-    # Afficher les métriques
-    show_sync_metrics
-
-    echo "🔄 Actualisation dans 30 secondes..."
-    sleep 30
-done
-
-
-

projects/lecoffre-back-mini/Dockerfile

@@ -1,6 +0,0 @@
-# Dockerfile minimal pour lecoffre-back-mini (local project)
-FROM alpine:3.19
-RUN apk add --no-cache bash
-WORKDIR /app
-COPY . /app
-CMD ["bash", "-lc", "echo 'lecoffre-back-mini backend ready' && tail -f /dev/null"]

projects/lecoffre-front/Dockerfile

@@ -1,6 +0,0 @@
-FROM node:20-alpine
-WORKDIR /app
-COPY package*.json ./
-RUN npm install --silent
-COPY . .
-CMD ["node", "server.js"]

projects/lecoffre/lecoffre-back-mini/conf/.env.exemple

@@ -0,0 +1,50 @@
+# Configuration OVH
+OVH_APP_KEY=5ab0709bbb65ef26
+OVH_APP_SECRET=de1fac1779d707d263a611a557cd5766
+OVH_CONSUMER_KEY=5fe817829b8a9c780cfa2354f8312ece
+OVH_SMS_SERVICE_NAME=sms-tt802880-1
+
+# Configuration SMS Factor
+SMS_FACTOR_TOKEN=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiI4NzgzNiIsImlhdCI6MTcwMTMzOTY1Mi45NDUzOH0.GNoqLb5MDBWuniNlQjbr1PKolwxGqBZe_tf4IMObvHw
+
+#Configuration Mailchimp
+MAILCHIMP_API_KEY=md-VVfaml-ApIV4nsGgaJKl0A
+MAILCHIMP_KEY=3fa54304bc766dfd0b8043a827b28a3a-us17
+MAILCHIMP_LIST_ID=a48d9ad852
+
+#Configuration Stripe
+STRIPE_SECRET_KEY=sk_test_51OwKmMP5xh1u9BqSeFpqw0Yr15hHtFsh0pvRGaE0VERhlYtvw33ND1qiGA6Dy1DPmmV61B6BqIimlhuv7bwElhjF00PLQwD60n
+STRIPE_WEBHOOK_SECRET=
+STRIPE_STANDARD_SUBSCRIPTION_PRICE_ID=price_1P66fuP5xh1u9BqSHj0O6Uy3
+STRIPE_STANDARD_ANNUAL_SUBSCRIPTION_PRICE_ID=price_1P9NsRP5xh1u9BqSFgkUDbQY
+STRIPE_UNLIMITED_SUBSCRIPTION_PRICE_ID=price_1P66RqP5xh1u9BqSuUzkQNac
+STRIPE_UNLIMITED_ANNUAL_SUBSCRIPTION_PRICE_ID=price_1P9NpKP5xh1u9BqSApFogvUB
+
+# Configuration serveur
+APP_HOST=http://miniback.4nk.local
+PORT=8080
+
+# Configuration front-end
+NEXT_PUBLIC_4NK_URL=https://ihm-client.4nk.local
+NEXT_PUBLIC_FRONT_APP_HOST=http://coffre-front.4nk.local:3000
+NEXT_PUBLIC_IDNOT_BASE_URL=https://qual-connexion.idnot.fr
+NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT=/IdPOAuth2/authorize/idnot_idp_v1
+NEXT_PUBLIC_IDNOT_CLIENT_ID=4501646203F3EF67
+NEXT_PUBLIC_BACK_API_PROTOCOL=http
+NEXT_PUBLIC_BACK_API_HOST=miniback.4nk.local
+BACK_API_PORT=8080
+BACK_API_ROOT_URL=/api
+BACK_API_VERSION=/v1
+
+# Configuration idnot
+IDNOT_ANNUARY_BASE_URL='https://qual-api.notaires.fr/annuaire'
+IDNOT_API_KEY='ba557f84-0bf6-4dbf-844f-df2767555e3e'
+
+# Configuration PostgreSQL
+DB_HOST=
+DB_PORT=
+DB_NAME=
+DB_USER=
+DB_PASSWORD=
+
+LOG_LEVEL="debug"

projects/lecoffre/lecoffre-front/conf/.env.exemple

@@ -0,0 +1,10 @@
+EXT_PUBLIC_4NK_URL="http://ihm-client.4nk.local:3003"
+NEXT_PUBLIC_FRONT_APP_HOST="http://coffre-front.4nk.local:3000"
+NEXT_PUBLIC_IDNOT_BASE_URL="https://qual-connexion.idnot.fr"
+NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT="/IdPOAuth2/authorize/idnot_idp_v1"
+NEXT_PUBLIC_IDNOT_CLIENT_ID="4501646203F3EF67"
+NEXT_PUBLIC_BACK_API_PROTOCOL=http://
+NEXT_PUBLIC_BACK_API_HOST=miniback.4nk.local
+NEXT_PUBLIC_BACK_API_PORT=8080
+NEXT_PUBLIC_BACK_API_ROOT_URL=/api
+NEXT_PUBLIC_BACK_API_VERSION=/v1

restart_4nk_node.sh

@@ -1,480 +0,0 @@
-#!/bin/bash
-
-# =============================================================================
-# Script de Redémarrage Complet 4NK Node
-# =============================================================================
-# Date: $(date)
-# Motif: Redémarrage propre pour intégrer dev3.4nkweb.com
-# =============================================================================
-
-set -e  # Arrêter en cas d'erreur
-
-# =============================================================================
-# CONFIGURATION
-# =============================================================================
-
-# Couleurs pour l'affichage
-RED='\033[0;31m'
-GREEN='\033[0;32m'
-YELLOW='\033[1;33m'
-BLUE='\033[0;34m'
-PURPLE='\033[0;35m'
-CYAN='\033[0;36m'
-NC='\033[0m' # No Color
-
-# Configuration du projet
-PROJECT_NAME="4NK Node"
-PROJECT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-WORKSPACE_DIR="$(dirname "$PROJECT_DIR")"
-
-# Réseau Docker
-NETWORK_NAME="4nk_node_btcnet"
-
-# Images Docker
-TOR_IMAGE="dperson/torproxy:latest"
-BITCOIN_IMAGE="4nk_node_bitcoin"
-BLINDBIT_IMAGE="4nk_node_blindbit"
-RELAY_IMAGE="4nk_node_sdk_relay_1"
-
-# Volumes
-BITCOIN_VOLUME="bitcoin_data"
-BLINDBIT_VOLUME="blindbit_data"
-RELAY_1_VOLUME="sdk_relay_1_data"
-RELAY_2_VOLUME="sdk_relay_2_data"
-RELAY_3_VOLUME="sdk_relay_3_data"
-
-# Ports
-TOR_PORTS=("9050:9050" "9051:9051")
-BITCOIN_PORTS=("38333:38333" "18443:18443" "29000:29000")
-BLINDBIT_PORTS=("8000:8000")
-RELAY_1_PORTS=("8090:8090" "8091:8091")
-RELAY_2_PORTS=("8092:8090" "8093:8091")
-RELAY_3_PORTS=("8094:8090" "8095:8091")
-
-# Chemins de configuration
-BITCOIN_CONF="$PROJECT_DIR/bitcoin/bitcoin.conf"
-BLINDBIT_CONF="$PROJECT_DIR/blindbit/blindbit.toml"
-RELAY_1_CONF="$PROJECT_DIR/sdk_relay/.conf.docker.relay1"
-RELAY_2_CONF="$PROJECT_DIR/sdk_relay/.conf.docker.relay2"
-RELAY_3_CONF="$PROJECT_DIR/sdk_relay/.conf.docker.relay3"
-EXTERNAL_NODES_CONF="$PROJECT_DIR/sdk_relay/external_nodes.conf"
-
-# Variables d'environnement communes
-COMMON_ENV=(
-    "RUST_LOG=debug,bitcoincore_rpc=trace"
-    "HOME=/home/bitcoin"
-    "BITCOIN_COOKIE_PATH=/home/bitcoin/.bitcoin/signet/.cookie"
-    "ENABLE_SYNC_TEST=1"
-)
-
-# =============================================================================
-# FONCTIONS UTILITAIRES
-# =============================================================================
-
-print_header() {
-    echo -e "${BLUE}=============================================================================${NC}"
-    echo -e "${BLUE}$1${NC}"
-    echo -e "${BLUE}=============================================================================${NC}"
-}
-
-print_step() {
-    echo -e "${CYAN}🔄 $1${NC}"
-}
-
-print_success() {
-    echo -e "${GREEN}✅ $1${NC}"
-}
-
-print_warning() {
-    echo -e "${YELLOW}⚠️  $1${NC}"
-}
-
-print_error() {
-    echo -e "${RED}❌ $1${NC}"
-}
-
-print_info() {
-    echo -e "${PURPLE}ℹ️  $1${NC}"
-}
-
-wait_for_container() {
-    local container_name=$1
-    local max_attempts=${2:-30}
-    local attempt=1
-
-    print_info "Attente du démarrage de $container_name..."
-
-    while [ $attempt -le $max_attempts ]; do
-        if docker ps --format "table {{.Names}}" | grep -q "^$container_name$"; then
-            if docker ps --format "table {{.Status}}" --filter "name=$container_name" | grep -q "Up"; then
-                print_success "$container_name est démarré"
-                return 0
-            fi
-        fi
-        echo -n "."
-        sleep 2
-        ((attempt++))
-    done
-
-    print_error "Timeout: $container_name n'a pas démarré dans les temps"
-    return 1
-}
-
-check_file_exists() {
-    local file_path=$1
-    local description=$2
-
-    if [ ! -f "$file_path" ]; then
-        print_error "Fichier manquant: $description ($file_path)"
-        return 1
-    fi
-    print_success "Fichier trouvé: $description"
-    return 0
-}
-
-build_port_mapping() {
-    local ports=("$@")
-    local mapping=""
-
-    for port in "${ports[@]}"; do
-        if [ -n "$mapping" ]; then
-            mapping="$mapping -p $port"
-        else
-            mapping="-p $port"
-        fi
-    done
-
-    echo "$mapping"
-}
-
-build_env_vars() {
-    local env_vars=""
-
-    for env_var in "${COMMON_ENV[@]}"; do
-        if [ -n "$env_vars" ]; then
-            env_vars="$env_vars -e $env_var"
-        else
-            env_vars="-e $env_var"
-        fi
-    done
-
-    echo "$env_vars"
-}
-
-# =============================================================================
-# FONCTIONS PRINCIPALES
-# =============================================================================
-
-stop_all_services() {
-    print_header "ARRÊT DE TOUS LES SERVICES"
-
-    print_step "Arrêt de tous les conteneurs"
-    docker stop $(docker ps -q) 2>/dev/null || true
-
-    print_step "Arrêt de docker-compose"
-    docker-compose down -v 2>/dev/null || true
-
-    print_step "Vérification qu'aucun conteneur ne tourne"
-    if docker ps --format "table {{.Names}}" | grep -q .; then
-        print_warning "Des conteneurs sont encore en cours d'exécution"
-        docker ps
-    else
-        print_success "Aucun conteneur en cours d'exécution"
-    fi
-}
-
-cleanup_containers() {
-    print_header "NETTOYAGE COMPLET"
-
-    print_step "Suppression de tous les conteneurs"
-    local removed_containers=$(docker rm -f $(docker ps -aq) 2>/dev/null || true)
-    if [ -n "$removed_containers" ]; then
-        print_info "Conteneurs supprimés: $removed_containers"
-    else
-        print_info "Aucun conteneur à supprimer"
-    fi
-
-    print_step "Nettoyage des réseaux"
-    local removed_networks=$(docker network prune -f 2>/dev/null || true)
-    if [ -n "$removed_networks" ]; then
-        print_info "Réseaux supprimés: $removed_networks"
-    else
-        print_info "Aucun réseau à supprimer"
-    fi
-}
-
-create_network() {
-    print_header "CRÉATION DU RÉSEAU"
-
-    print_step "Création du réseau Docker: $NETWORK_NAME"
-    local network_id=$(docker network create "$NETWORK_NAME" 2>/dev/null || true)
-    if [ -n "$network_id" ]; then
-        print_success "Réseau créé: $network_id"
-    else
-        print_info "Réseau déjà existant ou erreur"
-    fi
-}
-
-start_tor() {
-    print_header "DÉMARRAGE DE TOR PROXY"
-
-    print_step "Démarrage de Tor Proxy"
-    local tor_ports=$(build_port_mapping "${TOR_PORTS[@]}")
-    local tor_container_id=$(docker run -d \
-        --name tor-proxy \
-        --network "$NETWORK_NAME" \
-        --network-alias tor \
-        $tor_ports \
-        "$TOR_IMAGE")
-
-    print_success "Tor Proxy démarré: $tor_container_id"
-    wait_for_container "tor-proxy" 10
-}
-
-start_bitcoin() {
-    print_header "DÉMARRAGE DE BITCOIN CORE"
-
-    # Vérification du fichier de configuration
-    check_file_exists "$BITCOIN_CONF" "Configuration Bitcoin"
-
-    print_step "Démarrage de Bitcoin Core"
-    local bitcoin_ports=$(build_port_mapping "${BITCOIN_PORTS[@]}")
-    local bitcoin_container_id=$(docker run -d \
-        --name bitcoin-signet \
-        --network "$NETWORK_NAME" \
-        --network-alias bitcoin \
-        $bitcoin_ports \
-        -v "$BITCOIN_VOLUME:/home/bitcoin/.bitcoin" \
-        -v "$BITCOIN_CONF:/home/bitcoin/.bitcoin/bitcoin.conf" \
-        "$BITCOIN_IMAGE")
-
-    print_success "Bitcoin Core démarré: $bitcoin_container_id"
-    wait_for_container "bitcoin-signet" 15
-}
-
-start_blindbit() {
-    print_header "DÉMARRAGE DE BLINDBIT ORACLE"
-
-    # Vérification du fichier de configuration
-    check_file_exists "$BLINDBIT_CONF" "Configuration Blindbit"
-
-    print_step "Démarrage de Blindbit Oracle"
-    local blindbit_ports=$(build_port_mapping "${BLINDBIT_PORTS[@]}")
-    local blindbit_container_id=$(docker run -d \
-        --name blindbit-oracle \
-        --network "$NETWORK_NAME" \
-        --network-alias blindbit \
-        $blindbit_ports \
-        -v "$BLINDBIT_VOLUME:/data" \
-        -v "$BLINDBIT_CONF:/data/blindbit.toml" \
-        -v "$BITCOIN_VOLUME:/home/bitcoin/.bitcoin" \
-        "$BLINDBIT_IMAGE")
-
-    print_success "Blindbit Oracle démarré: $blindbit_container_id"
-    wait_for_container "blindbit-oracle" 15
-}
-
-build_relay_image() {
-    print_header "CONSTRUCTION DE L'IMAGE SDK_RELAY"
-
-    print_step "Construction de l'image sdk_relay"
-    print_info "Cette étape peut prendre plusieurs minutes..."
-
-    if docker build -f sdk_relay/Dockerfile -t "$RELAY_IMAGE" ..; then
-        print_success "Image sdk_relay construite avec succès"
-    else
-        print_error "Échec de la construction de l'image sdk_relay"
-        exit 1
-    fi
-}
-
-start_relay() {
-    local relay_number=$1
-    local relay_name="sdk_relay_$relay_number"
-    local relay_conf_var="RELAY_${relay_number}_CONF"
-    local relay_conf="${!relay_conf_var}"
-    local relay_volume_var="RELAY_${relay_number}_VOLUME"
-    local relay_volume="${!relay_volume_var}"
-    local relay_ports_var="RELAY_${relay_number}_PORTS[@]"
-    local relay_ports=("${!relay_ports_var}")
-
-    print_header "DÉMARRAGE DE RELAY $relay_number"
-
-    # Vérification du fichier de configuration
-    check_file_exists "$relay_conf" "Configuration Relay $relay_number"
-    
-    # Vérification du fichier de configuration externe
-    check_file_exists "$EXTERNAL_NODES_CONF" "Configuration des nœuds externes"
-
-    print_step "Démarrage de $relay_name"
-    local ports_mapping=$(build_port_mapping "${relay_ports[@]}")
-    local env_vars=$(build_env_vars)
-
-    local relay_container_id=$(docker run -d \
-        --name "$relay_name" \
-        --network "$NETWORK_NAME" \
-        --network-alias "$relay_name" \
-        $ports_mapping \
-        -v "$BITCOIN_VOLUME:/home/bitcoin/.bitcoin" \
-        -v "$BITCOIN_CONF:/home/bitcoin/.bitcoin/bitcoin.conf" \
-        -v "$relay_volume:/home/bitcoin/.4nk" \
-        -v "$relay_conf:/home/bitcoin/.conf.docker" \
-        -v "$PROJECT_DIR/sdk_relay/external_nodes.conf:/home/bitcoin/.4nk/external_nodes.conf" \
-        $env_vars \
-        "$RELAY_IMAGE" \
-        /bin/sh -c "cp /home/bitcoin/.conf.docker /home/bitcoin/.conf && cp /home/bitcoin/.bitcoin/signet/.cookie /home/bitcoin/.4nk/bitcoin.cookie && chmod 600 /home/bitcoin/.4nk/bitcoin.cookie && /usr/local/bin/sdk_relay --config .conf")
-
-    print_success "$relay_name démarré: $relay_container_id"
-    wait_for_container "$relay_name" 20
-}
-
-start_all_relays() {
-    print_header "DÉMARRAGE DE TOUS LES RELAYS"
-
-    start_relay 1
-    start_relay 2
-    start_relay 3
-}
-
-verify_final_status() {
-    print_header "VÉRIFICATION FINALE"
-
-    print_step "État de tous les services"
-    docker ps
-
-    print_step "Résumé des services actifs"
-    echo -e "${GREEN}Services en cours d'exécution:${NC}"
-    docker ps --format "table {{.Names}}\t{{.Status}}\t{{.Ports}}"
-
-    print_step "Vérification des ports"
-    local expected_services=("tor-proxy" "bitcoin-signet" "blindbit-oracle" "sdk_relay_1" "sdk_relay_2" "sdk_relay_3")
-    local running_services=0
-
-    for service in "${expected_services[@]}"; do
-        if docker ps --format "table {{.Names}}" | grep -q "^$service$"; then
-            print_success "$service: ✅ En cours d'exécution"
-            ((running_services++))
-        else
-            print_error "$service: ❌ Non démarré"
-        fi
-    done
-
-    print_info "Services actifs: $running_services/${#expected_services[@]}"
-
-    if [ $running_services -eq ${#expected_services[@]} ]; then
-        print_success "Tous les services sont opérationnels !"
-    else
-        print_warning "Certains services ne sont pas démarrés"
-        exit 1
-    fi
-}
-
-show_usage() {
-    echo -e "${BLUE}Usage: $0 [OPTIONS]${NC}"
-    echo ""
-    echo -e "${CYAN}Options:${NC}"
-    echo -e "  ${GREEN}-h, --help${NC}     Afficher cette aide"
-    echo -e "  ${GREEN}-s, --stop${NC}     Arrêter tous les services"
-    echo -e "  ${GREEN}-c, --clean${NC}    Nettoyer les conteneurs"
-    echo -e "  ${GREEN}-n, --network${NC}  Créer le réseau"
-    echo -e "  ${GREEN}-t, --tor${NC}      Démarrer Tor"
-    echo -e "  ${GREEN}-b, --bitcoin${NC}  Démarrer Bitcoin"
-    echo -e "  ${GREEN}-l, --blindbit${NC} Démarrer Blindbit"
-    echo -e "  ${GREEN}-r, --relays${NC}   Démarrer les relais"
-    echo -e "  ${GREEN}-v, --verify${NC}   Vérifier le statut"
-    echo ""
-    echo -e "${CYAN}Exemples:${NC}"
-    echo -e "  ${GREEN}$0${NC}              Redémarrage complet"
-    echo -e "  ${GREEN}$0 -s${NC}           Arrêter tous les services"
-    echo -e "  ${GREEN}$0 -r${NC}           Démarrer uniquement les relais"
-    echo ""
-}
-
-# =============================================================================
-# FONCTION PRINCIPALE
-# =============================================================================
-
-main() {
-    print_header "SCRIPT DE REDÉMARRAGE COMPLET $PROJECT_NAME"
-    print_info "Répertoire de travail: $PROJECT_DIR"
-    print_info "Date: $(date)"
-
-    # Traitement des arguments
-    if [ $# -eq 0 ]; then
-        # Redémarrage complet par défaut
-        stop_all_services
-        cleanup_containers
-        create_network
-        start_tor
-        start_bitcoin
-        start_blindbit
-        build_relay_image
-        start_all_relays
-        verify_final_status
-    else
-        # Traitement des options
-        while [[ $# -gt 0 ]]; do
-            case $1 in
-                -h|--help)
-                    show_usage
-                    exit 0
-                    ;;
-                -s|--stop)
-                    stop_all_services
-                    ;;
-                -c|--clean)
-                    cleanup_containers
-                    ;;
-                -n|--network)
-                    create_network
-                    ;;
-                -t|--tor)
-                    start_tor
-                    ;;
-                -b|--bitcoin)
-                    start_bitcoin
-                    ;;
-                -l|--blindbit)
-                    start_blindbit
-                    ;;
-                -r|--relays)
-                    build_relay_image
-                    start_all_relays
-                    ;;
-                -v|--verify)
-                    verify_final_status
-                    ;;
-                *)
-                    print_error "Option inconnue: $1"
-                    show_usage
-                    exit 1
-                    ;;
-            esac
-            shift
-        done
-    fi
-
-    print_header "REDÉMARRAGE TERMINÉ"
-    print_success "L'infrastructure $PROJECT_NAME est maintenant opérationnelle !"
-    print_info "Services actifs: $(docker ps --format "table {{.Names}}" | wc -l)"
-    print_info "Ports exposés: $(docker ps --format "table {{.Ports}}" | grep -o '[0-9]*->[0-9]*' | wc -l)"
-}
-
-# =============================================================================
-# EXÉCUTION
-# =============================================================================
-
-# Vérification de Docker
-if ! command -v docker &> /dev/null; then
-    print_error "Docker n'est pas installé ou n'est pas dans le PATH"
-    exit 1
-fi
-
-# Vérification que Docker daemon est en cours d'exécution
-if ! docker info &> /dev/null; then
-    print_error "Docker daemon n'est pas en cours d'exécution"
-    exit 1
-fi
-
-# Exécution du script principal
-main "$@"

scripts/disable_nginx_docker.sh

@@ -1,16 +0,0 @@
-#!/bin/bash
-set -euo pipefail
-
-# Désactiver l'exécution de nginx docker
-CONTAINER_NAME="4nk-nginx"
-
-# Arrêter et supprimer le conteneur s'il est présent
-if docker ps -a --format '{{.Names}}' | grep -q "^${CONTAINER_NAME}$"; then
-  echo "Arrêt et suppression du conteneur Docker '$CONTAINER_NAME'..."
-  docker rm -f "$CONTAINER_NAME" >/dev/null 2>&1 || true
-  docker stop "$CONTAINER_NAME" >/dev/null 2>&1 || true
-else
-  echo "Aucun conteneur '$CONTAINER_NAME' trouvé; pas d'action nécessaire."
-fi
-
-echo "Désactivation Nginx Docker terminée."

scripts/health_after_ibd.sh

@@ -1,59 +0,0 @@
-#!/bin/bash
-set -euo pipefail
-
-BTC_CONTAINER="4nk-bitcoin"
-RELAY_CONTAINERS=("4nk-sdk-relay1" "4nk-sdk-relay2" "4nk-sdk-relay3")
-STORAGE_CONTAINER="4nk-sdk-storage"
-SIGNER_CONTAINER="4nk-sdk-signer"
-IHMSERVER_CONTAINER="4nk-node-ihm-client"
-TOR_CONTAINER="4nk-node-tor"
-NGINX_CONTAINER="4nk-nginx" # si présent
-
-# Attendre la fin de l'IBD du Bitcoin Core
-echo "Relancer les healthchecks après l'IBD terminé..."
-while true; do
-  if docker ps -q -f name="^${BTC_CONTAINER}$" >/dev/null 2>&1; then
-    INFO=$(docker exec "$BTC_CONTAINER" bitcoin-cli -signet getblockchaininfo 2>/dev/null || true)
-    if echo "$INFO" | grep -q '"initialblockdownload":false'; then
-      echo "IBD terminé sur $BTC_CONTAINER"
-      break
-    else
-      echo "IBD en cours sur $BTC_CONTAINER...";
-    fi
-  else
-    echo "Bitcoin container non trouvé, tentative de reprise..."
-  fi
-  sleep 60
-done
-
-# Redémarrer les conteneurs critiques pour relancer les healthchecks
-RESTART_LIST=("$BTC_CONTAINER" "${RELAY_CONTAINERS[@]}" "$STORAGE_CONTAINER" "$SIGNER_CONTAINER" "$IHMSERVER_CONTAINER" "$TOR_CONTAINER")
-for c in "${RESTART_LIST[@]}"; do
-  if docker ps -a | awk '{print $NF}' | tail -n +2 | grep -qx "$c"; then
-    echo "Redémarrage de $c ..."
-    docker restart "$c" >/dev/null 2>&1 || true
-  fi
-done
-
-# Vérification rapide des conteneurs
-echo "État des conteneurs après redémarrage:"
-docker ps -a
-
-# Vérifier des endpoints simples si accessibles
-echo "Vérification rapide des endpoints (si disponibles) :"
-ENDPOINTS=(
-  "http://localhost:8081/"  # storage
-  "http://localhost:8000/"  # blindbit
-  "http://localhost:9090/"  # signer
-  "http://localhost:3003/"  # ihm web
-  "http://localhost:8091/"  # relay1
-  "http://localhost:8093/"  # relay2
-  "http://localhost:8095/"  # relay3
-)
-for url in "${ENDPOINTS[@]}"; do
-  if curl -sS --max-time 5 "$url" >/dev/null 2>&1; then
-    echo "OK: $url reachable"
-  else
-    echo "WARN: $url not reachable"
-  fi
-done

scripts/install_loki_promtail_local.sh

@@ -1,109 +0,0 @@
-#!/bin/bash
-set -euo pipefail
-
-# Version et URLs
-LOKI_VER="2.9.0"
-PROMTAIL_VER="2.9.0"
-LOKI_URL="https://github.com/grafana/loki/releases/download/v${LOKI_VER}/loki-linux-amd64.zip"
-PROMTAIL_URL="https://github.com/grafana/loki/releases/download/v${PROMTAIL_VER}/promtail-linux-amd64.zip"
-
-# Détection Distro et dépendances
-if [ -f /etc/os-release ]; then
-  . /etc/os-release
-fi
-OS_ID=${ID:-debian}
-
-sudo apt-get update
-sudo apt-get install -y curl unzip
-
-# Installer Loki
-sudo mkdir -p /usr/local/bin /etc/loki /var/lib/loki
-sudo curl -L -o /tmp/loki-linux-amd64.zip "$LOKI_URL"
-sudo unzip -o /tmp/loki-linux-amd64.zip -d /usr/local/bin
-sudo bash -lc 'cat > /etc/systemd/system/loki.service <<EOF
-[Unit]
-Description=Loki service
-After=network-online.target
-Wants=network-online.target
-
-[Service]
-ExecStart=/usr/local/bin/loki-linux-amd64 -config.file=/etc/loki/local-config.yaml
-Restart=always
-User=root
-Group=root
-
-[Install]
-WantedBy=multi-user.target
-EOF'
-
-sudo mkdir -p /etc/loki /var/lib/loki
-sudo tee /etc/loki/local-config.yaml >/dev/null << 'EOF'
-auth_enabled: false
-server:
-  http_listen_port: 3100
-  grpc_listen_port: 9095
-ingester:
-  wal:
-    enabled: true
-storage_config:
-  boltdb:
-    directory: /var/lib/loki/chunks
-limits_config:
-  enforce_metric_name: false
-EOF
-
-sudo systemctl daemon-reload
-sudo systemctl enable loki
-sudo systemctl start loki
-
-# Installer Promtail
-sudo mkdir -p /usr/local/bin /etc/promtail /var/log/promtail
-sudo curl -L -o /tmp/promtail-linux-amd64.zip "$PROMTAIL_URL"
-sudo unzip -o /tmp/promtail-linux-amd64.zip -d /usr/local/bin
-sudo bash -lc 'cat > /etc/systemd/system/promtail.service <<EOF
-[Unit]
-Description=Promtail service
-After=network-online.target
-Wants=network-online.target
-
-[Service]
-ExecStart=/usr/local/bin/promtail-linux-amd64 -config.file=/etc/promtail/promtail.yaml
-Restart=on-failure
-
-[Install]
-WantedBy=multi-user.target
-EOF'
-
-sudo mkdir -p /etc/promtail
-sudo tee /etc/promtail/promtail.yaml >/dev/null << 'EOF'
-server:
-  http_listen_port: 9080
-positions:
-  filename: /var/log/promtail/positions.yaml
-clients:
-  - url: http://localhost:3100/loki/api/v1/push
-scrape_configs:
-  - job: grafana-logs
-    static_configs:
-      - targets: [localhost]
-        labels:
-          __path__: /home/debian/code/logs/*.log
-          job: logs
-  - job: coffre-logs
-    static_configs:
-      - targets: [localhost]
-        labels:
-          __path__: /home/debian/code/4NK_dev/4NK_node/log/*.log
-          job: coffre_logs
-EOF
-
-sudo systemctl daemon-reload
-sudo systemctl enable promtail
-sudo systemctl start promtail
-
-# Vérifications simples
-echo
-echo "Grafana Loki Promtail local install terminé. Vérifications:"
-echo " - Grafana: http://localhost:3000"
-echo " - Loki: http://localhost:3100"
-echo " - Promtail: service actif (Promtail)"

scripts/manage_auth.sh

@@ -1,177 +0,0 @@
-#!/bin/bash
-
-# Script de gestion de l'authentification et des fichiers partagés
-# pour la stack 4NK_node
-
-set -e
-
-SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-PROJECT_DIR="$(dirname "$SCRIPT_DIR")"
-
-echo "🔐 Gestion de l'authentification et des fichiers partagés 4NK_node"
-
-# Fonction pour vérifier si un conteneur est en cours d'exécution
-container_running() {
-    docker ps --format "table {{.Names}}" | grep -q "$1"
-}
-
-# Fonction pour attendre qu'un conteneur soit prêt
-wait_for_container() {
-    local container_name="$1"
-    local max_wait=60
-    local wait_time=0
-    
-    echo "⏳ Attente que le conteneur $container_name soit prêt..."
-    
-    while [ $wait_time -lt $max_wait ]; do
-        if container_running "$container_name"; then
-            echo "✅ Conteneur $container_name est prêt"
-            return 0
-        fi
-        sleep 2
-        wait_time=$((wait_time + 2))
-    done
-    
-    echo "❌ Timeout en attendant le conteneur $container_name"
-    return 1
-}
-
-# Fonction pour vérifier et créer le fichier .cookie
-setup_bitcoin_cookie() {
-    echo "🔍 Configuration du fichier .cookie Bitcoin..."
-    
-    if ! container_running "4nk-bitcoin"; then
-        echo "❌ Le conteneur Bitcoin n'est pas en cours d'exécution"
-        return 1
-    fi
-    
-    # Attendre que Bitcoin soit complètement démarré
-    wait_for_container "4nk-bitcoin"
-    sleep 10
-    
-    # Vérifier si le fichier .cookie existe
-    if docker exec 4nk-bitcoin test -f /home/bitcoin/.bitcoin/signet/.cookie; then
-        echo "✅ Fichier .cookie Bitcoin trouvé"
-        
-        # Afficher les informations du cookie
-        echo "📋 Informations du fichier .cookie :"
-        docker exec 4nk-bitcoin ls -la /home/bitcoin/.bitcoin/signet/.cookie
-        docker exec 4nk-bitcoin cat /home/bitcoin/.bitcoin/signet/.cookie | head -1
-        
-        # Vérifier les permissions
-        local perms=$(docker exec 4nk-bitcoin stat -c "%a" /home/bitcoin/.bitcoin/signet/.cookie)
-        echo "🔐 Permissions du fichier .cookie : $perms"
-        
-        # S'assurer que les permissions sont correctes (600)
-        if [ "$perms" != "600" ]; then
-            echo "🔧 Correction des permissions du fichier .cookie..."
-            docker exec 4nk-bitcoin chmod 600 /home/bitcoin/.bitcoin/signet/.cookie
-        fi
-        
-        return 0
-    else
-        echo "❌ Fichier .cookie Bitcoin non trouvé"
-        echo "📋 Logs Bitcoin récents :"
-        docker logs 4nk-bitcoin --tail 10
-        
-        return 1
-    fi
-}
-
-# Fonction pour vérifier l'accès au fichier .cookie depuis d'autres services
-verify_cookie_access() {
-    echo "🔍 Vérification de l'accès au fichier .cookie depuis d'autres services..."
-    
-    local services=("4nk-blindbit" "4nk-sdk-relay1" "4nk-sdk-relay2" "4nk-sdk-relay3" "4nk-sdk-storage" "4nk-sdk-signer")
-    
-    for service in "${services[@]}"; do
-        if container_running "$service"; then
-            echo "🔍 Vérification de $service..."
-            
-            if docker exec "$service" test -f /home/bitcoin/.bitcoin/signet/.cookie; then
-                echo "✅ $service peut accéder au fichier .cookie"
-                
-                # Vérifier les permissions
-                local perms=$(docker exec "$service" stat -c "%a" /home/bitcoin/.bitcoin/signet/.cookie)
-                echo "   Permissions : $perms"
-                
-                # Vérifier la lisibilité
-                if docker exec "$service" test -r /home/bitcoin/.bitcoin/signet/.cookie; then
-                    echo "   ✅ Fichier lisible"
-                else
-                    echo "   ❌ Fichier non lisible"
-                fi
-            else
-                echo "❌ $service ne peut pas accéder au fichier .cookie"
-            fi
-        else
-            echo "⏸️  $service n'est pas en cours d'exécution"
-        fi
-    done
-}
-
-# Fonction pour tester la connectivité RPC
-test_rpc_connectivity() {
-    echo "🔍 Test de la connectivité RPC..."
-    
-    if ! container_running "4nk-bitcoin"; then
-        echo "❌ Bitcoin n'est pas en cours d'exécution"
-        return 1
-    fi
-    
-    # Attendre que Bitcoin soit prêt
-    sleep 5
-    
-    # Test de la connectivité RPC via curl
-    echo "📡 Test de la connectivité RPC via HTTP..."
-    if docker exec 4nk-bitcoin curl -s --connect-timeout 5 http://localhost:18443 > /dev/null 2>&1; then
-        echo "✅ Connectivité RPC HTTP OK"
-        return 0
-    else
-        echo "❌ Connectivité RPC HTTP échouée"
-        return 1
-    fi
-}
-
-# Fonction pour afficher le statut des volumes partagés
-show_shared_volumes() {
-    echo "🔍 Statut des volumes partagés..."
-    
-    echo "📊 Volumes Docker :"
-    docker volume ls | grep 4nk_node || echo "Aucun volume 4nk_node trouvé"
-    
-    echo "📊 Volumes partagés dans docker-compose :"
-    if [ -f "$PROJECT_DIR/docker-compose.yml" ]; then
-        grep -A 5 -B 5 "shared_auth" "$PROJECT_DIR/docker-compose.yml" || echo "Volume shared_auth non trouvé"
-    fi
-}
-
-# Fonction principale
-main() {
-    case "${1:-all}" in
-        "cookie")
-            setup_bitcoin_cookie
-            ;;
-        "access")
-            verify_cookie_access
-            ;;
-        "rpc")
-            test_rpc_connectivity
-            ;;
-        "volumes")
-            show_shared_volumes
-            ;;
-        "all"|*)
-            echo "🚀 Exécution de toutes les vérifications..."
-            setup_bitcoin_cookie
-            verify_cookie_access
-            test_rpc_connectivity
-            show_shared_volumes
-            ;;
-    esac
-    
-    echo "✅ Gestion de l'authentification terminée"
-}
-
-# Exécution du script
-main "$@"

scripts/sdk_relay/add_external_node.sh

@@ -4,7 +4,7 @@ set -e
 
 # Configuration
 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-CONFIG_FILE="$SCRIPT_DIR/sdk_relay/external_nodes.conf"
+CONFIG_FILE="$SCRIPT_DIR/external_nodes.conf"
 
 # Couleurs pour l'affichage
 RED='\033[0;31m'

tests/RELEASE_NOTES.md

@@ -0,0 +1,4 @@
+# Release tests 1.1.3 - 2025-09-07
+
+- Ajout des notes de tests pour la release 1.1.3.
+- Synchronisation des notes de release avec docs/RELEASE_NOTES.md.