# ⚙️ Guide de Configuration - 4NK Node Guide complet pour configurer l'infrastructure 4NK Node selon vos besoins. ## 📋 Configuration Générale ### 1. Variables d'Environnement Créer un fichier `.env` à la racine du projet : ### 2. Configuration Réseau #### Réseau Docker Personnalisé #### Configuration de Pare-feu ## 🔧 Configuration Bitcoin Core ### 1. Configuration de Base ### 2. Configuration Avancée #### Sécurité ## 🔧 Configuration SSL/TLS ### 1. Certificat Auto-Signé ```bash # Générer un certificat auto-signé openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes # Configurer nginx comme proxy SSL cat > nginx.conf << EOF server { listen 443 ssl; server_name your-domain.com; ssl_certificate cert.pem; ssl_certificate_key key.pem; ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384; ssl_prefer_server_ciphers off; location / { proxy_pass http://localhost:8090; proxy_http_version 1.1; proxy_set_header Upgrade \$http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host \$host; proxy_set_header X-Real-IP \$remote_addr; proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto \$scheme; } } EOF ``` ### 2. Certificat Let's Encrypt ```bash # Installer certbot sudo apt install certbot python3-certbot-nginx # Obtenir un certificat sudo certbot --nginx -d your-domain.com # Configuration automatique sudo certbot renew --dry-run ``` ## 🔧 Configuration de Monitoring ### 1. Prometheus ```yaml # docker-compose.yml addition services: prometheus: image: prom/prometheus:latest container_name: prometheus ports: - "9090:9090" volumes: - ./prometheus.yml:/etc/prometheus/prometheus.yml - prometheus_data:/prometheus command: - '--config.file=/etc/prometheus/prometheus.yml' - '--storage.tsdb.path=/prometheus' - '--web.console.libraries=/etc/prometheus/console_libraries' - '--web.console.templates=/etc/prometheus/consoles' - '--storage.tsdb.retention.time=200h' - '--web.enable-lifecycle' grafana: image: grafana/grafana:latest container_name: grafana ports: - "3000:3000" volumes: - grafana_data:/var/lib/grafana environment: - GF_SECURITY_ADMIN_PASSWORD=admin volumes: prometheus_data: grafana_data: ``` ### 2. Configuration Prometheus Fichier : `prometheus.yml` ```yaml global: scrape_interval: 15s evaluation_interval: 15s rule_files: # - "first_rules.yml" # - "second_rules.yml" scrape_configs: - job_name: 'bitcoin' static_configs: - targets: ['bitcoin:18443'] - job_name: 'blindbit' static_configs: - targets: ['blindbit:8000'] - job_name: 'sdk_relay' static_configs: - targets: ['sdk_relay_1:8091'] ``` ## 🔧 Configuration de Sauvegarde ### 1. Script de Sauvegarde ```bash #!/bin/bash # backup_4nk.sh DATE=$(date +%Y%m%d_%H%M%S) BACKUP_DIR="/backup/4nk_node_$DATE" mkdir -p $BACKUP_DIR ``` ### 2. Configuration Cron ```bash # Ajouter au cron pour sauvegarde automatique ``` ## 🔧 Configuration de Logs ### 1. Rotation des Logs ```bash # Configuration logrotate ``` ### 2. Centralisation des Logs ```yaml # docker-compose.yml addition services: elasticsearch: image: docker.elastic.co/elasticsearch/elasticsearch:7.17.0 container_name: elasticsearch environment: - discovery.type=single-node ports: - "9200:9200" volumes: - elasticsearch_data:/usr/share/elasticsearch/data kibana: image: docker.elastic.co/kibana/kibana:7.17.0 container_name: kibana ports: - "5601:5601" depends_on: - elasticsearch filebeat: image: docker.elastic.co/beats/filebeat:7.17.0 container_name: filebeat volumes: - /var/lib/docker/containers:/var/lib/docker/containers:ro - ./filebeat.yml:/usr/share/filebeat/filebeat.yml:ro depends_on: - elasticsearch volumes: elasticsearch_data: ``` ## 📝 Checklist de Configuration ## 🎯 Commandes de Configuration ---