From 5ff468bc848f0fa8d70b852664b6f8a27ce4e255 Mon Sep 17 00:00:00 2001 From: 4NK Dev Date: Sun, 5 Oct 2025 13:53:38 +0000 Subject: [PATCH] =?UTF-8?q?feat:=20Syst=C3=A8me=20de=20templates=20automat?= =?UTF-8?q?is=C3=A9=20v2.0.0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Introduction du système de templates avec séparation templates/storage - Scripts de génération automatisée pour toutes les configurations - Résolution multi-passes des variables imbriquées - API simplifiée qui lit uniquement storage/ (plus de traitement de variables) - Documentation complète du nouveau système - Support des services externes (BOOTSTRAP, LECOFFRE_BACK_MINI) - Protection des templates sources et isolation des environnements --- CHANGELOG.md | 52 ++ README.md | 71 +- docs/api-specification.md | 4 +- docs/templates-system.md | 303 +++++++ storage/dev/.env.auto | 744 +++++++++--------- ...rtificator.json => _4NK-certificator.json} | 10 +- .../{4NK-miner.json => _4NK-miner.json} | 10 +- .../{4NK-vault.json => _4NK-vault.json} | 10 +- ...K-web-status.json => _4NK-web-status.json} | 10 +- .../grafana/dashboards/bitcoin.json | 8 +- .../grafana/dashboards/blindbit-oracle.json | 8 +- .../grafana/dashboards/grafana.json | 8 +- .../grafana/dashboards/ihm-client.json | 8 +- .../grafana/dashboards/lecoffre-front.json | 8 +- .../4NK_modules/grafana/dashboards/loki.json | 8 +- .../4NK_modules/grafana/dashboards/ngnix.json | 8 +- .../grafana/dashboards/postgresql.json | 8 +- .../grafana/dashboards/promtail.json | 8 +- .../4NK_modules/grafana/dashboards/redis.json | 8 +- .../grafana/dashboards/sdk-relay.json | 8 +- .../grafana/dashboards/sdk-storage.json | 8 +- .../grafana/dashboards/services-overview.json | 2 +- .../4NK_modules/grafana/dashboards/tor.json | 8 +- storage/dev/4NK_modules/promtail/promtail.yml | 344 +++++--- storage/dev/_4NK_modules/bitcoin/bitcoin.conf | 45 ++ .../dashboards/bitcoin-miner-detailed.json | 399 ++++++++++ .../grafana/dashboards/bitcoin-miner.json | 160 ++++ .../grafana/dashboards/bitcoin-services.json | 532 +++++++++++++ .../grafana/dashboards/blindbit-oracle.json | 328 +++----- .../grafana/dashboards/frontend-services.json | 532 +++++++++++++ .../grafana/dashboards/lecoffre-overview.json | 252 ++++++ .../grafana/dashboards/sdk-services.json | 594 ++++++++++++++ .../grafana/dashboards/services-overview.json | 313 +++++++- .../dev/_4NK_modules/loki/loki-config.yaml | 76 ++ .../dev/_4NK_modules/promtail/promtail.yml | 343 ++------ storage/dev/_4NK_modules/sdk_relay/.conf | 16 + storage/dev/docker-compose.yml.auto | 578 +++++++------- storage/dev/logrotade/_4nk_certificator.conf | 4 +- storage/dev/logrotade/_4nk_miner.conf | 4 +- storage/dev/logrotade/_4nk_vault.conf | 4 +- storage/dev/logrotade/_4nk_web_status.conf | 4 +- storage/dev/logrotade/bitcoin.conf | 4 +- storage/dev/logrotade/blindbit_oracle.conf | 4 +- storage/dev/logrotade/grafana.conf | 4 +- storage/dev/logrotade/ihm_client.conf | 4 +- storage/dev/logrotade/lecoffre_front.conf | 4 +- storage/dev/logrotade/loki.conf | 4 +- storage/dev/logrotade/ngnix.conf | 4 +- storage/dev/logrotade/postgresql.conf | 4 +- storage/dev/logrotade/promtail.conf | 4 +- storage/dev/logrotade/redis.conf | 4 +- storage/dev/logrotade/sdk_relay.conf | 4 +- storage/dev/logrotade/sdk_storage.conf | 4 +- storage/dev/logrotade/tor.conf | 4 +- storage/dev/nginx/BITCOIN_https.conf | 20 +- storage/dev/nginx/BLINDBIT_ORACLE_https.conf | 20 +- storage/dev/nginx/GRAFANA_https.conf | 20 +- storage/dev/nginx/IHM_CLIENT_https.conf | 20 +- storage/dev/nginx/LECOFFRE_FRONT_https.conf | 20 +- storage/dev/nginx/LOKI_https.conf | 20 +- storage/dev/nginx/NGNIX_https.conf | 20 +- storage/dev/nginx/POSTGRESQL_https.conf | 20 +- storage/dev/nginx/PROMTAIL_https.conf | 20 +- storage/dev/nginx/REDIS_https.conf | 20 +- storage/dev/nginx/SDK_RELAY_https.conf | 20 +- storage/dev/nginx/SDK_STORAGE_https.conf | 20 +- storage/dev/nginx/TOR_https.conf | 20 +- .../dev/nginx/_4NK_CERTIFICATOR_https.conf | 20 +- storage/dev/nginx/_4NK_MINER_https.conf | 20 +- storage/dev/nginx/_4NK_VAULT_https.conf | 20 +- storage/dev/nginx/_4NK_WEB_STATUS_https.conf | 20 +- storage/dev/nginx/app-internal-ports.conf | 238 +++--- .../nginx/nginx_dev4.4NKweb.com-https.conf | 244 +++--- .../nginx/nginx_dev4.4nkweb.com-https.conf | 244 +++--- .../nginx/nginx_dev4._4NKweb.com-https.conf | 312 ++++---- storage/dev/nginx/proxy_headers.conf | 20 +- storage/dev/nginx/upstreams.conf | 92 +-- storage/dev/test_generate.sh | 207 ----- templates/.gitkeep | 2 + templates/README.md | 242 ++++++ {storage => templates}/dev/.env | 4 +- .../dev/.env secrets.example | 0 templates/dev/.env.auto | 491 ++++++++++++ {storage => templates}/dev/.env.post | 0 templates/dev/.env.secrets | 21 + templates/dev/.gitkeep | 1 + {storage => templates}/dev/README.md | 0 .../dev/_4NK_modules/4NK_certificator/.env | 20 + .../_4NK_modules/4NK_certificator/.gitkeep | 1 + .../4NK_certificator/certificator.toml | 33 + templates/dev/_4NK_modules/4NK_miner/.env | 4 + templates/dev/_4NK_modules/4NK_miner/.gitkeep | 1 + .../dev/_4NK_modules/4NK_web_status/.gitkeep | 1 + templates/dev/_4NK_modules/bitcoin/.gitkeep | 1 + .../dev/_4NK_modules/bitcoin/bitcoin.conf | 45 ++ .../dev/_4NK_modules/blindbit-oracle/.gitkeep | 1 + .../blindbit-oracle/blindbit.toml | 18 + templates/dev/_4NK_modules/grafana/.env | 6 + templates/dev/_4NK_modules/grafana/.gitkeep | 1 + .../_4NK_modules/grafana/dashboards/.gitkeep | 0 .../dashboards/bitcoin-miner-detailed.json | 399 ++++++++++ .../grafana/dashboards/bitcoin-miner.json | 160 ++++ .../grafana/dashboards/bitcoin-services.json | 532 +++++++++++++ .../grafana/dashboards/blindbit-oracle.json | 192 +++++ .../grafana/dashboards/frontend-services.json | 532 +++++++++++++ .../grafana/dashboards/lecoffre-overview.json | 252 ++++++ .../grafana/dashboards/sdk-services.json | 594 ++++++++++++++ .../grafana/dashboards/services-overview.json | 418 ++++++++++ .../dev/_4NK_modules/grafana/grafana.ini | 57 ++ templates/dev/_4NK_modules/ihm_client/.env | 7 + .../dev/_4NK_modules/ihm_client/.gitkeep | 1 + templates/dev/_4NK_modules/loki/.env | 1 + templates/dev/_4NK_modules/loki/.gitkeep | 1 + .../dev/_4NK_modules/loki/loki-config.yaml | 76 ++ templates/dev/_4NK_modules/promtail/.env | 1 + templates/dev/_4NK_modules/promtail/.gitkeep | 1 + .../dev/_4NK_modules/promtail/promtail.yml | 107 +++ templates/dev/_4NK_modules/redis/.gitkeep | 1 + templates/dev/_4NK_modules/sdk_relay/.conf | 16 + templates/dev/_4NK_modules/sdk_relay/.env | 14 + templates/dev/_4NK_modules/sdk_relay/.gitkeep | 1 + .../dev/_4NK_modules/sdk_signer/.gitkeep | 1 + templates/dev/_4NK_modules/sdk_storage/.env | 10 + .../dev/_4NK_modules/sdk_storage/.gitkeep | 1 + templates/dev/_4NK_modules/tor-proxy/.gitkeep | 1 + templates/dev/_4NK_modules/tor-proxy/torrc | 18 + templates/dev/docker-compose.yml.auto | 535 +++++++++++++ {storage => templates}/dev/generate.sh | 29 +- .../dev/generate_grafana_dashboards.sh | 14 +- .../dev/generate_logrotate_configs.sh | 0 .../dev/generate_nginx_configs.sh | 0 .../dev/generate_promtail_config.sh | 12 +- .../dev/generate_variables.sh | 44 +- templates/dev/git/.env | 4 + templates/dev/git/.gitkeep | 1 + .../dev/logrotade/_4nk_certificator.conf | 13 + templates/dev/logrotade/_4nk_miner.conf | 13 + templates/dev/logrotade/_4nk_vault.conf | 13 + templates/dev/logrotade/_4nk_web_status.conf | 13 + templates/dev/logrotade/bitcoin.conf | 13 + templates/dev/logrotade/blindbit_oracle.conf | 13 + templates/dev/logrotade/grafana.conf | 13 + templates/dev/logrotade/ihm_client.conf | 13 + templates/dev/logrotade/lecoffre_front.conf | 13 + templates/dev/logrotade/loki.conf | 13 + templates/dev/logrotade/ngnix.conf | 13 + templates/dev/logrotade/postgresql.conf | 13 + templates/dev/logrotade/promtail.conf | 13 + templates/dev/logrotade/redis.conf | 13 + templates/dev/logrotade/sdk_relay.conf | 13 + templates/dev/logrotade/sdk_storage.conf | 13 + templates/dev/logrotade/tor.conf | 13 + templates/dev/monitoring/.env | 4 + templates/dev/monitoring/.gitkeep | 0 templates/dev/monitoring/monitoring.conf | 30 + templates/dev/nginx/BITCOIN_https.conf | 43 + .../dev/nginx/BLINDBIT_ORACLE_https.conf | 43 + templates/dev/nginx/GRAFANA_https.conf | 43 + templates/dev/nginx/IHM_CLIENT_https.conf | 43 + templates/dev/nginx/LECOFFRE_FRONT_https.conf | 43 + templates/dev/nginx/LOKI_https.conf | 43 + templates/dev/nginx/NGNIX_https.conf | 43 + templates/dev/nginx/POSTGRESQL_https.conf | 43 + templates/dev/nginx/PROMTAIL_https.conf | 43 + templates/dev/nginx/REDIS_https.conf | 43 + templates/dev/nginx/SDK_RELAY_https.conf | 43 + templates/dev/nginx/SDK_STORAGE_https.conf | 43 + templates/dev/nginx/TOR_https.conf | 43 + .../dev/nginx/_4NK_CERTIFICATOR_https.conf | 43 + templates/dev/nginx/_4NK_MINER_https.conf | 43 + templates/dev/nginx/_4NK_VAULT_https.conf | 43 + .../dev/nginx/_4NK_WEB_STATUS_https.conf | 43 + templates/dev/nginx/app-internal-ports.conf | 360 +++++++++ .../nginx/nginx_dev4.4NKweb.com-https.conf | 711 +++++++++++++++++ .../nginx/nginx_dev4.4nkweb.com-https.conf | 711 +++++++++++++++++ .../nginx/nginx_dev4._4NKweb.com-https.conf | 711 +++++++++++++++++ templates/dev/nginx/proxy_headers.conf | 29 + templates/dev/nginx/upstreams.conf | 102 +++ templates/dev/nginx/validate_templates.sh | 73 ++ .../projects/lecoffre/docker-compose.yml.auto | 502 ++++++++++++ .../lecoffre/lecoffre-back-mini/.gitkeep | 1 + .../dev/projects/lecoffre/lecoffre-front/.env | 29 + .../projects/lecoffre/lecoffre-front/.gitkeep | 1 + .../dev/projects/lecoffre/lecoffre_node/.env | 151 ++++ .../projects/lecoffre/lecoffre_node/.gitkeep | 1 + .../lecoffre/lecoffre_node/docker-compose.yml | 339 ++++++++ .../lecoffre_node/docker-compose.yml.auto | 502 ++++++++++++ templates/dev/replace_variables_and_copy.sh | 327 ++++++++ templates/dev/supervisor/.gitkeep | 1 + templates/dev/supervisor/supervisord.conf | 50 ++ 190 files changed, 15720 insertions(+), 2390 deletions(-) create mode 100644 docs/templates-system.md rename storage/dev/4NK_modules/grafana/dashboards/{4NK-certificator.json => _4NK-certificator.json} (93%) rename storage/dev/4NK_modules/grafana/dashboards/{4NK-miner.json => _4NK-miner.json} (93%) rename storage/dev/4NK_modules/grafana/dashboards/{4NK-vault.json => _4NK-vault.json} (93%) rename storage/dev/4NK_modules/grafana/dashboards/{4NK-web-status.json => _4NK-web-status.json} (93%) create mode 100644 storage/dev/_4NK_modules/bitcoin/bitcoin.conf create mode 100644 storage/dev/_4NK_modules/grafana/dashboards/bitcoin-miner-detailed.json create mode 100644 storage/dev/_4NK_modules/grafana/dashboards/bitcoin-miner.json create mode 100644 storage/dev/_4NK_modules/grafana/dashboards/bitcoin-services.json create mode 100644 storage/dev/_4NK_modules/grafana/dashboards/frontend-services.json create mode 100644 storage/dev/_4NK_modules/grafana/dashboards/lecoffre-overview.json create mode 100644 storage/dev/_4NK_modules/grafana/dashboards/sdk-services.json create mode 100644 storage/dev/_4NK_modules/loki/loki-config.yaml create mode 100644 storage/dev/_4NK_modules/sdk_relay/.conf delete mode 100755 storage/dev/test_generate.sh create mode 100644 templates/.gitkeep create mode 100644 templates/README.md rename {storage => templates}/dev/.env (97%) rename {storage => templates}/dev/.env secrets.example (100%) create mode 100644 templates/dev/.env.auto rename {storage => templates}/dev/.env.post (100%) create mode 100644 templates/dev/.env.secrets create mode 100644 templates/dev/.gitkeep rename {storage => templates}/dev/README.md (100%) create mode 100644 templates/dev/_4NK_modules/4NK_certificator/.env create mode 100644 templates/dev/_4NK_modules/4NK_certificator/.gitkeep create mode 100644 templates/dev/_4NK_modules/4NK_certificator/certificator.toml create mode 100644 templates/dev/_4NK_modules/4NK_miner/.env create mode 100644 templates/dev/_4NK_modules/4NK_miner/.gitkeep create mode 100644 templates/dev/_4NK_modules/4NK_web_status/.gitkeep create mode 100644 templates/dev/_4NK_modules/bitcoin/.gitkeep create mode 100644 templates/dev/_4NK_modules/bitcoin/bitcoin.conf create mode 100644 templates/dev/_4NK_modules/blindbit-oracle/.gitkeep create mode 100644 templates/dev/_4NK_modules/blindbit-oracle/blindbit.toml create mode 100644 templates/dev/_4NK_modules/grafana/.env create mode 100644 templates/dev/_4NK_modules/grafana/.gitkeep create mode 100644 templates/dev/_4NK_modules/grafana/dashboards/.gitkeep create mode 100644 templates/dev/_4NK_modules/grafana/dashboards/bitcoin-miner-detailed.json create mode 100644 templates/dev/_4NK_modules/grafana/dashboards/bitcoin-miner.json create mode 100644 templates/dev/_4NK_modules/grafana/dashboards/bitcoin-services.json create mode 100644 templates/dev/_4NK_modules/grafana/dashboards/blindbit-oracle.json create mode 100644 templates/dev/_4NK_modules/grafana/dashboards/frontend-services.json create mode 100644 templates/dev/_4NK_modules/grafana/dashboards/lecoffre-overview.json create mode 100644 templates/dev/_4NK_modules/grafana/dashboards/sdk-services.json create mode 100644 templates/dev/_4NK_modules/grafana/dashboards/services-overview.json create mode 100644 templates/dev/_4NK_modules/grafana/grafana.ini create mode 100644 templates/dev/_4NK_modules/ihm_client/.env create mode 100644 templates/dev/_4NK_modules/ihm_client/.gitkeep create mode 100644 templates/dev/_4NK_modules/loki/.env create mode 100644 templates/dev/_4NK_modules/loki/.gitkeep create mode 100644 templates/dev/_4NK_modules/loki/loki-config.yaml create mode 100644 templates/dev/_4NK_modules/promtail/.env create mode 100644 templates/dev/_4NK_modules/promtail/.gitkeep create mode 100644 templates/dev/_4NK_modules/promtail/promtail.yml create mode 100644 templates/dev/_4NK_modules/redis/.gitkeep create mode 100644 templates/dev/_4NK_modules/sdk_relay/.conf create mode 100644 templates/dev/_4NK_modules/sdk_relay/.env create mode 100644 templates/dev/_4NK_modules/sdk_relay/.gitkeep create mode 100644 templates/dev/_4NK_modules/sdk_signer/.gitkeep create mode 100644 templates/dev/_4NK_modules/sdk_storage/.env create mode 100644 templates/dev/_4NK_modules/sdk_storage/.gitkeep create mode 100644 templates/dev/_4NK_modules/tor-proxy/.gitkeep create mode 100644 templates/dev/_4NK_modules/tor-proxy/torrc create mode 100644 templates/dev/docker-compose.yml.auto rename {storage => templates}/dev/generate.sh (89%) rename {storage => templates}/dev/generate_grafana_dashboards.sh (96%) rename {storage => templates}/dev/generate_logrotate_configs.sh (100%) rename {storage => templates}/dev/generate_nginx_configs.sh (100%) rename {storage => templates}/dev/generate_promtail_config.sh (90%) rename {storage => templates}/dev/generate_variables.sh (65%) create mode 100644 templates/dev/git/.env create mode 100644 templates/dev/git/.gitkeep create mode 100644 templates/dev/logrotade/_4nk_certificator.conf create mode 100644 templates/dev/logrotade/_4nk_miner.conf create mode 100644 templates/dev/logrotade/_4nk_vault.conf create mode 100644 templates/dev/logrotade/_4nk_web_status.conf create mode 100644 templates/dev/logrotade/bitcoin.conf create mode 100644 templates/dev/logrotade/blindbit_oracle.conf create mode 100644 templates/dev/logrotade/grafana.conf create mode 100644 templates/dev/logrotade/ihm_client.conf create mode 100644 templates/dev/logrotade/lecoffre_front.conf create mode 100644 templates/dev/logrotade/loki.conf create mode 100644 templates/dev/logrotade/ngnix.conf create mode 100644 templates/dev/logrotade/postgresql.conf create mode 100644 templates/dev/logrotade/promtail.conf create mode 100644 templates/dev/logrotade/redis.conf create mode 100644 templates/dev/logrotade/sdk_relay.conf create mode 100644 templates/dev/logrotade/sdk_storage.conf create mode 100644 templates/dev/logrotade/tor.conf create mode 100644 templates/dev/monitoring/.env create mode 100644 templates/dev/monitoring/.gitkeep create mode 100644 templates/dev/monitoring/monitoring.conf create mode 100644 templates/dev/nginx/BITCOIN_https.conf create mode 100644 templates/dev/nginx/BLINDBIT_ORACLE_https.conf create mode 100644 templates/dev/nginx/GRAFANA_https.conf create mode 100644 templates/dev/nginx/IHM_CLIENT_https.conf create mode 100644 templates/dev/nginx/LECOFFRE_FRONT_https.conf create mode 100644 templates/dev/nginx/LOKI_https.conf create mode 100644 templates/dev/nginx/NGNIX_https.conf create mode 100644 templates/dev/nginx/POSTGRESQL_https.conf create mode 100644 templates/dev/nginx/PROMTAIL_https.conf create mode 100644 templates/dev/nginx/REDIS_https.conf create mode 100644 templates/dev/nginx/SDK_RELAY_https.conf create mode 100644 templates/dev/nginx/SDK_STORAGE_https.conf create mode 100644 templates/dev/nginx/TOR_https.conf create mode 100644 templates/dev/nginx/_4NK_CERTIFICATOR_https.conf create mode 100644 templates/dev/nginx/_4NK_MINER_https.conf create mode 100644 templates/dev/nginx/_4NK_VAULT_https.conf create mode 100644 templates/dev/nginx/_4NK_WEB_STATUS_https.conf create mode 100644 templates/dev/nginx/app-internal-ports.conf create mode 100644 templates/dev/nginx/nginx_dev4.4NKweb.com-https.conf create mode 100644 templates/dev/nginx/nginx_dev4.4nkweb.com-https.conf create mode 100644 templates/dev/nginx/nginx_dev4._4NKweb.com-https.conf create mode 100644 templates/dev/nginx/proxy_headers.conf create mode 100644 templates/dev/nginx/upstreams.conf create mode 100755 templates/dev/nginx/validate_templates.sh create mode 100644 templates/dev/projects/lecoffre/docker-compose.yml.auto create mode 100644 templates/dev/projects/lecoffre/lecoffre-back-mini/.gitkeep create mode 100644 templates/dev/projects/lecoffre/lecoffre-front/.env create mode 100644 templates/dev/projects/lecoffre/lecoffre-front/.gitkeep create mode 100644 templates/dev/projects/lecoffre/lecoffre_node/.env create mode 100644 templates/dev/projects/lecoffre/lecoffre_node/.gitkeep create mode 100644 templates/dev/projects/lecoffre/lecoffre_node/docker-compose.yml create mode 100644 templates/dev/projects/lecoffre/lecoffre_node/docker-compose.yml.auto create mode 100755 templates/dev/replace_variables_and_copy.sh create mode 100644 templates/dev/supervisor/.gitkeep create mode 100644 templates/dev/supervisor/supervisord.conf diff --git a/CHANGELOG.md b/CHANGELOG.md index 7d7969a..5bd665d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,58 @@ Toutes les modifications notables de ce projet seront documentées dans ce fichi Le format est basé sur [Keep a Changelog](https://keepachangelog.com/fr/1.0.0/), et ce projet adhère au [Semantic Versioning](https://semver.org/lang/fr/). +## [2.0.0] - 2024-12-XX + +### 🔄 Modifié + +#### Architecture Majeure +- **Système de templates automatisé** : Introduction d'un workflow de génération automatisé +- **Séparation des responsabilités** : `templates/` pour les sources, `storage/` pour les fichiers finaux +- **API simplifiée** : L'API ne lit plus que `storage/` et ne traite plus les variables d'environnement +- **Génération automatisée** : Scripts de génération pour toutes les configurations + +#### Scripts de Génération +- **`generate.sh`** : Script principal d'orchestration de tous les processus de génération +- **`generate_variables.sh`** : Génération automatisée des variables d'environnement et Docker Compose +- **`generate_grafana_dashboards.sh`** : Génération automatique des dashboards Grafana +- **`generate_promtail_config.sh`** : Génération de la configuration Promtail +- **`generate_logrotate_configs.sh`** : Génération des configurations logrotate +- **`generate_nginx_configs.sh`** : Génération des configurations nginx +- **`replace_variables_and_copy.sh`** : Résolution multi-passes des variables et copie vers storage/ + +#### Résolution des Variables +- **Résolution multi-passes** : Jusqu'à 5 passes pour résoudre les variables imbriquées +- **Chargement séquentiel** : `.env.secrets` → `.env` → `.env.auto` → `.env.post` +- **Export explicite** : Toutes les variables sont explicitement exportées +- **Protection renforcée** : Contre les dépendances circulaires et les boucles infinies + +### 🚀 Ajouté + +#### Nouveau Système de Templates +- **Structure `templates/`** : Templates sources avec variables (`$VARIABLE`) +- **Génération automatisée** : Création automatique de toutes les configurations +- **Support des services externes** : BOOTSTRAP, LECOFFRE_BACK_MINI +- **Variables composites** : Support des variables imbriquées complexes + +#### Documentation +- **`docs/templates-system.md`** : Documentation complète du système de templates +- **Workflow de génération** : Guide détaillé des processus de génération +- **Exemples d'utilisation** : Cas d'usage et bonnes pratiques + +### 🔒 Sécurité + +#### Isolation Renforcée +- **Protection des templates** : Les fichiers `templates/` ne sont jamais modifiés par l'API +- **Isolation des environnements** : Chaque environnement a ses propres templates et configurations +- **Fichiers sensibles** : Les `.env.secrets` ne sont jamais copiés dans `storage/` + +### 📈 Performance + +#### Optimisations +- **Fichiers pré-traités** : L'API lit directement les fichiers avec variables résolues +- **Pas de traitement en temps réel** : Élimination du traitement de variables par l'API +- **Génération par batch** : Traitement groupé de toutes les configurations + ## [1.2.0] - 2024-01-XX ### 🚀 Ajouté diff --git a/README.md b/README.md index 6c9e153..83b8105 100644 --- a/README.md +++ b/README.md @@ -28,10 +28,10 @@ API HTTPS sécurisée avec authentification par clés utilisateur et chiffrement - **Isolation par environnement** (dev, prod, etc.) ### Variables d'environnement -- **Résolution automatique** des variables `$VAR` et `${VAR}` -- **Résolution récursive** des dépendances entre variables -- **Chargement du fichier `.env` principal** uniquement -- **Traitement en mémoire** (fichiers originaux non modifiés) +- **Génération automatisée** des variables depuis les templates +- **Résolution multi-passes** des variables imbriquées (`$VAR` et `${VAR}`) +- **Chargement séquentiel** : `.env.secrets`, `.env`, `.env.auto`, `.env.post` +- **Traitement en mémoire** avec résolution récursive - **Protection contre les dépendances circulaires** ## 📋 Endpoints @@ -97,6 +97,21 @@ source venv_api/bin/activate pip install -r requirements.txt ``` +### Génération des configurations +```bash +# Générer toutes les configurations depuis les templates +cd templates/dev +./generate.sh + +# Ou manuellement étape par étape +./generate_variables.sh # Génère les variables d'environnement +./generate_grafana_dashboards.sh # Génère les dashboards Grafana +./generate_promtail_config.sh # Génère la configuration Promtail +./generate_logrotate_configs.sh # Génère les configurations logrotate +./generate_nginx_configs.sh # Génère les configurations nginx +./replace_variables_and_copy.sh # Résout les variables et copie vers storage/ +``` + ### Démarrage ```bash # Démarrer l'API sécurisée @@ -128,10 +143,11 @@ python3 test_api.py - **Compatibilité API/SDK** avec `@noble/ciphers` ### Variables d'environnement -- **Résolution automatique** avant chiffrement -- **Support des syntaxes** `$VAR` et `${VAR}` -- **Dépendances récursives** résolues automatiquement -- **Protection contre les boucles** infinies +- **Système de templates automatisé** : génération et résolution des variables +- **Support des syntaxes** `$VAR` et `${VAR}` avec résolution multi-passes +- **Dépendances récursives** résolues automatiquement (jusqu'à 5 passes) +- **Protection contre les boucles** infinies et dépendances circulaires +- **Workflow automatisé** : templates → génération → résolution → stockage ### Stockage - **Isolation par environnement** : `storage//_keys/` @@ -142,25 +158,38 @@ python3 test_api.py ``` 4NK_vault/ -├── api_server.py # Serveur sécurisé principal avec EnvProcessor +├── api_server.py # Serveur sécurisé principal (lit storage/) ├── start_api.sh # Script de démarrage sécurisé ├── test_api.py # Tests de l'API sécurisée ├── requirements.txt # Dépendances Python ├── SECURITY_NOTICE.md # Avertissements de sécurité -├── storage/ # Fichiers de configuration (lecture seule) +├── templates/ # Templates sources avec variables ($VAR) │ ├── dev/ -│ │ ├── .env # Variables d'environnement principales +│ │ ├── generate.sh # Script principal d'orchestration +│ │ ├── generate_variables.sh # Génération des variables d'environnement +│ │ ├── generate_grafana_dashboards.sh # Génération des dashboards Grafana +│ │ ├── generate_promtail_config.sh # Génération de la config Promtail +│ │ ├── generate_logrotate_configs.sh # Génération des configs logrotate +│ │ ├── generate_nginx_configs.sh # Génération des configs nginx +│ │ ├── replace_variables_and_copy.sh # Résolution des variables + copie +│ │ ├── .env.secrets # Variables sensibles +│ │ ├── .env # Variables principales +│ │ ├── .env.post # Variables finales/composites +│ │ ├── _4NK_modules/ # Modules avec configurations +│ │ ├── 4NK_modules/ # Modules générés (Grafana, Promtail) +│ │ ├── logrotade/ # Configurations logrotate +│ │ └── nginx/ # Configurations nginx +│ └── prod/ # Templates pour l'environnement de production +├── storage/ # Fichiers finaux avec variables résolues (lecture seule par API) +│ ├── dev/ +│ │ ├── .env.auto # Variables générées avec valeurs résolues +│ │ ├── docker-compose.yml.auto # Docker Compose avec variables résolues │ │ ├── _keys/ # Clés utilisateur (auto-créé) -│ │ ├── bitcoin/ # Configurations avec variables résolues -│ │ ├── tor/ # Configurations avec variables résolues -│ │ └── [autres services]/ -│ └── prod/ -│ ├── _keys/ # Clés utilisateur (auto-créé) -│ └── [configurations]/ -├── confs/ # Fichiers déchiffrés synchronisés (auto-créé) -│ ├── bitcoin/ # Configurations avec variables résolues -│ ├── tor/ # Configurations avec variables résolues -│ └── [autres services]/ +│ │ ├── _4NK_modules/ # Configurations avec variables résolues +│ │ ├── 4NK_modules/ # Modules générés avec variables résolues +│ │ ├── logrotade/ # Configurations logrotate avec variables résolues +│ │ └── nginx/ # Configurations nginx avec variables résolues +│ └── prod/ # Fichiers finaux pour la production ├── sdk-client/ # Client TypeScript avec chiffrement │ ├── src/ │ │ └── index.ts # Client sécurisé avec @noble/ciphers diff --git a/docs/api-specification.md b/docs/api-specification.md index 5380765..0086094 100644 --- a/docs/api-specification.md +++ b/docs/api-specification.md @@ -2,7 +2,7 @@ ## 🔐 Vue d'ensemble -L'API 4NK Vault Secure est un système de stockage sécurisé avec authentification par clés utilisateur, chiffrement quantique résistant et traitement automatique des variables d'environnement. +L'API 4NK Vault Secure est un système de stockage sécurisé avec authentification par clés utilisateur, chiffrement quantique résistant. Les fichiers sont pré-traités avec variables d'environnement résolues via le système de templates automatisé. ## 📋 Informations générales @@ -14,7 +14,7 @@ L'API 4NK Vault Secure est un système de stockage sécurisé avec authentificat | **Version** | 2.0.0 | | **Authentification** | Header `X-User-ID` obligatoire | | **Chiffrement** | ChaCha20-Poly1305 (quantum-résistant) | -| **Variables d'environnement** | Résolution automatique `$VAR` et `${VAR}` | +| **Variables d'environnement** | Fichiers pré-traités avec variables résolues | ## 🔑 Authentification diff --git a/docs/templates-system.md b/docs/templates-system.md new file mode 100644 index 0000000..3a7b6bb --- /dev/null +++ b/docs/templates-system.md @@ -0,0 +1,303 @@ +# Système de Templates et Génération Automatisée + +## 🎯 Vue d'ensemble + +Le système de templates de 4NK Vault permet de générer automatiquement toutes les configurations nécessaires à partir de templates sources avec variables d'environnement. Cette approche garantit la cohérence, la maintenabilité et la sécurité des configurations. + +## 🏗️ Architecture du Système + +### Workflow de Génération + +``` +templates// → Génération → storage// +├── .env.secrets → Scripts → ├── .env.auto +├── .env → de génération → ├── docker-compose.yml.auto +├── .env.post → → ├── _4NK_modules/ +├── _4NK_modules/ → → ├── 4NK_modules/ +├── 4NK_modules/ → → ├── logrotade/ +└── nginx/ → → └── nginx/ +``` + +### Séparation des Responsabilités + +- **`templates/`** : Fichiers sources avec variables (`$VARIABLE`) +- **`storage/`** : Fichiers finaux avec variables résolues (lecture seule par API) +- **Scripts de génération** : Orchestrent la création et la résolution des variables + +## 📋 Scripts de Génération + +### 1. Script Principal : `generate.sh` + +Orchestrateur principal qui exécute tous les scripts de génération dans l'ordre correct. + +```bash +cd templates/dev +./generate.sh +``` + +**Étapes d'exécution :** +1. Génération des variables d'environnement +2. Génération des dashboards Grafana +3. Génération de la configuration Promtail +4. Génération des configurations logrotate +5. Génération des configurations nginx +6. Résolution des variables et copie vers storage/ + +### 2. Génération des Variables : `generate_variables.sh` + +Génère les variables d'environnement et le fichier Docker Compose à partir des services définis. + +**Fonctionnalités :** +- Génération des variables internes pour chaque service +- Génération des variables externes (URLs, ports) +- Création du fichier `docker-compose.yml.auto` +- Support des services externes (BOOTSTRAP, LECOFFRE_BACK_MINI) + +**Variables générées par service :** +```bash +${SERVICE}_DOCKER_NAME=$SERVICE +${SERVICE}_CONFS_DIR=$DOCKER_GLOBAL/confs/$SERVICE +${SERVICE}_LOGS_DIR=$DOCKER_GLOBAL/logs/$SERVICE +${SERVICE}_DATAS_DIR=$DOCKER_GLOBAL/datas/$SERVICE +${SERVICE}_URL_ROUTE=/$SERVICE +${SERVICE}_URL=http://$SERVICE_DOCKER_NAME:$SERVICE_DOCKER_PORT +${SERVICE}_URL_EXTERNAL=https://$HOST$SERVICE_URL_ROUTE +``` + +### 3. Génération Grafana : `generate_grafana_dashboards.sh` + +Génère automatiquement les dashboards Grafana pour tous les services. + +**Types de dashboards :** +- **Services Overview** : Vue d'ensemble de tous les services +- **Bitcoin Services** : Dashboards spécialisés Bitcoin +- **Frontend Services** : Dashboards pour les interfaces utilisateur +- **SDK Services** : Dashboards pour les services SDK + +### 4. Génération Promtail : `generate_promtail_config.sh` + +Génère la configuration Promtail pour la collecte de logs. + +**Fonctionnalités :** +- Configuration automatique des jobs de collecte +- Support des logs Docker et fichiers locaux +- Variables dynamiques pour les chemins de logs + +### 5. Génération Logrotate : `generate_logrotate_configs.sh` + +Génère les configurations logrotate pour tous les services. + +**Fonctionnalités :** +- Rotation automatique des logs +- Compression et archivage +- Redémarrage des services après rotation + +### 6. Génération Nginx : `generate_nginx_configs.sh` + +Génère les configurations nginx pour tous les services. + +**Types de configurations :** +- Upstreams pour les services +- Configurations HTTPS +- Headers proxy +- Ports internes + +### 7. Résolution des Variables : `replace_variables_and_copy.sh` + +**Fonctionnalités principales :** +- Chargement séquentiel des fichiers `.env` +- Résolution multi-passes des variables imbriquées +- Copie des fichiers traités vers `storage/` + +**Ordre de chargement :** +1. `.env.secrets` - Variables sensibles +2. `.env` - Variables principales +3. `.env.auto` - Variables générées (avec résolution) +4. `.env.post` - Variables finales (avec résolution) + +**Résolution multi-passes :** +- Jusqu'à 5 passes pour résoudre les variables imbriquées +- Protection contre les dépendances circulaires +- Export explicite de toutes les variables + +## 🔧 Configuration des Variables + +### Structure des Fichiers d'Environnement + +#### `.env.secrets` +Variables sensibles (clés API, mots de passe, etc.) +```bash +# Variables sensibles +API_SECRET_KEY=secret_value +DATABASE_PASSWORD=password +``` + +#### `.env` +Variables principales du système +```bash +# Configuration de base +ROOT_DIR=/home/debian/_4NK_env +DOMAIN=_4NKweb.com +HOST=dev4.$DOMAIN + +# Services +export SERVICES=( + "REDIS" + "POSTGRESQL" + "BITCOIN" + # ... +) + +# Services externes +export SERVICES_EXTERNAL=( + "BOOTSTRAP" + "LECOFFRE_BACK_MINI" +) +``` + +#### `.env.post` +Variables composites et finales +```bash +# URLs composites +SDK_RELAY_BOOSTRAP_URL=$BOOTSTRAP_URL_WS_EXTERNAL +RELAY_URLS=$SDK_RELAY_URL,$SDK_RELAY_BOOSTRAP_URL +BITCOIN_RPC_URL=http://$BITCOIN_DOCKER_NAME:$BITCOIN_SIGNET_RPC_PORT +``` + +### Résolution des Variables + +#### Exemple de Résolution Complexe + +**Variables de base :** +```bash +ROOT_DIR=/home/debian/_4NK_env +DOCKER_GLOBAL_NAME=projects/lecoffre/lecoffre_node +BITCOIN=bitcoin +``` + +**Variables intermédiaires :** +```bash +DOCKER_GLOBAL=$ROOT_DIR/$DOCKER_GLOBAL_NAME +``` + +**Variables finales :** +```bash +BITCOIN_DATAS_DIR=$DOCKER_GLOBAL/datas/$BITCOIN +``` + +**Résultat final :** +```bash +BITCOIN_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/bitcoin +``` + +## 🚀 Utilisation + +### Génération Complète + +```bash +# Générer toutes les configurations +cd templates/dev +./generate.sh +``` + +### Génération Partielle + +```bash +# Générer seulement les variables +./generate_variables.sh + +# Générer seulement les dashboards Grafana +./generate_grafana_dashboards.sh + +# Résoudre les variables et copier +./replace_variables_and_copy.sh +``` + +### Vérification + +```bash +# Vérifier les variables résolues +cd storage/dev +grep "datadir" _4NK_modules/bitcoin/bitcoin.conf +# Résultat: datadir=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/bitcoin + +# Vérifier les URLs externes +grep "BOOTSTRAP_URL_WS_EXTERNAL" .env.auto +# Résultat: BOOTSTRAP_URL_WS_EXTERNAL=wss://dev3._4NKweb.com:3006/ws +``` + +## 🔒 Sécurité + +### Protection des Templates + +- Les fichiers dans `templates/` ne sont jamais modifiés par l'API +- Seuls les fichiers dans `storage/` sont accessibles via l'API +- Les fichiers `.env.secrets` ne sont jamais copiés dans `storage/` + +### Isolation des Environnements + +- Chaque environnement (`dev`, `prod`) a ses propres templates +- Variables d'environnement isolées par environnement +- Pas de fuite de données entre environnements + +## 🛠️ Maintenance + +### Ajout d'un Nouveau Service + +1. **Ajouter le service dans `.env` :** +```bash +export SERVICES=( + "REDIS" + "POSTGRESQL" + "NOUVEAU_SERVICE" # Ajouter ici + # ... +) +``` + +2. **Définir les variables du service :** +```bash +NOUVEAU_SERVICE=nouveau_service +NOUVEAU_SERVICE_IMAGE=image:tag +NOUVEAU_SERVICE_PORT=8080:8080 +``` + +3. **Régénérer les configurations :** +```bash +cd templates/dev +./generate.sh +``` + +### Modification des Variables + +1. **Modifier les fichiers appropriés** dans `templates/dev/` +2. **Régénérer les configurations :** +```bash +cd templates/dev +./generate.sh +``` + +3. **Vérifier les résultats** dans `storage/dev/` + +## 📊 Monitoring + +### Logs de Génération + +Les scripts de génération fournissent des logs détaillés : +- Nombre de variables chargées +- Fichiers traités et copiés +- Erreurs de résolution des variables + +### Validation + +- Vérification automatique des variables non résolues +- Protection contre les dépendances circulaires +- Validation des chemins et permissions + +## 🔄 Intégration avec l'API + +L'API 4NK Vault lit uniquement les fichiers dans `storage//` et ne traite plus les variables d'environnement. Cette séparation garantit : + +- **Performance** : Pas de traitement de variables en temps réel +- **Fiabilité** : Variables pré-résolues et validées +- **Sécurité** : Isolation entre templates et fichiers finaux +- **Maintenabilité** : Workflow de génération automatisé et reproductible diff --git a/storage/dev/.env.auto b/storage/dev/.env.auto index d54edc4..3a35fef 100644 --- a/storage/dev/.env.auto +++ b/storage/dev/.env.auto @@ -1,469 +1,491 @@ # ====== INTERNAL REDIS ====== -REDIS_DOCKER_NAME=$REDIS -REDIS_CONFS_DIR=$DOCKER_GLOBAL/confs/$REDIS -REDIS_LOGS_DIR=$DOCKER_GLOBAL/logs/$REDIS -REDIS_RUNS_DIR=$DOCKER_GLOBAL/runs/$REDIS -REDIS_DATAS_DIR=$DOCKER_GLOBAL/datas/$REDIS -REDIS_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$REDIS -REDIS_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$REDIS -REDIS_DOCKER_WORKING_DIR=/home/$REDIS +REDIS_DOCKER_NAME=redis +REDIS_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/redis +REDIS_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/redis +REDIS_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/redis +REDIS_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/redis +REDIS_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/redis +REDIS_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/redis +REDIS_DOCKER_WORKING_DIR=/home/redis -REDIS_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$REDIS -REDIS_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$REDIS -REDIS_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$REDIS -REDIS_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$REDIS -REDIS_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$REDIS -REDIS_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$REDIS -REDIS_DOCKER_WORKING_DIR=/home/$REDIS +_DOCKER_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/redis +_DOCKER_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/redis +_DOCKER_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/redis +_DOCKER_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/redis +_DOCKER_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/redis +_DOCKER_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/redis +REDIS_DOCKER_WORKING_DIR=/home/redis -REDIS_DOCKER_WORKING_DIR_CREATE="id -u $REDIS >/dev/null 2>&1 || adduser --disabled-password --gecos '' $REDIS; chown -R $REDIS:$REDIS /home/root/.$REDIS || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" -REDIS_URL_ROUTE=/$REDIS -REDIS_URL=http://\$REDIS_DOCKER_NAME:$REDIS_DOCKER_PORT -REDIS_URL_EXTERNAL=https://$HOST$REDIS_URL_ROUTE -REDIS_URL_WS=ws://\$REDIS_DOCKER_PORT -REDIS_URL_WS_EXTERNAL=wss://$HOST\ws +REDIS_DOCKER_WORKING_DIR_CREATE="id -u redis >/dev/null 2>&1 || adduser --disabled-password --gecos '' redis; chown -R redis:redis /home/root/.redis || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +_DOCKER_PORT=6379:6379 +REDIS_URL_ROUTE=/redis +_URL=http://: +REDIS_URL_EXTERNAL=https://dev4._4NKweb.com +_URL_WS=ws:// +REDIS_URL_WS_EXTERNAL=wss://dev4._4NKweb.com\ws # ====== INTERNAL POSTGRESQL ====== -POSTGRESQL_DOCKER_NAME=$POSTGRESQL -POSTGRESQL_CONFS_DIR=$DOCKER_GLOBAL/confs/$POSTGRESQL -POSTGRESQL_LOGS_DIR=$DOCKER_GLOBAL/logs/$POSTGRESQL -POSTGRESQL_RUNS_DIR=$DOCKER_GLOBAL/runs/$POSTGRESQL -POSTGRESQL_DATAS_DIR=$DOCKER_GLOBAL/datas/$POSTGRESQL -POSTGRESQL_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$POSTGRESQL -POSTGRESQL_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$POSTGRESQL -POSTGRESQL_DOCKER_WORKING_DIR=/home/$POSTGRESQL +POSTGRESQL_DOCKER_NAME=postgresql +POSTGRESQL_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/postgresql +POSTGRESQL_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/postgresql +POSTGRESQL_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/postgresql +POSTGRESQL_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/postgresql +POSTGRESQL_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/postgresql +POSTGRESQL_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/postgresql +POSTGRESQL_DOCKER_WORKING_DIR=/home/postgresql -POSTGRESQL_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$POSTGRESQL -POSTGRESQL_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$POSTGRESQL -POSTGRESQL_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$POSTGRESQL -POSTGRESQL_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$POSTGRESQL -POSTGRESQL_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$POSTGRESQL -POSTGRESQL_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$POSTGRESQL -POSTGRESQL_DOCKER_WORKING_DIR=/home/$POSTGRESQL +_DOCKER_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/postgresql +_DOCKER_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/postgresql +_DOCKER_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/postgresql +_DOCKER_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/postgresql +_DOCKER_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/postgresql +_DOCKER_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/postgresql +POSTGRESQL_DOCKER_WORKING_DIR=/home/postgresql -POSTGRESQL_DOCKER_WORKING_DIR_CREATE="id -u $POSTGRESQL >/dev/null 2>&1 || adduser --disabled-password --gecos '' $POSTGRESQL; chown -R $POSTGRESQL:$POSTGRESQL /home/root/.$POSTGRESQL || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" -POSTGRESQL_URL_ROUTE=/$POSTGRESQL -POSTGRESQL_URL=http://\$POSTGRESQL_DOCKER_NAME:$POSTGRESQL_DOCKER_PORT -POSTGRESQL_URL_EXTERNAL=https://$HOST$POSTGRESQL_URL_ROUTE -POSTGRESQL_URL_WS=ws://\$POSTGRESQL_DOCKER_PORT -POSTGRESQL_URL_WS_EXTERNAL=wss://$HOST\ws +POSTGRESQL_DOCKER_WORKING_DIR_CREATE="id -u postgresql >/dev/null 2>&1 || adduser --disabled-password --gecos '' postgresql; chown -R postgresql:postgresql /home/root/.postgresql || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +_DOCKER_PORT=5432:5432 +POSTGRESQL_URL_ROUTE=/postgresql +_URL=http://: +POSTGRESQL_URL_EXTERNAL=https://dev4._4NKweb.com +_URL_WS=ws:// +POSTGRESQL_URL_WS_EXTERNAL=wss://dev4._4NKweb.com\ws # ====== INTERNAL LOKI ====== -LOKI_DOCKER_NAME=$LOKI -LOKI_CONFS_DIR=$DOCKER_GLOBAL/confs/$LOKI -LOKI_LOGS_DIR=$DOCKER_GLOBAL/logs/$LOKI -LOKI_RUNS_DIR=$DOCKER_GLOBAL/runs/$LOKI -LOKI_DATAS_DIR=$DOCKER_GLOBAL/datas/$LOKI -LOKI_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$LOKI -LOKI_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$LOKI -LOKI_DOCKER_WORKING_DIR=/home/$LOKI +LOKI_DOCKER_NAME=loki +LOKI_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/loki +LOKI_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/loki +LOKI_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/loki +LOKI_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/loki +LOKI_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/loki +LOKI_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/loki +LOKI_DOCKER_WORKING_DIR=/home/loki -LOKI_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$LOKI -LOKI_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$LOKI -LOKI_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$LOKI -LOKI_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$LOKI -LOKI_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$LOKI -LOKI_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$LOKI -LOKI_DOCKER_WORKING_DIR=/home/$LOKI +_DOCKER_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/loki +_DOCKER_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/loki +_DOCKER_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/loki +_DOCKER_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/loki +_DOCKER_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/loki +_DOCKER_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/loki +LOKI_DOCKER_WORKING_DIR=/home/loki -LOKI_DOCKER_WORKING_DIR_CREATE="id -u $LOKI >/dev/null 2>&1 || adduser --disabled-password --gecos '' $LOKI; chown -R $LOKI:$LOKI /home/root/.$LOKI || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" -LOKI_URL_ROUTE=/$LOKI -LOKI_URL=http://\$LOKI_DOCKER_NAME:$LOKI_DOCKER_PORT -LOKI_URL_EXTERNAL=https://$HOST$LOKI_URL_ROUTE -LOKI_URL_WS=ws://\$LOKI_DOCKER_PORT -LOKI_URL_WS_EXTERNAL=wss://$HOST\ws +LOKI_DOCKER_WORKING_DIR_CREATE="id -u loki >/dev/null 2>&1 || adduser --disabled-password --gecos '' loki; chown -R loki:loki /home/root/.loki || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +_DOCKER_PORT=3100:3100 +LOKI_URL_ROUTE=/loki +_URL=http://: +LOKI_URL_EXTERNAL=https://dev4._4NKweb.com +_URL_WS=ws:// +LOKI_URL_WS_EXTERNAL=wss://dev4._4NKweb.com\ws # ====== INTERNAL PROMTAIL ====== -PROMTAIL_DOCKER_NAME=$PROMTAIL -PROMTAIL_CONFS_DIR=$DOCKER_GLOBAL/confs/$PROMTAIL -PROMTAIL_LOGS_DIR=$DOCKER_GLOBAL/logs/$PROMTAIL -PROMTAIL_RUNS_DIR=$DOCKER_GLOBAL/runs/$PROMTAIL -PROMTAIL_DATAS_DIR=$DOCKER_GLOBAL/datas/$PROMTAIL -PROMTAIL_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$PROMTAIL -PROMTAIL_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$PROMTAIL -PROMTAIL_DOCKER_WORKING_DIR=/home/$PROMTAIL +PROMTAIL_DOCKER_NAME=promtail +PROMTAIL_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/promtail +PROMTAIL_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/promtail +PROMTAIL_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/promtail +PROMTAIL_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/promtail +PROMTAIL_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/promtail +PROMTAIL_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/promtail +PROMTAIL_DOCKER_WORKING_DIR=/home/promtail -PROMTAIL_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$PROMTAIL -PROMTAIL_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$PROMTAIL -PROMTAIL_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$PROMTAIL -PROMTAIL_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$PROMTAIL -PROMTAIL_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$PROMTAIL -PROMTAIL_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$PROMTAIL -PROMTAIL_DOCKER_WORKING_DIR=/home/$PROMTAIL +_DOCKER_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/promtail +_DOCKER_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/promtail +_DOCKER_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/promtail +_DOCKER_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/promtail +_DOCKER_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/promtail +_DOCKER_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/promtail +PROMTAIL_DOCKER_WORKING_DIR=/home/promtail -PROMTAIL_DOCKER_WORKING_DIR_CREATE="id -u $PROMTAIL >/dev/null 2>&1 || adduser --disabled-password --gecos '' $PROMTAIL; chown -R $PROMTAIL:$PROMTAIL /home/root/.$PROMTAIL || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" -PROMTAIL_URL_ROUTE=/$PROMTAIL -PROMTAIL_URL=http://\$PROMTAIL_DOCKER_NAME:$PROMTAIL_DOCKER_PORT -PROMTAIL_URL_EXTERNAL=https://$HOST$PROMTAIL_URL_ROUTE -PROMTAIL_URL_WS=ws://\$PROMTAIL_DOCKER_PORT -PROMTAIL_URL_WS_EXTERNAL=wss://$HOST\ws +PROMTAIL_DOCKER_WORKING_DIR_CREATE="id -u promtail >/dev/null 2>&1 || adduser --disabled-password --gecos '' promtail; chown -R promtail:promtail /home/root/.promtail || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +_DOCKER_PORT=8090:8090 +PROMTAIL_URL_ROUTE=/promtail +_URL=http://: +PROMTAIL_URL_EXTERNAL=https://dev4._4NKweb.com +_URL_WS=ws:// +PROMTAIL_URL_WS_EXTERNAL=wss://dev4._4NKweb.com\ws # ====== INTERNAL GRAFANA ====== -GRAFANA_DOCKER_NAME=$GRAFANA -GRAFANA_CONFS_DIR=$DOCKER_GLOBAL/confs/$GRAFANA -GRAFANA_LOGS_DIR=$DOCKER_GLOBAL/logs/$GRAFANA -GRAFANA_RUNS_DIR=$DOCKER_GLOBAL/runs/$GRAFANA -GRAFANA_DATAS_DIR=$DOCKER_GLOBAL/datas/$GRAFANA -GRAFANA_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$GRAFANA -GRAFANA_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$GRAFANA -GRAFANA_DOCKER_WORKING_DIR=/home/$GRAFANA +GRAFANA_DOCKER_NAME=grafana +GRAFANA_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/grafana +GRAFANA_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/grafana +GRAFANA_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/grafana +GRAFANA_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/grafana +GRAFANA_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/grafana +GRAFANA_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/grafana +GRAFANA_DOCKER_WORKING_DIR=/home/grafana -GRAFANA_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$GRAFANA -GRAFANA_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$GRAFANA -GRAFANA_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$GRAFANA -GRAFANA_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$GRAFANA -GRAFANA_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$GRAFANA -GRAFANA_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$GRAFANA -GRAFANA_DOCKER_WORKING_DIR=/home/$GRAFANA +_DOCKER_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/grafana +_DOCKER_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/grafana +_DOCKER_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/grafana +_DOCKER_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/grafana +_DOCKER_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/grafana +_DOCKER_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/grafana +GRAFANA_DOCKER_WORKING_DIR=/home/grafana -GRAFANA_DOCKER_WORKING_DIR_CREATE="id -u $GRAFANA >/dev/null 2>&1 || adduser --disabled-password --gecos '' $GRAFANA; chown -R $GRAFANA:$GRAFANA /home/root/.$GRAFANA || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" -GRAFANA_URL_ROUTE=/$GRAFANA -GRAFANA_URL=http://\$GRAFANA_DOCKER_NAME:$GRAFANA_DOCKER_PORT -GRAFANA_URL_EXTERNAL=https://$HOST$GRAFANA_URL_ROUTE -GRAFANA_URL_WS=ws://\$GRAFANA_DOCKER_PORT -GRAFANA_URL_WS_EXTERNAL=wss://$HOST\ws +GRAFANA_DOCKER_WORKING_DIR_CREATE="id -u grafana >/dev/null 2>&1 || adduser --disabled-password --gecos '' grafana; chown -R grafana:grafana /home/root/.grafana || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +_DOCKER_PORT=3001:3001 +GRAFANA_URL_ROUTE=/grafana +_URL=http://: +GRAFANA_URL_EXTERNAL=https://dev4._4NKweb.com +_URL_WS=ws:// +GRAFANA_URL_WS_EXTERNAL=wss://dev4._4NKweb.com\ws # ====== INTERNAL NGNIX ====== -NGNIX_DOCKER_NAME=$NGNIX -NGNIX_CONFS_DIR=$DOCKER_GLOBAL/confs/$NGNIX -NGNIX_LOGS_DIR=$DOCKER_GLOBAL/logs/$NGNIX -NGNIX_RUNS_DIR=$DOCKER_GLOBAL/runs/$NGNIX -NGNIX_DATAS_DIR=$DOCKER_GLOBAL/datas/$NGNIX -NGNIX_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$NGNIX -NGNIX_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$NGNIX -NGNIX_DOCKER_WORKING_DIR=/home/$NGNIX +NGNIX_DOCKER_NAME= +NGNIX_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/ +NGNIX_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/ +NGNIX_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/ +NGNIX_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/ +NGNIX_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/ +NGNIX_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/ +NGNIX_DOCKER_WORKING_DIR=/home/ -NGNIX_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$NGNIX -NGNIX_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$NGNIX -NGNIX_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$NGNIX -NGNIX_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$NGNIX -NGNIX_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$NGNIX -NGNIX_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$NGNIX -NGNIX_DOCKER_WORKING_DIR=/home/$NGNIX +_DOCKER_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/ +_DOCKER_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/ +_DOCKER_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/ +_DOCKER_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/ +_DOCKER_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/ +_DOCKER_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/ +NGNIX_DOCKER_WORKING_DIR=/home/ -NGNIX_DOCKER_WORKING_DIR_CREATE="id -u $NGNIX >/dev/null 2>&1 || adduser --disabled-password --gecos '' $NGNIX; chown -R $NGNIX:$NGNIX /home/root/.$NGNIX || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" -NGNIX_URL_ROUTE=/$NGNIX -NGNIX_URL=http://\$NGNIX_DOCKER_NAME:$NGNIX_DOCKER_PORT -NGNIX_URL_EXTERNAL=https://$HOST$NGNIX_URL_ROUTE -NGNIX_URL_WS=ws://\$NGNIX_DOCKER_PORT -NGNIX_URL_WS_EXTERNAL=wss://$HOST\ws +NGNIX_DOCKER_WORKING_DIR_CREATE="id -u >/dev/null 2>&1 || adduser --disabled-password --gecos '' ; chown -R : /home/root/. || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +_DOCKER_PORT= +NGNIX_URL_ROUTE=/ +_URL=http://: +NGNIX_URL_EXTERNAL=https://dev4._4NKweb.com +_URL_WS=ws:// +NGNIX_URL_WS_EXTERNAL=wss://dev4._4NKweb.com\ws # ====== INTERNAL TOR ====== -TOR_DOCKER_NAME=$TOR -TOR_CONFS_DIR=$DOCKER_GLOBAL/confs/$TOR -TOR_LOGS_DIR=$DOCKER_GLOBAL/logs/$TOR -TOR_RUNS_DIR=$DOCKER_GLOBAL/runs/$TOR -TOR_DATAS_DIR=$DOCKER_GLOBAL/datas/$TOR -TOR_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$TOR -TOR_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$TOR -TOR_DOCKER_WORKING_DIR=/home/$TOR +TOR_DOCKER_NAME=tor-proxy +TOR_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/tor-proxy +TOR_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/tor-proxy +TOR_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/tor-proxy +TOR_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/tor-proxy +TOR_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/tor-proxy +TOR_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/tor-proxy +TOR_DOCKER_WORKING_DIR=/home/tor-proxy -TOR_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$TOR -TOR_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$TOR -TOR_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$TOR -TOR_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$TOR -TOR_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$TOR -TOR_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$TOR -TOR_DOCKER_WORKING_DIR=/home/$TOR +_DOCKER_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/tor-proxy +_DOCKER_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/tor-proxy +_DOCKER_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/tor-proxy +_DOCKER_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/tor-proxy +_DOCKER_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/tor-proxy +_DOCKER_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/tor-proxy +TOR_DOCKER_WORKING_DIR=/home/tor-proxy -TOR_DOCKER_WORKING_DIR_CREATE="id -u $TOR >/dev/null 2>&1 || adduser --disabled-password --gecos '' $TOR; chown -R $TOR:$TOR /home/root/.$TOR || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" -TOR_URL_ROUTE=/$TOR -TOR_URL=http://\$TOR_DOCKER_NAME:$TOR_DOCKER_PORT -TOR_URL_EXTERNAL=https://$HOST$TOR_URL_ROUTE -TOR_URL_WS=ws://\$TOR_DOCKER_PORT -TOR_URL_WS_EXTERNAL=wss://$HOST\ws +TOR_DOCKER_WORKING_DIR_CREATE="id -u tor-proxy >/dev/null 2>&1 || adduser --disabled-password --gecos '' tor-proxy; chown -R tor-proxy:tor-proxy /home/root/.tor-proxy || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +_DOCKER_PORT=9050:9050 +TOR_URL_ROUTE=/tor-proxy +_URL=http://: +TOR_URL_EXTERNAL=https://dev4._4NKweb.com +_URL_WS=ws:// +TOR_URL_WS_EXTERNAL=wss://dev4._4NKweb.com\ws # ====== INTERNAL _4NK_VAULT ====== -_4NK_VAULT_DOCKER_NAME=$_4NK_VAULT -_4NK_VAULT_CONFS_DIR=$DOCKER_GLOBAL/confs/$_4NK_VAULT -_4NK_VAULT_LOGS_DIR=$DOCKER_GLOBAL/logs/$_4NK_VAULT -_4NK_VAULT_RUNS_DIR=$DOCKER_GLOBAL/runs/$_4NK_VAULT -_4NK_VAULT_DATAS_DIR=$DOCKER_GLOBAL/datas/$_4NK_VAULT -_4NK_VAULT_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$_4NK_VAULT -_4NK_VAULT_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$_4NK_VAULT -_4NK_VAULT_DOCKER_WORKING_DIR=/home/$_4NK_VAULT +_4NK_VAULT_DOCKER_NAME=_4NK_vault +_4NK_VAULT_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/_4NK_vault +_4NK_VAULT_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/_4NK_vault +_4NK_VAULT_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/_4NK_vault +_4NK_VAULT_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/_4NK_vault +_4NK_VAULT_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/_4NK_vault +_4NK_VAULT_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/_4NK_vault +_4NK_VAULT_DOCKER_WORKING_DIR=/home/_4NK_vault -_4NK_VAULT_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$_4NK_VAULT -_4NK_VAULT_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$_4NK_VAULT -_4NK_VAULT_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$_4NK_VAULT -_4NK_VAULT_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$_4NK_VAULT -_4NK_VAULT_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$_4NK_VAULT -_4NK_VAULT_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$_4NK_VAULT -_4NK_VAULT_DOCKER_WORKING_DIR=/home/$_4NK_VAULT +_DOCKER_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/_4NK_vault +_DOCKER_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/_4NK_vault +_DOCKER_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/_4NK_vault +_DOCKER_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/_4NK_vault +_DOCKER_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/_4NK_vault +_DOCKER_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/_4NK_vault +_4NK_VAULT_DOCKER_WORKING_DIR=/home/_4NK_vault -_4NK_VAULT_DOCKER_WORKING_DIR_CREATE="id -u $_4NK_VAULT >/dev/null 2>&1 || adduser --disabled-password --gecos '' $_4NK_VAULT; chown -R $_4NK_VAULT:$_4NK_VAULT /home/root/.$_4NK_VAULT || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" -_4NK_VAULT_URL_ROUTE=/$_4NK_VAULT -_4NK_VAULT_URL=http://\$_4NK_VAULT_DOCKER_NAME:$_4NK_VAULT_DOCKER_PORT -_4NK_VAULT_URL_EXTERNAL=https://$HOST$_4NK_VAULT_URL_ROUTE -_4NK_VAULT_URL_WS=ws://\$_4NK_VAULT_DOCKER_PORT -_4NK_VAULT_URL_WS_EXTERNAL=wss://$HOST\ws +_4NK_VAULT_DOCKER_WORKING_DIR_CREATE="id -u _4NK_vault >/dev/null 2>&1 || adduser --disabled-password --gecos '' _4NK_vault; chown -R _4NK_vault:_4NK_vault /home/root/._4NK_vault || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +_DOCKER_PORT= +_4NK_VAULT_URL_ROUTE=/_4NK_vault +_URL=http://: +_4NK_VAULT_URL_EXTERNAL=https://dev4._4NKweb.com +_URL_WS=ws:// +_4NK_VAULT_URL_WS_EXTERNAL=wss://dev4._4NKweb.com\ws # ====== INTERNAL BITCOIN ====== -BITCOIN_DOCKER_NAME=$BITCOIN -BITCOIN_CONFS_DIR=$DOCKER_GLOBAL/confs/$BITCOIN -BITCOIN_LOGS_DIR=$DOCKER_GLOBAL/logs/$BITCOIN -BITCOIN_RUNS_DIR=$DOCKER_GLOBAL/runs/$BITCOIN -BITCOIN_DATAS_DIR=$DOCKER_GLOBAL/datas/$BITCOIN -BITCOIN_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$BITCOIN -BITCOIN_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$BITCOIN -BITCOIN_DOCKER_WORKING_DIR=/home/$BITCOIN +BITCOIN_DOCKER_NAME=bitcoin +BITCOIN_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/bitcoin +BITCOIN_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/bitcoin +BITCOIN_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/bitcoin +BITCOIN_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/bitcoin +BITCOIN_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/bitcoin +BITCOIN_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/bitcoin +BITCOIN_DOCKER_WORKING_DIR=/home/bitcoin -BITCOIN_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$BITCOIN -BITCOIN_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$BITCOIN -BITCOIN_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$BITCOIN -BITCOIN_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$BITCOIN -BITCOIN_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$BITCOIN -BITCOIN_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$BITCOIN -BITCOIN_DOCKER_WORKING_DIR=/home/$BITCOIN +_DOCKER_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/bitcoin +_DOCKER_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/bitcoin +_DOCKER_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/bitcoin +_DOCKER_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/bitcoin +_DOCKER_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/bitcoin +_DOCKER_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/bitcoin +BITCOIN_DOCKER_WORKING_DIR=/home/bitcoin -BITCOIN_DOCKER_WORKING_DIR_CREATE="id -u $BITCOIN >/dev/null 2>&1 || adduser --disabled-password --gecos '' $BITCOIN; chown -R $BITCOIN:$BITCOIN /home/root/.$BITCOIN || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" -BITCOIN_URL_ROUTE=/$BITCOIN -BITCOIN_URL=http://\$BITCOIN_DOCKER_NAME:$BITCOIN_DOCKER_PORT -BITCOIN_URL_EXTERNAL=https://$HOST$BITCOIN_URL_ROUTE -BITCOIN_URL_WS=ws://\$BITCOIN_DOCKER_PORT -BITCOIN_URL_WS_EXTERNAL=wss://$HOST\ws +BITCOIN_DOCKER_WORKING_DIR_CREATE="id -u bitcoin >/dev/null 2>&1 || adduser --disabled-password --gecos '' bitcoin; chown -R bitcoin:bitcoin /home/root/.bitcoin || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +_DOCKER_PORT=38332:38332 +BITCOIN_URL_ROUTE=/bitcoin +_URL=http://: +BITCOIN_URL_EXTERNAL=https://dev4._4NKweb.com +_URL_WS=ws:// +BITCOIN_URL_WS_EXTERNAL=wss://dev4._4NKweb.com\ws # ====== INTERNAL BLINDBIT_ORACLE ====== -BLINDBIT_ORACLE_DOCKER_NAME=$BLINDBIT_ORACLE -BLINDBIT_ORACLE_CONFS_DIR=$DOCKER_GLOBAL/confs/$BLINDBIT_ORACLE -BLINDBIT_ORACLE_LOGS_DIR=$DOCKER_GLOBAL/logs/$BLINDBIT_ORACLE -BLINDBIT_ORACLE_RUNS_DIR=$DOCKER_GLOBAL/runs/$BLINDBIT_ORACLE -BLINDBIT_ORACLE_DATAS_DIR=$DOCKER_GLOBAL/datas/$BLINDBIT_ORACLE -BLINDBIT_ORACLE_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$BLINDBIT_ORACLE -BLINDBIT_ORACLE_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$BLINDBIT_ORACLE -BLINDBIT_ORACLE_DOCKER_WORKING_DIR=/home/$BLINDBIT_ORACLE +BLINDBIT_ORACLE_DOCKER_NAME=blindbit-oracle +BLINDBIT_ORACLE_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/blindbit-oracle +BLINDBIT_ORACLE_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/blindbit-oracle +BLINDBIT_ORACLE_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/blindbit-oracle +BLINDBIT_ORACLE_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/blindbit-oracle +BLINDBIT_ORACLE_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/blindbit-oracle +BLINDBIT_ORACLE_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/blindbit-oracle +BLINDBIT_ORACLE_DOCKER_WORKING_DIR=/home/blindbit-oracle -BLINDBIT_ORACLE_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$BLINDBIT_ORACLE -BLINDBIT_ORACLE_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$BLINDBIT_ORACLE -BLINDBIT_ORACLE_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$BLINDBIT_ORACLE -BLINDBIT_ORACLE_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$BLINDBIT_ORACLE -BLINDBIT_ORACLE_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$BLINDBIT_ORACLE -BLINDBIT_ORACLE_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$BLINDBIT_ORACLE -BLINDBIT_ORACLE_DOCKER_WORKING_DIR=/home/$BLINDBIT_ORACLE +_DOCKER_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/blindbit-oracle +_DOCKER_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/blindbit-oracle +_DOCKER_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/blindbit-oracle +_DOCKER_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/blindbit-oracle +_DOCKER_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/blindbit-oracle +_DOCKER_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/blindbit-oracle +BLINDBIT_ORACLE_DOCKER_WORKING_DIR=/home/blindbit-oracle -BLINDBIT_ORACLE_DOCKER_WORKING_DIR_CREATE="id -u $BLINDBIT_ORACLE >/dev/null 2>&1 || adduser --disabled-password --gecos '' $BLINDBIT_ORACLE; chown -R $BLINDBIT_ORACLE:$BLINDBIT_ORACLE /home/root/.$BLINDBIT_ORACLE || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" -BLINDBIT_ORACLE_URL_ROUTE=/$BLINDBIT_ORACLE -BLINDBIT_ORACLE_URL=http://\$BLINDBIT_ORACLE_DOCKER_NAME:$BLINDBIT_ORACLE_DOCKER_PORT -BLINDBIT_ORACLE_URL_EXTERNAL=https://$HOST$BLINDBIT_ORACLE_URL_ROUTE -BLINDBIT_ORACLE_URL_WS=ws://\$BLINDBIT_ORACLE_DOCKER_PORT -BLINDBIT_ORACLE_URL_WS_EXTERNAL=wss://$HOST\ws +BLINDBIT_ORACLE_DOCKER_WORKING_DIR_CREATE="id -u blindbit-oracle >/dev/null 2>&1 || adduser --disabled-password --gecos '' blindbit-oracle; chown -R blindbit-oracle:blindbit-oracle /home/root/.blindbit-oracle || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +_DOCKER_PORT=8000:8000 +BLINDBIT_ORACLE_URL_ROUTE=/blindbit-oracle +_URL=http://: +BLINDBIT_ORACLE_URL_EXTERNAL=https://dev4._4NKweb.com +_URL_WS=ws:// +BLINDBIT_ORACLE_URL_WS_EXTERNAL=wss://dev4._4NKweb.com\ws # ====== INTERNAL SDK_RELAY ====== -SDK_RELAY_DOCKER_NAME=$SDK_RELAY -SDK_RELAY_CONFS_DIR=$DOCKER_GLOBAL/confs/$SDK_RELAY -SDK_RELAY_LOGS_DIR=$DOCKER_GLOBAL/logs/$SDK_RELAY -SDK_RELAY_RUNS_DIR=$DOCKER_GLOBAL/runs/$SDK_RELAY -SDK_RELAY_DATAS_DIR=$DOCKER_GLOBAL/datas/$SDK_RELAY -SDK_RELAY_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$SDK_RELAY -SDK_RELAY_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$SDK_RELAY -SDK_RELAY_DOCKER_WORKING_DIR=/home/$SDK_RELAY +SDK_RELAY_DOCKER_NAME=sdk_relay +SDK_RELAY_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/sdk_relay +SDK_RELAY_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/sdk_relay +SDK_RELAY_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/sdk_relay +SDK_RELAY_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/sdk_relay +SDK_RELAY_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/sdk_relay +SDK_RELAY_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/sdk_relay +SDK_RELAY_DOCKER_WORKING_DIR=/home/sdk_relay -SDK_RELAY_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$SDK_RELAY -SDK_RELAY_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$SDK_RELAY -SDK_RELAY_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$SDK_RELAY -SDK_RELAY_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$SDK_RELAY -SDK_RELAY_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$SDK_RELAY -SDK_RELAY_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$SDK_RELAY -SDK_RELAY_DOCKER_WORKING_DIR=/home/$SDK_RELAY +_DOCKER_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/sdk_relay +_DOCKER_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/sdk_relay +_DOCKER_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/sdk_relay +_DOCKER_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/sdk_relay +_DOCKER_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/sdk_relay +_DOCKER_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/sdk_relay +SDK_RELAY_DOCKER_WORKING_DIR=/home/sdk_relay -SDK_RELAY_DOCKER_WORKING_DIR_CREATE="id -u $SDK_RELAY >/dev/null 2>&1 || adduser --disabled-password --gecos '' $SDK_RELAY; chown -R $SDK_RELAY:$SDK_RELAY /home/root/.$SDK_RELAY || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" -SDK_RELAY_URL_ROUTE=/$SDK_RELAY -SDK_RELAY_URL=http://\$SDK_RELAY_DOCKER_NAME:$SDK_RELAY_DOCKER_PORT -SDK_RELAY_URL_EXTERNAL=https://$HOST$SDK_RELAY_URL_ROUTE -SDK_RELAY_URL_WS=ws://\$SDK_RELAY_DOCKER_PORT -SDK_RELAY_URL_WS_EXTERNAL=wss://$HOST\ws +SDK_RELAY_DOCKER_WORKING_DIR_CREATE="id -u sdk_relay >/dev/null 2>&1 || adduser --disabled-password --gecos '' sdk_relay; chown -R sdk_relay:sdk_relay /home/root/.sdk_relay || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +_DOCKER_PORT=8080:8080 +SDK_RELAY_URL_ROUTE=/sdk_relay +_URL=http://: +SDK_RELAY_URL_EXTERNAL=https://dev4._4NKweb.com +_URL_WS=ws:// +SDK_RELAY_URL_WS_EXTERNAL=wss://dev4._4NKweb.com\ws # ====== INTERNAL SDK_STORAGE ====== -SDK_STORAGE_DOCKER_NAME=$SDK_STORAGE -SDK_STORAGE_CONFS_DIR=$DOCKER_GLOBAL/confs/$SDK_STORAGE -SDK_STORAGE_LOGS_DIR=$DOCKER_GLOBAL/logs/$SDK_STORAGE -SDK_STORAGE_RUNS_DIR=$DOCKER_GLOBAL/runs/$SDK_STORAGE -SDK_STORAGE_DATAS_DIR=$DOCKER_GLOBAL/datas/$SDK_STORAGE -SDK_STORAGE_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$SDK_STORAGE -SDK_STORAGE_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$SDK_STORAGE -SDK_STORAGE_DOCKER_WORKING_DIR=/home/$SDK_STORAGE +SDK_STORAGE_DOCKER_NAME=sdk_storage +SDK_STORAGE_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/sdk_storage +SDK_STORAGE_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/sdk_storage +SDK_STORAGE_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/sdk_storage +SDK_STORAGE_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/sdk_storage +SDK_STORAGE_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/sdk_storage +SDK_STORAGE_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/sdk_storage +SDK_STORAGE_DOCKER_WORKING_DIR=/home/sdk_storage -SDK_STORAGE_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$SDK_STORAGE -SDK_STORAGE_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$SDK_STORAGE -SDK_STORAGE_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$SDK_STORAGE -SDK_STORAGE_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$SDK_STORAGE -SDK_STORAGE_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$SDK_STORAGE -SDK_STORAGE_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$SDK_STORAGE -SDK_STORAGE_DOCKER_WORKING_DIR=/home/$SDK_STORAGE +_DOCKER_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/sdk_storage +_DOCKER_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/sdk_storage +_DOCKER_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/sdk_storage +_DOCKER_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/sdk_storage +_DOCKER_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/sdk_storage +_DOCKER_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/sdk_storage +SDK_STORAGE_DOCKER_WORKING_DIR=/home/sdk_storage -SDK_STORAGE_DOCKER_WORKING_DIR_CREATE="id -u $SDK_STORAGE >/dev/null 2>&1 || adduser --disabled-password --gecos '' $SDK_STORAGE; chown -R $SDK_STORAGE:$SDK_STORAGE /home/root/.$SDK_STORAGE || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" -SDK_STORAGE_URL_ROUTE=/$SDK_STORAGE -SDK_STORAGE_URL=http://\$SDK_STORAGE_DOCKER_NAME:$SDK_STORAGE_DOCKER_PORT -SDK_STORAGE_URL_EXTERNAL=https://$HOST$SDK_STORAGE_URL_ROUTE -SDK_STORAGE_URL_WS=ws://\$SDK_STORAGE_DOCKER_PORT -SDK_STORAGE_URL_WS_EXTERNAL=wss://$HOST\ws +SDK_STORAGE_DOCKER_WORKING_DIR_CREATE="id -u sdk_storage >/dev/null 2>&1 || adduser --disabled-password --gecos '' sdk_storage; chown -R sdk_storage:sdk_storage /home/root/.sdk_storage || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +_DOCKER_PORT=8081:8081 +SDK_STORAGE_URL_ROUTE=/sdk_storage +_URL=http://: +SDK_STORAGE_URL_EXTERNAL=https://dev4._4NKweb.com +_URL_WS=ws:// +SDK_STORAGE_URL_WS_EXTERNAL=wss://dev4._4NKweb.com\ws # ====== INTERNAL IHM_CLIENT ====== -IHM_CLIENT_DOCKER_NAME=$IHM_CLIENT -IHM_CLIENT_CONFS_DIR=$DOCKER_GLOBAL/confs/$IHM_CLIENT -IHM_CLIENT_LOGS_DIR=$DOCKER_GLOBAL/logs/$IHM_CLIENT -IHM_CLIENT_RUNS_DIR=$DOCKER_GLOBAL/runs/$IHM_CLIENT -IHM_CLIENT_DATAS_DIR=$DOCKER_GLOBAL/datas/$IHM_CLIENT -IHM_CLIENT_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$IHM_CLIENT -IHM_CLIENT_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$IHM_CLIENT -IHM_CLIENT_DOCKER_WORKING_DIR=/home/$IHM_CLIENT +IHM_CLIENT_DOCKER_NAME=ihm_client +IHM_CLIENT_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/ihm_client +IHM_CLIENT_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/ihm_client +IHM_CLIENT_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/ihm_client +IHM_CLIENT_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/ihm_client +IHM_CLIENT_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/ihm_client +IHM_CLIENT_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/ihm_client +IHM_CLIENT_DOCKER_WORKING_DIR=/home/ihm_client -IHM_CLIENT_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$IHM_CLIENT -IHM_CLIENT_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$IHM_CLIENT -IHM_CLIENT_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$IHM_CLIENT -IHM_CLIENT_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$IHM_CLIENT -IHM_CLIENT_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$IHM_CLIENT -IHM_CLIENT_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$IHM_CLIENT -IHM_CLIENT_DOCKER_WORKING_DIR=/home/$IHM_CLIENT +_DOCKER_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/ihm_client +_DOCKER_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/ihm_client +_DOCKER_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/ihm_client +_DOCKER_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/ihm_client +_DOCKER_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/ihm_client +_DOCKER_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/ihm_client +IHM_CLIENT_DOCKER_WORKING_DIR=/home/ihm_client -IHM_CLIENT_DOCKER_WORKING_DIR_CREATE="id -u $IHM_CLIENT >/dev/null 2>&1 || adduser --disabled-password --gecos '' $IHM_CLIENT; chown -R $IHM_CLIENT:$IHM_CLIENT /home/root/.$IHM_CLIENT || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" -IHM_CLIENT_URL_ROUTE=/$IHM_CLIENT -IHM_CLIENT_URL=http://\$IHM_CLIENT_DOCKER_NAME:$IHM_CLIENT_DOCKER_PORT -IHM_CLIENT_URL_EXTERNAL=https://$HOST$IHM_CLIENT_URL_ROUTE -IHM_CLIENT_URL_WS=ws://\$IHM_CLIENT_DOCKER_PORT -IHM_CLIENT_URL_WS_EXTERNAL=wss://$HOST\ws +IHM_CLIENT_DOCKER_WORKING_DIR_CREATE="id -u ihm_client >/dev/null 2>&1 || adduser --disabled-password --gecos '' ihm_client; chown -R ihm_client:ihm_client /home/root/.ihm_client || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +_DOCKER_PORT=3003:3003 +IHM_CLIENT_URL_ROUTE=/ihm_client +_URL=http://: +IHM_CLIENT_URL_EXTERNAL=https://dev4._4NKweb.com +_URL_WS=ws:// +IHM_CLIENT_URL_WS_EXTERNAL=wss://dev4._4NKweb.com\ws # ====== INTERNAL _4NK_CERTIFICATOR ====== -_4NK_CERTIFICATOR_DOCKER_NAME=$_4NK_CERTIFICATOR -_4NK_CERTIFICATOR_CONFS_DIR=$DOCKER_GLOBAL/confs/$_4NK_CERTIFICATOR -_4NK_CERTIFICATOR_LOGS_DIR=$DOCKER_GLOBAL/logs/$_4NK_CERTIFICATOR -_4NK_CERTIFICATOR_RUNS_DIR=$DOCKER_GLOBAL/runs/$_4NK_CERTIFICATOR -_4NK_CERTIFICATOR_DATAS_DIR=$DOCKER_GLOBAL/datas/$_4NK_CERTIFICATOR -_4NK_CERTIFICATOR_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$_4NK_CERTIFICATOR -_4NK_CERTIFICATOR_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$_4NK_CERTIFICATOR -_4NK_CERTIFICATOR_DOCKER_WORKING_DIR=/home/$_4NK_CERTIFICATOR +_4NK_CERTIFICATOR_DOCKER_NAME=_4NK_certificator +_4NK_CERTIFICATOR_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/_4NK_certificator +_4NK_CERTIFICATOR_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/_4NK_certificator +_4NK_CERTIFICATOR_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/_4NK_certificator +_4NK_CERTIFICATOR_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/_4NK_certificator +_4NK_CERTIFICATOR_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/_4NK_certificator +_4NK_CERTIFICATOR_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/_4NK_certificator +_4NK_CERTIFICATOR_DOCKER_WORKING_DIR=/home/_4NK_certificator -_4NK_CERTIFICATOR_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$_4NK_CERTIFICATOR -_4NK_CERTIFICATOR_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$_4NK_CERTIFICATOR -_4NK_CERTIFICATOR_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$_4NK_CERTIFICATOR -_4NK_CERTIFICATOR_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$_4NK_CERTIFICATOR -_4NK_CERTIFICATOR_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$_4NK_CERTIFICATOR -_4NK_CERTIFICATOR_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$_4NK_CERTIFICATOR -_4NK_CERTIFICATOR_DOCKER_WORKING_DIR=/home/$_4NK_CERTIFICATOR +_DOCKER_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/_4NK_certificator +_DOCKER_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/_4NK_certificator +_DOCKER_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/_4NK_certificator +_DOCKER_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/_4NK_certificator +_DOCKER_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/_4NK_certificator +_DOCKER_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/_4NK_certificator +_4NK_CERTIFICATOR_DOCKER_WORKING_DIR=/home/_4NK_certificator -_4NK_CERTIFICATOR_DOCKER_WORKING_DIR_CREATE="id -u $_4NK_CERTIFICATOR >/dev/null 2>&1 || adduser --disabled-password --gecos '' $_4NK_CERTIFICATOR; chown -R $_4NK_CERTIFICATOR:$_4NK_CERTIFICATOR /home/root/.$_4NK_CERTIFICATOR || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" -_4NK_CERTIFICATOR_URL_ROUTE=/$_4NK_CERTIFICATOR -_4NK_CERTIFICATOR_URL=http://\$_4NK_CERTIFICATOR_DOCKER_NAME:$_4NK_CERTIFICATOR_DOCKER_PORT -_4NK_CERTIFICATOR_URL_EXTERNAL=https://$HOST$_4NK_CERTIFICATOR_URL_ROUTE -_4NK_CERTIFICATOR_URL_WS=ws://\$_4NK_CERTIFICATOR_DOCKER_PORT -_4NK_CERTIFICATOR_URL_WS_EXTERNAL=wss://$HOST\ws +_4NK_CERTIFICATOR_DOCKER_WORKING_DIR_CREATE="id -u _4NK_certificator >/dev/null 2>&1 || adduser --disabled-password --gecos '' _4NK_certificator; chown -R _4NK_certificator:_4NK_certificator /home/root/._4NK_certificator || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +_DOCKER_PORT=8082:8082 +_4NK_CERTIFICATOR_URL_ROUTE=/_4NK_certificator +_URL=http://: +_4NK_CERTIFICATOR_URL_EXTERNAL=https://dev4._4NKweb.com +_URL_WS=ws:// +_4NK_CERTIFICATOR_URL_WS_EXTERNAL=wss://dev4._4NKweb.com\ws # ====== INTERNAL _4NK_MINER ====== -_4NK_MINER_DOCKER_NAME=$_4NK_MINER -_4NK_MINER_CONFS_DIR=$DOCKER_GLOBAL/confs/$_4NK_MINER -_4NK_MINER_LOGS_DIR=$DOCKER_GLOBAL/logs/$_4NK_MINER -_4NK_MINER_RUNS_DIR=$DOCKER_GLOBAL/runs/$_4NK_MINER -_4NK_MINER_DATAS_DIR=$DOCKER_GLOBAL/datas/$_4NK_MINER -_4NK_MINER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$_4NK_MINER -_4NK_MINER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$_4NK_MINER -_4NK_MINER_DOCKER_WORKING_DIR=/home/$_4NK_MINER +_4NK_MINER_DOCKER_NAME=_4NK_miner +_4NK_MINER_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/_4NK_miner +_4NK_MINER_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/_4NK_miner +_4NK_MINER_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/_4NK_miner +_4NK_MINER_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/_4NK_miner +_4NK_MINER_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/_4NK_miner +_4NK_MINER_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/_4NK_miner +_4NK_MINER_DOCKER_WORKING_DIR=/home/_4NK_miner -_4NK_MINER_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$_4NK_MINER -_4NK_MINER_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$_4NK_MINER -_4NK_MINER_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$_4NK_MINER -_4NK_MINER_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$_4NK_MINER -_4NK_MINER_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$_4NK_MINER -_4NK_MINER_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$_4NK_MINER -_4NK_MINER_DOCKER_WORKING_DIR=/home/$_4NK_MINER +_DOCKER_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/_4NK_miner +_DOCKER_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/_4NK_miner +_DOCKER_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/_4NK_miner +_DOCKER_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/_4NK_miner +_DOCKER_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/_4NK_miner +_DOCKER_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/_4NK_miner +_4NK_MINER_DOCKER_WORKING_DIR=/home/_4NK_miner -_4NK_MINER_DOCKER_WORKING_DIR_CREATE="id -u $_4NK_MINER >/dev/null 2>&1 || adduser --disabled-password --gecos '' $_4NK_MINER; chown -R $_4NK_MINER:$_4NK_MINER /home/root/.$_4NK_MINER || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" -_4NK_MINER_URL_ROUTE=/$_4NK_MINER -_4NK_MINER_URL=http://\$_4NK_MINER_DOCKER_NAME:$_4NK_MINER_DOCKER_PORT -_4NK_MINER_URL_EXTERNAL=https://$HOST$_4NK_MINER_URL_ROUTE -_4NK_MINER_URL_WS=ws://\$_4NK_MINER_DOCKER_PORT -_4NK_MINER_URL_WS_EXTERNAL=wss://$HOST\ws +_4NK_MINER_DOCKER_WORKING_DIR_CREATE="id -u _4NK_miner >/dev/null 2>&1 || adduser --disabled-password --gecos '' _4NK_miner; chown -R _4NK_miner:_4NK_miner /home/root/._4NK_miner || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +_DOCKER_PORT=8083:8083 +_4NK_MINER_URL_ROUTE=/_4NK_miner +_URL=http://: +_4NK_MINER_URL_EXTERNAL=https://dev4._4NKweb.com +_URL_WS=ws:// +_4NK_MINER_URL_WS_EXTERNAL=wss://dev4._4NKweb.com\ws # ====== INTERNAL LECOFFRE_FRONT ====== -LECOFFRE_FRONT_DOCKER_NAME=$LECOFFRE_FRONT -LECOFFRE_FRONT_CONFS_DIR=$DOCKER_GLOBAL/confs/$LECOFFRE_FRONT -LECOFFRE_FRONT_LOGS_DIR=$DOCKER_GLOBAL/logs/$LECOFFRE_FRONT -LECOFFRE_FRONT_RUNS_DIR=$DOCKER_GLOBAL/runs/$LECOFFRE_FRONT -LECOFFRE_FRONT_DATAS_DIR=$DOCKER_GLOBAL/datas/$LECOFFRE_FRONT -LECOFFRE_FRONT_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$LECOFFRE_FRONT -LECOFFRE_FRONT_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$LECOFFRE_FRONT -LECOFFRE_FRONT_DOCKER_WORKING_DIR=/home/$LECOFFRE_FRONT +LECOFFRE_FRONT_DOCKER_NAME=lecoffre-front +LECOFFRE_FRONT_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/lecoffre-front +LECOFFRE_FRONT_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/lecoffre-front +LECOFFRE_FRONT_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/lecoffre-front +LECOFFRE_FRONT_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/lecoffre-front +LECOFFRE_FRONT_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/lecoffre-front +LECOFFRE_FRONT_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/lecoffre-front +LECOFFRE_FRONT_DOCKER_WORKING_DIR=/home/lecoffre-front -LECOFFRE_FRONT_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$LECOFFRE_FRONT -LECOFFRE_FRONT_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$LECOFFRE_FRONT -LECOFFRE_FRONT_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$LECOFFRE_FRONT -LECOFFRE_FRONT_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$LECOFFRE_FRONT -LECOFFRE_FRONT_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$LECOFFRE_FRONT -LECOFFRE_FRONT_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$LECOFFRE_FRONT -LECOFFRE_FRONT_DOCKER_WORKING_DIR=/home/$LECOFFRE_FRONT +_DOCKER_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/lecoffre-front +_DOCKER_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/lecoffre-front +_DOCKER_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/lecoffre-front +_DOCKER_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/lecoffre-front +_DOCKER_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/lecoffre-front +_DOCKER_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/lecoffre-front +LECOFFRE_FRONT_DOCKER_WORKING_DIR=/home/lecoffre-front -LECOFFRE_FRONT_DOCKER_WORKING_DIR_CREATE="id -u $LECOFFRE_FRONT >/dev/null 2>&1 || adduser --disabled-password --gecos '' $LECOFFRE_FRONT; chown -R $LECOFFRE_FRONT:$LECOFFRE_FRONT /home/root/.$LECOFFRE_FRONT || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" -LECOFFRE_FRONT_URL_ROUTE=/$LECOFFRE_FRONT -LECOFFRE_FRONT_URL=http://\$LECOFFRE_FRONT_DOCKER_NAME:$LECOFFRE_FRONT_DOCKER_PORT -LECOFFRE_FRONT_URL_EXTERNAL=https://$HOST$LECOFFRE_FRONT_URL_ROUTE -LECOFFRE_FRONT_URL_WS=ws://\$LECOFFRE_FRONT_DOCKER_PORT -LECOFFRE_FRONT_URL_WS_EXTERNAL=wss://$HOST\ws +LECOFFRE_FRONT_DOCKER_WORKING_DIR_CREATE="id -u lecoffre-front >/dev/null 2>&1 || adduser --disabled-password --gecos '' lecoffre-front; chown -R lecoffre-front:lecoffre-front /home/root/.lecoffre-front || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +_DOCKER_PORT=3000:3000 +LECOFFRE_FRONT_URL_ROUTE=/lecoffre-front +_URL=http://: +LECOFFRE_FRONT_URL_EXTERNAL=https://dev4._4NKweb.com +_URL_WS=ws:// +LECOFFRE_FRONT_URL_WS_EXTERNAL=wss://dev4._4NKweb.com\ws # ====== INTERNAL _4NK_WEB_STATUS ====== -_4NK_WEB_STATUS_DOCKER_NAME=$_4NK_WEB_STATUS -_4NK_WEB_STATUS_CONFS_DIR=$DOCKER_GLOBAL/confs/$_4NK_WEB_STATUS -_4NK_WEB_STATUS_LOGS_DIR=$DOCKER_GLOBAL/logs/$_4NK_WEB_STATUS -_4NK_WEB_STATUS_RUNS_DIR=$DOCKER_GLOBAL/runs/$_4NK_WEB_STATUS -_4NK_WEB_STATUS_DATAS_DIR=$DOCKER_GLOBAL/datas/$_4NK_WEB_STATUS -_4NK_WEB_STATUS_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$_4NK_WEB_STATUS -_4NK_WEB_STATUS_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$_4NK_WEB_STATUS -_4NK_WEB_STATUS_DOCKER_WORKING_DIR=/home/$_4NK_WEB_STATUS +_4NK_WEB_STATUS_DOCKER_NAME=_4NK_web_status +_4NK_WEB_STATUS_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/_4NK_web_status +_4NK_WEB_STATUS_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/_4NK_web_status +_4NK_WEB_STATUS_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/_4NK_web_status +_4NK_WEB_STATUS_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/_4NK_web_status +_4NK_WEB_STATUS_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/_4NK_web_status +_4NK_WEB_STATUS_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/_4NK_web_status +_4NK_WEB_STATUS_DOCKER_WORKING_DIR=/home/_4NK_web_status -_4NK_WEB_STATUS_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$_4NK_WEB_STATUS -_4NK_WEB_STATUS_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$_4NK_WEB_STATUS -_4NK_WEB_STATUS_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$_4NK_WEB_STATUS -_4NK_WEB_STATUS_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$_4NK_WEB_STATUS -_4NK_WEB_STATUS_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$_4NK_WEB_STATUS -_4NK_WEB_STATUS_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$_4NK_WEB_STATUS -_4NK_WEB_STATUS_DOCKER_WORKING_DIR=/home/$_4NK_WEB_STATUS +_DOCKER_CONFS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/confs/_4NK_web_status +_DOCKER_LOGS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/_4NK_web_status +_DOCKER_RUNS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/runs/_4NK_web_status +_DOCKER_DATAS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/_4NK_web_status +_DOCKER_BACKUPS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/backups/_4NK_web_status +_DOCKER_SCRIPTS_DIR=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/scripts/_4NK_web_status +_4NK_WEB_STATUS_DOCKER_WORKING_DIR=/home/_4NK_web_status -_4NK_WEB_STATUS_DOCKER_WORKING_DIR_CREATE="id -u $_4NK_WEB_STATUS >/dev/null 2>&1 || adduser --disabled-password --gecos '' $_4NK_WEB_STATUS; chown -R $_4NK_WEB_STATUS:$_4NK_WEB_STATUS /home/root/.$_4NK_WEB_STATUS || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" -_4NK_WEB_STATUS_URL_ROUTE=/$_4NK_WEB_STATUS -_4NK_WEB_STATUS_URL=http://\$_4NK_WEB_STATUS_DOCKER_NAME:$_4NK_WEB_STATUS_DOCKER_PORT -_4NK_WEB_STATUS_URL_EXTERNAL=https://$HOST$_4NK_WEB_STATUS_URL_ROUTE -_4NK_WEB_STATUS_URL_WS=ws://\$_4NK_WEB_STATUS_DOCKER_PORT -_4NK_WEB_STATUS_URL_WS_EXTERNAL=wss://$HOST\ws +_4NK_WEB_STATUS_DOCKER_WORKING_DIR_CREATE="id -u _4NK_web_status >/dev/null 2>&1 || adduser --disabled-password --gecos '' _4NK_web_status; chown -R _4NK_web_status:_4NK_web_status /home/root/._4NK_web_status || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +_DOCKER_PORT=3006:3006 +_4NK_WEB_STATUS_URL_ROUTE=/_4NK_web_status +_URL=http://: +_4NK_WEB_STATUS_URL_EXTERNAL=https://dev4._4NKweb.com +_URL_WS=ws:// +_4NK_WEB_STATUS_URL_WS_EXTERNAL=wss://dev4._4NKweb.com\ws # ====== EXTERNAL BOOSTRAP ====== -BOOSTRAP_URL_EXTERNAL=https://${VARIABLE}_HOST:${VARIABLE}_EXTERNAL_PORT${VARIABLE}_URL_ROUTE -BOOSTRAP_URL_WS_EXTERNAL=wss://${VARIABLE}_HOST:${VARIABLE}_EXTERNAL_PORT\ws +BOOSTRAP_URL_EXTERNAL=https://: +BOOSTRAP_URL_WS_EXTERNAL=wss://:/ws # ====== EXTERNAL LECOFFRE_BACK_MINI ====== -LECOFFRE_BACK_MINI_URL_EXTERNAL=https://${VARIABLE}_HOST:${VARIABLE}_EXTERNAL_PORT${VARIABLE}_URL_ROUTE -LECOFFRE_BACK_MINI_URL_WS_EXTERNAL=wss://${VARIABLE}_HOST:${VARIABLE}_EXTERNAL_PORT\ws +LECOFFRE_BACK_MINI_URL_EXTERNAL=https://dev3._4NKweb.com:3001 +LECOFFRE_BACK_MINI_URL_WS_EXTERNAL=wss://dev3._4NKweb.com:3001/ws + +# ====== EXTERNAL BOOTSTRAP (correction) ====== +BOOTSTRAP_URL_ROUTE=/bootstrap +BOOTSTRAP_URL_EXTERNAL=https://dev3._4NKweb.com:3006 +BOOTSTRAP_URL_WS_EXTERNAL=wss://dev3._4NKweb.com:3006/ws diff --git a/storage/dev/4NK_modules/grafana/dashboards/4NK-certificator.json b/storage/dev/4NK_modules/grafana/dashboards/_4NK-certificator.json similarity index 93% rename from storage/dev/4NK_modules/grafana/dashboards/4NK-certificator.json rename to storage/dev/4NK_modules/grafana/dashboards/_4NK-certificator.json index 33194bd..9177c26 100644 --- a/storage/dev/4NK_modules/grafana/dashboards/4NK-certificator.json +++ b/storage/dev/4NK_modules/grafana/dashboards/_4NK-certificator.json @@ -88,7 +88,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$_4NK_CERTIFICATOR_DOCKER_NAME\"} |= \"INFO\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"INFO\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -175,7 +175,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$_4NK_CERTIFICATOR_DOCKER_NAME\"} |= \"ERROR\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"ERROR\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -239,7 +239,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "count_over_time({container=\"$_4NK_CERTIFICATOR_DOCKER_NAME\"} |= \"ERROR\" [1h])", + "expr": "count_over_time({container=\"\"} |= \"ERROR\" [1h])", "queryType": "", "refId": "A" } @@ -276,7 +276,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "{container=\"$_4NK_CERTIFICATOR_DOCKER_NAME\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", + "expr": "{container=\"\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", "queryType": "", "refId": "A" } @@ -302,7 +302,7 @@ "timepicker": {}, "timezone": "", "title": "_4NK-certificator - Monitoring", - "uid": "_4NK-certificator", + "uid": "-4nk-certificator", "version": 1, "weekStart": "" } diff --git a/storage/dev/4NK_modules/grafana/dashboards/4NK-miner.json b/storage/dev/4NK_modules/grafana/dashboards/_4NK-miner.json similarity index 93% rename from storage/dev/4NK_modules/grafana/dashboards/4NK-miner.json rename to storage/dev/4NK_modules/grafana/dashboards/_4NK-miner.json index 2ebc0dd..8f99f8e 100644 --- a/storage/dev/4NK_modules/grafana/dashboards/4NK-miner.json +++ b/storage/dev/4NK_modules/grafana/dashboards/_4NK-miner.json @@ -88,7 +88,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$_4NK_MINER_DOCKER_NAME\"} |= \"INFO\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"INFO\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -175,7 +175,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$_4NK_MINER_DOCKER_NAME\"} |= \"ERROR\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"ERROR\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -239,7 +239,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "count_over_time({container=\"$_4NK_MINER_DOCKER_NAME\"} |= \"ERROR\" [1h])", + "expr": "count_over_time({container=\"\"} |= \"ERROR\" [1h])", "queryType": "", "refId": "A" } @@ -276,7 +276,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "{container=\"$_4NK_MINER_DOCKER_NAME\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", + "expr": "{container=\"\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", "queryType": "", "refId": "A" } @@ -302,7 +302,7 @@ "timepicker": {}, "timezone": "", "title": "_4NK-miner - Monitoring", - "uid": "_4NK-miner", + "uid": "-4nk-miner", "version": 1, "weekStart": "" } diff --git a/storage/dev/4NK_modules/grafana/dashboards/4NK-vault.json b/storage/dev/4NK_modules/grafana/dashboards/_4NK-vault.json similarity index 93% rename from storage/dev/4NK_modules/grafana/dashboards/4NK-vault.json rename to storage/dev/4NK_modules/grafana/dashboards/_4NK-vault.json index 0b6df6c..1ce68d2 100644 --- a/storage/dev/4NK_modules/grafana/dashboards/4NK-vault.json +++ b/storage/dev/4NK_modules/grafana/dashboards/_4NK-vault.json @@ -88,7 +88,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$_4NK_VAULT_DOCKER_NAME\"} |= \"INFO\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"INFO\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -175,7 +175,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$_4NK_VAULT_DOCKER_NAME\"} |= \"ERROR\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"ERROR\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -239,7 +239,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "count_over_time({container=\"$_4NK_VAULT_DOCKER_NAME\"} |= \"ERROR\" [1h])", + "expr": "count_over_time({container=\"\"} |= \"ERROR\" [1h])", "queryType": "", "refId": "A" } @@ -276,7 +276,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "{container=\"$_4NK_VAULT_DOCKER_NAME\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", + "expr": "{container=\"\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", "queryType": "", "refId": "A" } @@ -302,7 +302,7 @@ "timepicker": {}, "timezone": "", "title": "_4NK-vault - Monitoring", - "uid": "_4NK-vault", + "uid": "-4nk-vault", "version": 1, "weekStart": "" } diff --git a/storage/dev/4NK_modules/grafana/dashboards/4NK-web-status.json b/storage/dev/4NK_modules/grafana/dashboards/_4NK-web-status.json similarity index 93% rename from storage/dev/4NK_modules/grafana/dashboards/4NK-web-status.json rename to storage/dev/4NK_modules/grafana/dashboards/_4NK-web-status.json index 9e9be78..e57e38f 100644 --- a/storage/dev/4NK_modules/grafana/dashboards/4NK-web-status.json +++ b/storage/dev/4NK_modules/grafana/dashboards/_4NK-web-status.json @@ -88,7 +88,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$_4NK_WEB_STATUS_DOCKER_NAME\"} |= \"INFO\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"INFO\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -175,7 +175,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$_4NK_WEB_STATUS_DOCKER_NAME\"} |= \"ERROR\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"ERROR\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -239,7 +239,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "count_over_time({container=\"$_4NK_WEB_STATUS_DOCKER_NAME\"} |= \"ERROR\" [1h])", + "expr": "count_over_time({container=\"\"} |= \"ERROR\" [1h])", "queryType": "", "refId": "A" } @@ -276,7 +276,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "{container=\"$_4NK_WEB_STATUS_DOCKER_NAME\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", + "expr": "{container=\"\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", "queryType": "", "refId": "A" } @@ -302,7 +302,7 @@ "timepicker": {}, "timezone": "", "title": "_4NK-web-status - Monitoring", - "uid": "_4NK-web-status", + "uid": "-4nk-web-status", "version": 1, "weekStart": "" } diff --git a/storage/dev/4NK_modules/grafana/dashboards/bitcoin.json b/storage/dev/4NK_modules/grafana/dashboards/bitcoin.json index 76ee3a5..bc94633 100644 --- a/storage/dev/4NK_modules/grafana/dashboards/bitcoin.json +++ b/storage/dev/4NK_modules/grafana/dashboards/bitcoin.json @@ -88,7 +88,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$BITCOIN_DOCKER_NAME\"} |= \"INFO\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"INFO\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -175,7 +175,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$BITCOIN_DOCKER_NAME\"} |= \"ERROR\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"ERROR\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -239,7 +239,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "count_over_time({container=\"$BITCOIN_DOCKER_NAME\"} |= \"ERROR\" [1h])", + "expr": "count_over_time({container=\"\"} |= \"ERROR\" [1h])", "queryType": "", "refId": "A" } @@ -276,7 +276,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "{container=\"$BITCOIN_DOCKER_NAME\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", + "expr": "{container=\"\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", "queryType": "", "refId": "A" } diff --git a/storage/dev/4NK_modules/grafana/dashboards/blindbit-oracle.json b/storage/dev/4NK_modules/grafana/dashboards/blindbit-oracle.json index 45766ab..eab9e88 100644 --- a/storage/dev/4NK_modules/grafana/dashboards/blindbit-oracle.json +++ b/storage/dev/4NK_modules/grafana/dashboards/blindbit-oracle.json @@ -88,7 +88,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$BLINDBIT_ORACLE_DOCKER_NAME\"} |= \"INFO\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"INFO\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -175,7 +175,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$BLINDBIT_ORACLE_DOCKER_NAME\"} |= \"ERROR\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"ERROR\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -239,7 +239,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "count_over_time({container=\"$BLINDBIT_ORACLE_DOCKER_NAME\"} |= \"ERROR\" [1h])", + "expr": "count_over_time({container=\"\"} |= \"ERROR\" [1h])", "queryType": "", "refId": "A" } @@ -276,7 +276,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "{container=\"$BLINDBIT_ORACLE_DOCKER_NAME\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", + "expr": "{container=\"\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", "queryType": "", "refId": "A" } diff --git a/storage/dev/4NK_modules/grafana/dashboards/grafana.json b/storage/dev/4NK_modules/grafana/dashboards/grafana.json index ce220cd..2a00025 100644 --- a/storage/dev/4NK_modules/grafana/dashboards/grafana.json +++ b/storage/dev/4NK_modules/grafana/dashboards/grafana.json @@ -88,7 +88,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$GRAFANA_DOCKER_NAME\"} |= \"INFO\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"INFO\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -175,7 +175,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$GRAFANA_DOCKER_NAME\"} |= \"ERROR\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"ERROR\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -239,7 +239,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "count_over_time({container=\"$GRAFANA_DOCKER_NAME\"} |= \"ERROR\" [1h])", + "expr": "count_over_time({container=\"\"} |= \"ERROR\" [1h])", "queryType": "", "refId": "A" } @@ -276,7 +276,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "{container=\"$GRAFANA_DOCKER_NAME\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", + "expr": "{container=\"\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", "queryType": "", "refId": "A" } diff --git a/storage/dev/4NK_modules/grafana/dashboards/ihm-client.json b/storage/dev/4NK_modules/grafana/dashboards/ihm-client.json index 5e4be65..9e05234 100644 --- a/storage/dev/4NK_modules/grafana/dashboards/ihm-client.json +++ b/storage/dev/4NK_modules/grafana/dashboards/ihm-client.json @@ -88,7 +88,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$IHM_CLIENT_DOCKER_NAME\"} |= \"INFO\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"INFO\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -175,7 +175,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$IHM_CLIENT_DOCKER_NAME\"} |= \"ERROR\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"ERROR\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -239,7 +239,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "count_over_time({container=\"$IHM_CLIENT_DOCKER_NAME\"} |= \"ERROR\" [1h])", + "expr": "count_over_time({container=\"\"} |= \"ERROR\" [1h])", "queryType": "", "refId": "A" } @@ -276,7 +276,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "{container=\"$IHM_CLIENT_DOCKER_NAME\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", + "expr": "{container=\"\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", "queryType": "", "refId": "A" } diff --git a/storage/dev/4NK_modules/grafana/dashboards/lecoffre-front.json b/storage/dev/4NK_modules/grafana/dashboards/lecoffre-front.json index a82acdd..91ddc0a 100644 --- a/storage/dev/4NK_modules/grafana/dashboards/lecoffre-front.json +++ b/storage/dev/4NK_modules/grafana/dashboards/lecoffre-front.json @@ -88,7 +88,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$LECOFFRE_FRONT_DOCKER_NAME\"} |= \"INFO\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"INFO\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -175,7 +175,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$LECOFFRE_FRONT_DOCKER_NAME\"} |= \"ERROR\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"ERROR\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -239,7 +239,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "count_over_time({container=\"$LECOFFRE_FRONT_DOCKER_NAME\"} |= \"ERROR\" [1h])", + "expr": "count_over_time({container=\"\"} |= \"ERROR\" [1h])", "queryType": "", "refId": "A" } @@ -276,7 +276,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "{container=\"$LECOFFRE_FRONT_DOCKER_NAME\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", + "expr": "{container=\"\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", "queryType": "", "refId": "A" } diff --git a/storage/dev/4NK_modules/grafana/dashboards/loki.json b/storage/dev/4NK_modules/grafana/dashboards/loki.json index 61cf966..d860daf 100644 --- a/storage/dev/4NK_modules/grafana/dashboards/loki.json +++ b/storage/dev/4NK_modules/grafana/dashboards/loki.json @@ -88,7 +88,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$LOKI_DOCKER_NAME\"} |= \"INFO\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"INFO\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -175,7 +175,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$LOKI_DOCKER_NAME\"} |= \"ERROR\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"ERROR\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -239,7 +239,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "count_over_time({container=\"$LOKI_DOCKER_NAME\"} |= \"ERROR\" [1h])", + "expr": "count_over_time({container=\"\"} |= \"ERROR\" [1h])", "queryType": "", "refId": "A" } @@ -276,7 +276,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "{container=\"$LOKI_DOCKER_NAME\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", + "expr": "{container=\"\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", "queryType": "", "refId": "A" } diff --git a/storage/dev/4NK_modules/grafana/dashboards/ngnix.json b/storage/dev/4NK_modules/grafana/dashboards/ngnix.json index 5e8b3ef..9953314 100644 --- a/storage/dev/4NK_modules/grafana/dashboards/ngnix.json +++ b/storage/dev/4NK_modules/grafana/dashboards/ngnix.json @@ -88,7 +88,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$NGNIX_DOCKER_NAME\"} |= \"INFO\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"INFO\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -175,7 +175,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$NGNIX_DOCKER_NAME\"} |= \"ERROR\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"ERROR\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -239,7 +239,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "count_over_time({container=\"$NGNIX_DOCKER_NAME\"} |= \"ERROR\" [1h])", + "expr": "count_over_time({container=\"\"} |= \"ERROR\" [1h])", "queryType": "", "refId": "A" } @@ -276,7 +276,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "{container=\"$NGNIX_DOCKER_NAME\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", + "expr": "{container=\"\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", "queryType": "", "refId": "A" } diff --git a/storage/dev/4NK_modules/grafana/dashboards/postgresql.json b/storage/dev/4NK_modules/grafana/dashboards/postgresql.json index 5ae1014..fd9d1f4 100644 --- a/storage/dev/4NK_modules/grafana/dashboards/postgresql.json +++ b/storage/dev/4NK_modules/grafana/dashboards/postgresql.json @@ -88,7 +88,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$POSTGRESQL_DOCKER_NAME\"} |= \"INFO\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"INFO\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -175,7 +175,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$POSTGRESQL_DOCKER_NAME\"} |= \"ERROR\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"ERROR\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -239,7 +239,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "count_over_time({container=\"$POSTGRESQL_DOCKER_NAME\"} |= \"ERROR\" [1h])", + "expr": "count_over_time({container=\"\"} |= \"ERROR\" [1h])", "queryType": "", "refId": "A" } @@ -276,7 +276,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "{container=\"$POSTGRESQL_DOCKER_NAME\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", + "expr": "{container=\"\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", "queryType": "", "refId": "A" } diff --git a/storage/dev/4NK_modules/grafana/dashboards/promtail.json b/storage/dev/4NK_modules/grafana/dashboards/promtail.json index f2cef80..4a69280 100644 --- a/storage/dev/4NK_modules/grafana/dashboards/promtail.json +++ b/storage/dev/4NK_modules/grafana/dashboards/promtail.json @@ -88,7 +88,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$PROMTAIL_DOCKER_NAME\"} |= \"INFO\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"INFO\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -175,7 +175,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$PROMTAIL_DOCKER_NAME\"} |= \"ERROR\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"ERROR\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -239,7 +239,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "count_over_time({container=\"$PROMTAIL_DOCKER_NAME\"} |= \"ERROR\" [1h])", + "expr": "count_over_time({container=\"\"} |= \"ERROR\" [1h])", "queryType": "", "refId": "A" } @@ -276,7 +276,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "{container=\"$PROMTAIL_DOCKER_NAME\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", + "expr": "{container=\"\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", "queryType": "", "refId": "A" } diff --git a/storage/dev/4NK_modules/grafana/dashboards/redis.json b/storage/dev/4NK_modules/grafana/dashboards/redis.json index e6ef3ee..0bd248d 100644 --- a/storage/dev/4NK_modules/grafana/dashboards/redis.json +++ b/storage/dev/4NK_modules/grafana/dashboards/redis.json @@ -88,7 +88,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$REDIS_DOCKER_NAME\"} |= \"INFO\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"INFO\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -175,7 +175,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$REDIS_DOCKER_NAME\"} |= \"ERROR\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"ERROR\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -239,7 +239,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "count_over_time({container=\"$REDIS_DOCKER_NAME\"} |= \"ERROR\" [1h])", + "expr": "count_over_time({container=\"\"} |= \"ERROR\" [1h])", "queryType": "", "refId": "A" } @@ -276,7 +276,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "{container=\"$REDIS_DOCKER_NAME\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", + "expr": "{container=\"\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", "queryType": "", "refId": "A" } diff --git a/storage/dev/4NK_modules/grafana/dashboards/sdk-relay.json b/storage/dev/4NK_modules/grafana/dashboards/sdk-relay.json index 27e2083..e280a71 100644 --- a/storage/dev/4NK_modules/grafana/dashboards/sdk-relay.json +++ b/storage/dev/4NK_modules/grafana/dashboards/sdk-relay.json @@ -88,7 +88,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$SDK_RELAY_DOCKER_NAME\"} |= \"INFO\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"INFO\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -175,7 +175,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$SDK_RELAY_DOCKER_NAME\"} |= \"ERROR\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"ERROR\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -239,7 +239,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "count_over_time({container=\"$SDK_RELAY_DOCKER_NAME\"} |= \"ERROR\" [1h])", + "expr": "count_over_time({container=\"\"} |= \"ERROR\" [1h])", "queryType": "", "refId": "A" } @@ -276,7 +276,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "{container=\"$SDK_RELAY_DOCKER_NAME\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", + "expr": "{container=\"\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", "queryType": "", "refId": "A" } diff --git a/storage/dev/4NK_modules/grafana/dashboards/sdk-storage.json b/storage/dev/4NK_modules/grafana/dashboards/sdk-storage.json index 38bffe1..cfefd3d 100644 --- a/storage/dev/4NK_modules/grafana/dashboards/sdk-storage.json +++ b/storage/dev/4NK_modules/grafana/dashboards/sdk-storage.json @@ -88,7 +88,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$SDK_STORAGE_DOCKER_NAME\"} |= \"INFO\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"INFO\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -175,7 +175,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$SDK_STORAGE_DOCKER_NAME\"} |= \"ERROR\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"ERROR\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -239,7 +239,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "count_over_time({container=\"$SDK_STORAGE_DOCKER_NAME\"} |= \"ERROR\" [1h])", + "expr": "count_over_time({container=\"\"} |= \"ERROR\" [1h])", "queryType": "", "refId": "A" } @@ -276,7 +276,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "{container=\"$SDK_STORAGE_DOCKER_NAME\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", + "expr": "{container=\"\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", "queryType": "", "refId": "A" } diff --git a/storage/dev/4NK_modules/grafana/dashboards/services-overview.json b/storage/dev/4NK_modules/grafana/dashboards/services-overview.json index a4bb478..5d872fb 100644 --- a/storage/dev/4NK_modules/grafana/dashboards/services-overview.json +++ b/storage/dev/4NK_modules/grafana/dashboards/services-overview.json @@ -90,7 +90,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum by (container) (count_over_time({container=~\"$bitcoin_DOCKER_NAME|$blindbit-oracle_DOCKER_NAME|$sdk_relay_DOCKER_NAME|$sdk_storage_DOCKER_NAME|$ihm_client_DOCKER_NAME|$lecoffre-front_DOCKER_NAME\"} |= \"ERROR\" [5m]))", + "expr": "sum by (container) (count_over_time({container=~\"|-oracle_DOCKER_NAME||||-front_DOCKER_NAME\"} |= \"ERROR\" [5m]))", "queryType": "", "refId": "A" } diff --git a/storage/dev/4NK_modules/grafana/dashboards/tor.json b/storage/dev/4NK_modules/grafana/dashboards/tor.json index a461b10..54117cc 100644 --- a/storage/dev/4NK_modules/grafana/dashboards/tor.json +++ b/storage/dev/4NK_modules/grafana/dashboards/tor.json @@ -88,7 +88,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$TOR_DOCKER_NAME\"} |= \"INFO\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"INFO\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -175,7 +175,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum(rate({container=\"$TOR_DOCKER_NAME\"} |= \"ERROR\" [5m])) by (container)", + "expr": "sum(rate({container=\"\"} |= \"ERROR\" [5m])) by (container)", "queryType": "", "refId": "A" } @@ -239,7 +239,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "count_over_time({container=\"$TOR_DOCKER_NAME\"} |= \"ERROR\" [1h])", + "expr": "count_over_time({container=\"\"} |= \"ERROR\" [1h])", "queryType": "", "refId": "A" } @@ -276,7 +276,7 @@ "uid": "loki" }, "editorMode": "code", - "expr": "{container=\"$TOR_DOCKER_NAME\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", + "expr": "{container=\"\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", "queryType": "", "refId": "A" } diff --git a/storage/dev/4NK_modules/promtail/promtail.yml b/storage/dev/4NK_modules/promtail/promtail.yml index a186fab..c258a7c 100644 --- a/storage/dev/4NK_modules/promtail/promtail.yml +++ b/storage/dev/4NK_modules/promtail/promtail.yml @@ -1,198 +1,334 @@ server: - http_listen_port: $PROMTAIL_PORT + http_listen_port: 9080 grpc_listen_port: 0 positions: filename: /tmp/positions.yaml clients: - - url: $LOKI_URL/loki/api/v1/push + - url: http://loki:3100/loki/api/v1/push scrape_configs: - # REDIS Logs - - job_name: $REDIS_DOCKER_NAME + - job_name: 'REDIS' static_configs: - targets: - localhost labels: - job: $REDIS_DOCKER_NAME - service: $REDIS_DOCKER_NAME - __path__: $REDIS_LOGS_DIR/*.log + job: REDIS + __path__: /*.log + pipeline_stages: + - match: + selector: '{job="REDIS"}' + stages: + - regex: + expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' + - labels: + level: + - timestamp: + source: timestamp + format: '2006-01-02 15:04:05' - # POSTGRESQL Logs - - job_name: $POSTGRESQL_DOCKER_NAME + - job_name: 'POSTGRESQL' static_configs: - targets: - localhost labels: - job: $POSTGRESQL_DOCKER_NAME - service: $POSTGRESQL_DOCKER_NAME - __path__: $POSTGRESQL_LOGS_DIR/*.log + job: POSTGRESQL + __path__: /*.log + pipeline_stages: + - match: + selector: '{job="POSTGRESQL"}' + stages: + - regex: + expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' + - labels: + level: + - timestamp: + source: timestamp + format: '2006-01-02 15:04:05' - # LOKI Logs - - job_name: $LOKI_DOCKER_NAME + - job_name: 'LOKI' static_configs: - targets: - localhost labels: - job: $LOKI_DOCKER_NAME - service: $LOKI_DOCKER_NAME - __path__: $LOKI_LOGS_DIR/*.log + job: LOKI + __path__: /*.log + pipeline_stages: + - match: + selector: '{job="LOKI"}' + stages: + - regex: + expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' + - labels: + level: + - timestamp: + source: timestamp + format: '2006-01-02 15:04:05' - # PROMTAIL Logs - - job_name: $PROMTAIL_DOCKER_NAME + - job_name: 'PROMTAIL' static_configs: - targets: - localhost labels: - job: $PROMTAIL_DOCKER_NAME - service: $PROMTAIL_DOCKER_NAME - __path__: $PROMTAIL_LOGS_DIR/*.log + job: PROMTAIL + __path__: /*.log + pipeline_stages: + - match: + selector: '{job="PROMTAIL"}' + stages: + - regex: + expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' + - labels: + level: + - timestamp: + source: timestamp + format: '2006-01-02 15:04:05' - # GRAFANA Logs - - job_name: $GRAFANA_DOCKER_NAME + - job_name: 'GRAFANA' static_configs: - targets: - localhost labels: - job: $GRAFANA_DOCKER_NAME - service: $GRAFANA_DOCKER_NAME - __path__: $GRAFANA_LOGS_DIR/*.log + job: GRAFANA + __path__: /*.log + pipeline_stages: + - match: + selector: '{job="GRAFANA"}' + stages: + - regex: + expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' + - labels: + level: + - timestamp: + source: timestamp + format: '2006-01-02 15:04:05' - # NGNIX Logs - - job_name: $NGNIX_DOCKER_NAME + - job_name: 'NGNIX' static_configs: - targets: - localhost labels: - job: $NGNIX_DOCKER_NAME - service: $NGNIX_DOCKER_NAME - __path__: $NGNIX_LOGS_DIR/*.log + job: NGNIX + __path__: /*.log + pipeline_stages: + - match: + selector: '{job="NGNIX"}' + stages: + - regex: + expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' + - labels: + level: + - timestamp: + source: timestamp + format: '2006-01-02 15:04:05' - # TOR Logs - - job_name: $TOR_DOCKER_NAME + - job_name: 'TOR' static_configs: - targets: - localhost labels: - job: $TOR_DOCKER_NAME - service: $TOR_DOCKER_NAME - __path__: $TOR_LOGS_DIR/*.log + job: TOR + __path__: /*.log + pipeline_stages: + - match: + selector: '{job="TOR"}' + stages: + - regex: + expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' + - labels: + level: + - timestamp: + source: timestamp + format: '2006-01-02 15:04:05' - # _4NK_VAULT Logs - - job_name: $_4NK_VAULT_DOCKER_NAME + - job_name: '_4NK_VAULT' static_configs: - targets: - localhost labels: - job: $_4NK_VAULT_DOCKER_NAME - service: $_4NK_VAULT_DOCKER_NAME - __path__: $_4NK_VAULT_LOGS_DIR/*.log + job: _4NK_VAULT + __path__: /*.log + pipeline_stages: + - match: + selector: '{job="_4NK_VAULT"}' + stages: + - regex: + expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' + - labels: + level: + - timestamp: + source: timestamp + format: '2006-01-02 15:04:05' - # BITCOIN Logs - - job_name: $BITCOIN_DOCKER_NAME + - job_name: 'BITCOIN' static_configs: - targets: - localhost labels: - job: $BITCOIN_DOCKER_NAME - service: $BITCOIN_DOCKER_NAME - __path__: $BITCOIN_LOGS_DIR/*.log + job: BITCOIN + __path__: /*.log + pipeline_stages: + - match: + selector: '{job="BITCOIN"}' + stages: + - regex: + expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' + - labels: + level: + - timestamp: + source: timestamp + format: '2006-01-02 15:04:05' - # BLINDBIT_ORACLE Logs - - job_name: $BLINDBIT_ORACLE_DOCKER_NAME + - job_name: 'BLINDBIT_ORACLE' static_configs: - targets: - localhost labels: - job: $BLINDBIT_ORACLE_DOCKER_NAME - service: $BLINDBIT_ORACLE_DOCKER_NAME - __path__: $BLINDBIT_ORACLE_LOGS_DIR/*.log + job: BLINDBIT_ORACLE + __path__: /*.log + pipeline_stages: + - match: + selector: '{job="BLINDBIT_ORACLE"}' + stages: + - regex: + expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' + - labels: + level: + - timestamp: + source: timestamp + format: '2006-01-02 15:04:05' - # SDK_RELAY Logs - - job_name: $SDK_RELAY_DOCKER_NAME + - job_name: 'SDK_RELAY' static_configs: - targets: - localhost labels: - job: $SDK_RELAY_DOCKER_NAME - service: $SDK_RELAY_DOCKER_NAME - __path__: $SDK_RELAY_LOGS_DIR/*.log + job: SDK_RELAY + __path__: /*.log + pipeline_stages: + - match: + selector: '{job="SDK_RELAY"}' + stages: + - regex: + expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' + - labels: + level: + - timestamp: + source: timestamp + format: '2006-01-02 15:04:05' - # SDK_STORAGE Logs - - job_name: $SDK_STORAGE_DOCKER_NAME + - job_name: 'SDK_STORAGE' static_configs: - targets: - localhost labels: - job: $SDK_STORAGE_DOCKER_NAME - service: $SDK_STORAGE_DOCKER_NAME - __path__: $SDK_STORAGE_LOGS_DIR/*.log + job: SDK_STORAGE + __path__: /*.log + pipeline_stages: + - match: + selector: '{job="SDK_STORAGE"}' + stages: + - regex: + expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' + - labels: + level: + - timestamp: + source: timestamp + format: '2006-01-02 15:04:05' - # IHM_CLIENT Logs - - job_name: $IHM_CLIENT_DOCKER_NAME + - job_name: 'IHM_CLIENT' static_configs: - targets: - localhost labels: - job: $IHM_CLIENT_DOCKER_NAME - service: $IHM_CLIENT_DOCKER_NAME - __path__: $IHM_CLIENT_LOGS_DIR/*.log + job: IHM_CLIENT + __path__: /*.log + pipeline_stages: + - match: + selector: '{job="IHM_CLIENT"}' + stages: + - regex: + expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' + - labels: + level: + - timestamp: + source: timestamp + format: '2006-01-02 15:04:05' - # _4NK_CERTIFICATOR Logs - - job_name: $_4NK_CERTIFICATOR_DOCKER_NAME + - job_name: '_4NK_CERTIFICATOR' static_configs: - targets: - localhost labels: - job: $_4NK_CERTIFICATOR_DOCKER_NAME - service: $_4NK_CERTIFICATOR_DOCKER_NAME - __path__: $_4NK_CERTIFICATOR_LOGS_DIR/*.log + job: _4NK_CERTIFICATOR + __path__: /*.log + pipeline_stages: + - match: + selector: '{job="_4NK_CERTIFICATOR"}' + stages: + - regex: + expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' + - labels: + level: + - timestamp: + source: timestamp + format: '2006-01-02 15:04:05' - # _4NK_MINER Logs - - job_name: $_4NK_MINER_DOCKER_NAME + - job_name: '_4NK_MINER' static_configs: - targets: - localhost labels: - job: $_4NK_MINER_DOCKER_NAME - service: $_4NK_MINER_DOCKER_NAME - __path__: $_4NK_MINER_LOGS_DIR/*.log + job: _4NK_MINER + __path__: /*.log + pipeline_stages: + - match: + selector: '{job="_4NK_MINER"}' + stages: + - regex: + expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' + - labels: + level: + - timestamp: + source: timestamp + format: '2006-01-02 15:04:05' - # LECOFFRE_FRONT Logs - - job_name: $LECOFFRE_FRONT_DOCKER_NAME + - job_name: 'LECOFFRE_FRONT' static_configs: - targets: - localhost labels: - job: $LECOFFRE_FRONT_DOCKER_NAME - service: $LECOFFRE_FRONT_DOCKER_NAME - __path__: $LECOFFRE_FRONT_LOGS_DIR/*.log + job: LECOFFRE_FRONT + __path__: /*.log + pipeline_stages: + - match: + selector: '{job="LECOFFRE_FRONT"}' + stages: + - regex: + expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' + - labels: + level: + - timestamp: + source: timestamp + format: '2006-01-02 15:04:05' - # _4NK_WEB_STATUS Logs - - job_name: $_4NK_WEB_STATUS_DOCKER_NAME + - job_name: '_4NK_WEB_STATUS' static_configs: - targets: - localhost labels: - job: $_4NK_WEB_STATUS_DOCKER_NAME - service: $_4NK_WEB_STATUS_DOCKER_NAME - __path__: $_4NK_WEB_STATUS_LOGS_DIR/*.log - - # Docker Container Logs - - job_name: docker - docker_sd_configs: - - host: unix:///var/run/docker.sock - refresh_interval: 5s - filters: - - name: label - values: ["com.centurylinklabs.watchtower.enable=true"] - relabel_configs: - - source_labels: ['__meta_docker_container_name'] - regex: '/?(.*)' - target_label: 'container_name' - - source_labels: ['__meta_docker_container_log_stream'] - target_label: 'logstream' - - source_labels: ['__meta_docker_container_label_logging_job_name'] - target_label: 'job' + job: _4NK_WEB_STATUS + __path__: /*.log + pipeline_stages: + - match: + selector: '{job="_4NK_WEB_STATUS"}' + stages: + - regex: + expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' + - labels: + level: + - timestamp: + source: timestamp + format: '2006-01-02 15:04:05' diff --git a/storage/dev/_4NK_modules/bitcoin/bitcoin.conf b/storage/dev/_4NK_modules/bitcoin/bitcoin.conf new file mode 100644 index 0000000..831d5ec --- /dev/null +++ b/storage/dev/_4NK_modules/bitcoin/bitcoin.conf @@ -0,0 +1,45 @@ +# Configuration globale +signet=1 +server=1 +datadir=/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/bitcoin + +[signet] +daemon=0 +txindex=1 +upnp=1 +#debug=1 +#loglevel=debug +logthreadnames=1 +onion=tor:9050:9050 +listenonion=1 +onlynet=onion + +# Paramètres RPC +rpcauth='bitcoin:c8ea921c7357bd6a5a8a7c43a12350a7$955e25b17672987b17c5a12f12cd8b9c1d38f0f86201c8cd47fc431f2e1c7956' +rpcallowip=0.0.0.0/0 +rpcworkqueue=32 +rpcthreads=4 +rpcdoccheck=1 + +# Paramètres ZMQ +zmqpubhashblock=tcp://: +zmqpubrawtx=tcp://: + +listen=1 +bind=0.0.0.0: +rpcbind=0.0.0.0: +rpcport= +fallbackfee=0.0001 +blockfilterindex=1 +datacarriersize=205 +acceptnonstdtxn=1 +dustrelayfee=0.00000001 +minrelaytxfee=0.00000001 +prune=0 +signetchallenge=0020341c43803863c252df326e73574a27d7e19322992061017b0dc893e2eab90821 +wallet=mining +wallet=watchonly +maxtxfee=1 +addnode=tlv2yqamflv22vfdzy2hha2nwmt6zrwrhjjzz4lx7qyq7lyc6wfhabyd.onion +addnode=6xi33lwwslsx3yi3f7c56wnqtdx4v73vj2up3prrwebpwbz6qisnqbyd.onion +addnode=id7e3r3d2epen2v65jebjhmx77aimu7oyhcg45zadafypr4crqsytfid.onion \ No newline at end of file diff --git a/storage/dev/_4NK_modules/grafana/dashboards/bitcoin-miner-detailed.json b/storage/dev/_4NK_modules/grafana/dashboards/bitcoin-miner-detailed.json new file mode 100644 index 0000000..c8469f9 --- /dev/null +++ b/storage/dev/_4NK_modules/grafana/dashboards/bitcoin-miner-detailed.json @@ -0,0 +1,399 @@ +{ + "annotations": { + "list": [] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": null, + "links": [], + "liveNow": false, + "panels": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 0 + }, + "id": 1, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom" + }, + "tooltip": { + "mode": "single" + } + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum(rate({container=\"signet_miner\"} |= \"Block mined\" [5m])) by (container)", + "queryType": "", + "refId": "A" + } + ], + "title": "Blocs Minés par Minute", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 0 + }, + "id": 2, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom" + }, + "tooltip": { + "mode": "single" + } + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum(rate({container=\"signet_miner\"} |= \"Hashrate\" [5m])) by (container)", + "queryType": "", + "refId": "A" + } + ], + "title": "Hashrate du Mineur", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 8, + "x": 0, + "y": 8 + }, + "id": 3, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "count_over_time({container=\"signet_miner\"} |= \"ERROR\" [1h])", + "queryType": "", + "refId": "A" + } + ], + "title": "Erreurs du Mineur (1h)", + "type": "stat" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + } + }, + "mappings": [] + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 16, + "x": 8, + "y": 8 + }, + "id": 4, + "options": { + "legend": { + "displayMode": "list", + "placement": "right" + }, + "pieType": "pie", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "tooltip": { + "mode": "single" + } + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum by (level) (count_over_time({container=\"signet_miner\"} | json | level != \"\" [1h]))", + "queryType": "", + "refId": "A" + } + ], + "title": "Distribution des Niveaux de Log", + "type": "piechart" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "custom": { + "align": "auto", + "cellOptions": { + "type": "auto" + }, + "inspect": false + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 16 + }, + "id": 5, + "options": { + "cellHeight": "sm", + "footer": { + "countRows": false, + "fields": "", + "reducer": [ + "sum" + ], + "show": false + }, + "showHeader": true + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "{container=\"signet_miner\"} |= \"Block mined\" | json | line_format \"{{.timestamp}} - Bloc {{.height}} miné - Hash: {{.hash}}\"", + "queryType": "", + "refId": "A" + } + ], + "title": "Historique des Blocs Minés", + "type": "table" + } + ], + "refresh": "5s", + "schemaVersion": 37, + "style": "dark", + "tags": [ + "bitcoin", + "miner", + "signet" + ], + "templating": { + "list": [] + }, + "time": { + "from": "now-1h", + "to": "now" + }, + "timepicker": {}, + "timezone": "", + "title": "Bitcoin Miner - Détails", + "uid": "bitcoin-miner-detailed", + "version": 1, + "weekStart": "" +} + diff --git a/storage/dev/_4NK_modules/grafana/dashboards/bitcoin-miner.json b/storage/dev/_4NK_modules/grafana/dashboards/bitcoin-miner.json new file mode 100644 index 0000000..ed0bd13 --- /dev/null +++ b/storage/dev/_4NK_modules/grafana/dashboards/bitcoin-miner.json @@ -0,0 +1,160 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "target": { + "limit": 100, + "matchAny": false, + "tags": [], + "type": "dashboard" + }, + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": null, + "links": [], + "liveNow": false, + "panels": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 0 + }, + "id": 1, + "options": { + "showTime": false, + "showLabels": false, + "showCommonLabels": false, + "wrapLogMessage": false, + "prettifyLogMessage": false, + "enableLogDetails": true, + "dedupStrategy": "none", + "sortOrder": "Descending" + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "{job=\"bitcoin\"} |= \"block\" | logfmt", + "queryType": "", + "refId": "A" + } + ], + "title": "Bitcoin - Nouveaux Blocs", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 0 + }, + "id": 2, + "options": { + "showTime": false, + "showLabels": false, + "showCommonLabels": false, + "wrapLogMessage": false, + "prettifyLogMessage": false, + "enableLogDetails": true, + "dedupStrategy": "none", + "sortOrder": "Descending" + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "{job=\"miner\"} |= \"mined\" | logfmt", + "queryType": "", + "refId": "A" + } + ], + "title": "Miner - Blocs Minés", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 8 + }, + "id": 3, + "options": { + "showTime": false, + "showLabels": false, + "showCommonLabels": false, + "wrapLogMessage": false, + "prettifyLogMessage": false, + "enableLogDetails": true, + "dedupStrategy": "none", + "sortOrder": "Descending" + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "{job=~\"bitcoin|miner|blindbit\"} |= \"error\" | logfmt", + "queryType": "", + "refId": "A" + } + ], + "title": "Bitcoin/Miner/Blindbit - Erreurs", + "type": "logs" + } + ], + "refresh": "30s", + "schemaVersion": 36, + "style": "dark", + "tags": ["bitcoin", "miner", "blockchain"], + "templating": { + "list": [] + }, + "time": { + "from": "now-1h", + "to": "now" + }, + "timepicker": {}, + "timezone": "", + "title": "Bitcoin & Miner Monitoring", + "uid": "bitcoin-miner", + "version": 1, + "weekStart": "" +} diff --git a/storage/dev/_4NK_modules/grafana/dashboards/bitcoin-services.json b/storage/dev/_4NK_modules/grafana/dashboards/bitcoin-services.json new file mode 100644 index 0000000..2abf2d2 --- /dev/null +++ b/storage/dev/_4NK_modules/grafana/dashboards/bitcoin-services.json @@ -0,0 +1,532 @@ +{ + "annotations": { + "list": [] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": null, + "links": [], + "liveNow": false, + "panels": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 0 + }, + "id": 1, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom" + }, + "tooltip": { + "mode": "single" + } + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum(rate({container=\"bitcoin-signet\"} |= \"UpdateTip\" [5m])) by (container)", + "queryType": "", + "refId": "A" + } + ], + "title": "Mises à Jour de la Chaîne Bitcoin", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 0 + }, + "id": 2, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom" + }, + "tooltip": { + "mode": "single" + } + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum(rate({container=\"blindbit-oracle\"} |= \"tweak\" [5m])) by (container)", + "queryType": "", + "refId": "A" + } + ], + "title": "Détection de Tweak (BlindBit)", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 0, + "y": 8 + }, + "id": 3, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "count_over_time({container=\"bitcoin-signet\"} |= \"ERROR\" [1h])", + "queryType": "", + "refId": "A" + } + ], + "title": "Erreurs Bitcoin (1h)", + "type": "stat" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 6, + "y": 8 + }, + "id": 4, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "count_over_time({container=\"blindbit-oracle\"} |= \"ERROR\" [1h])", + "queryType": "", + "refId": "A" + } + ], + "title": "Erreurs BlindBit (1h)", + "type": "stat" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 12, + "y": 8 + }, + "id": 5, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "count_over_time({container=\"bitcoin-signet\"} |= \"New block\" [1h])", + "queryType": "", + "refId": "A" + } + ], + "title": "Nouveaux Blocs (1h)", + "type": "stat" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 18, + "y": 8 + }, + "id": 6, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "count_over_time({container=\"blindbit-oracle\"} |= \"Silent payment\" [1h])", + "queryType": "", + "refId": "A" + } + ], + "title": "Silent Payments (1h)", + "type": "stat" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "custom": { + "align": "auto", + "cellOptions": { + "type": "auto" + }, + "inspect": false + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 12 + }, + "id": 7, + "options": { + "cellHeight": "sm", + "footer": { + "countRows": false, + "fields": "", + "reducer": [ + "sum" + ], + "show": false + }, + "showHeader": true + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "{container=~\"bitcoin-signet|blindbit-oracle\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.container}} - {{.message}}\"", + "queryType": "", + "refId": "A" + } + ], + "title": "Erreurs Bitcoin Services", + "type": "table" + } + ], + "refresh": "5s", + "schemaVersion": 37, + "style": "dark", + "tags": [ + "bitcoin", + "signet", + "blindbit", + "oracle" + ], + "templating": { + "list": [] + }, + "time": { + "from": "now-1h", + "to": "now" + }, + "timepicker": {}, + "timezone": "", + "title": "Bitcoin Services - Monitoring", + "uid": "bitcoin-services", + "version": 1, + "weekStart": "" +} + diff --git a/storage/dev/_4NK_modules/grafana/dashboards/blindbit-oracle.json b/storage/dev/_4NK_modules/grafana/dashboards/blindbit-oracle.json index 45766ab..9d0a0fa 100644 --- a/storage/dev/_4NK_modules/grafana/dashboards/blindbit-oracle.json +++ b/storage/dev/_4NK_modules/grafana/dashboards/blindbit-oracle.json @@ -1,66 +1,28 @@ { "annotations": { - "list": [] + "list": [ + { + "builtIn": 1, + "datasource": "-- Grafana --", + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "type": "dashboard" + } + ] }, "editable": true, - "fiscalYearStartMonth": 0, + "gnetId": null, "graphTooltip": 0, "id": null, "links": [], - "liveNow": false, "panels": [ { - "datasource": { - "type": "loki", - "uid": "loki" - }, + "datasource": "Loki", "fieldConfig": { "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } + "custom": {} }, "overrides": [] }, @@ -72,82 +34,25 @@ }, "id": 1, "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom" - }, - "tooltip": { - "mode": "single" - } + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false }, "targets": [ { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "sum(rate({container=\"$BLINDBIT_ORACLE_DOCKER_NAME\"} |= \"INFO\" [5m])) by (container)", - "queryType": "", + "expr": "{job=\"blindbit\"} |= \"Host configuration loaded\"", "refId": "A" } ], - "title": "Logs INFO - blindbit-oracle", - "type": "timeseries" + "title": "BlindBit Oracle - Configuration Loaded", + "type": "logs" }, { - "datasource": { - "type": "loki", - "uid": "loki" - }, + "datasource": "Loki", "fieldConfig": { "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } + "custom": {} }, "overrides": [] }, @@ -159,138 +64,117 @@ }, "id": 2, "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom" - }, - "tooltip": { - "mode": "single" - } + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false }, "targets": [ { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "sum(rate({container=\"$BLINDBIT_ORACLE_DOCKER_NAME\"} |= \"ERROR\" [5m])) by (container)", - "queryType": "", + "expr": "{job=\"blindbit\"} |= \"Sync took\"", "refId": "A" } ], - "title": "Erreurs - blindbit-oracle", - "type": "timeseries" + "title": "BlindBit Oracle - Synchronization", + "type": "logs" }, { - "datasource": { - "type": "loki", - "uid": "loki" - }, + "datasource": "Loki", "fieldConfig": { "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } + "custom": {} }, "overrides": [] }, - "gridPos": { - "h": 4, - "w": 6, - "x": 0, - "y": 8 - }, - "id": 3, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "10.0.0", - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "count_over_time({container=\"$BLINDBIT_ORACLE_DOCKER_NAME\"} |= \"ERROR\" [1h])", - "queryType": "", - "refId": "A" - } - ], - "title": "Erreurs (1h)", - "type": "stat" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, "gridPos": { "h": 8, "w": 24, "x": 0, - "y": 12 + "y": 8 }, - "id": 4, + "id": 3, "options": { - "showTime": false, "showLabels": false, - "showCommonLabels": false, - "wrapLogMessage": false, - "prettifyLogMessage": false, - "enableLogDetails": true, - "dedupStrategy": "none", - "sortOrder": "Descending" + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false }, "targets": [ { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "{container=\"$BLINDBIT_ORACLE_DOCKER_NAME\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.message}}\"", - "queryType": "", + "expr": "{job=\"blindbit\"} |= \"successfully processed block\"", "refId": "A" } ], - "title": "Logs d'Erreur - blindbit-oracle", + "title": "BlindBit Oracle - Block Processing", + "type": "logs" + }, + { + "datasource": "Loki", + "fieldConfig": { + "defaults": { + "custom": {} + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 16 + }, + "id": 4, + "options": { + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "targets": [ + { + "expr": "{job=\"blindbit\"} |= \"GET\" |~ \"/tweaks/\"", + "refId": "A" + } + ], + "title": "BlindBit Oracle - API Requests", + "type": "logs" + }, + { + "datasource": "Loki", + "fieldConfig": { + "defaults": { + "custom": {} + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 16 + }, + "id": 5, + "options": { + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "targets": [ + { + "expr": "{job=\"blindbit\"} |~ \"ERROR|error|Error\"", + "refId": "A" + } + ], + "title": "BlindBit Oracle - Errors", "type": "logs" } ], - "refresh": "5s", - "schemaVersion": 37, + "schemaVersion": 27, "style": "dark", "tags": [ - "blindbit-oracle", - "auto-generated" + "blindbit", + "oracle", + "blockchain" ], "templating": { "list": [] @@ -301,8 +185,8 @@ }, "timepicker": {}, "timezone": "", - "title": "blindbit-oracle - Monitoring", + "title": "BlindBit Oracle Dashboard", "uid": "blindbit-oracle", - "version": 1, - "weekStart": "" + "version": 1 } + diff --git a/storage/dev/_4NK_modules/grafana/dashboards/frontend-services.json b/storage/dev/_4NK_modules/grafana/dashboards/frontend-services.json new file mode 100644 index 0000000..262feb0 --- /dev/null +++ b/storage/dev/_4NK_modules/grafana/dashboards/frontend-services.json @@ -0,0 +1,532 @@ +{ + "annotations": { + "list": [] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": null, + "links": [], + "liveNow": false, + "panels": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 0 + }, + "id": 1, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom" + }, + "tooltip": { + "mode": "single" + } + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum(rate({container=~\"lecoffre-front|ihm_client\"} |= \"GET\" [5m])) by (container)", + "queryType": "", + "refId": "A" + } + ], + "title": "Requêtes HTTP par Frontend", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 0 + }, + "id": 2, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom" + }, + "tooltip": { + "mode": "single" + } + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum(rate({container=\"ihm_client\"} |= \"vite\" [5m])) by (container)", + "queryType": "", + "refId": "A" + } + ], + "title": "Activité Vite (IHM Client)", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 0, + "y": 8 + }, + "id": 3, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "count_over_time({container=\"lecoffre-front\"} |= \"ERROR\" [1h])", + "queryType": "", + "refId": "A" + } + ], + "title": "Erreurs LeCoffre Front (1h)", + "type": "stat" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 6, + "y": 8 + }, + "id": 4, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "count_over_time({container=\"ihm_client\"} |= \"ERROR\" [1h])", + "queryType": "", + "refId": "A" + } + ], + "title": "Erreurs IHM Client (1h)", + "type": "stat" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 12, + "y": 8 + }, + "id": 5, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum(count_over_time({container=~\"lecoffre-front|ihm_client\"} [1h]))", + "queryType": "", + "refId": "A" + } + ], + "title": "Total Logs Frontend (1h)", + "type": "stat" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 18, + "y": 8 + }, + "id": 6, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "count_over_time({container=\"ihm_client\"} |= \"Pre-transform error\" [1h])", + "queryType": "", + "refId": "A" + } + ], + "title": "Erreurs Vite (1h)", + "type": "stat" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "custom": { + "align": "auto", + "cellOptions": { + "type": "auto" + }, + "inspect": false + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 12 + }, + "id": 7, + "options": { + "cellHeight": "sm", + "footer": { + "countRows": false, + "fields": "", + "reducer": [ + "sum" + ], + "show": false + }, + "showHeader": true + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "{container=~\"lecoffre-front|ihm_client\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.container}} - {{.message}}\"", + "queryType": "", + "refId": "A" + } + ], + "title": "Erreurs Récentes Frontend", + "type": "table" + } + ], + "refresh": "5s", + "schemaVersion": 37, + "style": "dark", + "tags": [ + "frontend", + "lecoffre", + "ihm", + "client" + ], + "templating": { + "list": [] + }, + "time": { + "from": "now-1h", + "to": "now" + }, + "timepicker": {}, + "timezone": "", + "title": "Frontend Services - Monitoring", + "uid": "frontend-services", + "version": 1, + "weekStart": "" +} + diff --git a/storage/dev/_4NK_modules/grafana/dashboards/lecoffre-overview.json b/storage/dev/_4NK_modules/grafana/dashboards/lecoffre-overview.json new file mode 100644 index 0000000..9ecf781 --- /dev/null +++ b/storage/dev/_4NK_modules/grafana/dashboards/lecoffre-overview.json @@ -0,0 +1,252 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "target": { + "limit": 100, + "matchAny": false, + "tags": [], + "type": "dashboard" + }, + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": null, + "links": [], + "liveNow": false, + "panels": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "short" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 0 + }, + "id": 1, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom" + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum by (service) (count_over_time({job=~\".*\"} |= \"error\" [5m]))", + "queryType": "", + "refId": "A" + } + ], + "title": "Erreurs par Service (5 dernières minutes)", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "short" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 0 + }, + "id": 2, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom" + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum by (service) (count_over_time({job=~\".*\"} [5m]))", + "queryType": "", + "refId": "A" + } + ], + "title": "Volume de Logs par Service (5 dernières minutes)", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "gridPos": { + "h": 12, + "w": 24, + "x": 0, + "y": 8 + }, + "id": 3, + "options": { + "showTime": false, + "showLabels": false, + "showCommonLabels": false, + "wrapLogMessage": false, + "prettifyLogMessage": false, + "enableLogDetails": true, + "dedupStrategy": "none", + "sortOrder": "Descending" + }, + "title": "Logs d'Erreur - Tous Services", + "type": "logs" + } + ], + "refresh": "30s", + "schemaVersion": 36, + "style": "dark", + "tags": ["lecoffre", "monitoring"], + "templating": { + "list": [] + }, + "time": { + "from": "now-1h", + "to": "now" + }, + "timepicker": {}, + "timezone": "", + "title": "LeCoffre Node - Vue d'ensemble", + "uid": "lecoffre-overview", + "version": 1, + "weekStart": "" +} diff --git a/storage/dev/_4NK_modules/grafana/dashboards/sdk-services.json b/storage/dev/_4NK_modules/grafana/dashboards/sdk-services.json new file mode 100644 index 0000000..112fa6a --- /dev/null +++ b/storage/dev/_4NK_modules/grafana/dashboards/sdk-services.json @@ -0,0 +1,594 @@ +{ + "annotations": { + "list": [] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": null, + "links": [], + "liveNow": false, + "panels": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 8, + "x": 0, + "y": 0 + }, + "id": 1, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom" + }, + "tooltip": { + "mode": "single" + } + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum(rate({container=~\"sdk_.*\"} |= \"message\" [5m])) by (container)", + "queryType": "", + "refId": "A" + } + ], + "title": "Messages par Service SDK", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 8, + "x": 8, + "y": 0 + }, + "id": 2, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom" + }, + "tooltip": { + "mode": "single" + } + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum(rate({container=\"sdk_relay\"} |= \"transaction\" [5m])) by (container)", + "queryType": "", + "refId": "A" + } + ], + "title": "Transactions Relay", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 8, + "x": 16, + "y": 0 + }, + "id": 3, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom" + }, + "tooltip": { + "mode": "single" + } + }, + "title": "Signatures Signer", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 0, + "y": 8 + }, + "id": 4, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "count_over_time({container=\"sdk_relay\"} |= \"ERROR\" [1h])", + "queryType": "", + "refId": "A" + } + ], + "title": "Erreurs Relay (1h)", + "type": "stat" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 6, + "y": 8 + }, + "id": 5, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "10.0.0", + "title": "Erreurs Signer (1h)", + "type": "stat" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 12, + "y": 8 + }, + "id": 6, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "count_over_time({container=\"sdk_storage\"} |= \"ERROR\" [1h])", + "queryType": "", + "refId": "A" + } + ], + "title": "Erreurs Storage (1h)", + "type": "stat" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 18, + "y": 8 + }, + "id": 7, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum(count_over_time({container=~\"sdk_.*\"} [1h]))", + "queryType": "", + "refId": "A" + } + ], + "title": "Total Logs SDK (1h)", + "type": "stat" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "custom": { + "align": "auto", + "cellOptions": { + "type": "auto" + }, + "inspect": false + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 12 + }, + "id": 8, + "options": { + "cellHeight": "sm", + "footer": { + "countRows": false, + "fields": "", + "reducer": [ + "sum" + ], + "show": false + }, + "showHeader": true + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "{container=~\"sdk_.*\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.container}} - {{.message}}\"", + "queryType": "", + "refId": "A" + } + ], + "title": "Erreurs Récentes SDK", + "type": "table" + } + ], + "refresh": "5s", + "schemaVersion": 37, + "style": "dark", + "tags": [ + "sdk", + "relay", + "signer", + "storage" + ], + "templating": { + "list": [] + }, + "time": { + "from": "now-1h", + "to": "now" + }, + "timepicker": {}, + "timezone": "", + "title": "SDK Services - Monitoring", + "uid": "sdk-services", + "version": 1, + "weekStart": "" +} diff --git a/storage/dev/_4NK_modules/grafana/dashboards/services-overview.json b/storage/dev/_4NK_modules/grafana/dashboards/services-overview.json index a4bb478..b27238f 100644 --- a/storage/dev/_4NK_modules/grafana/dashboards/services-overview.json +++ b/storage/dev/_4NK_modules/grafana/dashboards/services-overview.json @@ -1,6 +1,25 @@ { "annotations": { - "list": [] + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "target": { + "limit": 100, + "matchAny": false, + "tags": [], + "type": "dashboard" + }, + "type": "dashboard" + } + ] }, "editable": true, "fiscalYearStartMonth": 0, @@ -67,7 +86,7 @@ }, "gridPos": { "h": 8, - "w": 24, + "w": 6, "x": 0, "y": 0 }, @@ -83,6 +102,83 @@ "sort": "none" } }, + "title": "LeCoffre Backend - Volume Logs", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "short" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 6, + "x": 6, + "y": 0 + }, + "id": 2, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom" + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, "targets": [ { "datasource": { @@ -90,19 +186,222 @@ "uid": "loki" }, "editorMode": "code", - "expr": "sum by (container) (count_over_time({container=~\"$bitcoin_DOCKER_NAME|$blindbit-oracle_DOCKER_NAME|$sdk_relay_DOCKER_NAME|$sdk_storage_DOCKER_NAME|$ihm_client_DOCKER_NAME|$lecoffre-front_DOCKER_NAME\"} |= \"ERROR\" [5m]))", + "expr": "sum by (service) (count_over_time({job=\"lecoffre-front\"} [5m]))", "queryType": "", "refId": "A" } ], - "title": "Erreurs par Service (5 dernières minutes)", + "title": "LeCoffre Frontend - Volume Logs", "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "short" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 6, + "x": 12, + "y": 0 + }, + "id": 3, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom" + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum by (service) (count_over_time({job=\"ihm_client\"} [5m]))", + "queryType": "", + "refId": "A" + } + ], + "title": "IHM Client - Volume Logs", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "short" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 6, + "x": 18, + "y": 0 + }, + "id": 4, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom" + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum by (service) (count_over_time({job=\"sdk_relay\"} [5m]))", + "queryType": "", + "refId": "A" + } + ], + "title": "SDK Relay - Volume Logs", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "gridPos": { + "h": 12, + "w": 24, + "x": 0, + "y": 8 + }, + "id": 5, + "options": { + "showTime": false, + "showLabels": false, + "showCommonLabels": false, + "wrapLogMessage": false, + "prettifyLogMessage": false, + "enableLogDetails": true, + "dedupStrategy": "none", + "sortOrder": "Descending" + }, + "title": "Logs d'Erreur - Services Applications", + "type": "logs" } ], "refresh": "30s", "schemaVersion": 36, "style": "dark", - "tags": ["overview", "auto-generated"], + "tags": ["services", "applications"], "templating": { "list": [] }, @@ -112,8 +411,8 @@ }, "timepicker": {}, "timezone": "", - "title": "Services Overview - Auto Generated", - "uid": "services-overview-auto", + "title": "Services Applications - Monitoring", + "uid": "services-overview", "version": 1, "weekStart": "" } diff --git a/storage/dev/_4NK_modules/loki/loki-config.yaml b/storage/dev/_4NK_modules/loki/loki-config.yaml new file mode 100644 index 0000000..42f0444 --- /dev/null +++ b/storage/dev/_4NK_modules/loki/loki-config.yaml @@ -0,0 +1,76 @@ +auth_enabled: false + +server: + http_listen_port: 3100:3100 + grpc_listen_port: 9096 + http_listen_address: 0.0.0.0 + grpc_listen_address: 0.0.0.0 + +common: + instance_addr: 0.0.0.0 + path_prefix: /loki + storage: + filesystem: + chunks_directory: /loki/chunks + rules_directory: /loki/rules + replication_factor: 1 + ring: + kvstore: + store: inmemory + +schema_config: + configs: + - from: 2020-10-24 + store: tsdb + object_store: filesystem + schema: v13 + index: + prefix: index_ + period: 24h + +ruler: + alertmanager_url: http://localhost:3100:3100 + +# Configuration de l'ingester - SEULEMENT le paramètre crucial +ingester: + lifecycler: + min_ready_duration: 5s # Réduit le délai de 15s à 5s + +# Configuration des limites +limits_config: + reject_old_samples: true + reject_old_samples_max_age: 168h + max_cache_freshness_per_query: 10m + split_queries_by_interval: 15m + max_query_parallelism: 32 + max_streams_per_user: 0 + max_line_size: 256000 + ingestion_rate_mb: 16 + ingestion_burst_size_mb: 32 + per_stream_rate_limit: 3MB + per_stream_rate_limit_burst: 15MB + max_entries_limit_per_query: 5000 + max_query_series: 500 + max_query_length: 721h + cardinality_limit: 100000 + max_streams_matchers_per_query: 1000 + max_concurrent_tail_requests: 10 + +# Configuration du storage +storage_config: + tsdb_shipper: + active_index_directory: /loki/tsdb-index + cache_location: /loki/tsdb-cache + filesystem: + directory: /loki/chunks + +# Configuration du compactor +compactor: + working_directory: /loki/compactor + compaction_interval: 10m + retention_enabled: false + delete_request_store: filesystem + +# Analytics désactivés +analytics: + reporting_enabled: false \ No newline at end of file diff --git a/storage/dev/_4NK_modules/promtail/promtail.yml b/storage/dev/_4NK_modules/promtail/promtail.yml index 5377b26..d8bc4db 100644 --- a/storage/dev/_4NK_modules/promtail/promtail.yml +++ b/storage/dev/_4NK_modules/promtail/promtail.yml @@ -1,334 +1,107 @@ server: - http_listen_port: 9080 + http_listen_port: 8090:8090 grpc_listen_port: 0 positions: filename: /tmp/positions.yaml clients: - - url: http://loki:3100/loki/api/v1/push + - url: /loki/api/v1/push scrape_configs: - - - job_name: 'REDIS' + # Bitcoin Signet Logs + - job_name: bitcoin static_configs: - targets: - localhost labels: - job: REDIS - __path__: $REDIS_LOGS_DIR/*.log - pipeline_stages: - - match: - selector: '{job="REDIS"}' - stages: - - regex: - expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' - - labels: - level: - - timestamp: - source: timestamp - format: '2006-01-02 15:04:05' + job: bitcoin + service: bitcoin-signet + __path__: /*.log - - job_name: 'POSTGRESQL' + # Blindbit Oracle Logs + - job_name: blindbit static_configs: - targets: - localhost labels: - job: POSTGRESQL - __path__: $POSTGRESQL_LOGS_DIR/*.log - pipeline_stages: - - match: - selector: '{job="POSTGRESQL"}' - stages: - - regex: - expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' - - labels: - level: - - timestamp: - source: timestamp - format: '2006-01-02 15:04:05' + job: blindbit + service: blindbit-oracle + __path__: /*.log - - job_name: 'LOKI' + # SDK Relay Logs + - job_name: sdk_relay static_configs: - targets: - localhost labels: - job: LOKI - __path__: $LOKI_LOGS_DIR/*.log - pipeline_stages: - - match: - selector: '{job="LOKI"}' - stages: - - regex: - expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' - - labels: - level: - - timestamp: - source: timestamp - format: '2006-01-02 15:04:05' + job: sdk_relay + service: sdk_relay + __path__: /*.log - - job_name: 'PROMTAIL' + # SDK Storage Logs + - job_name: sdk_storage static_configs: - targets: - localhost labels: - job: PROMTAIL - __path__: $PROMTAIL_LOGS_DIR/*.log - pipeline_stages: - - match: - selector: '{job="PROMTAIL"}' - stages: - - regex: - expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' - - labels: - level: - - timestamp: - source: timestamp - format: '2006-01-02 15:04:05' + job: sdk_storage + service: sdk_storage + __path__: /*.log - - job_name: 'GRAFANA' + # LeCoffre Frontend Logs + - job_name: lecoffre-front static_configs: - targets: - localhost labels: - job: GRAFANA - __path__: $GRAFANA_LOGS_DIR/*.log - pipeline_stages: - - match: - selector: '{job="GRAFANA"}' - stages: - - regex: - expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' - - labels: - level: - - timestamp: - source: timestamp - format: '2006-01-02 15:04:05' + job: lecoffre-front + service: lecoffre-front + __path__: /*.log - - job_name: 'NGNIX' + # IHM Client Logs + - job_name: ihm_client static_configs: - targets: - localhost labels: - job: NGNIX - __path__: $NGNIX_LOGS_DIR/*.log - pipeline_stages: - - match: - selector: '{job="NGNIX"}' - stages: - - regex: - expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' - - labels: - level: - - timestamp: - source: timestamp - format: '2006-01-02 15:04:05' + job: ihm_client + service: ihm_client + __path__: /*.log - - job_name: 'TOR' + # Miner Logs + - job_name: miner static_configs: - targets: - localhost labels: - job: TOR - __path__: $TOR_LOGS_DIR/*.log - pipeline_stages: - - match: - selector: '{job="TOR"}' - stages: - - regex: - expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' - - labels: - level: - - timestamp: - source: timestamp - format: '2006-01-02 15:04:05' + job: miner + service: signet_miner + __path__: /*.log - - job_name: '_4NK_VAULT' + # Tor Logs + - job_name: tor static_configs: - targets: - localhost labels: - job: _4NK_VAULT - __path__: $_4NK_VAULT_LOGS_DIR/*.log - pipeline_stages: - - match: - selector: '{job="_4NK_VAULT"}' - stages: - - regex: - expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' - - labels: - level: - - timestamp: - source: timestamp - format: '2006-01-02 15:04:05' + job: tor + service: tor-proxy + __path__: /*.log - - job_name: 'BITCOIN' - static_configs: - - targets: - - localhost - labels: - job: BITCOIN - __path__: $BITCOIN_LOGS_DIR/*.log - pipeline_stages: - - match: - selector: '{job="BITCOIN"}' - stages: - - regex: - expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' - - labels: - level: - - timestamp: - source: timestamp - format: '2006-01-02 15:04:05' - - - job_name: 'BLINDBIT_ORACLE' - static_configs: - - targets: - - localhost - labels: - job: BLINDBIT_ORACLE - __path__: $BLINDBIT_ORACLE_LOGS_DIR/*.log - pipeline_stages: - - match: - selector: '{job="BLINDBIT_ORACLE"}' - stages: - - regex: - expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' - - labels: - level: - - timestamp: - source: timestamp - format: '2006-01-02 15:04:05' - - - job_name: 'SDK_RELAY' - static_configs: - - targets: - - localhost - labels: - job: SDK_RELAY - __path__: $SDK_RELAY_LOGS_DIR/*.log - pipeline_stages: - - match: - selector: '{job="SDK_RELAY"}' - stages: - - regex: - expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' - - labels: - level: - - timestamp: - source: timestamp - format: '2006-01-02 15:04:05' - - - job_name: 'SDK_STORAGE' - static_configs: - - targets: - - localhost - labels: - job: SDK_STORAGE - __path__: $SDK_STORAGE_LOGS_DIR/*.log - pipeline_stages: - - match: - selector: '{job="SDK_STORAGE"}' - stages: - - regex: - expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' - - labels: - level: - - timestamp: - source: timestamp - format: '2006-01-02 15:04:05' - - - job_name: 'IHM_CLIENT' - static_configs: - - targets: - - localhost - labels: - job: IHM_CLIENT - __path__: $IHM_CLIENT_LOGS_DIR/*.log - pipeline_stages: - - match: - selector: '{job="IHM_CLIENT"}' - stages: - - regex: - expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' - - labels: - level: - - timestamp: - source: timestamp - format: '2006-01-02 15:04:05' - - - job_name: '_4NK_CERTIFICATOR' - static_configs: - - targets: - - localhost - labels: - job: _4NK_CERTIFICATOR - __path__: $_4NK_CERTIFICATOR_LOGS_DIR/*.log - pipeline_stages: - - match: - selector: '{job="_4NK_CERTIFICATOR"}' - stages: - - regex: - expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' - - labels: - level: - - timestamp: - source: timestamp - format: '2006-01-02 15:04:05' - - - job_name: '_4NK_MINER' - static_configs: - - targets: - - localhost - labels: - job: _4NK_MINER - __path__: $_4NK_MINER_LOGS_DIR/*.log - pipeline_stages: - - match: - selector: '{job="_4NK_MINER"}' - stages: - - regex: - expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' - - labels: - level: - - timestamp: - source: timestamp - format: '2006-01-02 15:04:05' - - - job_name: 'LECOFFRE_FRONT' - static_configs: - - targets: - - localhost - labels: - job: LECOFFRE_FRONT - __path__: $LECOFFRE_FRONT_LOGS_DIR/*.log - pipeline_stages: - - match: - selector: '{job="LECOFFRE_FRONT"}' - stages: - - regex: - expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' - - labels: - level: - - timestamp: - source: timestamp - format: '2006-01-02 15:04:05' - - - job_name: '_4NK_WEB_STATUS' - static_configs: - - targets: - - localhost - labels: - job: _4NK_WEB_STATUS - __path__: $_4NK_WEB_STATUS_LOGS_DIR/*.log - pipeline_stages: - - match: - selector: '{job="_4NK_WEB_STATUS"}' - stages: - - regex: - expression: '^(?P\S+\s\S+)\s+(?P\S+)\s+(?P.*)' - - labels: - level: - - timestamp: - source: timestamp - format: '2006-01-02 15:04:05' + # Docker Container Logs + - job_name: docker + docker_sd_configs: + - host: unix:///var/run/docker.sock + refresh_interval: 5s + filters: + - name: label + values: ["com.centurylinklabs.watchtower.enable=true"] + relabel_configs: + - source_labels: ['__meta_docker_container_name'] + regex: '/?(.*)' + target_label: 'container_name' + - source_labels: ['__meta_docker_container_log_stream'] + target_label: 'logstream' + - source_labels: ['__meta_docker_container_label_logging_job_name'] + target_label: 'job' diff --git a/storage/dev/_4NK_modules/sdk_relay/.conf b/storage/dev/_4NK_modules/sdk_relay/.conf new file mode 100644 index 0000000..f6defc8 --- /dev/null +++ b/storage/dev/_4NK_modules/sdk_relay/.conf @@ -0,0 +1,16 @@ +core_url="" +ws_url="" +wallet_name="default" +network="signet" +blindbit_url="" +zmq_url= +storage= +data_dir= +bitcoin_data_dir= +bootstrap_url= +bootstrap_faucet=true +RUST_LOG="DEBUG,reqwest=DEBUG,tokio_tungstenite=DEBUG" +NODE_OPTIONS="--max-old-space-size=2048" + +SIGNER_API_KEY="your-api-key-change-this" +VITE_JWT_SECRET_KEY="52b3d77617bb00982dfee15b08effd52cfe5b2e69b2f61cc4848cfe1e98c0bc9" diff --git a/storage/dev/docker-compose.yml.auto b/storage/dev/docker-compose.yml.auto index 2b220e6..fe88d98 100644 --- a/storage/dev/docker-compose.yml.auto +++ b/storage/dev/docker-compose.yml.auto @@ -2,511 +2,511 @@ services: - $REDIS_DOCKER_NAME: - image: $REDIS_DOCKER_IMAGE - container_name: $REDIS_DOCKER_NAME - working_dir: /$REDIS_DOCKER_NAME + : + image: + container_name: + working_dir: / ports: - - "0.0.0.0:$REDIS_EXTERNAL_PORT" - - "0.0.0.0:$REDIS_PORT" - - "0.0.0.0:$REDIS_PORT2" - - "0.0.0.0:$REDIS_PORT3" + - "0.0.0.0:" + - "0.0.0.0:6379:6379" + - "0.0.0.0:" + - "0.0.0.0:" volumes: - - $REDIS_CONFS_DIR:$REDIS_DOCKER_CONFS_DIR - - $REDIS_LOGS_DIR:$REDIS_DOCKER_LOGS_DIR - - $REDIS_RUNS_DIR:$REDIS_DOCKER_RUNS_DIR - - $REDIS_DATAS_DIR:$REDIS_DOCKER_DATAS_DIR - - $REDIS_BACKUPS_DIR:$REDIS_DOCKER_BACKUPS_DIR - - $REDIS_SCRIPTS_DIR:$REDIS_DOCKER_SCRIPTS_DIR + - : + - : + - : + - : + - : + - : networks: btcnet: aliases: - - $REDIS_DOCKER_NAME + - user: root entrypoint: \> - /bin/sh -c "$REDIS_DOCKER_WORKING_DIR_CREATE" + /bin/sh -c "" healthcheck: - test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$REDIS.sh"] + test: ["CMD", "sh", "-FRONT_CONFS_DIR/healthcheck_redis.sh"] interval: 30s timeout: 10s retries: 50 restart: unless-stopped" - $POSTGRESQL_DOCKER_NAME: - image: $POSTGRESQL_DOCKER_IMAGE - container_name: $POSTGRESQL_DOCKER_NAME - working_dir: /$POSTGRESQL_DOCKER_NAME + : + image: + container_name: + working_dir: / ports: - - "0.0.0.0:$POSTGRESQL_EXTERNAL_PORT" - - "0.0.0.0:$POSTGRESQL_PORT" - - "0.0.0.0:$POSTGRESQL_PORT2" - - "0.0.0.0:$POSTGRESQL_PORT3" + - "0.0.0.0:" + - "0.0.0.0:5432:5432" + - "0.0.0.0:" + - "0.0.0.0:" volumes: - - $POSTGRESQL_CONFS_DIR:$POSTGRESQL_DOCKER_CONFS_DIR - - $POSTGRESQL_LOGS_DIR:$POSTGRESQL_DOCKER_LOGS_DIR - - $POSTGRESQL_RUNS_DIR:$POSTGRESQL_DOCKER_RUNS_DIR - - $POSTGRESQL_DATAS_DIR:$POSTGRESQL_DOCKER_DATAS_DIR - - $POSTGRESQL_BACKUPS_DIR:$POSTGRESQL_DOCKER_BACKUPS_DIR - - $POSTGRESQL_SCRIPTS_DIR:$POSTGRESQL_DOCKER_SCRIPTS_DIR + - : + - : + - : + - : + - : + - : networks: btcnet: aliases: - - $POSTGRESQL_DOCKER_NAME + - user: root entrypoint: \> - /bin/sh -c "$POSTGRESQL_DOCKER_WORKING_DIR_CREATE" + /bin/sh -c "" healthcheck: - test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$POSTGRESQL.sh"] + test: ["CMD", "sh", "-FRONT_CONFS_DIR/healthcheck_postgresql.sh"] interval: 30s timeout: 10s retries: 50 restart: unless-stopped" - $LOKI_DOCKER_NAME: - image: $LOKI_DOCKER_IMAGE - container_name: $LOKI_DOCKER_NAME - working_dir: /$LOKI_DOCKER_NAME + : + image: + container_name: + working_dir: / ports: - - "0.0.0.0:$LOKI_EXTERNAL_PORT" - - "0.0.0.0:$LOKI_PORT" - - "0.0.0.0:$LOKI_PORT2" - - "0.0.0.0:$LOKI_PORT3" + - "0.0.0.0:" + - "0.0.0.0:3100:3100" + - "0.0.0.0:9096" + - "0.0.0.0:" volumes: - - $LOKI_CONFS_DIR:$LOKI_DOCKER_CONFS_DIR - - $LOKI_LOGS_DIR:$LOKI_DOCKER_LOGS_DIR - - $LOKI_RUNS_DIR:$LOKI_DOCKER_RUNS_DIR - - $LOKI_DATAS_DIR:$LOKI_DOCKER_DATAS_DIR - - $LOKI_BACKUPS_DIR:$LOKI_DOCKER_BACKUPS_DIR - - $LOKI_SCRIPTS_DIR:$LOKI_DOCKER_SCRIPTS_DIR + - : + - : + - : + - : + - : + - : networks: btcnet: aliases: - - $LOKI_DOCKER_NAME + - user: root entrypoint: \> - /bin/sh -c "$LOKI_DOCKER_WORKING_DIR_CREATE" + /bin/sh -c "" healthcheck: - test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$LOKI.sh"] + test: ["CMD", "sh", "-FRONT_CONFS_DIR/healthcheck_loki.sh"] interval: 30s timeout: 10s retries: 50 restart: unless-stopped" - $PROMTAIL_DOCKER_NAME: - image: $PROMTAIL_DOCKER_IMAGE - container_name: $PROMTAIL_DOCKER_NAME - working_dir: /$PROMTAIL_DOCKER_NAME + : + image: + container_name: + working_dir: / ports: - - "0.0.0.0:$PROMTAIL_EXTERNAL_PORT" - - "0.0.0.0:$PROMTAIL_PORT" - - "0.0.0.0:$PROMTAIL_PORT2" - - "0.0.0.0:$PROMTAIL_PORT3" + - "0.0.0.0:" + - "0.0.0.0:8090:8090" + - "0.0.0.0:" + - "0.0.0.0:" volumes: - - $PROMTAIL_CONFS_DIR:$PROMTAIL_DOCKER_CONFS_DIR - - $PROMTAIL_LOGS_DIR:$PROMTAIL_DOCKER_LOGS_DIR - - $PROMTAIL_RUNS_DIR:$PROMTAIL_DOCKER_RUNS_DIR - - $PROMTAIL_DATAS_DIR:$PROMTAIL_DOCKER_DATAS_DIR - - $PROMTAIL_BACKUPS_DIR:$PROMTAIL_DOCKER_BACKUPS_DIR - - $PROMTAIL_SCRIPTS_DIR:$PROMTAIL_DOCKER_SCRIPTS_DIR + - : + - : + - : + - : + - : + - : networks: btcnet: aliases: - - $PROMTAIL_DOCKER_NAME + - user: root entrypoint: \> - /bin/sh -c "$PROMTAIL_DOCKER_WORKING_DIR_CREATE" + /bin/sh -c "" healthcheck: - test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$PROMTAIL.sh"] + test: ["CMD", "sh", "-FRONT_CONFS_DIR/healthcheck_promtail.sh"] interval: 30s timeout: 10s retries: 50 restart: unless-stopped" - $GRAFANA_DOCKER_NAME: - image: $GRAFANA_DOCKER_IMAGE - container_name: $GRAFANA_DOCKER_NAME - working_dir: /$GRAFANA_DOCKER_NAME + : + image: + container_name: + working_dir: / ports: - - "0.0.0.0:$GRAFANA_EXTERNAL_PORT" - - "0.0.0.0:$GRAFANA_PORT" - - "0.0.0.0:$GRAFANA_PORT2" - - "0.0.0.0:$GRAFANA_PORT3" + - "0.0.0.0:" + - "0.0.0.0:3001:3001" + - "0.0.0.0:" + - "0.0.0.0:" volumes: - - $GRAFANA_CONFS_DIR:$GRAFANA_DOCKER_CONFS_DIR - - $GRAFANA_LOGS_DIR:$GRAFANA_DOCKER_LOGS_DIR - - $GRAFANA_RUNS_DIR:$GRAFANA_DOCKER_RUNS_DIR - - $GRAFANA_DATAS_DIR:$GRAFANA_DOCKER_DATAS_DIR - - $GRAFANA_BACKUPS_DIR:$GRAFANA_DOCKER_BACKUPS_DIR - - $GRAFANA_SCRIPTS_DIR:$GRAFANA_DOCKER_SCRIPTS_DIR + - : + - : + - : + - : + - : + - : networks: btcnet: aliases: - - $GRAFANA_DOCKER_NAME + - user: root entrypoint: \> - /bin/sh -c "$GRAFANA_DOCKER_WORKING_DIR_CREATE" + /bin/sh -c "" healthcheck: - test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$GRAFANA.sh"] + test: ["CMD", "sh", "-FRONT_CONFS_DIR/healthcheck_grafana.sh"] interval: 30s timeout: 10s retries: 50 restart: unless-stopped" - $NGNIX_DOCKER_NAME: - image: $NGNIX_DOCKER_IMAGE - container_name: $NGNIX_DOCKER_NAME - working_dir: /$NGNIX_DOCKER_NAME + : + image: + container_name: + working_dir: / ports: - - "0.0.0.0:$NGNIX_EXTERNAL_PORT" - - "0.0.0.0:$NGNIX_PORT" - - "0.0.0.0:$NGNIX_PORT2" - - "0.0.0.0:$NGNIX_PORT3" + - "0.0.0.0:" + - "0.0.0.0:" + - "0.0.0.0:" + - "0.0.0.0:" volumes: - - $NGNIX_CONFS_DIR:$NGNIX_DOCKER_CONFS_DIR - - $NGNIX_LOGS_DIR:$NGNIX_DOCKER_LOGS_DIR - - $NGNIX_RUNS_DIR:$NGNIX_DOCKER_RUNS_DIR - - $NGNIX_DATAS_DIR:$NGNIX_DOCKER_DATAS_DIR - - $NGNIX_BACKUPS_DIR:$NGNIX_DOCKER_BACKUPS_DIR - - $NGNIX_SCRIPTS_DIR:$NGNIX_DOCKER_SCRIPTS_DIR + - : + - : + - : + - : + - : + - : networks: btcnet: aliases: - - $NGNIX_DOCKER_NAME + - user: root entrypoint: \> - /bin/sh -c "$NGNIX_DOCKER_WORKING_DIR_CREATE" + /bin/sh -c "" healthcheck: - test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$NGNIX.sh"] + test: ["CMD", "sh", "-FRONT_CONFS_DIR/healthcheck_.sh"] interval: 30s timeout: 10s retries: 50 restart: unless-stopped" - $TOR_DOCKER_NAME: - image: $TOR_DOCKER_IMAGE - container_name: $TOR_DOCKER_NAME - working_dir: /$TOR_DOCKER_NAME + : + image: + container_name: + working_dir: / ports: - - "0.0.0.0:$TOR_EXTERNAL_PORT" - - "0.0.0.0:$TOR_PORT" - - "0.0.0.0:$TOR_PORT2" - - "0.0.0.0:$TOR_PORT3" + - "0.0.0.0:" + - "0.0.0.0:9050:9050" + - "0.0.0.0:" + - "0.0.0.0:" volumes: - - $TOR_CONFS_DIR:$TOR_DOCKER_CONFS_DIR - - $TOR_LOGS_DIR:$TOR_DOCKER_LOGS_DIR - - $TOR_RUNS_DIR:$TOR_DOCKER_RUNS_DIR - - $TOR_DATAS_DIR:$TOR_DOCKER_DATAS_DIR - - $TOR_BACKUPS_DIR:$TOR_DOCKER_BACKUPS_DIR - - $TOR_SCRIPTS_DIR:$TOR_DOCKER_SCRIPTS_DIR + - : + - : + - : + - : + - : + - : networks: btcnet: aliases: - - $TOR_DOCKER_NAME + - user: root entrypoint: \> - /bin/sh -c "$TOR_DOCKER_WORKING_DIR_CREATE" + /bin/sh -c "" healthcheck: - test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$TOR.sh"] + test: ["CMD", "sh", "-FRONT_CONFS_DIR/healthcheck_tor-proxy.sh"] interval: 30s timeout: 10s retries: 50 restart: unless-stopped" - $_4NK_VAULT_DOCKER_NAME: - image: $_4NK_VAULT_DOCKER_IMAGE - container_name: $_4NK_VAULT_DOCKER_NAME - working_dir: /$_4NK_VAULT_DOCKER_NAME + : + image: + container_name: + working_dir: / ports: - - "0.0.0.0:$_4NK_VAULT_EXTERNAL_PORT" - - "0.0.0.0:$_4NK_VAULT_PORT" - - "0.0.0.0:$_4NK_VAULT_PORT2" - - "0.0.0.0:$_4NK_VAULT_PORT3" + - "0.0.0.0:" + - "0.0.0.0:" + - "0.0.0.0:" + - "0.0.0.0:" volumes: - - $_4NK_VAULT_CONFS_DIR:$_4NK_VAULT_DOCKER_CONFS_DIR - - $_4NK_VAULT_LOGS_DIR:$_4NK_VAULT_DOCKER_LOGS_DIR - - $_4NK_VAULT_RUNS_DIR:$_4NK_VAULT_DOCKER_RUNS_DIR - - $_4NK_VAULT_DATAS_DIR:$_4NK_VAULT_DOCKER_DATAS_DIR - - $_4NK_VAULT_BACKUPS_DIR:$_4NK_VAULT_DOCKER_BACKUPS_DIR - - $_4NK_VAULT_SCRIPTS_DIR:$_4NK_VAULT_DOCKER_SCRIPTS_DIR + - : + - : + - : + - : + - : + - : networks: btcnet: aliases: - - $_4NK_VAULT_DOCKER_NAME + - user: root entrypoint: \> - /bin/sh -c "$_4NK_VAULT_DOCKER_WORKING_DIR_CREATE" + /bin/sh -c "" healthcheck: - test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$_4NK_VAULT.sh"] + test: ["CMD", "sh", "-FRONT_CONFS_DIR/healthcheck__4NK_vault.sh"] interval: 30s timeout: 10s retries: 50 restart: unless-stopped" - $BITCOIN_DOCKER_NAME: - image: $BITCOIN_DOCKER_IMAGE - container_name: $BITCOIN_DOCKER_NAME - working_dir: /$BITCOIN_DOCKER_NAME + : + image: + container_name: + working_dir: / ports: - - "0.0.0.0:$BITCOIN_EXTERNAL_PORT" - - "0.0.0.0:$BITCOIN_PORT" - - "0.0.0.0:$BITCOIN_PORT2" - - "0.0.0.0:$BITCOIN_PORT3" + - "0.0.0.0:38333:38333" + - "0.0.0.0:38332:38332" + - "0.0.0.0:29001:29001" + - "0.0.0.0:29000:29000" volumes: - - $BITCOIN_CONFS_DIR:$BITCOIN_DOCKER_CONFS_DIR - - $BITCOIN_LOGS_DIR:$BITCOIN_DOCKER_LOGS_DIR - - $BITCOIN_RUNS_DIR:$BITCOIN_DOCKER_RUNS_DIR - - $BITCOIN_DATAS_DIR:$BITCOIN_DOCKER_DATAS_DIR - - $BITCOIN_BACKUPS_DIR:$BITCOIN_DOCKER_BACKUPS_DIR - - $BITCOIN_SCRIPTS_DIR:$BITCOIN_DOCKER_SCRIPTS_DIR + - : + - : + - : + - /home/debian/_4NK_env/projects/lecoffre/lecoffre_node/datas/bitcoin: + - : + - : networks: btcnet: aliases: - - $BITCOIN_DOCKER_NAME + - user: root entrypoint: \> - /bin/sh -c "$BITCOIN_DOCKER_WORKING_DIR_CREATE" + /bin/sh -c "" healthcheck: - test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$BITCOIN.sh"] + test: ["CMD", "sh", "-FRONT_CONFS_DIR/healthcheck_bitcoin.sh"] interval: 30s timeout: 10s retries: 50 restart: unless-stopped" - $BLINDBIT_ORACLE_DOCKER_NAME: - image: $BLINDBIT_ORACLE_DOCKER_IMAGE - container_name: $BLINDBIT_ORACLE_DOCKER_NAME - working_dir: /$BLINDBIT_ORACLE_DOCKER_NAME + : + image: + container_name: + working_dir: / ports: - - "0.0.0.0:$BLINDBIT_ORACLE_EXTERNAL_PORT" - - "0.0.0.0:$BLINDBIT_ORACLE_PORT" - - "0.0.0.0:$BLINDBIT_ORACLE_PORT2" - - "0.0.0.0:$BLINDBIT_ORACLE_PORT3" + - "0.0.0.0:" + - "0.0.0.0:8000:8000" + - "0.0.0.0:" + - "0.0.0.0:" volumes: - - $BLINDBIT_ORACLE_CONFS_DIR:$BLINDBIT_ORACLE_DOCKER_CONFS_DIR - - $BLINDBIT_ORACLE_LOGS_DIR:$BLINDBIT_ORACLE_DOCKER_LOGS_DIR - - $BLINDBIT_ORACLE_RUNS_DIR:$BLINDBIT_ORACLE_DOCKER_RUNS_DIR - - $BLINDBIT_ORACLE_DATAS_DIR:$BLINDBIT_ORACLE_DOCKER_DATAS_DIR - - $BLINDBIT_ORACLE_BACKUPS_DIR:$BLINDBIT_ORACLE_DOCKER_BACKUPS_DIR - - $BLINDBIT_ORACLE_SCRIPTS_DIR:$BLINDBIT_ORACLE_DOCKER_SCRIPTS_DIR + - : + - : + - : + - : + - : + - : networks: btcnet: aliases: - - $BLINDBIT_ORACLE_DOCKER_NAME + - user: root entrypoint: \> - /bin/sh -c "$BLINDBIT_ORACLE_DOCKER_WORKING_DIR_CREATE" + /bin/sh -c "" healthcheck: - test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$BLINDBIT_ORACLE.sh"] + test: ["CMD", "sh", "-FRONT_CONFS_DIR/healthcheck_blindbit-oracle.sh"] interval: 30s timeout: 10s retries: 50 restart: unless-stopped" - $SDK_RELAY_DOCKER_NAME: - image: $SDK_RELAY_DOCKER_IMAGE - container_name: $SDK_RELAY_DOCKER_NAME - working_dir: /$SDK_RELAY_DOCKER_NAME + : + image: + container_name: + working_dir: / ports: - - "0.0.0.0:$SDK_RELAY_EXTERNAL_PORT" - - "0.0.0.0:$SDK_RELAY_PORT" - - "0.0.0.0:$SDK_RELAY_PORT2" - - "0.0.0.0:$SDK_RELAY_PORT3" + - "0.0.0.0:" + - "0.0.0.0:8080:8080" + - "0.0.0.0:" + - "0.0.0.0:" volumes: - - $SDK_RELAY_CONFS_DIR:$SDK_RELAY_DOCKER_CONFS_DIR - - $SDK_RELAY_LOGS_DIR:$SDK_RELAY_DOCKER_LOGS_DIR - - $SDK_RELAY_RUNS_DIR:$SDK_RELAY_DOCKER_RUNS_DIR - - $SDK_RELAY_DATAS_DIR:$SDK_RELAY_DOCKER_DATAS_DIR - - $SDK_RELAY_BACKUPS_DIR:$SDK_RELAY_DOCKER_BACKUPS_DIR - - $SDK_RELAY_SCRIPTS_DIR:$SDK_RELAY_DOCKER_SCRIPTS_DIR + - : + - : + - : + - : + - : + - : networks: btcnet: aliases: - - $SDK_RELAY_DOCKER_NAME + - user: root entrypoint: \> - /bin/sh -c "$SDK_RELAY_DOCKER_WORKING_DIR_CREATE" + /bin/sh -c "" healthcheck: - test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$SDK_RELAY.sh"] + test: ["CMD", "sh", "-FRONT_CONFS_DIR/healthcheck_sdk_relay.sh"] interval: 30s timeout: 10s retries: 50 restart: unless-stopped" - $SDK_STORAGE_DOCKER_NAME: - image: $SDK_STORAGE_DOCKER_IMAGE - container_name: $SDK_STORAGE_DOCKER_NAME - working_dir: /$SDK_STORAGE_DOCKER_NAME + : + image: + container_name: + working_dir: / ports: - - "0.0.0.0:$SDK_STORAGE_EXTERNAL_PORT" - - "0.0.0.0:$SDK_STORAGE_PORT" - - "0.0.0.0:$SDK_STORAGE_PORT2" - - "0.0.0.0:$SDK_STORAGE_PORT3" + - "0.0.0.0:" + - "0.0.0.0:8081:8081" + - "0.0.0.0:" + - "0.0.0.0:" volumes: - - $SDK_STORAGE_CONFS_DIR:$SDK_STORAGE_DOCKER_CONFS_DIR - - $SDK_STORAGE_LOGS_DIR:$SDK_STORAGE_DOCKER_LOGS_DIR - - $SDK_STORAGE_RUNS_DIR:$SDK_STORAGE_DOCKER_RUNS_DIR - - $SDK_STORAGE_DATAS_DIR:$SDK_STORAGE_DOCKER_DATAS_DIR - - $SDK_STORAGE_BACKUPS_DIR:$SDK_STORAGE_DOCKER_BACKUPS_DIR - - $SDK_STORAGE_SCRIPTS_DIR:$SDK_STORAGE_DOCKER_SCRIPTS_DIR + - : + - : + - : + - : + - : + - : networks: btcnet: aliases: - - $SDK_STORAGE_DOCKER_NAME + - user: root entrypoint: \> - /bin/sh -c "$SDK_STORAGE_DOCKER_WORKING_DIR_CREATE" + /bin/sh -c "" healthcheck: - test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$SDK_STORAGE.sh"] + test: ["CMD", "sh", "-FRONT_CONFS_DIR/healthcheck_sdk_storage.sh"] interval: 30s timeout: 10s retries: 50 restart: unless-stopped" - $IHM_CLIENT_DOCKER_NAME: - image: $IHM_CLIENT_DOCKER_IMAGE - container_name: $IHM_CLIENT_DOCKER_NAME - working_dir: /$IHM_CLIENT_DOCKER_NAME + : + image: + container_name: + working_dir: / ports: - - "0.0.0.0:$IHM_CLIENT_EXTERNAL_PORT" - - "0.0.0.0:$IHM_CLIENT_PORT" - - "0.0.0.0:$IHM_CLIENT_PORT2" - - "0.0.0.0:$IHM_CLIENT_PORT3" + - "0.0.0.0:" + - "0.0.0.0:3003:3003" + - "0.0.0.0:" + - "0.0.0.0:" volumes: - - $IHM_CLIENT_CONFS_DIR:$IHM_CLIENT_DOCKER_CONFS_DIR - - $IHM_CLIENT_LOGS_DIR:$IHM_CLIENT_DOCKER_LOGS_DIR - - $IHM_CLIENT_RUNS_DIR:$IHM_CLIENT_DOCKER_RUNS_DIR - - $IHM_CLIENT_DATAS_DIR:$IHM_CLIENT_DOCKER_DATAS_DIR - - $IHM_CLIENT_BACKUPS_DIR:$IHM_CLIENT_DOCKER_BACKUPS_DIR - - $IHM_CLIENT_SCRIPTS_DIR:$IHM_CLIENT_DOCKER_SCRIPTS_DIR + - : + - : + - : + - : + - : + - : networks: btcnet: aliases: - - $IHM_CLIENT_DOCKER_NAME + - user: root entrypoint: \> - /bin/sh -c "$IHM_CLIENT_DOCKER_WORKING_DIR_CREATE" + /bin/sh -c "" healthcheck: - test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$IHM_CLIENT.sh"] + test: ["CMD", "sh", "-FRONT_CONFS_DIR/healthcheck_ihm_client.sh"] interval: 30s timeout: 10s retries: 50 restart: unless-stopped" - $_4NK_CERTIFICATOR_DOCKER_NAME: - image: $_4NK_CERTIFICATOR_DOCKER_IMAGE - container_name: $_4NK_CERTIFICATOR_DOCKER_NAME - working_dir: /$_4NK_CERTIFICATOR_DOCKER_NAME + : + image: + container_name: + working_dir: / ports: - - "0.0.0.0:$_4NK_CERTIFICATOR_EXTERNAL_PORT" - - "0.0.0.0:$_4NK_CERTIFICATOR_PORT" - - "0.0.0.0:$_4NK_CERTIFICATOR_PORT2" - - "0.0.0.0:$_4NK_CERTIFICATOR_PORT3" + - "0.0.0.0:" + - "0.0.0.0:8082:8082" + - "0.0.0.0:" + - "0.0.0.0:" volumes: - - $_4NK_CERTIFICATOR_CONFS_DIR:$_4NK_CERTIFICATOR_DOCKER_CONFS_DIR - - $_4NK_CERTIFICATOR_LOGS_DIR:$_4NK_CERTIFICATOR_DOCKER_LOGS_DIR - - $_4NK_CERTIFICATOR_RUNS_DIR:$_4NK_CERTIFICATOR_DOCKER_RUNS_DIR - - $_4NK_CERTIFICATOR_DATAS_DIR:$_4NK_CERTIFICATOR_DOCKER_DATAS_DIR - - $_4NK_CERTIFICATOR_BACKUPS_DIR:$_4NK_CERTIFICATOR_DOCKER_BACKUPS_DIR - - $_4NK_CERTIFICATOR_SCRIPTS_DIR:$_4NK_CERTIFICATOR_DOCKER_SCRIPTS_DIR + - : + - : + - : + - : + - : + - : networks: btcnet: aliases: - - $_4NK_CERTIFICATOR_DOCKER_NAME + - user: root entrypoint: \> - /bin/sh -c "$_4NK_CERTIFICATOR_DOCKER_WORKING_DIR_CREATE" + /bin/sh -c "" healthcheck: - test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$_4NK_CERTIFICATOR.sh"] + test: ["CMD", "sh", "-FRONT_CONFS_DIR/healthcheck__4NK_certificator.sh"] interval: 30s timeout: 10s retries: 50 restart: unless-stopped" - $_4NK_MINER_DOCKER_NAME: - image: $_4NK_MINER_DOCKER_IMAGE - container_name: $_4NK_MINER_DOCKER_NAME - working_dir: /$_4NK_MINER_DOCKER_NAME + : + image: + container_name: + working_dir: / ports: - - "0.0.0.0:$_4NK_MINER_EXTERNAL_PORT" - - "0.0.0.0:$_4NK_MINER_PORT" - - "0.0.0.0:$_4NK_MINER_PORT2" - - "0.0.0.0:$_4NK_MINER_PORT3" + - "0.0.0.0:" + - "0.0.0.0:8083:8083" + - "0.0.0.0:" + - "0.0.0.0:" volumes: - - $_4NK_MINER_CONFS_DIR:$_4NK_MINER_DOCKER_CONFS_DIR - - $_4NK_MINER_LOGS_DIR:$_4NK_MINER_DOCKER_LOGS_DIR - - $_4NK_MINER_RUNS_DIR:$_4NK_MINER_DOCKER_RUNS_DIR - - $_4NK_MINER_DATAS_DIR:$_4NK_MINER_DOCKER_DATAS_DIR - - $_4NK_MINER_BACKUPS_DIR:$_4NK_MINER_DOCKER_BACKUPS_DIR - - $_4NK_MINER_SCRIPTS_DIR:$_4NK_MINER_DOCKER_SCRIPTS_DIR + - : + - : + - : + - : + - : + - : networks: btcnet: aliases: - - $_4NK_MINER_DOCKER_NAME + - user: root entrypoint: \> - /bin/sh -c "$_4NK_MINER_DOCKER_WORKING_DIR_CREATE" + /bin/sh -c "" healthcheck: - test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$_4NK_MINER.sh"] + test: ["CMD", "sh", "-FRONT_CONFS_DIR/healthcheck__4NK_miner.sh"] interval: 30s timeout: 10s retries: 50 restart: unless-stopped" - $LECOFFRE_FRONT_DOCKER_NAME: - image: $LECOFFRE_FRONT_DOCKER_IMAGE - container_name: $LECOFFRE_FRONT_DOCKER_NAME - working_dir: /$LECOFFRE_FRONT_DOCKER_NAME + : + image: + container_name: + working_dir: / ports: - - "0.0.0.0:$LECOFFRE_FRONT_EXTERNAL_PORT" - - "0.0.0.0:$LECOFFRE_FRONT_PORT" - - "0.0.0.0:$LECOFFRE_FRONT_PORT2" - - "0.0.0.0:$LECOFFRE_FRONT_PORT3" + - "0.0.0.0:" + - "0.0.0.0:3000:3000" + - "0.0.0.0:" + - "0.0.0.0:" volumes: - - $LECOFFRE_FRONT_CONFS_DIR:$LECOFFRE_FRONT_DOCKER_CONFS_DIR - - $LECOFFRE_FRONT_LOGS_DIR:$LECOFFRE_FRONT_DOCKER_LOGS_DIR - - $LECOFFRE_FRONT_RUNS_DIR:$LECOFFRE_FRONT_DOCKER_RUNS_DIR - - $LECOFFRE_FRONT_DATAS_DIR:$LECOFFRE_FRONT_DOCKER_DATAS_DIR - - $LECOFFRE_FRONT_BACKUPS_DIR:$LECOFFRE_FRONT_DOCKER_BACKUPS_DIR - - $LECOFFRE_FRONT_SCRIPTS_DIR:$LECOFFRE_FRONT_DOCKER_SCRIPTS_DIR + - : + - : + - : + - : + - : + - : networks: btcnet: aliases: - - $LECOFFRE_FRONT_DOCKER_NAME + - user: root entrypoint: \> - /bin/sh -c "$LECOFFRE_FRONT_DOCKER_WORKING_DIR_CREATE" + /bin/sh -c "" healthcheck: - test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$LECOFFRE_FRONT.sh"] + test: ["CMD", "sh", "-FRONT_CONFS_DIR/healthcheck_lecoffre-front.sh"] interval: 30s timeout: 10s retries: 50 restart: unless-stopped" - $_4NK_WEB_STATUS_DOCKER_NAME: - image: $_4NK_WEB_STATUS_DOCKER_IMAGE - container_name: $_4NK_WEB_STATUS_DOCKER_NAME - working_dir: /$_4NK_WEB_STATUS_DOCKER_NAME + : + image: + container_name: + working_dir: / ports: - - "0.0.0.0:$_4NK_WEB_STATUS_EXTERNAL_PORT" - - "0.0.0.0:$_4NK_WEB_STATUS_PORT" - - "0.0.0.0:$_4NK_WEB_STATUS_PORT2" - - "0.0.0.0:$_4NK_WEB_STATUS_PORT3" + - "0.0.0.0:3006:3006" + - "0.0.0.0:3006:3006" + - "0.0.0.0:" + - "0.0.0.0:" volumes: - - $_4NK_WEB_STATUS_CONFS_DIR:$_4NK_WEB_STATUS_DOCKER_CONFS_DIR - - $_4NK_WEB_STATUS_LOGS_DIR:$_4NK_WEB_STATUS_DOCKER_LOGS_DIR - - $_4NK_WEB_STATUS_RUNS_DIR:$_4NK_WEB_STATUS_DOCKER_RUNS_DIR - - $_4NK_WEB_STATUS_DATAS_DIR:$_4NK_WEB_STATUS_DOCKER_DATAS_DIR - - $_4NK_WEB_STATUS_BACKUPS_DIR:$_4NK_WEB_STATUS_DOCKER_BACKUPS_DIR - - $_4NK_WEB_STATUS_SCRIPTS_DIR:$_4NK_WEB_STATUS_DOCKER_SCRIPTS_DIR + - : + - : + - : + - : + - : + - : networks: btcnet: aliases: - - $_4NK_WEB_STATUS_DOCKER_NAME + - user: root entrypoint: \> - /bin/sh -c "$_4NK_WEB_STATUS_DOCKER_WORKING_DIR_CREATE" + /bin/sh -c "" healthcheck: - test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$_4NK_WEB_STATUS.sh"] + test: ["CMD", "sh", "-FRONT_CONFS_DIR/healthcheck__4NK_web_status.sh"] interval: 30s timeout: 10s retries: 50 diff --git a/storage/dev/logrotade/_4nk_certificator.conf b/storage/dev/logrotade/_4nk_certificator.conf index 64a66e8..4058f6a 100644 --- a/storage/dev/logrotade/_4nk_certificator.conf +++ b/storage/dev/logrotade/_4nk_certificator.conf @@ -1,4 +1,4 @@ -$_4NK_CERTIFICATOR_LOGS_DIR/*.log { +/*.log { daily missingok rotate 7 @@ -8,6 +8,6 @@ $_4NK_CERTIFICATOR_LOGS_DIR/*.log { create 644 root root postrotate # Redémarrer le service si nécessaire - docker restart $_4NK_CERTIFICATOR_DOCKER_NAME 2>/dev/null || true + docker restart 2>/dev/null || true endscript } diff --git a/storage/dev/logrotade/_4nk_miner.conf b/storage/dev/logrotade/_4nk_miner.conf index f33033a..4058f6a 100644 --- a/storage/dev/logrotade/_4nk_miner.conf +++ b/storage/dev/logrotade/_4nk_miner.conf @@ -1,4 +1,4 @@ -$_4NK_MINER_LOGS_DIR/*.log { +/*.log { daily missingok rotate 7 @@ -8,6 +8,6 @@ $_4NK_MINER_LOGS_DIR/*.log { create 644 root root postrotate # Redémarrer le service si nécessaire - docker restart $_4NK_MINER_DOCKER_NAME 2>/dev/null || true + docker restart 2>/dev/null || true endscript } diff --git a/storage/dev/logrotade/_4nk_vault.conf b/storage/dev/logrotade/_4nk_vault.conf index 4b62c19..4058f6a 100644 --- a/storage/dev/logrotade/_4nk_vault.conf +++ b/storage/dev/logrotade/_4nk_vault.conf @@ -1,4 +1,4 @@ -$_4NK_VAULT_LOGS_DIR/*.log { +/*.log { daily missingok rotate 7 @@ -8,6 +8,6 @@ $_4NK_VAULT_LOGS_DIR/*.log { create 644 root root postrotate # Redémarrer le service si nécessaire - docker restart $_4NK_VAULT_DOCKER_NAME 2>/dev/null || true + docker restart 2>/dev/null || true endscript } diff --git a/storage/dev/logrotade/_4nk_web_status.conf b/storage/dev/logrotade/_4nk_web_status.conf index fc7906b..4058f6a 100644 --- a/storage/dev/logrotade/_4nk_web_status.conf +++ b/storage/dev/logrotade/_4nk_web_status.conf @@ -1,4 +1,4 @@ -$_4NK_WEB_STATUS_LOGS_DIR/*.log { +/*.log { daily missingok rotate 7 @@ -8,6 +8,6 @@ $_4NK_WEB_STATUS_LOGS_DIR/*.log { create 644 root root postrotate # Redémarrer le service si nécessaire - docker restart $_4NK_WEB_STATUS_DOCKER_NAME 2>/dev/null || true + docker restart 2>/dev/null || true endscript } diff --git a/storage/dev/logrotade/bitcoin.conf b/storage/dev/logrotade/bitcoin.conf index 86b43ec..4058f6a 100644 --- a/storage/dev/logrotade/bitcoin.conf +++ b/storage/dev/logrotade/bitcoin.conf @@ -1,4 +1,4 @@ -$BITCOIN_LOGS_DIR/*.log { +/*.log { daily missingok rotate 7 @@ -8,6 +8,6 @@ $BITCOIN_LOGS_DIR/*.log { create 644 root root postrotate # Redémarrer le service si nécessaire - docker restart $BITCOIN_DOCKER_NAME 2>/dev/null || true + docker restart 2>/dev/null || true endscript } diff --git a/storage/dev/logrotade/blindbit_oracle.conf b/storage/dev/logrotade/blindbit_oracle.conf index aab8bac..4058f6a 100644 --- a/storage/dev/logrotade/blindbit_oracle.conf +++ b/storage/dev/logrotade/blindbit_oracle.conf @@ -1,4 +1,4 @@ -$BLINDBIT_ORACLE_LOGS_DIR/*.log { +/*.log { daily missingok rotate 7 @@ -8,6 +8,6 @@ $BLINDBIT_ORACLE_LOGS_DIR/*.log { create 644 root root postrotate # Redémarrer le service si nécessaire - docker restart $BLINDBIT_ORACLE_DOCKER_NAME 2>/dev/null || true + docker restart 2>/dev/null || true endscript } diff --git a/storage/dev/logrotade/grafana.conf b/storage/dev/logrotade/grafana.conf index fbc9795..4058f6a 100644 --- a/storage/dev/logrotade/grafana.conf +++ b/storage/dev/logrotade/grafana.conf @@ -1,4 +1,4 @@ -$GRAFANA_LOGS_DIR/*.log { +/*.log { daily missingok rotate 7 @@ -8,6 +8,6 @@ $GRAFANA_LOGS_DIR/*.log { create 644 root root postrotate # Redémarrer le service si nécessaire - docker restart $GRAFANA_DOCKER_NAME 2>/dev/null || true + docker restart 2>/dev/null || true endscript } diff --git a/storage/dev/logrotade/ihm_client.conf b/storage/dev/logrotade/ihm_client.conf index 1ae2269..4058f6a 100644 --- a/storage/dev/logrotade/ihm_client.conf +++ b/storage/dev/logrotade/ihm_client.conf @@ -1,4 +1,4 @@ -$IHM_CLIENT_LOGS_DIR/*.log { +/*.log { daily missingok rotate 7 @@ -8,6 +8,6 @@ $IHM_CLIENT_LOGS_DIR/*.log { create 644 root root postrotate # Redémarrer le service si nécessaire - docker restart $IHM_CLIENT_DOCKER_NAME 2>/dev/null || true + docker restart 2>/dev/null || true endscript } diff --git a/storage/dev/logrotade/lecoffre_front.conf b/storage/dev/logrotade/lecoffre_front.conf index b89abf0..4058f6a 100644 --- a/storage/dev/logrotade/lecoffre_front.conf +++ b/storage/dev/logrotade/lecoffre_front.conf @@ -1,4 +1,4 @@ -$LECOFFRE_FRONT_LOGS_DIR/*.log { +/*.log { daily missingok rotate 7 @@ -8,6 +8,6 @@ $LECOFFRE_FRONT_LOGS_DIR/*.log { create 644 root root postrotate # Redémarrer le service si nécessaire - docker restart $LECOFFRE_FRONT_DOCKER_NAME 2>/dev/null || true + docker restart 2>/dev/null || true endscript } diff --git a/storage/dev/logrotade/loki.conf b/storage/dev/logrotade/loki.conf index fe65e41..4058f6a 100644 --- a/storage/dev/logrotade/loki.conf +++ b/storage/dev/logrotade/loki.conf @@ -1,4 +1,4 @@ -$LOKI_LOGS_DIR/*.log { +/*.log { daily missingok rotate 7 @@ -8,6 +8,6 @@ $LOKI_LOGS_DIR/*.log { create 644 root root postrotate # Redémarrer le service si nécessaire - docker restart $LOKI_DOCKER_NAME 2>/dev/null || true + docker restart 2>/dev/null || true endscript } diff --git a/storage/dev/logrotade/ngnix.conf b/storage/dev/logrotade/ngnix.conf index 6c99fa9..4058f6a 100644 --- a/storage/dev/logrotade/ngnix.conf +++ b/storage/dev/logrotade/ngnix.conf @@ -1,4 +1,4 @@ -$NGNIX_LOGS_DIR/*.log { +/*.log { daily missingok rotate 7 @@ -8,6 +8,6 @@ $NGNIX_LOGS_DIR/*.log { create 644 root root postrotate # Redémarrer le service si nécessaire - docker restart $NGNIX_DOCKER_NAME 2>/dev/null || true + docker restart 2>/dev/null || true endscript } diff --git a/storage/dev/logrotade/postgresql.conf b/storage/dev/logrotade/postgresql.conf index 37ca59d..4058f6a 100644 --- a/storage/dev/logrotade/postgresql.conf +++ b/storage/dev/logrotade/postgresql.conf @@ -1,4 +1,4 @@ -$POSTGRESQL_LOGS_DIR/*.log { +/*.log { daily missingok rotate 7 @@ -8,6 +8,6 @@ $POSTGRESQL_LOGS_DIR/*.log { create 644 root root postrotate # Redémarrer le service si nécessaire - docker restart $POSTGRESQL_DOCKER_NAME 2>/dev/null || true + docker restart 2>/dev/null || true endscript } diff --git a/storage/dev/logrotade/promtail.conf b/storage/dev/logrotade/promtail.conf index 41a9949..4058f6a 100644 --- a/storage/dev/logrotade/promtail.conf +++ b/storage/dev/logrotade/promtail.conf @@ -1,4 +1,4 @@ -$PROMTAIL_LOGS_DIR/*.log { +/*.log { daily missingok rotate 7 @@ -8,6 +8,6 @@ $PROMTAIL_LOGS_DIR/*.log { create 644 root root postrotate # Redémarrer le service si nécessaire - docker restart $PROMTAIL_DOCKER_NAME 2>/dev/null || true + docker restart 2>/dev/null || true endscript } diff --git a/storage/dev/logrotade/redis.conf b/storage/dev/logrotade/redis.conf index f6a513d..4058f6a 100644 --- a/storage/dev/logrotade/redis.conf +++ b/storage/dev/logrotade/redis.conf @@ -1,4 +1,4 @@ -$REDIS_LOGS_DIR/*.log { +/*.log { daily missingok rotate 7 @@ -8,6 +8,6 @@ $REDIS_LOGS_DIR/*.log { create 644 root root postrotate # Redémarrer le service si nécessaire - docker restart $REDIS_DOCKER_NAME 2>/dev/null || true + docker restart 2>/dev/null || true endscript } diff --git a/storage/dev/logrotade/sdk_relay.conf b/storage/dev/logrotade/sdk_relay.conf index f21de67..4058f6a 100644 --- a/storage/dev/logrotade/sdk_relay.conf +++ b/storage/dev/logrotade/sdk_relay.conf @@ -1,4 +1,4 @@ -$SDK_RELAY_LOGS_DIR/*.log { +/*.log { daily missingok rotate 7 @@ -8,6 +8,6 @@ $SDK_RELAY_LOGS_DIR/*.log { create 644 root root postrotate # Redémarrer le service si nécessaire - docker restart $SDK_RELAY_DOCKER_NAME 2>/dev/null || true + docker restart 2>/dev/null || true endscript } diff --git a/storage/dev/logrotade/sdk_storage.conf b/storage/dev/logrotade/sdk_storage.conf index f6881ed..4058f6a 100644 --- a/storage/dev/logrotade/sdk_storage.conf +++ b/storage/dev/logrotade/sdk_storage.conf @@ -1,4 +1,4 @@ -$SDK_STORAGE_LOGS_DIR/*.log { +/*.log { daily missingok rotate 7 @@ -8,6 +8,6 @@ $SDK_STORAGE_LOGS_DIR/*.log { create 644 root root postrotate # Redémarrer le service si nécessaire - docker restart $SDK_STORAGE_DOCKER_NAME 2>/dev/null || true + docker restart 2>/dev/null || true endscript } diff --git a/storage/dev/logrotade/tor.conf b/storage/dev/logrotade/tor.conf index ab46330..4058f6a 100644 --- a/storage/dev/logrotade/tor.conf +++ b/storage/dev/logrotade/tor.conf @@ -1,4 +1,4 @@ -$TOR_LOGS_DIR/*.log { +/*.log { daily missingok rotate 7 @@ -8,6 +8,6 @@ $TOR_LOGS_DIR/*.log { create 644 root root postrotate # Redémarrer le service si nécessaire - docker restart $TOR_DOCKER_NAME 2>/dev/null || true + docker restart 2>/dev/null || true endscript } diff --git a/storage/dev/nginx/BITCOIN_https.conf b/storage/dev/nginx/BITCOIN_https.conf index 1fb93c0..a5df01d 100644 --- a/storage/dev/nginx/BITCOIN_https.conf +++ b/storage/dev/nginx/BITCOIN_https.conf @@ -1,16 +1,16 @@ # Configuration HTTPS pour BITCOIN -# Généré automatiquement le Fri Oct 3 17:10:13 UTC 2025 +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 server { listen 80; - server_name $BITCOIN.$_4NKweb.com; + server_name bitcoin..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $BITCOIN_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; @@ -25,19 +25,19 @@ ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$BITCOIN_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$BITCOIN_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$BITCOIN_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } diff --git a/storage/dev/nginx/BLINDBIT_ORACLE_https.conf b/storage/dev/nginx/BLINDBIT_ORACLE_https.conf index 45cf9ae..31bd43b 100644 --- a/storage/dev/nginx/BLINDBIT_ORACLE_https.conf +++ b/storage/dev/nginx/BLINDBIT_ORACLE_https.conf @@ -1,16 +1,16 @@ # Configuration HTTPS pour BLINDBIT_ORACLE -# Généré automatiquement le Fri Oct 3 17:10:13 UTC 2025 +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 server { listen 80; - server_name $BLINDBIT_ORACLE.$_4NKweb.com; + server_name blindbit-oracle..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $BLINDBIT_ORACLE_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; @@ -25,19 +25,19 @@ ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$BLINDBIT_ORACLE_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$BLINDBIT_ORACLE_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$BLINDBIT_ORACLE_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } diff --git a/storage/dev/nginx/GRAFANA_https.conf b/storage/dev/nginx/GRAFANA_https.conf index 1e9c145..6d1294c 100644 --- a/storage/dev/nginx/GRAFANA_https.conf +++ b/storage/dev/nginx/GRAFANA_https.conf @@ -1,16 +1,16 @@ # Configuration HTTPS pour GRAFANA -# Généré automatiquement le Fri Oct 3 17:10:13 UTC 2025 +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 server { listen 80; - server_name $GRAFANA.$_4NKweb.com; + server_name grafana..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $GRAFANA_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; @@ -25,19 +25,19 @@ ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$GRAFANA_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$GRAFANA_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$GRAFANA_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } diff --git a/storage/dev/nginx/IHM_CLIENT_https.conf b/storage/dev/nginx/IHM_CLIENT_https.conf index 25d844e..7034417 100644 --- a/storage/dev/nginx/IHM_CLIENT_https.conf +++ b/storage/dev/nginx/IHM_CLIENT_https.conf @@ -1,16 +1,16 @@ # Configuration HTTPS pour IHM_CLIENT -# Généré automatiquement le Fri Oct 3 17:10:13 UTC 2025 +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 server { listen 80; - server_name $IHM_CLIENT.$_4NKweb.com; + server_name ihm_client..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $IHM_CLIENT_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; @@ -25,19 +25,19 @@ ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$IHM_CLIENT_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$IHM_CLIENT_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$IHM_CLIENT_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } diff --git a/storage/dev/nginx/LECOFFRE_FRONT_https.conf b/storage/dev/nginx/LECOFFRE_FRONT_https.conf index 1e0b693..8218904 100644 --- a/storage/dev/nginx/LECOFFRE_FRONT_https.conf +++ b/storage/dev/nginx/LECOFFRE_FRONT_https.conf @@ -1,16 +1,16 @@ # Configuration HTTPS pour LECOFFRE_FRONT -# Généré automatiquement le Fri Oct 3 17:10:13 UTC 2025 +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 server { listen 80; - server_name $LECOFFRE_FRONT.$_4NKweb.com; + server_name lecoffre-front..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $LECOFFRE_FRONT_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; @@ -25,19 +25,19 @@ ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$LECOFFRE_FRONT_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$LECOFFRE_FRONT_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$LECOFFRE_FRONT_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } diff --git a/storage/dev/nginx/LOKI_https.conf b/storage/dev/nginx/LOKI_https.conf index c3cede5..2b23261 100644 --- a/storage/dev/nginx/LOKI_https.conf +++ b/storage/dev/nginx/LOKI_https.conf @@ -1,16 +1,16 @@ # Configuration HTTPS pour LOKI -# Généré automatiquement le Fri Oct 3 17:10:13 UTC 2025 +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 server { listen 80; - server_name $LOKI.$_4NKweb.com; + server_name loki..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $LOKI_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; @@ -25,19 +25,19 @@ ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$LOKI_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$LOKI_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$LOKI_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } diff --git a/storage/dev/nginx/NGNIX_https.conf b/storage/dev/nginx/NGNIX_https.conf index 56cf9c4..d4b566e 100644 --- a/storage/dev/nginx/NGNIX_https.conf +++ b/storage/dev/nginx/NGNIX_https.conf @@ -1,16 +1,16 @@ # Configuration HTTPS pour NGNIX -# Généré automatiquement le Fri Oct 3 17:10:13 UTC 2025 +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 server { listen 80; - server_name $NGNIX.$_4NKweb.com; + server_name ..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $NGNIX_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; @@ -25,19 +25,19 @@ ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$NGNIX_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$NGNIX_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$NGNIX_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } diff --git a/storage/dev/nginx/POSTGRESQL_https.conf b/storage/dev/nginx/POSTGRESQL_https.conf index aedf7dc..c877c1a 100644 --- a/storage/dev/nginx/POSTGRESQL_https.conf +++ b/storage/dev/nginx/POSTGRESQL_https.conf @@ -1,16 +1,16 @@ # Configuration HTTPS pour POSTGRESQL -# Généré automatiquement le Fri Oct 3 17:10:13 UTC 2025 +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 server { listen 80; - server_name $POSTGRESQL.$_4NKweb.com; + server_name postgresql..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $POSTGRESQL_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; @@ -25,19 +25,19 @@ ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$POSTGRESQL_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$POSTGRESQL_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$POSTGRESQL_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } diff --git a/storage/dev/nginx/PROMTAIL_https.conf b/storage/dev/nginx/PROMTAIL_https.conf index 7c7a59f..db17160 100644 --- a/storage/dev/nginx/PROMTAIL_https.conf +++ b/storage/dev/nginx/PROMTAIL_https.conf @@ -1,16 +1,16 @@ # Configuration HTTPS pour PROMTAIL -# Généré automatiquement le Fri Oct 3 17:10:13 UTC 2025 +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 server { listen 80; - server_name $PROMTAIL.$_4NKweb.com; + server_name promtail..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $PROMTAIL_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; @@ -25,19 +25,19 @@ ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$PROMTAIL_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$PROMTAIL_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$PROMTAIL_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } diff --git a/storage/dev/nginx/REDIS_https.conf b/storage/dev/nginx/REDIS_https.conf index ddf1881..1d336af 100644 --- a/storage/dev/nginx/REDIS_https.conf +++ b/storage/dev/nginx/REDIS_https.conf @@ -1,16 +1,16 @@ # Configuration HTTPS pour REDIS -# Généré automatiquement le Fri Oct 3 17:10:13 UTC 2025 +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 server { listen 80; - server_name $REDIS.$_4NKweb.com; + server_name redis..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $REDIS_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; @@ -25,19 +25,19 @@ ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$REDIS_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$REDIS_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$REDIS_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } diff --git a/storage/dev/nginx/SDK_RELAY_https.conf b/storage/dev/nginx/SDK_RELAY_https.conf index 4e8e43d..e624f50 100644 --- a/storage/dev/nginx/SDK_RELAY_https.conf +++ b/storage/dev/nginx/SDK_RELAY_https.conf @@ -1,16 +1,16 @@ # Configuration HTTPS pour SDK_RELAY -# Généré automatiquement le Fri Oct 3 17:10:13 UTC 2025 +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 server { listen 80; - server_name $SDK_RELAY.$_4NKweb.com; + server_name sdk_relay..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $SDK_RELAY_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; @@ -25,19 +25,19 @@ ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$SDK_RELAY_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$SDK_RELAY_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$SDK_RELAY_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } diff --git a/storage/dev/nginx/SDK_STORAGE_https.conf b/storage/dev/nginx/SDK_STORAGE_https.conf index 9737b79..457e5fc 100644 --- a/storage/dev/nginx/SDK_STORAGE_https.conf +++ b/storage/dev/nginx/SDK_STORAGE_https.conf @@ -1,16 +1,16 @@ # Configuration HTTPS pour SDK_STORAGE -# Généré automatiquement le Fri Oct 3 17:10:13 UTC 2025 +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 server { listen 80; - server_name $SDK_STORAGE.$_4NKweb.com; + server_name sdk_storage..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $SDK_STORAGE_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; @@ -25,19 +25,19 @@ ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$SDK_STORAGE_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$SDK_STORAGE_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$SDK_STORAGE_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } diff --git a/storage/dev/nginx/TOR_https.conf b/storage/dev/nginx/TOR_https.conf index bbd77c3..4621219 100644 --- a/storage/dev/nginx/TOR_https.conf +++ b/storage/dev/nginx/TOR_https.conf @@ -1,16 +1,16 @@ # Configuration HTTPS pour TOR -# Généré automatiquement le Fri Oct 3 17:10:13 UTC 2025 +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 server { listen 80; - server_name $TOR.$_4NKweb.com; + server_name tor-proxy..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $TOR_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; @@ -25,19 +25,19 @@ ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$TOR_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$TOR_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$TOR_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } diff --git a/storage/dev/nginx/_4NK_CERTIFICATOR_https.conf b/storage/dev/nginx/_4NK_CERTIFICATOR_https.conf index 1afcacb..77609e3 100644 --- a/storage/dev/nginx/_4NK_CERTIFICATOR_https.conf +++ b/storage/dev/nginx/_4NK_CERTIFICATOR_https.conf @@ -1,16 +1,16 @@ # Configuration HTTPS pour _4NK_CERTIFICATOR -# Généré automatiquement le Fri Oct 3 17:10:13 UTC 2025 +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 server { listen 80; - server_name $_4NK_CERTIFICATOR.$_4NKweb.com; + server_name _4NK_certificator..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $_4NK_CERTIFICATOR_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; @@ -25,19 +25,19 @@ ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$_4NK_CERTIFICATOR_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$_4NK_CERTIFICATOR_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$_4NK_CERTIFICATOR_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } diff --git a/storage/dev/nginx/_4NK_MINER_https.conf b/storage/dev/nginx/_4NK_MINER_https.conf index bf44c51..44d8a19 100644 --- a/storage/dev/nginx/_4NK_MINER_https.conf +++ b/storage/dev/nginx/_4NK_MINER_https.conf @@ -1,16 +1,16 @@ # Configuration HTTPS pour _4NK_MINER -# Généré automatiquement le Fri Oct 3 17:10:13 UTC 2025 +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 server { listen 80; - server_name $_4NK_MINER.$_4NKweb.com; + server_name _4NK_miner..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $_4NK_MINER_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; @@ -25,19 +25,19 @@ ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$_4NK_MINER_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$_4NK_MINER_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$_4NK_MINER_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } diff --git a/storage/dev/nginx/_4NK_VAULT_https.conf b/storage/dev/nginx/_4NK_VAULT_https.conf index 8eaba15..5dbfad7 100644 --- a/storage/dev/nginx/_4NK_VAULT_https.conf +++ b/storage/dev/nginx/_4NK_VAULT_https.conf @@ -1,16 +1,16 @@ # Configuration HTTPS pour _4NK_VAULT -# Généré automatiquement le Fri Oct 3 17:10:13 UTC 2025 +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 server { listen 80; - server_name $_4NK_VAULT.$_4NKweb.com; + server_name _4NK_vault..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $_4NK_VAULT_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; @@ -25,19 +25,19 @@ ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$_4NK_VAULT_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$_4NK_VAULT_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$_4NK_VAULT_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } diff --git a/storage/dev/nginx/_4NK_WEB_STATUS_https.conf b/storage/dev/nginx/_4NK_WEB_STATUS_https.conf index fe778a4..693726b 100644 --- a/storage/dev/nginx/_4NK_WEB_STATUS_https.conf +++ b/storage/dev/nginx/_4NK_WEB_STATUS_https.conf @@ -1,16 +1,16 @@ # Configuration HTTPS pour _4NK_WEB_STATUS -# Généré automatiquement le Fri Oct 3 17:10:13 UTC 2025 +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 server { listen 80; - server_name $_4NK_WEB_STATUS.$_4NKweb.com; + server_name _4NK_web_status..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $_4NK_WEB_STATUS_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; @@ -25,19 +25,19 @@ ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$_4NK_WEB_STATUS_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$_4NK_WEB_STATUS_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$_4NK_WEB_STATUS_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } diff --git a/storage/dev/nginx/app-internal-ports.conf b/storage/dev/nginx/app-internal-ports.conf index 68bd9ed..880db64 100644 --- a/storage/dev/nginx/app-internal-ports.conf +++ b/storage/dev/nginx/app-internal-ports.conf @@ -3,358 +3,358 @@ server { - listen $REDIS_PORT default_server; + listen 6379:6379 default_server; server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$REDIS_int.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$REDIS_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } # websocket (si nécessaire) location /ws/ { - proxy_pass http://$REDIS_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } server { - listen $POSTGRESQL_PORT default_server; + listen 5432:5432 default_server; server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$POSTGRESQL_int.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$POSTGRESQL_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } # websocket (si nécessaire) location /ws/ { - proxy_pass http://$POSTGRESQL_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } server { - listen $LOKI_PORT default_server; + listen 3100:3100 default_server; server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$LOKI_int.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$LOKI_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } # websocket (si nécessaire) location /ws/ { - proxy_pass http://$LOKI_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } server { - listen $PROMTAIL_PORT default_server; + listen 8090:8090 default_server; server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$PROMTAIL_int.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$PROMTAIL_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } # websocket (si nécessaire) location /ws/ { - proxy_pass http://$PROMTAIL_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } server { - listen $GRAFANA_PORT default_server; + listen 3001:3001 default_server; server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$GRAFANA_int.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$GRAFANA_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } # websocket (si nécessaire) location /ws/ { - proxy_pass http://$GRAFANA_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } server { - listen $NGNIX_PORT default_server; + listen default_server; server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$NGNIX_int.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$NGNIX_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } # websocket (si nécessaire) location /ws/ { - proxy_pass http://$NGNIX_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } server { - listen $TOR_PORT default_server; + listen 9050:9050 default_server; server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$TOR_int.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$TOR_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } # websocket (si nécessaire) location /ws/ { - proxy_pass http://$TOR_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } server { - listen $_4NK_VAULT_PORT default_server; + listen default_server; server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$_4NK_VAULT_int.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$_4NK_VAULT_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } # websocket (si nécessaire) location /ws/ { - proxy_pass http://$_4NK_VAULT_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } server { - listen $BITCOIN_PORT default_server; + listen 38332:38332 default_server; server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$BITCOIN_int.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$BITCOIN_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } # websocket (si nécessaire) location /ws/ { - proxy_pass http://$BITCOIN_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } server { - listen $BLINDBIT_ORACLE_PORT default_server; + listen 8000:8000 default_server; server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$BLINDBIT_ORACLE_int.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$BLINDBIT_ORACLE_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } # websocket (si nécessaire) location /ws/ { - proxy_pass http://$BLINDBIT_ORACLE_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } server { - listen $SDK_RELAY_PORT default_server; + listen 8080:8080 default_server; server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$SDK_RELAY_int.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$SDK_RELAY_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } # websocket (si nécessaire) location /ws/ { - proxy_pass http://$SDK_RELAY_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } server { - listen $SDK_STORAGE_PORT default_server; + listen 8081:8081 default_server; server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$SDK_STORAGE_int.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$SDK_STORAGE_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } # websocket (si nécessaire) location /ws/ { - proxy_pass http://$SDK_STORAGE_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } server { - listen $IHM_CLIENT_PORT default_server; + listen 3003:3003 default_server; server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$IHM_CLIENT_int.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$IHM_CLIENT_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } # websocket (si nécessaire) location /ws/ { - proxy_pass http://$IHM_CLIENT_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } server { - listen $_4NK_CERTIFICATOR_PORT default_server; + listen 8082:8082 default_server; server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$_4NK_CERTIFICATOR_int.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$_4NK_CERTIFICATOR_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } # websocket (si nécessaire) location /ws/ { - proxy_pass http://$_4NK_CERTIFICATOR_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } server { - listen $_4NK_MINER_PORT default_server; + listen 8083:8083 default_server; server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$_4NK_MINER_int.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$_4NK_MINER_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } # websocket (si nécessaire) location /ws/ { - proxy_pass http://$_4NK_MINER_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } server { - listen $LECOFFRE_FRONT_PORT default_server; + listen 3000:3000 default_server; server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$LECOFFRE_FRONT_int.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$LECOFFRE_FRONT_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } # websocket (si nécessaire) location /ws/ { - proxy_pass http://$LECOFFRE_FRONT_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } server { - listen $_4NK_WEB_STATUS_PORT default_server; + listen 3006:3006 default_server; server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$_4NK_WEB_STATUS_int.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$_4NK_WEB_STATUS_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } # websocket (si nécessaire) location /ws/ { - proxy_pass http://$_4NK_WEB_STATUS_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } diff --git a/storage/dev/nginx/nginx_dev4.4NKweb.com-https.conf b/storage/dev/nginx/nginx_dev4.4NKweb.com-https.conf index 52cbf72..89aeaa4 100644 --- a/storage/dev/nginx/nginx_dev4.4NKweb.com-https.conf +++ b/storage/dev/nginx/nginx_dev4.4NKweb.com-https.conf @@ -1,4 +1,4 @@ -# Configuration Nginx consolidée pour $HOST +# Configuration Nginx consolidée pour dev4._4NKweb.com # Générée automatiquement le $(date) # Inclusion du format de log JSON et des upstreams @@ -8,22 +8,22 @@ include upstreams.conf; # Redirection globale HTTP→HTTPS server { listen 80; - server_name $HOST *.$HOST; - return 301 https://$host$request_uri; + server_name dev4._4NKweb.com *.dev4._4NKweb.com; + return 301 https://; } # Configuration HTTPS pour REDIS server { listen 80; - server_name $REDIS.$_4NKweb.com; + server_name redis..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $REDIS_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -37,17 +37,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$REDIS_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$REDIS_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$REDIS_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -57,14 +57,14 @@ server { # Configuration HTTPS pour POSTGRESQL server { listen 80; - server_name $POSTGRESQL.$_4NKweb.com; + server_name postgresql..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $POSTGRESQL_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -78,17 +78,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$POSTGRESQL_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$POSTGRESQL_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$POSTGRESQL_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -98,14 +98,14 @@ server { # Configuration HTTPS pour LOKI server { listen 80; - server_name $LOKI.$_4NKweb.com; + server_name loki..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $LOKI_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -119,17 +119,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$LOKI_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$LOKI_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$LOKI_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -139,14 +139,14 @@ server { # Configuration HTTPS pour PROMTAIL server { listen 80; - server_name $PROMTAIL.$_4NKweb.com; + server_name promtail..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $PROMTAIL_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -160,17 +160,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$PROMTAIL_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$PROMTAIL_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$PROMTAIL_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -180,14 +180,14 @@ server { # Configuration HTTPS pour GRAFANA server { listen 80; - server_name $GRAFANA.$_4NKweb.com; + server_name grafana..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $GRAFANA_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -201,17 +201,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$GRAFANA_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$GRAFANA_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$GRAFANA_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -221,14 +221,14 @@ server { # Configuration HTTPS pour NGNIX server { listen 80; - server_name $NGNIX.$_4NKweb.com; + server_name ..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $NGNIX_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -242,17 +242,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$NGNIX_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$NGNIX_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$NGNIX_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -262,14 +262,14 @@ server { # Configuration HTTPS pour TOR server { listen 80; - server_name $TOR.$_4NKweb.com; + server_name tor-proxy..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $TOR_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -283,17 +283,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$TOR_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$TOR_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$TOR_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -303,14 +303,14 @@ server { # Configuration HTTPS pour _4NK_VAULT server { listen 80; - server_name $_4NK_VAULT.$_4NKweb.com; + server_name _4NK_vault..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $_4NK_VAULT_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -324,17 +324,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$_4NK_VAULT_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$_4NK_VAULT_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$_4NK_VAULT_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -344,14 +344,14 @@ server { # Configuration HTTPS pour BITCOIN server { listen 80; - server_name $BITCOIN.$_4NKweb.com; + server_name bitcoin..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $BITCOIN_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -365,17 +365,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$BITCOIN_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$BITCOIN_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$BITCOIN_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -385,14 +385,14 @@ server { # Configuration HTTPS pour BLINDBIT_ORACLE server { listen 80; - server_name $BLINDBIT_ORACLE.$_4NKweb.com; + server_name blindbit-oracle..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $BLINDBIT_ORACLE_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -406,17 +406,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$BLINDBIT_ORACLE_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$BLINDBIT_ORACLE_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$BLINDBIT_ORACLE_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -426,14 +426,14 @@ server { # Configuration HTTPS pour SDK_RELAY server { listen 80; - server_name $SDK_RELAY.$_4NKweb.com; + server_name sdk_relay..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $SDK_RELAY_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -447,17 +447,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$SDK_RELAY_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$SDK_RELAY_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$SDK_RELAY_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -467,14 +467,14 @@ server { # Configuration HTTPS pour SDK_STORAGE server { listen 80; - server_name $SDK_STORAGE.$_4NKweb.com; + server_name sdk_storage..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $SDK_STORAGE_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -488,17 +488,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$SDK_STORAGE_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$SDK_STORAGE_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$SDK_STORAGE_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -508,14 +508,14 @@ server { # Configuration HTTPS pour IHM_CLIENT server { listen 80; - server_name $IHM_CLIENT.$_4NKweb.com; + server_name ihm_client..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $IHM_CLIENT_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -529,17 +529,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$IHM_CLIENT_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$IHM_CLIENT_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$IHM_CLIENT_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -549,14 +549,14 @@ server { # Configuration HTTPS pour _4NK_CERTIFICATOR server { listen 80; - server_name $_4NK_CERTIFICATOR.$_4NKweb.com; + server_name _4NK_certificator..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $_4NK_CERTIFICATOR_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -570,17 +570,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$_4NK_CERTIFICATOR_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$_4NK_CERTIFICATOR_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$_4NK_CERTIFICATOR_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -590,14 +590,14 @@ server { # Configuration HTTPS pour _4NK_MINER server { listen 80; - server_name $_4NK_MINER.$_4NKweb.com; + server_name _4NK_miner..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $_4NK_MINER_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -611,17 +611,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$_4NK_MINER_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$_4NK_MINER_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$_4NK_MINER_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -631,14 +631,14 @@ server { # Configuration HTTPS pour LECOFFRE_FRONT server { listen 80; - server_name $LECOFFRE_FRONT.$_4NKweb.com; + server_name lecoffre-front..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $LECOFFRE_FRONT_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -652,17 +652,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$LECOFFRE_FRONT_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$LECOFFRE_FRONT_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$LECOFFRE_FRONT_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -672,14 +672,14 @@ server { # Configuration HTTPS pour _4NK_WEB_STATUS server { listen 80; - server_name $_4NK_WEB_STATUS.$_4NKweb.com; + server_name _4NK_web_status..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $_4NK_WEB_STATUS_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -693,17 +693,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$_4NK_WEB_STATUS_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$_4NK_WEB_STATUS_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$_4NK_WEB_STATUS_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; diff --git a/storage/dev/nginx/nginx_dev4.4nkweb.com-https.conf b/storage/dev/nginx/nginx_dev4.4nkweb.com-https.conf index 52cbf72..89aeaa4 100644 --- a/storage/dev/nginx/nginx_dev4.4nkweb.com-https.conf +++ b/storage/dev/nginx/nginx_dev4.4nkweb.com-https.conf @@ -1,4 +1,4 @@ -# Configuration Nginx consolidée pour $HOST +# Configuration Nginx consolidée pour dev4._4NKweb.com # Générée automatiquement le $(date) # Inclusion du format de log JSON et des upstreams @@ -8,22 +8,22 @@ include upstreams.conf; # Redirection globale HTTP→HTTPS server { listen 80; - server_name $HOST *.$HOST; - return 301 https://$host$request_uri; + server_name dev4._4NKweb.com *.dev4._4NKweb.com; + return 301 https://; } # Configuration HTTPS pour REDIS server { listen 80; - server_name $REDIS.$_4NKweb.com; + server_name redis..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $REDIS_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -37,17 +37,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$REDIS_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$REDIS_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$REDIS_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -57,14 +57,14 @@ server { # Configuration HTTPS pour POSTGRESQL server { listen 80; - server_name $POSTGRESQL.$_4NKweb.com; + server_name postgresql..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $POSTGRESQL_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -78,17 +78,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$POSTGRESQL_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$POSTGRESQL_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$POSTGRESQL_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -98,14 +98,14 @@ server { # Configuration HTTPS pour LOKI server { listen 80; - server_name $LOKI.$_4NKweb.com; + server_name loki..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $LOKI_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -119,17 +119,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$LOKI_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$LOKI_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$LOKI_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -139,14 +139,14 @@ server { # Configuration HTTPS pour PROMTAIL server { listen 80; - server_name $PROMTAIL.$_4NKweb.com; + server_name promtail..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $PROMTAIL_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -160,17 +160,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$PROMTAIL_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$PROMTAIL_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$PROMTAIL_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -180,14 +180,14 @@ server { # Configuration HTTPS pour GRAFANA server { listen 80; - server_name $GRAFANA.$_4NKweb.com; + server_name grafana..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $GRAFANA_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -201,17 +201,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$GRAFANA_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$GRAFANA_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$GRAFANA_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -221,14 +221,14 @@ server { # Configuration HTTPS pour NGNIX server { listen 80; - server_name $NGNIX.$_4NKweb.com; + server_name ..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $NGNIX_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -242,17 +242,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$NGNIX_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$NGNIX_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$NGNIX_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -262,14 +262,14 @@ server { # Configuration HTTPS pour TOR server { listen 80; - server_name $TOR.$_4NKweb.com; + server_name tor-proxy..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $TOR_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -283,17 +283,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$TOR_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$TOR_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$TOR_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -303,14 +303,14 @@ server { # Configuration HTTPS pour _4NK_VAULT server { listen 80; - server_name $_4NK_VAULT.$_4NKweb.com; + server_name _4NK_vault..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $_4NK_VAULT_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -324,17 +324,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$_4NK_VAULT_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$_4NK_VAULT_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$_4NK_VAULT_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -344,14 +344,14 @@ server { # Configuration HTTPS pour BITCOIN server { listen 80; - server_name $BITCOIN.$_4NKweb.com; + server_name bitcoin..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $BITCOIN_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -365,17 +365,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$BITCOIN_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$BITCOIN_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$BITCOIN_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -385,14 +385,14 @@ server { # Configuration HTTPS pour BLINDBIT_ORACLE server { listen 80; - server_name $BLINDBIT_ORACLE.$_4NKweb.com; + server_name blindbit-oracle..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $BLINDBIT_ORACLE_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -406,17 +406,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$BLINDBIT_ORACLE_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$BLINDBIT_ORACLE_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$BLINDBIT_ORACLE_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -426,14 +426,14 @@ server { # Configuration HTTPS pour SDK_RELAY server { listen 80; - server_name $SDK_RELAY.$_4NKweb.com; + server_name sdk_relay..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $SDK_RELAY_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -447,17 +447,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$SDK_RELAY_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$SDK_RELAY_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$SDK_RELAY_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -467,14 +467,14 @@ server { # Configuration HTTPS pour SDK_STORAGE server { listen 80; - server_name $SDK_STORAGE.$_4NKweb.com; + server_name sdk_storage..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $SDK_STORAGE_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -488,17 +488,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$SDK_STORAGE_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$SDK_STORAGE_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$SDK_STORAGE_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -508,14 +508,14 @@ server { # Configuration HTTPS pour IHM_CLIENT server { listen 80; - server_name $IHM_CLIENT.$_4NKweb.com; + server_name ihm_client..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $IHM_CLIENT_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -529,17 +529,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$IHM_CLIENT_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$IHM_CLIENT_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$IHM_CLIENT_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -549,14 +549,14 @@ server { # Configuration HTTPS pour _4NK_CERTIFICATOR server { listen 80; - server_name $_4NK_CERTIFICATOR.$_4NKweb.com; + server_name _4NK_certificator..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $_4NK_CERTIFICATOR_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -570,17 +570,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$_4NK_CERTIFICATOR_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$_4NK_CERTIFICATOR_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$_4NK_CERTIFICATOR_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -590,14 +590,14 @@ server { # Configuration HTTPS pour _4NK_MINER server { listen 80; - server_name $_4NK_MINER.$_4NKweb.com; + server_name _4NK_miner..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $_4NK_MINER_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -611,17 +611,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$_4NK_MINER_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$_4NK_MINER_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$_4NK_MINER_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -631,14 +631,14 @@ server { # Configuration HTTPS pour LECOFFRE_FRONT server { listen 80; - server_name $LECOFFRE_FRONT.$_4NKweb.com; + server_name lecoffre-front..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $LECOFFRE_FRONT_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -652,17 +652,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$LECOFFRE_FRONT_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$LECOFFRE_FRONT_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$LECOFFRE_FRONT_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; @@ -672,14 +672,14 @@ server { # Configuration HTTPS pour _4NK_WEB_STATUS server { listen 80; - server_name $_4NK_WEB_STATUS.$_4NKweb.com; + server_name _4NK_web_status..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $_4NK_WEB_STATUS_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -693,17 +693,17 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$_4NK_WEB_STATUS_https.log app_json; + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; location / { - proxy_pass http://$_4NK_WEB_STATUS_DOCKER_NAME; + proxy_pass http://; include $/etc/nginx/conf.d/proxy_headers.conf; } location /ws/ { - proxy_pass http://$_4NK_WEB_STATUS_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; include $/etc/nginx/conf.d/proxy_headers.conf; proxy_read_timeout 3600s; diff --git a/storage/dev/nginx/nginx_dev4._4NKweb.com-https.conf b/storage/dev/nginx/nginx_dev4._4NKweb.com-https.conf index 52cbf72..a366085 100644 --- a/storage/dev/nginx/nginx_dev4._4NKweb.com-https.conf +++ b/storage/dev/nginx/nginx_dev4._4NKweb.com-https.conf @@ -1,4 +1,4 @@ -# Configuration Nginx consolidée pour $HOST +# Configuration Nginx consolidée pour dev4._4NKweb.com # Générée automatiquement le $(date) # Inclusion du format de log JSON et des upstreams @@ -8,22 +8,22 @@ include upstreams.conf; # Redirection globale HTTP→HTTPS server { listen 80; - server_name $HOST *.$HOST; - return 301 https://$host$request_uri; + server_name dev4._4NKweb.com *.dev4._4NKweb.com; + return 301 https://; } # Configuration HTTPS pour REDIS server { listen 80; - server_name $REDIS.$_4NKweb.com; + server_name redis..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $REDIS_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -37,19 +37,19 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$REDIS_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$REDIS_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$REDIS_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } @@ -57,14 +57,14 @@ server { # Configuration HTTPS pour POSTGRESQL server { listen 80; - server_name $POSTGRESQL.$_4NKweb.com; + server_name postgresql..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $POSTGRESQL_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -78,19 +78,19 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$POSTGRESQL_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$POSTGRESQL_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$POSTGRESQL_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } @@ -98,14 +98,14 @@ server { # Configuration HTTPS pour LOKI server { listen 80; - server_name $LOKI.$_4NKweb.com; + server_name loki..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $LOKI_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -119,19 +119,19 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$LOKI_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$LOKI_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$LOKI_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } @@ -139,14 +139,14 @@ server { # Configuration HTTPS pour PROMTAIL server { listen 80; - server_name $PROMTAIL.$_4NKweb.com; + server_name promtail..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $PROMTAIL_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -160,19 +160,19 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$PROMTAIL_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$PROMTAIL_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$PROMTAIL_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } @@ -180,14 +180,14 @@ server { # Configuration HTTPS pour GRAFANA server { listen 80; - server_name $GRAFANA.$_4NKweb.com; + server_name grafana..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $GRAFANA_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -201,19 +201,19 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$GRAFANA_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$GRAFANA_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$GRAFANA_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } @@ -221,14 +221,14 @@ server { # Configuration HTTPS pour NGNIX server { listen 80; - server_name $NGNIX.$_4NKweb.com; + server_name ..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $NGNIX_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -242,19 +242,19 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$NGNIX_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$NGNIX_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$NGNIX_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } @@ -262,14 +262,14 @@ server { # Configuration HTTPS pour TOR server { listen 80; - server_name $TOR.$_4NKweb.com; + server_name tor-proxy..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $TOR_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -283,19 +283,19 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$TOR_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$TOR_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$TOR_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } @@ -303,14 +303,14 @@ server { # Configuration HTTPS pour _4NK_VAULT server { listen 80; - server_name $_4NK_VAULT.$_4NKweb.com; + server_name _4NK_vault..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $_4NK_VAULT_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -324,19 +324,19 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$_4NK_VAULT_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$_4NK_VAULT_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$_4NK_VAULT_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } @@ -344,14 +344,14 @@ server { # Configuration HTTPS pour BITCOIN server { listen 80; - server_name $BITCOIN.$_4NKweb.com; + server_name bitcoin..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $BITCOIN_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -365,19 +365,19 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$BITCOIN_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$BITCOIN_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$BITCOIN_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } @@ -385,14 +385,14 @@ server { # Configuration HTTPS pour BLINDBIT_ORACLE server { listen 80; - server_name $BLINDBIT_ORACLE.$_4NKweb.com; + server_name blindbit-oracle..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $BLINDBIT_ORACLE_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -406,19 +406,19 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$BLINDBIT_ORACLE_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$BLINDBIT_ORACLE_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$BLINDBIT_ORACLE_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } @@ -426,14 +426,14 @@ server { # Configuration HTTPS pour SDK_RELAY server { listen 80; - server_name $SDK_RELAY.$_4NKweb.com; + server_name sdk_relay..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $SDK_RELAY_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -447,19 +447,19 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$SDK_RELAY_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$SDK_RELAY_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$SDK_RELAY_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } @@ -467,14 +467,14 @@ server { # Configuration HTTPS pour SDK_STORAGE server { listen 80; - server_name $SDK_STORAGE.$_4NKweb.com; + server_name sdk_storage..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $SDK_STORAGE_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -488,19 +488,19 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$SDK_STORAGE_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$SDK_STORAGE_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$SDK_STORAGE_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } @@ -508,14 +508,14 @@ server { # Configuration HTTPS pour IHM_CLIENT server { listen 80; - server_name $IHM_CLIENT.$_4NKweb.com; + server_name ihm_client..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $IHM_CLIENT_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -529,19 +529,19 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$IHM_CLIENT_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$IHM_CLIENT_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$IHM_CLIENT_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } @@ -549,14 +549,14 @@ server { # Configuration HTTPS pour _4NK_CERTIFICATOR server { listen 80; - server_name $_4NK_CERTIFICATOR.$_4NKweb.com; + server_name _4NK_certificator..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $_4NK_CERTIFICATOR_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -570,19 +570,19 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$_4NK_CERTIFICATOR_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$_4NK_CERTIFICATOR_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$_4NK_CERTIFICATOR_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } @@ -590,14 +590,14 @@ server { # Configuration HTTPS pour _4NK_MINER server { listen 80; - server_name $_4NK_MINER.$_4NKweb.com; + server_name _4NK_miner..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $_4NK_MINER_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -611,19 +611,19 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$_4NK_MINER_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$_4NK_MINER_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$_4NK_MINER_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } @@ -631,14 +631,14 @@ server { # Configuration HTTPS pour LECOFFRE_FRONT server { listen 80; - server_name $LECOFFRE_FRONT.$_4NKweb.com; + server_name lecoffre-front..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $LECOFFRE_FRONT_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -652,19 +652,19 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$LECOFFRE_FRONT_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$LECOFFRE_FRONT_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$LECOFFRE_FRONT_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } @@ -672,14 +672,14 @@ server { # Configuration HTTPS pour _4NK_WEB_STATUS server { listen 80; - server_name $_4NK_WEB_STATUS.$_4NKweb.com; + server_name _4NK_web_status..com; # redirection HTTP→HTTPS pour l'externe - return 301 https://$host$request_uri; + return 301 https://; } server { listen 443 ssl http2; - server_name $_4NK_WEB_STATUS_DOCKER_NAME.$_4NKweb.com; + server_name ..com; ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; @@ -693,19 +693,19 @@ server { # HSTS (activer seulement si tout le domaine est en HTTPS) add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$_4NK_WEB_STATUS_https.log app_json; + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; location / { - proxy_pass http://$_4NK_WEB_STATUS_DOCKER_NAME; - include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_pass http://; + include $/proxy_headers.conf; } location /ws/ { - proxy_pass http://$_4NK_WEB_STATUS_DOCKER_NAME; + proxy_pass http://; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; + proxy_set_header Upgrade ; proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; + include $/proxy_headers.conf; proxy_read_timeout 3600s; } } diff --git a/storage/dev/nginx/proxy_headers.conf b/storage/dev/nginx/proxy_headers.conf index 6349894..fde5efe 100644 --- a/storage/dev/nginx/proxy_headers.conf +++ b/storage/dev/nginx/proxy_headers.conf @@ -1,17 +1,17 @@ # Headers de proxy générés automatiquement # Généré le $(date) -proxy_set_header Host $host; -proxy_set_header X-Real-IP $remote_addr; -proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; -proxy_set_header X-Forwarded-Proto $scheme; -proxy_set_header X-Forwarded-Host $host; -proxy_set_header X-Forwarded-Port $server_port; +proxy_set_header Host ; +proxy_set_header X-Real-IP ; +proxy_set_header X-Forwarded-For ; +proxy_set_header X-Forwarded-Proto ; +proxy_set_header X-Forwarded-Host ; +proxy_set_header X-Forwarded-Port ; # Directives de proxy proxy_redirect off; # si l'app sait générer ses URLs -add_header X-Debug-Scheme $scheme always; -add_header X-Debug-XFP $http_x_forwarded_proto always; +add_header X-Debug-Scheme always; +add_header X-Debug-XFP always; # Timeouts proxy_connect_timeout 60s; @@ -25,5 +25,5 @@ proxy_buffers 8 4k; proxy_busy_buffers_size 8k; # Cache settings -proxy_cache_bypass $http_upgrade; -proxy_no_cache $http_upgrade; +proxy_cache_bypass ; +proxy_no_cache ; diff --git a/storage/dev/nginx/upstreams.conf b/storage/dev/nginx/upstreams.conf index 70ea138..b8ed3b8 100644 --- a/storage/dev/nginx/upstreams.conf +++ b/storage/dev/nginx/upstreams.conf @@ -2,101 +2,101 @@ # Généré le $(date) log_format app_json escape=json - '{ "time":"$time_iso8601",' - ' "client":"$remote_addr",' - ' "xff":"$http_x_forwarded_for",' - ' "method":"$request_method",' - ' "host":"$host",' - ' "uri":"$request_uri",' - ' "status":$status,' - ' "bytes":$body_bytes_sent,' - ' "ua":"$http_user_agent",' - ' "upstream":"$upstream_addr",' - ' "rt":$request_time,' - ' "urt":$upstream_response_time }'; + '{ "time":"",' + ' "client":"",' + ' "xff":"",' + ' "method":"",' + ' "host":"",' + ' "uri":"",' + ' "status":,' + ' "bytes":,' + ' "ua":"",' + ' "upstream":"",' + ' "rt":,' + ' "urt": }'; -upstream $REDIS { - server $REDIS_DOCKER_NAME:$REDIS_PORT; +upstream redis { + server :6379:6379; keepalive 64; } -upstream $POSTGRESQL { - server $POSTGRESQL_DOCKER_NAME:$POSTGRESQL_PORT; +upstream postgresql { + server :5432:5432; keepalive 64; } -upstream $LOKI { - server $LOKI_DOCKER_NAME:$LOKI_PORT; +upstream loki { + server :3100:3100; keepalive 64; } -upstream $PROMTAIL { - server $PROMTAIL_DOCKER_NAME:$PROMTAIL_PORT; +upstream promtail { + server :8090:8090; keepalive 64; } -upstream $GRAFANA { - server $GRAFANA_DOCKER_NAME:$GRAFANA_PORT; +upstream grafana { + server :3001:3001; keepalive 64; } -upstream $NGNIX { - server $NGNIX_DOCKER_NAME:$NGNIX_PORT; +upstream { + server :; keepalive 64; } -upstream $TOR { - server $TOR_DOCKER_NAME:$TOR_PORT; +upstream tor-proxy { + server :9050:9050; keepalive 64; } -upstream $_4NK_VAULT { - server $_4NK_VAULT_DOCKER_NAME:$_4NK_VAULT_PORT; +upstream _4NK_vault { + server :; keepalive 64; } -upstream $BITCOIN { - server $BITCOIN_DOCKER_NAME:$BITCOIN_PORT; +upstream bitcoin { + server :38332:38332; keepalive 64; } -upstream $BLINDBIT_ORACLE { - server $BLINDBIT_ORACLE_DOCKER_NAME:$BLINDBIT_ORACLE_PORT; +upstream blindbit-oracle { + server :8000:8000; keepalive 64; } -upstream $SDK_RELAY { - server $SDK_RELAY_DOCKER_NAME:$SDK_RELAY_PORT; +upstream sdk_relay { + server :8080:8080; keepalive 64; } -upstream $SDK_STORAGE { - server $SDK_STORAGE_DOCKER_NAME:$SDK_STORAGE_PORT; +upstream sdk_storage { + server :8081:8081; keepalive 64; } -upstream $IHM_CLIENT { - server $IHM_CLIENT_DOCKER_NAME:$IHM_CLIENT_PORT; +upstream ihm_client { + server :3003:3003; keepalive 64; } -upstream $_4NK_CERTIFICATOR { - server $_4NK_CERTIFICATOR_DOCKER_NAME:$_4NK_CERTIFICATOR_PORT; +upstream _4NK_certificator { + server :8082:8082; keepalive 64; } -upstream $_4NK_MINER { - server $_4NK_MINER_DOCKER_NAME:$_4NK_MINER_PORT; +upstream _4NK_miner { + server :8083:8083; keepalive 64; } -upstream $LECOFFRE_FRONT { - server $LECOFFRE_FRONT_DOCKER_NAME:$LECOFFRE_FRONT_PORT; +upstream lecoffre-front { + server :3000:3000; keepalive 64; } -upstream $_4NK_WEB_STATUS { - server $_4NK_WEB_STATUS_DOCKER_NAME:$_4NK_WEB_STATUS_PORT; +upstream _4NK_web_status { + server :3006:3006; keepalive 64; } diff --git a/storage/dev/test_generate.sh b/storage/dev/test_generate.sh deleted file mode 100755 index b009769..0000000 --- a/storage/dev/test_generate.sh +++ /dev/null @@ -1,207 +0,0 @@ -#!/bin/bash - -# Script de test pour valider le fonctionnement du script generate.sh -# Teste les différentes options et fonctionnalités - -# Couleurs -RED='\033[0;31m' -GREEN='\033[0;32m' -YELLOW='\033[1;33m' -BLUE='\033[0;34m' -NC='\033[0m' - -# Compteurs -TESTS_PASSED=0 -TESTS_FAILED=0 -TOTAL_TESTS=0 - -# Fonction pour afficher les résultats -print_result() { - local test_name="$1" - local status="$2" - local message="$3" - - TOTAL_TESTS=$((TOTAL_TESTS + 1)) - - if [ "$status" = "PASS" ]; then - echo -e "${GREEN}✅ PASS${NC}: $test_name - $message" - TESTS_PASSED=$((TESTS_PASSED + 1)) - else - echo -e "${RED}❌ FAIL${NC}: $test_name - $message" - TESTS_FAILED=$((TESTS_FAILED + 1)) - fi -} - -echo -e "${BLUE}🧪 TEST DU SCRIPT GÉNÉRATEUR PRINCIPAL${NC}" -echo -e "${BLUE}======================================${NC}" - -# Test 1: Vérifier l'existence du script -if [ -f "generate.sh" ]; then - print_result "Script existe" "PASS" "generate.sh présent" -else - print_result "Script existe" "FAIL" "generate.sh manquant" - exit 1 -fi - -# Test 2: Vérifier que le script est exécutable -if [ -x "generate.sh" ]; then - print_result "Script exécutable" "PASS" "generate.sh exécutable" -else - print_result "Script exécutable" "FAIL" "generate.sh non exécutable" -fi - -# Test 3: Test de l'aide -echo -e "\n${YELLOW}🔍 Test de l'aide...${NC}" -if ./generate.sh --help >/dev/null 2>&1; then - print_result "Aide fonctionne" "PASS" "Option --help fonctionne" -else - print_result "Aide fonctionne" "FAIL" "Option --help échoue" -fi - -# Test 4: Vérifier les scripts requis -REQUIRED_SCRIPTS=( - "generate_variables.sh" - "generate_grafana_dashboards.sh" - "generate_nginx_configs.sh" -) - -for script in "${REQUIRED_SCRIPTS[@]}"; do - if [ -f "$script" ]; then - print_result "Script requis" "PASS" "$script présent" - else - print_result "Script requis" "FAIL" "$script manquant" - fi -done - -# Test 5: Test avec variables d'environnement minimales -echo -e "\n${YELLOW}🔍 Test avec variables minimales...${NC}" - -# Exporter des variables minimales -export HOST="test.example.com" -export SERVICES=(TEST_SERVICE) -export DOMAIN="test.example.com" -export CERT_PATH="/tmp/certs" -export NGINX_LOGS_DIR="/tmp/logs" -export NGINX_CONFS_DIR="/tmp/conf" -export DOCKER_GLOBAL_NAME="test" - -# Test d'exécution (sans --verbose pour éviter trop de sortie) -echo -e "${YELLOW}Exécution du script generate.sh...${NC}" -if timeout 30 ./generate.sh >/dev/null 2>&1; then - print_result "Exécution script" "PASS" "Script s'exécute sans erreur fatale" -else - exit_code=$? - if [ $exit_code -eq 124 ]; then - print_result "Exécution script" "PASS" "Script s'exécute (timeout après 30s)" - else - print_result "Exécution script" "FAIL" "Script échoue avec code $exit_code" - fi -fi - -# Test 6: Vérifier les fichiers générés -echo -e "\n${YELLOW}🔍 Vérification des fichiers générés...${NC}" - -# Vérifier si des fichiers ont été générés -GENERATED_FILES=( - "_4NK_modules/grafana/dashboards" - "_4NK_modules/promtail/promtail.yml" - "nginx/upstreams.conf" - "nginx/app-internal-ports.conf" - "nginx/proxy_headers.conf" -) - -for file in "${GENERATED_FILES[@]}"; do - if [ -e "$file" ]; then - print_result "Fichier généré" "PASS" "$file créé" - else - print_result "Fichier généré" "FAIL" "$file non créé" - fi -done - -# Test 7: Test des options -echo -e "\n${YELLOW}🔍 Test des options...${NC}" - -# Test exécution normale (mode verbeux par défaut) -if timeout 10 ./generate.sh >/dev/null 2>&1; then - print_result "Exécution normale" "PASS" "Script fonctionne en mode verbeux par défaut" -else - exit_code=$? - if [ $exit_code -eq 124 ]; then - print_result "Exécution normale" "PASS" "Script fonctionne (timeout)" - else - print_result "Exécution normale" "FAIL" "Script échoue" - fi -fi - -# Test option invalide -if ./generate.sh --invalid-option >/dev/null 2>&1; then - print_result "Option invalide" "FAIL" "Option invalide acceptée" -else - print_result "Option invalide" "PASS" "Option invalide rejetée" -fi - -# Test 8: Vérifier la structure des fichiers générés -echo -e "\n${YELLOW}🔍 Vérification du contenu des fichiers...${NC}" - -# Vérifier upstreams.conf -if [ -f "nginx/upstreams.conf" ]; then - if grep -q "upstream" nginx/upstreams.conf; then - print_result "Contenu upstreams" "PASS" "upstreams.conf contient des upstreams" - else - print_result "Contenu upstreams" "FAIL" "upstreams.conf vide ou invalide" - fi - - if grep -q "log_format app_json" nginx/upstreams.conf; then - print_result "Format log JSON" "PASS" "Format de log JSON présent" - else - print_result "Format log JSON" "FAIL" "Format de log JSON manquant" - fi -fi - -# Vérifier proxy_headers.conf -if [ -f "nginx/proxy_headers.conf" ]; then - if grep -q "proxy_set_header Host" nginx/proxy_headers.conf; then - print_result "Headers proxy" "PASS" "Headers de proxy configurés" - else - print_result "Headers proxy" "FAIL" "Headers de proxy manquants" - fi -fi - -# Vérifier les dashboards Grafana -if [ -d "_4NK_modules/grafana/dashboards" ]; then - dashboard_count=$(find _4NK_modules/grafana/dashboards -name "*.json" | wc -l) - if [ $dashboard_count -gt 0 ]; then - print_result "Dashboards Grafana" "PASS" "$dashboard_count dashboards générés" - else - print_result "Dashboards Grafana" "FAIL" "Aucun dashboard généré" - fi -fi - -# Test 9: Nettoyage des fichiers de test -echo -e "\n${YELLOW}🧹 Nettoyage des fichiers de test...${NC}" - -# Supprimer les fichiers générés par les tests -rm -rf nginx/ 2>/dev/null -rm -rf _4NK_modules/ 2>/dev/null -rm -rf logrotade/ 2>/dev/null -rm -f docker-compose.yml.auto 2>/dev/null -rm -f .env.auto 2>/dev/null - -print_result "Nettoyage" "PASS" "Fichiers de test nettoyés" - -# Résumé final -echo -e "\n${BLUE}📊 RÉSUMÉ DES TESTS${NC}" -echo -e "${BLUE}==================${NC}" -echo -e "Total des tests: ${BLUE}$TOTAL_TESTS${NC}" -echo -e "Tests réussis: ${GREEN}$TESTS_PASSED${NC}" -echo -e "Tests échoués: ${RED}$TESTS_FAILED${NC}" - -if [ $TESTS_FAILED -eq 0 ]; then - echo -e "\n${GREEN}🎉 TOUS LES TESTS SONT PASSÉS !${NC}" - echo "Le script generate.sh fonctionne correctement." - exit 0 -else - echo -e "\n${RED}⚠️ CERTAINS TESTS ONT ÉCHOUÉ${NC}" - echo "Vérifiez les erreurs ci-dessus." - exit 1 -fi diff --git a/templates/.gitkeep b/templates/.gitkeep new file mode 100644 index 0000000..778f04f --- /dev/null +++ b/templates/.gitkeep @@ -0,0 +1,2 @@ +# Ce fichier garantit que le répertoire storage/ est présent dans Git +./ \ No newline at end of file diff --git a/templates/README.md b/templates/README.md new file mode 100644 index 0000000..430a179 --- /dev/null +++ b/templates/README.md @@ -0,0 +1,242 @@ +# Système de Templates 4NK Vault + +## 🎯 Vue d'ensemble + +Le répertoire `templates/` contient tous les fichiers sources avec variables d'environnement qui sont utilisés pour générer automatiquement les configurations finales dans `storage/`. + +## 📁 Structure + +``` +templates/ +├── dev/ # Templates pour l'environnement de développement +│ ├── generate.sh # Script principal d'orchestration +│ ├── generate_variables.sh # Génération des variables d'environnement +│ ├── generate_grafana_dashboards.sh # Génération des dashboards Grafana +│ ├── generate_promtail_config.sh # Génération de la config Promtail +│ ├── generate_logrotate_configs.sh # Génération des configs logrotate +│ ├── generate_nginx_configs.sh # Génération des configs nginx +│ ├── replace_variables_and_copy.sh # Résolution des variables + copie +│ ├── .env.secrets # Variables sensibles +│ ├── .env # Variables principales +│ ├── .env.post # Variables finales/composites +│ ├── _4NK_modules/ # Modules avec configurations +│ ├── 4NK_modules/ # Modules générés (Grafana, Promtail) +│ ├── logrotade/ # Configurations logrotate +│ └── nginx/ # Configurations nginx +└── prod/ # Templates pour l'environnement de production +``` + +## 🚀 Utilisation Rapide + +### Génération Complète + +```bash +# Générer toutes les configurations +cd templates/dev +./generate.sh +``` + +### Génération Étape par Étape + +```bash +# 1. Générer les variables d'environnement +./generate_variables.sh + +# 2. Générer les dashboards Grafana +./generate_grafana_dashboards.sh + +# 3. Générer la configuration Promtail +./generate_promtail_config.sh + +# 4. Générer les configurations logrotate +./generate_logrotate_configs.sh + +# 5. Générer les configurations nginx +./generate_nginx_configs.sh + +# 6. Résoudre les variables et copier vers storage/ +./replace_variables_and_copy.sh +``` + +## 🔧 Configuration + +### Variables d'Environnement + +#### `.env.secrets` +Variables sensibles (ne sont jamais copiées dans storage/) +```bash +# Variables sensibles +API_SECRET_KEY=secret_value +DATABASE_PASSWORD=password +``` + +#### `.env` +Variables principales du système +```bash +# Configuration de base +ROOT_DIR=/home/debian/_4NK_env +DOMAIN=_4NKweb.com +HOST=dev4.$DOMAIN + +# Services +export SERVICES=( + "REDIS" + "POSTGRESQL" + "BITCOIN" + # ... +) + +# Services externes +export SERVICES_EXTERNAL=( + "BOOTSTRAP" + "LECOFFRE_BACK_MINI" +) +``` + +#### `.env.post` +Variables composites et finales +```bash +# URLs composites +SDK_RELAY_BOOSTRAP_URL=$BOOTSTRAP_URL_WS_EXTERNAL +RELAY_URLS=$SDK_RELAY_URL,$SDK_RELAY_BOOSTRAP_URL +BITCOIN_RPC_URL=http://$BITCOIN_DOCKER_NAME:$BITCOIN_SIGNET_RPC_PORT +``` + +### Templates de Fichiers + +Les fichiers dans les sous-répertoires utilisent la syntaxe de variables : +- `$VARIABLE` - Variable simple +- `${VARIABLE}` - Variable avec accolades +- `$VARIABLE_SUFFIX` - Variable avec suffixe + +**Exemple :** +```bash +# Dans bitcoin.conf +datadir=$BITCOIN_DATAS_DIR +rpcuser=$BITCOIN_RPC_USER +rpcpassword=$BITCOIN_RPC_PASSWORD +``` + +## 📋 Scripts Disponibles + +### `generate.sh` +Script principal qui orchestre tous les autres scripts. + +**Fonctionnalités :** +- Exécution séquentielle de tous les scripts de génération +- Gestion des erreurs et rollback +- Logs détaillés du processus +- Validation des prérequis + +### `generate_variables.sh` +Génère les variables d'environnement et le fichier Docker Compose. + +**Génère :** +- `.env.auto` - Variables générées avec références +- `docker-compose.yml.auto` - Docker Compose avec variables + +### `generate_grafana_dashboards.sh` +Génère automatiquement les dashboards Grafana. + +**Types de dashboards :** +- Services Overview +- Bitcoin Services +- Frontend Services +- SDK Services + +### `generate_promtail_config.sh` +Génère la configuration Promtail pour la collecte de logs. + +### `generate_logrotate_configs.sh` +Génère les configurations logrotate pour tous les services. + +### `generate_nginx_configs.sh` +Génère les configurations nginx (upstreams, HTTPS, etc.). + +### `replace_variables_and_copy.sh` +Résout toutes les variables et copie les fichiers vers `storage/`. + +**Fonctionnalités :** +- Chargement séquentiel des fichiers `.env` +- Résolution multi-passes (jusqu'à 5 passes) +- Copie sélective (exclusion des fichiers sensibles) +- Validation des variables résolues + +## 🔒 Sécurité + +### Protection des Templates +- Les fichiers dans `templates/` ne sont jamais modifiés par l'API +- Seuls les fichiers dans `storage/` sont accessibles via l'API +- Les fichiers `.env.secrets` ne sont jamais copiés + +### Isolation des Environnements +- Chaque environnement (`dev`, `prod`) a ses propres templates +- Variables d'environnement isolées par environnement +- Pas de fuite de données entre environnements + +## 🛠️ Maintenance + +### Ajout d'un Nouveau Service + +1. **Ajouter le service dans `.env` :** +```bash +export SERVICES=( + "REDIS" + "POSTGRESQL" + "NOUVEAU_SERVICE" # Ajouter ici + # ... +) +``` + +2. **Définir les variables du service :** +```bash +NOUVEAU_SERVICE=nouveau_service +NOUVEAU_SERVICE_IMAGE=image:tag +NOUVEAU_SERVICE_PORT=8080:8080 +``` + +3. **Régénérer les configurations :** +```bash +cd templates/dev +./generate.sh +``` + +### Modification des Variables + +1. **Modifier les fichiers appropriés** dans `templates/dev/` +2. **Régénérer les configurations :** +```bash +cd templates/dev +./generate.sh +``` + +3. **Vérifier les résultats** dans `storage/dev/` + +## 📊 Monitoring + +### Logs de Génération + +Les scripts fournissent des logs détaillés : +- Nombre de variables chargées +- Fichiers traités et copiés +- Erreurs de résolution des variables + +### Validation + +- Vérification automatique des variables non résolues +- Protection contre les dépendances circulaires +- Validation des chemins et permissions + +## 🔄 Intégration + +### Avec l'API +L'API 4NK Vault lit uniquement les fichiers dans `storage//` après génération. + +### Avec CI/CD +Les scripts de génération peuvent être intégrés dans des pipelines CI/CD pour automatiser le déploiement. + +## 📚 Documentation + +- **`docs/templates-system.md`** - Documentation complète du système +- **`../README.md`** - Documentation principale du projet +- **`../CHANGELOG.md`** - Historique des modifications diff --git a/storage/dev/.env b/templates/dev/.env similarity index 97% rename from storage/dev/.env rename to templates/dev/.env index 16b4e9e..e8d5a42 100644 --- a/storage/dev/.env +++ b/templates/dev/.env @@ -9,8 +9,8 @@ COMPOSE_LOG_LEVEL=WARNING NODE_OPTIONS="--max-old-space-size=4096" NODE_ENV=production ROOT_DIR=/home/debian/_4NK_env -DOCKER_GLOBAL_NAME=projects/lecoffre/$DOCKER_GLOBAL_NAME -DOCKER_GLOBAL=$ROOT_DIR/DOCKER_GLOBAL_NAME +DOCKER_GLOBAL_NAME=projects/lecoffre/lecoffre_node +DOCKER_GLOBAL=$ROOT_DIR/$DOCKER_GLOBAL_NAME NGINX_LOGS_DIR=$DOCKER_GLOBAL/logs/nginx SUPERVISOR_LOGS_DIR=$DOCKER_GLOBAL/logs/supervisor LOGROTATE_CONF_DIR=$DOCKER_GLOBAL/confs/logrotate diff --git a/storage/dev/.env secrets.example b/templates/dev/.env secrets.example similarity index 100% rename from storage/dev/.env secrets.example rename to templates/dev/.env secrets.example diff --git a/templates/dev/.env.auto b/templates/dev/.env.auto new file mode 100644 index 0000000..155e14e --- /dev/null +++ b/templates/dev/.env.auto @@ -0,0 +1,491 @@ +# ====== INTERNAL REDIS ====== + +REDIS_DOCKER_NAME=$REDIS +REDIS_CONFS_DIR=$DOCKER_GLOBAL/confs/$REDIS +REDIS_LOGS_DIR=$DOCKER_GLOBAL/logs/$REDIS +REDIS_RUNS_DIR=$DOCKER_GLOBAL/runs/$REDIS +REDIS_DATAS_DIR=$DOCKER_GLOBAL/datas/$REDIS +REDIS_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$REDIS +REDIS_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$REDIS +REDIS_DOCKER_WORKING_DIR=/home/$REDIS + +${VARIABLE}_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$REDIS +${VARIABLE}_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$REDIS +${VARIABLE}_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$REDIS +${VARIABLE}_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$REDIS +${VARIABLE}_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$REDIS +${VARIABLE}_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$REDIS +REDIS_DOCKER_WORKING_DIR=/home/$REDIS + +REDIS_DOCKER_WORKING_DIR_CREATE="id -u $REDIS >/dev/null 2>&1 || adduser --disabled-password --gecos '' $REDIS; chown -R $REDIS:$REDIS /home/root/.$REDIS || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +${VARIABLE}_DOCKER_PORT=$REDIS_PORT +REDIS_URL_ROUTE=/$REDIS +${VARIABLE}_URL=http://$REDIS_DOCKER_NAME:$REDIS_DOCKER_PORT +REDIS_URL_EXTERNAL=https://$HOST$REDIS_URL_ROUTE +${VARIABLE}_URL_WS=ws://$REDIS_DOCKER_PORT +REDIS_URL_WS_EXTERNAL=wss://$HOST\ws + + +# ====== INTERNAL POSTGRESQL ====== + +POSTGRESQL_DOCKER_NAME=$POSTGRESQL +POSTGRESQL_CONFS_DIR=$DOCKER_GLOBAL/confs/$POSTGRESQL +POSTGRESQL_LOGS_DIR=$DOCKER_GLOBAL/logs/$POSTGRESQL +POSTGRESQL_RUNS_DIR=$DOCKER_GLOBAL/runs/$POSTGRESQL +POSTGRESQL_DATAS_DIR=$DOCKER_GLOBAL/datas/$POSTGRESQL +POSTGRESQL_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$POSTGRESQL +POSTGRESQL_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$POSTGRESQL +POSTGRESQL_DOCKER_WORKING_DIR=/home/$POSTGRESQL + +${VARIABLE}_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$POSTGRESQL +${VARIABLE}_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$POSTGRESQL +${VARIABLE}_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$POSTGRESQL +${VARIABLE}_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$POSTGRESQL +${VARIABLE}_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$POSTGRESQL +${VARIABLE}_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$POSTGRESQL +POSTGRESQL_DOCKER_WORKING_DIR=/home/$POSTGRESQL + +POSTGRESQL_DOCKER_WORKING_DIR_CREATE="id -u $POSTGRESQL >/dev/null 2>&1 || adduser --disabled-password --gecos '' $POSTGRESQL; chown -R $POSTGRESQL:$POSTGRESQL /home/root/.$POSTGRESQL || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +${VARIABLE}_DOCKER_PORT=$POSTGRESQL_PORT +POSTGRESQL_URL_ROUTE=/$POSTGRESQL +${VARIABLE}_URL=http://$POSTGRESQL_DOCKER_NAME:$POSTGRESQL_DOCKER_PORT +POSTGRESQL_URL_EXTERNAL=https://$HOST$POSTGRESQL_URL_ROUTE +${VARIABLE}_URL_WS=ws://$POSTGRESQL_DOCKER_PORT +POSTGRESQL_URL_WS_EXTERNAL=wss://$HOST\ws + + +# ====== INTERNAL LOKI ====== + +LOKI_DOCKER_NAME=$LOKI +LOKI_CONFS_DIR=$DOCKER_GLOBAL/confs/$LOKI +LOKI_LOGS_DIR=$DOCKER_GLOBAL/logs/$LOKI +LOKI_RUNS_DIR=$DOCKER_GLOBAL/runs/$LOKI +LOKI_DATAS_DIR=$DOCKER_GLOBAL/datas/$LOKI +LOKI_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$LOKI +LOKI_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$LOKI +LOKI_DOCKER_WORKING_DIR=/home/$LOKI + +${VARIABLE}_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$LOKI +${VARIABLE}_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$LOKI +${VARIABLE}_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$LOKI +${VARIABLE}_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$LOKI +${VARIABLE}_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$LOKI +${VARIABLE}_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$LOKI +LOKI_DOCKER_WORKING_DIR=/home/$LOKI + +LOKI_DOCKER_WORKING_DIR_CREATE="id -u $LOKI >/dev/null 2>&1 || adduser --disabled-password --gecos '' $LOKI; chown -R $LOKI:$LOKI /home/root/.$LOKI || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +${VARIABLE}_DOCKER_PORT=$LOKI_PORT +LOKI_URL_ROUTE=/$LOKI +${VARIABLE}_URL=http://$LOKI_DOCKER_NAME:$LOKI_DOCKER_PORT +LOKI_URL_EXTERNAL=https://$HOST$LOKI_URL_ROUTE +${VARIABLE}_URL_WS=ws://$LOKI_DOCKER_PORT +LOKI_URL_WS_EXTERNAL=wss://$HOST\ws + + +# ====== INTERNAL PROMTAIL ====== + +PROMTAIL_DOCKER_NAME=$PROMTAIL +PROMTAIL_CONFS_DIR=$DOCKER_GLOBAL/confs/$PROMTAIL +PROMTAIL_LOGS_DIR=$DOCKER_GLOBAL/logs/$PROMTAIL +PROMTAIL_RUNS_DIR=$DOCKER_GLOBAL/runs/$PROMTAIL +PROMTAIL_DATAS_DIR=$DOCKER_GLOBAL/datas/$PROMTAIL +PROMTAIL_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$PROMTAIL +PROMTAIL_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$PROMTAIL +PROMTAIL_DOCKER_WORKING_DIR=/home/$PROMTAIL + +${VARIABLE}_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$PROMTAIL +${VARIABLE}_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$PROMTAIL +${VARIABLE}_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$PROMTAIL +${VARIABLE}_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$PROMTAIL +${VARIABLE}_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$PROMTAIL +${VARIABLE}_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$PROMTAIL +PROMTAIL_DOCKER_WORKING_DIR=/home/$PROMTAIL + +PROMTAIL_DOCKER_WORKING_DIR_CREATE="id -u $PROMTAIL >/dev/null 2>&1 || adduser --disabled-password --gecos '' $PROMTAIL; chown -R $PROMTAIL:$PROMTAIL /home/root/.$PROMTAIL || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +${VARIABLE}_DOCKER_PORT=$PROMTAIL_PORT +PROMTAIL_URL_ROUTE=/$PROMTAIL +${VARIABLE}_URL=http://$PROMTAIL_DOCKER_NAME:$PROMTAIL_DOCKER_PORT +PROMTAIL_URL_EXTERNAL=https://$HOST$PROMTAIL_URL_ROUTE +${VARIABLE}_URL_WS=ws://$PROMTAIL_DOCKER_PORT +PROMTAIL_URL_WS_EXTERNAL=wss://$HOST\ws + + +# ====== INTERNAL GRAFANA ====== + +GRAFANA_DOCKER_NAME=$GRAFANA +GRAFANA_CONFS_DIR=$DOCKER_GLOBAL/confs/$GRAFANA +GRAFANA_LOGS_DIR=$DOCKER_GLOBAL/logs/$GRAFANA +GRAFANA_RUNS_DIR=$DOCKER_GLOBAL/runs/$GRAFANA +GRAFANA_DATAS_DIR=$DOCKER_GLOBAL/datas/$GRAFANA +GRAFANA_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$GRAFANA +GRAFANA_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$GRAFANA +GRAFANA_DOCKER_WORKING_DIR=/home/$GRAFANA + +${VARIABLE}_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$GRAFANA +${VARIABLE}_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$GRAFANA +${VARIABLE}_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$GRAFANA +${VARIABLE}_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$GRAFANA +${VARIABLE}_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$GRAFANA +${VARIABLE}_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$GRAFANA +GRAFANA_DOCKER_WORKING_DIR=/home/$GRAFANA + +GRAFANA_DOCKER_WORKING_DIR_CREATE="id -u $GRAFANA >/dev/null 2>&1 || adduser --disabled-password --gecos '' $GRAFANA; chown -R $GRAFANA:$GRAFANA /home/root/.$GRAFANA || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +${VARIABLE}_DOCKER_PORT=$GRAFANA_PORT +GRAFANA_URL_ROUTE=/$GRAFANA +${VARIABLE}_URL=http://$GRAFANA_DOCKER_NAME:$GRAFANA_DOCKER_PORT +GRAFANA_URL_EXTERNAL=https://$HOST$GRAFANA_URL_ROUTE +${VARIABLE}_URL_WS=ws://$GRAFANA_DOCKER_PORT +GRAFANA_URL_WS_EXTERNAL=wss://$HOST\ws + + +# ====== INTERNAL NGNIX ====== + +NGNIX_DOCKER_NAME=$NGNIX +NGNIX_CONFS_DIR=$DOCKER_GLOBAL/confs/$NGNIX +NGNIX_LOGS_DIR=$DOCKER_GLOBAL/logs/$NGNIX +NGNIX_RUNS_DIR=$DOCKER_GLOBAL/runs/$NGNIX +NGNIX_DATAS_DIR=$DOCKER_GLOBAL/datas/$NGNIX +NGNIX_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$NGNIX +NGNIX_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$NGNIX +NGNIX_DOCKER_WORKING_DIR=/home/$NGNIX + +${VARIABLE}_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$NGNIX +${VARIABLE}_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$NGNIX +${VARIABLE}_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$NGNIX +${VARIABLE}_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$NGNIX +${VARIABLE}_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$NGNIX +${VARIABLE}_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$NGNIX +NGNIX_DOCKER_WORKING_DIR=/home/$NGNIX + +NGNIX_DOCKER_WORKING_DIR_CREATE="id -u $NGNIX >/dev/null 2>&1 || adduser --disabled-password --gecos '' $NGNIX; chown -R $NGNIX:$NGNIX /home/root/.$NGNIX || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +${VARIABLE}_DOCKER_PORT=$NGNIX_PORT +NGNIX_URL_ROUTE=/$NGNIX +${VARIABLE}_URL=http://$NGNIX_DOCKER_NAME:$NGNIX_DOCKER_PORT +NGNIX_URL_EXTERNAL=https://$HOST$NGNIX_URL_ROUTE +${VARIABLE}_URL_WS=ws://$NGNIX_DOCKER_PORT +NGNIX_URL_WS_EXTERNAL=wss://$HOST\ws + + +# ====== INTERNAL TOR ====== + +TOR_DOCKER_NAME=$TOR +TOR_CONFS_DIR=$DOCKER_GLOBAL/confs/$TOR +TOR_LOGS_DIR=$DOCKER_GLOBAL/logs/$TOR +TOR_RUNS_DIR=$DOCKER_GLOBAL/runs/$TOR +TOR_DATAS_DIR=$DOCKER_GLOBAL/datas/$TOR +TOR_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$TOR +TOR_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$TOR +TOR_DOCKER_WORKING_DIR=/home/$TOR + +${VARIABLE}_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$TOR +${VARIABLE}_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$TOR +${VARIABLE}_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$TOR +${VARIABLE}_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$TOR +${VARIABLE}_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$TOR +${VARIABLE}_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$TOR +TOR_DOCKER_WORKING_DIR=/home/$TOR + +TOR_DOCKER_WORKING_DIR_CREATE="id -u $TOR >/dev/null 2>&1 || adduser --disabled-password --gecos '' $TOR; chown -R $TOR:$TOR /home/root/.$TOR || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +${VARIABLE}_DOCKER_PORT=$TOR_PORT +TOR_URL_ROUTE=/$TOR +${VARIABLE}_URL=http://$TOR_DOCKER_NAME:$TOR_DOCKER_PORT +TOR_URL_EXTERNAL=https://$HOST$TOR_URL_ROUTE +${VARIABLE}_URL_WS=ws://$TOR_DOCKER_PORT +TOR_URL_WS_EXTERNAL=wss://$HOST\ws + + +# ====== INTERNAL _4NK_VAULT ====== + +_4NK_VAULT_DOCKER_NAME=$_4NK_VAULT +_4NK_VAULT_CONFS_DIR=$DOCKER_GLOBAL/confs/$_4NK_VAULT +_4NK_VAULT_LOGS_DIR=$DOCKER_GLOBAL/logs/$_4NK_VAULT +_4NK_VAULT_RUNS_DIR=$DOCKER_GLOBAL/runs/$_4NK_VAULT +_4NK_VAULT_DATAS_DIR=$DOCKER_GLOBAL/datas/$_4NK_VAULT +_4NK_VAULT_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$_4NK_VAULT +_4NK_VAULT_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$_4NK_VAULT +_4NK_VAULT_DOCKER_WORKING_DIR=/home/$_4NK_VAULT + +${VARIABLE}_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$_4NK_VAULT +${VARIABLE}_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$_4NK_VAULT +${VARIABLE}_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$_4NK_VAULT +${VARIABLE}_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$_4NK_VAULT +${VARIABLE}_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$_4NK_VAULT +${VARIABLE}_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$_4NK_VAULT +_4NK_VAULT_DOCKER_WORKING_DIR=/home/$_4NK_VAULT + +_4NK_VAULT_DOCKER_WORKING_DIR_CREATE="id -u $_4NK_VAULT >/dev/null 2>&1 || adduser --disabled-password --gecos '' $_4NK_VAULT; chown -R $_4NK_VAULT:$_4NK_VAULT /home/root/.$_4NK_VAULT || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +${VARIABLE}_DOCKER_PORT=$_4NK_VAULT_PORT +_4NK_VAULT_URL_ROUTE=/$_4NK_VAULT +${VARIABLE}_URL=http://$_4NK_VAULT_DOCKER_NAME:$_4NK_VAULT_DOCKER_PORT +_4NK_VAULT_URL_EXTERNAL=https://$HOST$_4NK_VAULT_URL_ROUTE +${VARIABLE}_URL_WS=ws://$_4NK_VAULT_DOCKER_PORT +_4NK_VAULT_URL_WS_EXTERNAL=wss://$HOST\ws + + +# ====== INTERNAL BITCOIN ====== + +BITCOIN_DOCKER_NAME=$BITCOIN +BITCOIN_CONFS_DIR=$DOCKER_GLOBAL/confs/$BITCOIN +BITCOIN_LOGS_DIR=$DOCKER_GLOBAL/logs/$BITCOIN +BITCOIN_RUNS_DIR=$DOCKER_GLOBAL/runs/$BITCOIN +BITCOIN_DATAS_DIR=$DOCKER_GLOBAL/datas/$BITCOIN +BITCOIN_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$BITCOIN +BITCOIN_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$BITCOIN +BITCOIN_DOCKER_WORKING_DIR=/home/$BITCOIN + +${VARIABLE}_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$BITCOIN +${VARIABLE}_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$BITCOIN +${VARIABLE}_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$BITCOIN +${VARIABLE}_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$BITCOIN +${VARIABLE}_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$BITCOIN +${VARIABLE}_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$BITCOIN +BITCOIN_DOCKER_WORKING_DIR=/home/$BITCOIN + +BITCOIN_DOCKER_WORKING_DIR_CREATE="id -u $BITCOIN >/dev/null 2>&1 || adduser --disabled-password --gecos '' $BITCOIN; chown -R $BITCOIN:$BITCOIN /home/root/.$BITCOIN || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +${VARIABLE}_DOCKER_PORT=$BITCOIN_PORT +BITCOIN_URL_ROUTE=/$BITCOIN +${VARIABLE}_URL=http://$BITCOIN_DOCKER_NAME:$BITCOIN_DOCKER_PORT +BITCOIN_URL_EXTERNAL=https://$HOST$BITCOIN_URL_ROUTE +${VARIABLE}_URL_WS=ws://$BITCOIN_DOCKER_PORT +BITCOIN_URL_WS_EXTERNAL=wss://$HOST\ws + + +# ====== INTERNAL BLINDBIT_ORACLE ====== + +BLINDBIT_ORACLE_DOCKER_NAME=$BLINDBIT_ORACLE +BLINDBIT_ORACLE_CONFS_DIR=$DOCKER_GLOBAL/confs/$BLINDBIT_ORACLE +BLINDBIT_ORACLE_LOGS_DIR=$DOCKER_GLOBAL/logs/$BLINDBIT_ORACLE +BLINDBIT_ORACLE_RUNS_DIR=$DOCKER_GLOBAL/runs/$BLINDBIT_ORACLE +BLINDBIT_ORACLE_DATAS_DIR=$DOCKER_GLOBAL/datas/$BLINDBIT_ORACLE +BLINDBIT_ORACLE_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$BLINDBIT_ORACLE +BLINDBIT_ORACLE_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$BLINDBIT_ORACLE +BLINDBIT_ORACLE_DOCKER_WORKING_DIR=/home/$BLINDBIT_ORACLE + +${VARIABLE}_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$BLINDBIT_ORACLE +${VARIABLE}_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$BLINDBIT_ORACLE +${VARIABLE}_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$BLINDBIT_ORACLE +${VARIABLE}_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$BLINDBIT_ORACLE +${VARIABLE}_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$BLINDBIT_ORACLE +${VARIABLE}_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$BLINDBIT_ORACLE +BLINDBIT_ORACLE_DOCKER_WORKING_DIR=/home/$BLINDBIT_ORACLE + +BLINDBIT_ORACLE_DOCKER_WORKING_DIR_CREATE="id -u $BLINDBIT_ORACLE >/dev/null 2>&1 || adduser --disabled-password --gecos '' $BLINDBIT_ORACLE; chown -R $BLINDBIT_ORACLE:$BLINDBIT_ORACLE /home/root/.$BLINDBIT_ORACLE || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +${VARIABLE}_DOCKER_PORT=$BLINDBIT_ORACLE_PORT +BLINDBIT_ORACLE_URL_ROUTE=/$BLINDBIT_ORACLE +${VARIABLE}_URL=http://$BLINDBIT_ORACLE_DOCKER_NAME:$BLINDBIT_ORACLE_DOCKER_PORT +BLINDBIT_ORACLE_URL_EXTERNAL=https://$HOST$BLINDBIT_ORACLE_URL_ROUTE +${VARIABLE}_URL_WS=ws://$BLINDBIT_ORACLE_DOCKER_PORT +BLINDBIT_ORACLE_URL_WS_EXTERNAL=wss://$HOST\ws + + +# ====== INTERNAL SDK_RELAY ====== + +SDK_RELAY_DOCKER_NAME=$SDK_RELAY +SDK_RELAY_CONFS_DIR=$DOCKER_GLOBAL/confs/$SDK_RELAY +SDK_RELAY_LOGS_DIR=$DOCKER_GLOBAL/logs/$SDK_RELAY +SDK_RELAY_RUNS_DIR=$DOCKER_GLOBAL/runs/$SDK_RELAY +SDK_RELAY_DATAS_DIR=$DOCKER_GLOBAL/datas/$SDK_RELAY +SDK_RELAY_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$SDK_RELAY +SDK_RELAY_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$SDK_RELAY +SDK_RELAY_DOCKER_WORKING_DIR=/home/$SDK_RELAY + +${VARIABLE}_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$SDK_RELAY +${VARIABLE}_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$SDK_RELAY +${VARIABLE}_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$SDK_RELAY +${VARIABLE}_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$SDK_RELAY +${VARIABLE}_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$SDK_RELAY +${VARIABLE}_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$SDK_RELAY +SDK_RELAY_DOCKER_WORKING_DIR=/home/$SDK_RELAY + +SDK_RELAY_DOCKER_WORKING_DIR_CREATE="id -u $SDK_RELAY >/dev/null 2>&1 || adduser --disabled-password --gecos '' $SDK_RELAY; chown -R $SDK_RELAY:$SDK_RELAY /home/root/.$SDK_RELAY || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +${VARIABLE}_DOCKER_PORT=$SDK_RELAY_PORT +SDK_RELAY_URL_ROUTE=/$SDK_RELAY +${VARIABLE}_URL=http://$SDK_RELAY_DOCKER_NAME:$SDK_RELAY_DOCKER_PORT +SDK_RELAY_URL_EXTERNAL=https://$HOST$SDK_RELAY_URL_ROUTE +${VARIABLE}_URL_WS=ws://$SDK_RELAY_DOCKER_PORT +SDK_RELAY_URL_WS_EXTERNAL=wss://$HOST\ws + + +# ====== INTERNAL SDK_STORAGE ====== + +SDK_STORAGE_DOCKER_NAME=$SDK_STORAGE +SDK_STORAGE_CONFS_DIR=$DOCKER_GLOBAL/confs/$SDK_STORAGE +SDK_STORAGE_LOGS_DIR=$DOCKER_GLOBAL/logs/$SDK_STORAGE +SDK_STORAGE_RUNS_DIR=$DOCKER_GLOBAL/runs/$SDK_STORAGE +SDK_STORAGE_DATAS_DIR=$DOCKER_GLOBAL/datas/$SDK_STORAGE +SDK_STORAGE_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$SDK_STORAGE +SDK_STORAGE_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$SDK_STORAGE +SDK_STORAGE_DOCKER_WORKING_DIR=/home/$SDK_STORAGE + +${VARIABLE}_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$SDK_STORAGE +${VARIABLE}_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$SDK_STORAGE +${VARIABLE}_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$SDK_STORAGE +${VARIABLE}_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$SDK_STORAGE +${VARIABLE}_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$SDK_STORAGE +${VARIABLE}_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$SDK_STORAGE +SDK_STORAGE_DOCKER_WORKING_DIR=/home/$SDK_STORAGE + +SDK_STORAGE_DOCKER_WORKING_DIR_CREATE="id -u $SDK_STORAGE >/dev/null 2>&1 || adduser --disabled-password --gecos '' $SDK_STORAGE; chown -R $SDK_STORAGE:$SDK_STORAGE /home/root/.$SDK_STORAGE || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +${VARIABLE}_DOCKER_PORT=$SDK_STORAGE_PORT +SDK_STORAGE_URL_ROUTE=/$SDK_STORAGE +${VARIABLE}_URL=http://$SDK_STORAGE_DOCKER_NAME:$SDK_STORAGE_DOCKER_PORT +SDK_STORAGE_URL_EXTERNAL=https://$HOST$SDK_STORAGE_URL_ROUTE +${VARIABLE}_URL_WS=ws://$SDK_STORAGE_DOCKER_PORT +SDK_STORAGE_URL_WS_EXTERNAL=wss://$HOST\ws + + +# ====== INTERNAL IHM_CLIENT ====== + +IHM_CLIENT_DOCKER_NAME=$IHM_CLIENT +IHM_CLIENT_CONFS_DIR=$DOCKER_GLOBAL/confs/$IHM_CLIENT +IHM_CLIENT_LOGS_DIR=$DOCKER_GLOBAL/logs/$IHM_CLIENT +IHM_CLIENT_RUNS_DIR=$DOCKER_GLOBAL/runs/$IHM_CLIENT +IHM_CLIENT_DATAS_DIR=$DOCKER_GLOBAL/datas/$IHM_CLIENT +IHM_CLIENT_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$IHM_CLIENT +IHM_CLIENT_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$IHM_CLIENT +IHM_CLIENT_DOCKER_WORKING_DIR=/home/$IHM_CLIENT + +${VARIABLE}_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$IHM_CLIENT +${VARIABLE}_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$IHM_CLIENT +${VARIABLE}_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$IHM_CLIENT +${VARIABLE}_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$IHM_CLIENT +${VARIABLE}_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$IHM_CLIENT +${VARIABLE}_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$IHM_CLIENT +IHM_CLIENT_DOCKER_WORKING_DIR=/home/$IHM_CLIENT + +IHM_CLIENT_DOCKER_WORKING_DIR_CREATE="id -u $IHM_CLIENT >/dev/null 2>&1 || adduser --disabled-password --gecos '' $IHM_CLIENT; chown -R $IHM_CLIENT:$IHM_CLIENT /home/root/.$IHM_CLIENT || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +${VARIABLE}_DOCKER_PORT=$IHM_CLIENT_PORT +IHM_CLIENT_URL_ROUTE=/$IHM_CLIENT +${VARIABLE}_URL=http://$IHM_CLIENT_DOCKER_NAME:$IHM_CLIENT_DOCKER_PORT +IHM_CLIENT_URL_EXTERNAL=https://$HOST$IHM_CLIENT_URL_ROUTE +${VARIABLE}_URL_WS=ws://$IHM_CLIENT_DOCKER_PORT +IHM_CLIENT_URL_WS_EXTERNAL=wss://$HOST\ws + + +# ====== INTERNAL _4NK_CERTIFICATOR ====== + +_4NK_CERTIFICATOR_DOCKER_NAME=$_4NK_CERTIFICATOR +_4NK_CERTIFICATOR_CONFS_DIR=$DOCKER_GLOBAL/confs/$_4NK_CERTIFICATOR +_4NK_CERTIFICATOR_LOGS_DIR=$DOCKER_GLOBAL/logs/$_4NK_CERTIFICATOR +_4NK_CERTIFICATOR_RUNS_DIR=$DOCKER_GLOBAL/runs/$_4NK_CERTIFICATOR +_4NK_CERTIFICATOR_DATAS_DIR=$DOCKER_GLOBAL/datas/$_4NK_CERTIFICATOR +_4NK_CERTIFICATOR_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$_4NK_CERTIFICATOR +_4NK_CERTIFICATOR_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$_4NK_CERTIFICATOR +_4NK_CERTIFICATOR_DOCKER_WORKING_DIR=/home/$_4NK_CERTIFICATOR + +${VARIABLE}_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$_4NK_CERTIFICATOR +${VARIABLE}_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$_4NK_CERTIFICATOR +${VARIABLE}_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$_4NK_CERTIFICATOR +${VARIABLE}_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$_4NK_CERTIFICATOR +${VARIABLE}_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$_4NK_CERTIFICATOR +${VARIABLE}_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$_4NK_CERTIFICATOR +_4NK_CERTIFICATOR_DOCKER_WORKING_DIR=/home/$_4NK_CERTIFICATOR + +_4NK_CERTIFICATOR_DOCKER_WORKING_DIR_CREATE="id -u $_4NK_CERTIFICATOR >/dev/null 2>&1 || adduser --disabled-password --gecos '' $_4NK_CERTIFICATOR; chown -R $_4NK_CERTIFICATOR:$_4NK_CERTIFICATOR /home/root/.$_4NK_CERTIFICATOR || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +${VARIABLE}_DOCKER_PORT=$_4NK_CERTIFICATOR_PORT +_4NK_CERTIFICATOR_URL_ROUTE=/$_4NK_CERTIFICATOR +${VARIABLE}_URL=http://$_4NK_CERTIFICATOR_DOCKER_NAME:$_4NK_CERTIFICATOR_DOCKER_PORT +_4NK_CERTIFICATOR_URL_EXTERNAL=https://$HOST$_4NK_CERTIFICATOR_URL_ROUTE +${VARIABLE}_URL_WS=ws://$_4NK_CERTIFICATOR_DOCKER_PORT +_4NK_CERTIFICATOR_URL_WS_EXTERNAL=wss://$HOST\ws + + +# ====== INTERNAL _4NK_MINER ====== + +_4NK_MINER_DOCKER_NAME=$_4NK_MINER +_4NK_MINER_CONFS_DIR=$DOCKER_GLOBAL/confs/$_4NK_MINER +_4NK_MINER_LOGS_DIR=$DOCKER_GLOBAL/logs/$_4NK_MINER +_4NK_MINER_RUNS_DIR=$DOCKER_GLOBAL/runs/$_4NK_MINER +_4NK_MINER_DATAS_DIR=$DOCKER_GLOBAL/datas/$_4NK_MINER +_4NK_MINER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$_4NK_MINER +_4NK_MINER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$_4NK_MINER +_4NK_MINER_DOCKER_WORKING_DIR=/home/$_4NK_MINER + +${VARIABLE}_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$_4NK_MINER +${VARIABLE}_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$_4NK_MINER +${VARIABLE}_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$_4NK_MINER +${VARIABLE}_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$_4NK_MINER +${VARIABLE}_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$_4NK_MINER +${VARIABLE}_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$_4NK_MINER +_4NK_MINER_DOCKER_WORKING_DIR=/home/$_4NK_MINER + +_4NK_MINER_DOCKER_WORKING_DIR_CREATE="id -u $_4NK_MINER >/dev/null 2>&1 || adduser --disabled-password --gecos '' $_4NK_MINER; chown -R $_4NK_MINER:$_4NK_MINER /home/root/.$_4NK_MINER || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +${VARIABLE}_DOCKER_PORT=$_4NK_MINER_PORT +_4NK_MINER_URL_ROUTE=/$_4NK_MINER +${VARIABLE}_URL=http://$_4NK_MINER_DOCKER_NAME:$_4NK_MINER_DOCKER_PORT +_4NK_MINER_URL_EXTERNAL=https://$HOST$_4NK_MINER_URL_ROUTE +${VARIABLE}_URL_WS=ws://$_4NK_MINER_DOCKER_PORT +_4NK_MINER_URL_WS_EXTERNAL=wss://$HOST\ws + + +# ====== INTERNAL LECOFFRE_FRONT ====== + +LECOFFRE_FRONT_DOCKER_NAME=$LECOFFRE_FRONT +LECOFFRE_FRONT_CONFS_DIR=$DOCKER_GLOBAL/confs/$LECOFFRE_FRONT +LECOFFRE_FRONT_LOGS_DIR=$DOCKER_GLOBAL/logs/$LECOFFRE_FRONT +LECOFFRE_FRONT_RUNS_DIR=$DOCKER_GLOBAL/runs/$LECOFFRE_FRONT +LECOFFRE_FRONT_DATAS_DIR=$DOCKER_GLOBAL/datas/$LECOFFRE_FRONT +LECOFFRE_FRONT_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$LECOFFRE_FRONT +LECOFFRE_FRONT_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$LECOFFRE_FRONT +LECOFFRE_FRONT_DOCKER_WORKING_DIR=/home/$LECOFFRE_FRONT + +${VARIABLE}_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$LECOFFRE_FRONT +${VARIABLE}_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$LECOFFRE_FRONT +${VARIABLE}_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$LECOFFRE_FRONT +${VARIABLE}_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$LECOFFRE_FRONT +${VARIABLE}_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$LECOFFRE_FRONT +${VARIABLE}_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$LECOFFRE_FRONT +LECOFFRE_FRONT_DOCKER_WORKING_DIR=/home/$LECOFFRE_FRONT + +LECOFFRE_FRONT_DOCKER_WORKING_DIR_CREATE="id -u $LECOFFRE_FRONT >/dev/null 2>&1 || adduser --disabled-password --gecos '' $LECOFFRE_FRONT; chown -R $LECOFFRE_FRONT:$LECOFFRE_FRONT /home/root/.$LECOFFRE_FRONT || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +${VARIABLE}_DOCKER_PORT=$LECOFFRE_FRONT_PORT +LECOFFRE_FRONT_URL_ROUTE=/$LECOFFRE_FRONT +${VARIABLE}_URL=http://$LECOFFRE_FRONT_DOCKER_NAME:$LECOFFRE_FRONT_DOCKER_PORT +LECOFFRE_FRONT_URL_EXTERNAL=https://$HOST$LECOFFRE_FRONT_URL_ROUTE +${VARIABLE}_URL_WS=ws://$LECOFFRE_FRONT_DOCKER_PORT +LECOFFRE_FRONT_URL_WS_EXTERNAL=wss://$HOST\ws + + +# ====== INTERNAL _4NK_WEB_STATUS ====== + +_4NK_WEB_STATUS_DOCKER_NAME=$_4NK_WEB_STATUS +_4NK_WEB_STATUS_CONFS_DIR=$DOCKER_GLOBAL/confs/$_4NK_WEB_STATUS +_4NK_WEB_STATUS_LOGS_DIR=$DOCKER_GLOBAL/logs/$_4NK_WEB_STATUS +_4NK_WEB_STATUS_RUNS_DIR=$DOCKER_GLOBAL/runs/$_4NK_WEB_STATUS +_4NK_WEB_STATUS_DATAS_DIR=$DOCKER_GLOBAL/datas/$_4NK_WEB_STATUS +_4NK_WEB_STATUS_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$_4NK_WEB_STATUS +_4NK_WEB_STATUS_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$_4NK_WEB_STATUS +_4NK_WEB_STATUS_DOCKER_WORKING_DIR=/home/$_4NK_WEB_STATUS + +${VARIABLE}_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$_4NK_WEB_STATUS +${VARIABLE}_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$_4NK_WEB_STATUS +${VARIABLE}_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$_4NK_WEB_STATUS +${VARIABLE}_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$_4NK_WEB_STATUS +${VARIABLE}_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$_4NK_WEB_STATUS +${VARIABLE}_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$_4NK_WEB_STATUS +_4NK_WEB_STATUS_DOCKER_WORKING_DIR=/home/$_4NK_WEB_STATUS + +_4NK_WEB_STATUS_DOCKER_WORKING_DIR_CREATE="id -u $_4NK_WEB_STATUS >/dev/null 2>&1 || adduser --disabled-password --gecos '' $_4NK_WEB_STATUS; chown -R $_4NK_WEB_STATUS:$_4NK_WEB_STATUS /home/root/.$_4NK_WEB_STATUS || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \"$@\"" +${VARIABLE}_DOCKER_PORT=$_4NK_WEB_STATUS_PORT +_4NK_WEB_STATUS_URL_ROUTE=/$_4NK_WEB_STATUS +${VARIABLE}_URL=http://$_4NK_WEB_STATUS_DOCKER_NAME:$_4NK_WEB_STATUS_DOCKER_PORT +_4NK_WEB_STATUS_URL_EXTERNAL=https://$HOST$_4NK_WEB_STATUS_URL_ROUTE +${VARIABLE}_URL_WS=ws://$_4NK_WEB_STATUS_DOCKER_PORT +_4NK_WEB_STATUS_URL_WS_EXTERNAL=wss://$HOST\ws + + +# ====== EXTERNAL BOOSTRAP ====== + +BOOSTRAP_URL_EXTERNAL=https://$BOOSTRAP_HOST:$BOOSTRAP_EXTERNAL_PORT$BOOSTRAP_URL_ROUTE +BOOSTRAP_URL_WS_EXTERNAL=wss://$BOOSTRAP_HOST:$BOOSTRAP_EXTERNAL_PORT/ws + +# ====== EXTERNAL LECOFFRE_BACK_MINI ====== + +LECOFFRE_BACK_MINI_URL_EXTERNAL=https://$LECOFFRE_BACK_MINI_HOST:$LECOFFRE_BACK_MINI_EXTERNAL_PORT$LECOFFRE_BACK_MINI_URL_ROUTE +LECOFFRE_BACK_MINI_URL_WS_EXTERNAL=wss://$LECOFFRE_BACK_MINI_HOST:$LECOFFRE_BACK_MINI_EXTERNAL_PORT/ws + +# ====== EXTERNAL BOOTSTRAP (correction) ====== +BOOTSTRAP_URL_ROUTE=/$BOOTSTRAP +BOOTSTRAP_URL_EXTERNAL=https://$BOOTSTRAP_HOST:$BOOTSTRAP_EXTERNAL_PORT$BOOTSTRAP_URL_ROUTE +BOOTSTRAP_URL_WS_EXTERNAL=wss://$BOOTSTRAP_HOST:$BOOTSTRAP_EXTERNAL_PORT/ws + diff --git a/storage/dev/.env.post b/templates/dev/.env.post similarity index 100% rename from storage/dev/.env.post rename to templates/dev/.env.post diff --git a/templates/dev/.env.secrets b/templates/dev/.env.secrets new file mode 100644 index 0000000..97e3d27 --- /dev/null +++ b/templates/dev/.env.secrets @@ -0,0 +1,21 @@ +BDD_USER=bdd_user +BDD_PASSWORD=bdd_password +POSTGRESQL_USER=$BDD_USER +POSTGRESQL_PASSWORD=$BDD_PASSWORD +REDIS_USER=$BDD_USER +REDIS_PASSWORD=$BDD_PASSWORD +SIGNER_API_KEY=your-api-key-change-this +BITCOIN_RPC_AUTH='bitcoin:c8ea921c7357bd6a5a8a7c43a12350a7$955e25b17672987b17c5a12f12cd8b9c1d38f0f86201c8cd47fc431f2e1c7956' +VITE_JWT_SECRET_KEY=52b3d77617bb00982dfee15b08effd52cfe5b2e69b2f61cc4848cfe1e98c0bc9 +GRAFANA_ADMIN_USER=admin +GRAFANA_ADMIN_PASSWORD=Fuy8ZfxQI2xdSdoB8wsGxNjyU +BITCOIN_RPC_USER= +BITCOIN_RPC_PASSWORD= +GIT_TOKEN=8cde80690a5ffd737536d82a1ab16a765d5105df +IDNOT_API_KEY=ba557f84-0bf6-4dbf-844f-df2767555e3e +IDNOT_CLIENT_ID=B3CE56353EDB15A9 +IDNOT_CLIENT_SECRET=3F733549E879878344B6C949B366BB5CDBB2DB5B7F7AB7EBBEBB0F0DD0776D1C +NEXT_PUBLIC_IDNOT_CLIENT_ID=B3CE56353EDB15A9 +NEXT_PUBLIC_DEFAULT_VALIDATOR_ID=28c9a3a8151bef545ebf700ca5222c63d0031ad593097e95c1de202464304a99 +GF_SECURITY_ADMIN_PASSWORD=$GRAFANA_ADMIN_PASSWORD +API_PASS=testpass \ No newline at end of file diff --git a/templates/dev/.gitkeep b/templates/dev/.gitkeep new file mode 100644 index 0000000..6a04314 --- /dev/null +++ b/templates/dev/.gitkeep @@ -0,0 +1 @@ +./ \ No newline at end of file diff --git a/storage/dev/README.md b/templates/dev/README.md similarity index 100% rename from storage/dev/README.md rename to templates/dev/README.md diff --git a/templates/dev/_4NK_modules/4NK_certificator/.env b/templates/dev/_4NK_modules/4NK_certificator/.env new file mode 100644 index 0000000..47bd154 --- /dev/null +++ b/templates/dev/_4NK_modules/4NK_certificator/.env @@ -0,0 +1,20 @@ +# Server configuration +RUST_LOG=info + +# Bitcoin RPC +BITCOIN_RPC_URL=$BITCOIN_RPC_URL +BITCOIN_RPC_USER=$BITCOIN_RPC_USER +BITCOIN_RPC_PASSWORD=$BITCOIN_RPC_PASSWORD +BITCOIN_WALLET_NAME=$BITCOIN_CERTIFICATOR_NAME + +# Database +DATABASE_URL=$CERTIFICATOR_POSTGRESQL_CONNECT + +# Redis +REDIS_URL=$CERTIFICATOR_REDIS_CONNECT + +# Relay +RELAY_WEBSOCKET_URL=$RELAY_WEBSOCKET_URL + +# Certificator DB password for docker-compose +CERTIFICATOR_DB_PASSWORD=$BDD_PASSWORD diff --git a/templates/dev/_4NK_modules/4NK_certificator/.gitkeep b/templates/dev/_4NK_modules/4NK_certificator/.gitkeep new file mode 100644 index 0000000..6a04314 --- /dev/null +++ b/templates/dev/_4NK_modules/4NK_certificator/.gitkeep @@ -0,0 +1 @@ +./ \ No newline at end of file diff --git a/templates/dev/_4NK_modules/4NK_certificator/certificator.toml b/templates/dev/_4NK_modules/4NK_certificator/certificator.toml new file mode 100644 index 0000000..b0d9962 --- /dev/null +++ b/templates/dev/_4NK_modules/4NK_certificator/certificator.toml @@ -0,0 +1,33 @@ +[server] +host = "0.0.0.0" +port = $CERTIFICATOR_PORT +log_level = "info" + +[bitcoin] +network = "mainnet" +rpc_url = "$BITCOIN_RPC_URL" +rpc_user = "" +rpc_password = "" +wallet_name = "$BITCOIN_CERTIFICATOR_NAME" +min_confirmations = 6 + +[relay] +websocket_url = "$RELAY_WEBSOCKET_URL" +monitor_interval_secs = 60 + +[anchoring] +interval_blocks = 4320 # ~30 days (144 blocks/day) +auto_anchor = true +tx_fee_sat_per_vbyte = 10 + +[database] +url = "postgresql://certificator:password@localhost/certificator_db" +max_connections = 10 + +[redis] +url = "redis://localhost:6379" +cache_ttl_secs = 3600 + +[api] +jwt_secret = "$VITE_JWT_SECRET_KEY" +cors_allowed_origins = ["$DOMAIN"] diff --git a/templates/dev/_4NK_modules/4NK_miner/.env b/templates/dev/_4NK_modules/4NK_miner/.env new file mode 100644 index 0000000..46c2073 --- /dev/null +++ b/templates/dev/_4NK_modules/4NK_miner/.env @@ -0,0 +1,4 @@ +# Configuration du miner signet +# COINBASE_ADDRESS= # Générer automatiquement +RELAY_ADDRESS=tsp1qqd8k3twmuq3awxjmfukhma36j4la8gzsa8t0dgfms3cfglt2gkz6wqsqpd3d2q4quq59agtyfsr7gj9t07qt0nlrlrzgmhvpn5enfm76fud6sm0y +REWARD_SPLIT_RATIO=0.5 diff --git a/templates/dev/_4NK_modules/4NK_miner/.gitkeep b/templates/dev/_4NK_modules/4NK_miner/.gitkeep new file mode 100644 index 0000000..6a04314 --- /dev/null +++ b/templates/dev/_4NK_modules/4NK_miner/.gitkeep @@ -0,0 +1 @@ +./ \ No newline at end of file diff --git a/templates/dev/_4NK_modules/4NK_web_status/.gitkeep b/templates/dev/_4NK_modules/4NK_web_status/.gitkeep new file mode 100644 index 0000000..6a04314 --- /dev/null +++ b/templates/dev/_4NK_modules/4NK_web_status/.gitkeep @@ -0,0 +1 @@ +./ \ No newline at end of file diff --git a/templates/dev/_4NK_modules/bitcoin/.gitkeep b/templates/dev/_4NK_modules/bitcoin/.gitkeep new file mode 100644 index 0000000..6a04314 --- /dev/null +++ b/templates/dev/_4NK_modules/bitcoin/.gitkeep @@ -0,0 +1 @@ +./ \ No newline at end of file diff --git a/templates/dev/_4NK_modules/bitcoin/bitcoin.conf b/templates/dev/_4NK_modules/bitcoin/bitcoin.conf new file mode 100644 index 0000000..1c406b4 --- /dev/null +++ b/templates/dev/_4NK_modules/bitcoin/bitcoin.conf @@ -0,0 +1,45 @@ +# Configuration globale +signet=1 +server=1 +datadir=$BITCOIN_DATAS_DIR + +[signet] +daemon=0 +txindex=1 +upnp=1 +#debug=1 +#loglevel=debug +logthreadnames=1 +onion=tor:$TOR_PORT +listenonion=1 +onlynet=onion + +# Paramètres RPC +rpcauth=$BITCOIN_RPC_AUTH +rpcallowip=0.0.0.0/0 +rpcworkqueue=32 +rpcthreads=4 +rpcdoccheck=1 + +# Paramètres ZMQ +zmqpubhashblock=tcp://:$BITCOIN_ZMQPBUBHASHBLOCK_PORT +zmqpubrawtx=tcp://:$BITCOIN_ZMQPUBRAWTX_PORT + +listen=1 +bind=0.0.0.0:$BITCOIN_SIGNET_P2P_PORT +rpcbind=0.0.0.0:$BITCOIN_SIGNET_RPC_PORT +rpcport=$BITCOIN_SIGNET_RPC_PORT +fallbackfee=0.0001 +blockfilterindex=1 +datacarriersize=205 +acceptnonstdtxn=1 +dustrelayfee=0.00000001 +minrelaytxfee=0.00000001 +prune=0 +signetchallenge=0020341c43803863c252df326e73574a27d7e19322992061017b0dc893e2eab90821 +wallet=$BITCOIN_WALLET_NAME +wallet=watchonly +maxtxfee=1 +addnode=tlv2yqamflv22vfdzy2hha2nwmt6zrwrhjjzz4lx7qyq7lyc6wfhabyd.onion +addnode=6xi33lwwslsx3yi3f7c56wnqtdx4v73vj2up3prrwebpwbz6qisnqbyd.onion +addnode=id7e3r3d2epen2v65jebjhmx77aimu7oyhcg45zadafypr4crqsytfid.onion \ No newline at end of file diff --git a/templates/dev/_4NK_modules/blindbit-oracle/.gitkeep b/templates/dev/_4NK_modules/blindbit-oracle/.gitkeep new file mode 100644 index 0000000..6a04314 --- /dev/null +++ b/templates/dev/_4NK_modules/blindbit-oracle/.gitkeep @@ -0,0 +1 @@ +./ \ No newline at end of file diff --git a/templates/dev/_4NK_modules/blindbit-oracle/blindbit.toml b/templates/dev/_4NK_modules/blindbit-oracle/blindbit.toml new file mode 100644 index 0000000..d119478 --- /dev/null +++ b/templates/dev/_4NK_modules/blindbit-oracle/blindbit.toml @@ -0,0 +1,18 @@ +# Configuration Blindbit Oracle +host = "0.0.0.0:$BLINDBIT_PORT" +chain = "signet" +rpc_endpoint = "$BITCOIN_RPC_URL" +cookie_path = "$BITCOIN_COOKIE_PATH" +rpc_user = "" +rpc_pass = "" +sync_start_height = 1 + +# Performance +max_parallel_tweak_computations = 4 +max_parallel_requests = 4 + +# Index +tweaks_only = 0 +tweaks_full_basic = 1 +tweaks_full_with_dust_filter = 1 +tweaks_cut_through_with_dust_filter = 1 diff --git a/templates/dev/_4NK_modules/grafana/.env b/templates/dev/_4NK_modules/grafana/.env new file mode 100644 index 0000000..e62242c --- /dev/null +++ b/templates/dev/_4NK_modules/grafana/.env @@ -0,0 +1,6 @@ +GF_SECURITY_ADMIN_PASSWORD=Fuy8ZfxQI2xdSdoB8wsGxNjyU +GF_USERS_ALLOW_SIGN_UP=false +GF_SERVER_ROOT_URL=$ROOT_URL$URL_ROUTE_GRAFAN +GF_PLUGINS_PREINSTALL_SYNC=grafana-clock-panel,grafana-simple-json-datasource +GRAFANA_ADMIN_USER=$GRAFANA_ADMIN_USER +GRAFANA_ADMIN_PASSWORD=$GRAFANA_ADMIN_PASSWORD \ No newline at end of file diff --git a/templates/dev/_4NK_modules/grafana/.gitkeep b/templates/dev/_4NK_modules/grafana/.gitkeep new file mode 100644 index 0000000..6a04314 --- /dev/null +++ b/templates/dev/_4NK_modules/grafana/.gitkeep @@ -0,0 +1 @@ +./ \ No newline at end of file diff --git a/templates/dev/_4NK_modules/grafana/dashboards/.gitkeep b/templates/dev/_4NK_modules/grafana/dashboards/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/templates/dev/_4NK_modules/grafana/dashboards/bitcoin-miner-detailed.json b/templates/dev/_4NK_modules/grafana/dashboards/bitcoin-miner-detailed.json new file mode 100644 index 0000000..c8469f9 --- /dev/null +++ b/templates/dev/_4NK_modules/grafana/dashboards/bitcoin-miner-detailed.json @@ -0,0 +1,399 @@ +{ + "annotations": { + "list": [] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": null, + "links": [], + "liveNow": false, + "panels": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 0 + }, + "id": 1, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom" + }, + "tooltip": { + "mode": "single" + } + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum(rate({container=\"signet_miner\"} |= \"Block mined\" [5m])) by (container)", + "queryType": "", + "refId": "A" + } + ], + "title": "Blocs Minés par Minute", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 0 + }, + "id": 2, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom" + }, + "tooltip": { + "mode": "single" + } + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum(rate({container=\"signet_miner\"} |= \"Hashrate\" [5m])) by (container)", + "queryType": "", + "refId": "A" + } + ], + "title": "Hashrate du Mineur", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 8, + "x": 0, + "y": 8 + }, + "id": 3, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "count_over_time({container=\"signet_miner\"} |= \"ERROR\" [1h])", + "queryType": "", + "refId": "A" + } + ], + "title": "Erreurs du Mineur (1h)", + "type": "stat" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + } + }, + "mappings": [] + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 16, + "x": 8, + "y": 8 + }, + "id": 4, + "options": { + "legend": { + "displayMode": "list", + "placement": "right" + }, + "pieType": "pie", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "tooltip": { + "mode": "single" + } + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum by (level) (count_over_time({container=\"signet_miner\"} | json | level != \"\" [1h]))", + "queryType": "", + "refId": "A" + } + ], + "title": "Distribution des Niveaux de Log", + "type": "piechart" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "custom": { + "align": "auto", + "cellOptions": { + "type": "auto" + }, + "inspect": false + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 16 + }, + "id": 5, + "options": { + "cellHeight": "sm", + "footer": { + "countRows": false, + "fields": "", + "reducer": [ + "sum" + ], + "show": false + }, + "showHeader": true + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "{container=\"signet_miner\"} |= \"Block mined\" | json | line_format \"{{.timestamp}} - Bloc {{.height}} miné - Hash: {{.hash}}\"", + "queryType": "", + "refId": "A" + } + ], + "title": "Historique des Blocs Minés", + "type": "table" + } + ], + "refresh": "5s", + "schemaVersion": 37, + "style": "dark", + "tags": [ + "bitcoin", + "miner", + "signet" + ], + "templating": { + "list": [] + }, + "time": { + "from": "now-1h", + "to": "now" + }, + "timepicker": {}, + "timezone": "", + "title": "Bitcoin Miner - Détails", + "uid": "bitcoin-miner-detailed", + "version": 1, + "weekStart": "" +} + diff --git a/templates/dev/_4NK_modules/grafana/dashboards/bitcoin-miner.json b/templates/dev/_4NK_modules/grafana/dashboards/bitcoin-miner.json new file mode 100644 index 0000000..ed0bd13 --- /dev/null +++ b/templates/dev/_4NK_modules/grafana/dashboards/bitcoin-miner.json @@ -0,0 +1,160 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "target": { + "limit": 100, + "matchAny": false, + "tags": [], + "type": "dashboard" + }, + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": null, + "links": [], + "liveNow": false, + "panels": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 0 + }, + "id": 1, + "options": { + "showTime": false, + "showLabels": false, + "showCommonLabels": false, + "wrapLogMessage": false, + "prettifyLogMessage": false, + "enableLogDetails": true, + "dedupStrategy": "none", + "sortOrder": "Descending" + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "{job=\"bitcoin\"} |= \"block\" | logfmt", + "queryType": "", + "refId": "A" + } + ], + "title": "Bitcoin - Nouveaux Blocs", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 0 + }, + "id": 2, + "options": { + "showTime": false, + "showLabels": false, + "showCommonLabels": false, + "wrapLogMessage": false, + "prettifyLogMessage": false, + "enableLogDetails": true, + "dedupStrategy": "none", + "sortOrder": "Descending" + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "{job=\"miner\"} |= \"mined\" | logfmt", + "queryType": "", + "refId": "A" + } + ], + "title": "Miner - Blocs Minés", + "type": "logs" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 8 + }, + "id": 3, + "options": { + "showTime": false, + "showLabels": false, + "showCommonLabels": false, + "wrapLogMessage": false, + "prettifyLogMessage": false, + "enableLogDetails": true, + "dedupStrategy": "none", + "sortOrder": "Descending" + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "{job=~\"bitcoin|miner|blindbit\"} |= \"error\" | logfmt", + "queryType": "", + "refId": "A" + } + ], + "title": "Bitcoin/Miner/Blindbit - Erreurs", + "type": "logs" + } + ], + "refresh": "30s", + "schemaVersion": 36, + "style": "dark", + "tags": ["bitcoin", "miner", "blockchain"], + "templating": { + "list": [] + }, + "time": { + "from": "now-1h", + "to": "now" + }, + "timepicker": {}, + "timezone": "", + "title": "Bitcoin & Miner Monitoring", + "uid": "bitcoin-miner", + "version": 1, + "weekStart": "" +} diff --git a/templates/dev/_4NK_modules/grafana/dashboards/bitcoin-services.json b/templates/dev/_4NK_modules/grafana/dashboards/bitcoin-services.json new file mode 100644 index 0000000..2abf2d2 --- /dev/null +++ b/templates/dev/_4NK_modules/grafana/dashboards/bitcoin-services.json @@ -0,0 +1,532 @@ +{ + "annotations": { + "list": [] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": null, + "links": [], + "liveNow": false, + "panels": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 0 + }, + "id": 1, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom" + }, + "tooltip": { + "mode": "single" + } + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum(rate({container=\"bitcoin-signet\"} |= \"UpdateTip\" [5m])) by (container)", + "queryType": "", + "refId": "A" + } + ], + "title": "Mises à Jour de la Chaîne Bitcoin", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 0 + }, + "id": 2, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom" + }, + "tooltip": { + "mode": "single" + } + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum(rate({container=\"blindbit-oracle\"} |= \"tweak\" [5m])) by (container)", + "queryType": "", + "refId": "A" + } + ], + "title": "Détection de Tweak (BlindBit)", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 0, + "y": 8 + }, + "id": 3, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "count_over_time({container=\"bitcoin-signet\"} |= \"ERROR\" [1h])", + "queryType": "", + "refId": "A" + } + ], + "title": "Erreurs Bitcoin (1h)", + "type": "stat" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 6, + "y": 8 + }, + "id": 4, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "count_over_time({container=\"blindbit-oracle\"} |= \"ERROR\" [1h])", + "queryType": "", + "refId": "A" + } + ], + "title": "Erreurs BlindBit (1h)", + "type": "stat" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 12, + "y": 8 + }, + "id": 5, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "count_over_time({container=\"bitcoin-signet\"} |= \"New block\" [1h])", + "queryType": "", + "refId": "A" + } + ], + "title": "Nouveaux Blocs (1h)", + "type": "stat" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 18, + "y": 8 + }, + "id": 6, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "count_over_time({container=\"blindbit-oracle\"} |= \"Silent payment\" [1h])", + "queryType": "", + "refId": "A" + } + ], + "title": "Silent Payments (1h)", + "type": "stat" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "custom": { + "align": "auto", + "cellOptions": { + "type": "auto" + }, + "inspect": false + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 12 + }, + "id": 7, + "options": { + "cellHeight": "sm", + "footer": { + "countRows": false, + "fields": "", + "reducer": [ + "sum" + ], + "show": false + }, + "showHeader": true + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "{container=~\"bitcoin-signet|blindbit-oracle\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.container}} - {{.message}}\"", + "queryType": "", + "refId": "A" + } + ], + "title": "Erreurs Bitcoin Services", + "type": "table" + } + ], + "refresh": "5s", + "schemaVersion": 37, + "style": "dark", + "tags": [ + "bitcoin", + "signet", + "blindbit", + "oracle" + ], + "templating": { + "list": [] + }, + "time": { + "from": "now-1h", + "to": "now" + }, + "timepicker": {}, + "timezone": "", + "title": "Bitcoin Services - Monitoring", + "uid": "bitcoin-services", + "version": 1, + "weekStart": "" +} + diff --git a/templates/dev/_4NK_modules/grafana/dashboards/blindbit-oracle.json b/templates/dev/_4NK_modules/grafana/dashboards/blindbit-oracle.json new file mode 100644 index 0000000..9d0a0fa --- /dev/null +++ b/templates/dev/_4NK_modules/grafana/dashboards/blindbit-oracle.json @@ -0,0 +1,192 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": "-- Grafana --", + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "type": "dashboard" + } + ] + }, + "editable": true, + "gnetId": null, + "graphTooltip": 0, + "id": null, + "links": [], + "panels": [ + { + "datasource": "Loki", + "fieldConfig": { + "defaults": { + "custom": {} + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 0 + }, + "id": 1, + "options": { + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "targets": [ + { + "expr": "{job=\"blindbit\"} |= \"Host configuration loaded\"", + "refId": "A" + } + ], + "title": "BlindBit Oracle - Configuration Loaded", + "type": "logs" + }, + { + "datasource": "Loki", + "fieldConfig": { + "defaults": { + "custom": {} + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 0 + }, + "id": 2, + "options": { + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "targets": [ + { + "expr": "{job=\"blindbit\"} |= \"Sync took\"", + "refId": "A" + } + ], + "title": "BlindBit Oracle - Synchronization", + "type": "logs" + }, + { + "datasource": "Loki", + "fieldConfig": { + "defaults": { + "custom": {} + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 8 + }, + "id": 3, + "options": { + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "targets": [ + { + "expr": "{job=\"blindbit\"} |= \"successfully processed block\"", + "refId": "A" + } + ], + "title": "BlindBit Oracle - Block Processing", + "type": "logs" + }, + { + "datasource": "Loki", + "fieldConfig": { + "defaults": { + "custom": {} + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 16 + }, + "id": 4, + "options": { + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "targets": [ + { + "expr": "{job=\"blindbit\"} |= \"GET\" |~ \"/tweaks/\"", + "refId": "A" + } + ], + "title": "BlindBit Oracle - API Requests", + "type": "logs" + }, + { + "datasource": "Loki", + "fieldConfig": { + "defaults": { + "custom": {} + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 16 + }, + "id": 5, + "options": { + "showLabels": false, + "showTime": false, + "sortOrder": "Descending", + "wrapLogMessage": false + }, + "targets": [ + { + "expr": "{job=\"blindbit\"} |~ \"ERROR|error|Error\"", + "refId": "A" + } + ], + "title": "BlindBit Oracle - Errors", + "type": "logs" + } + ], + "schemaVersion": 27, + "style": "dark", + "tags": [ + "blindbit", + "oracle", + "blockchain" + ], + "templating": { + "list": [] + }, + "time": { + "from": "now-1h", + "to": "now" + }, + "timepicker": {}, + "timezone": "", + "title": "BlindBit Oracle Dashboard", + "uid": "blindbit-oracle", + "version": 1 +} + diff --git a/templates/dev/_4NK_modules/grafana/dashboards/frontend-services.json b/templates/dev/_4NK_modules/grafana/dashboards/frontend-services.json new file mode 100644 index 0000000..262feb0 --- /dev/null +++ b/templates/dev/_4NK_modules/grafana/dashboards/frontend-services.json @@ -0,0 +1,532 @@ +{ + "annotations": { + "list": [] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": null, + "links": [], + "liveNow": false, + "panels": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 0 + }, + "id": 1, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom" + }, + "tooltip": { + "mode": "single" + } + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum(rate({container=~\"lecoffre-front|ihm_client\"} |= \"GET\" [5m])) by (container)", + "queryType": "", + "refId": "A" + } + ], + "title": "Requêtes HTTP par Frontend", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 0 + }, + "id": 2, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom" + }, + "tooltip": { + "mode": "single" + } + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum(rate({container=\"ihm_client\"} |= \"vite\" [5m])) by (container)", + "queryType": "", + "refId": "A" + } + ], + "title": "Activité Vite (IHM Client)", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 0, + "y": 8 + }, + "id": 3, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "count_over_time({container=\"lecoffre-front\"} |= \"ERROR\" [1h])", + "queryType": "", + "refId": "A" + } + ], + "title": "Erreurs LeCoffre Front (1h)", + "type": "stat" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 6, + "y": 8 + }, + "id": 4, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "count_over_time({container=\"ihm_client\"} |= \"ERROR\" [1h])", + "queryType": "", + "refId": "A" + } + ], + "title": "Erreurs IHM Client (1h)", + "type": "stat" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 12, + "y": 8 + }, + "id": 5, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum(count_over_time({container=~\"lecoffre-front|ihm_client\"} [1h]))", + "queryType": "", + "refId": "A" + } + ], + "title": "Total Logs Frontend (1h)", + "type": "stat" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 18, + "y": 8 + }, + "id": 6, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "count_over_time({container=\"ihm_client\"} |= \"Pre-transform error\" [1h])", + "queryType": "", + "refId": "A" + } + ], + "title": "Erreurs Vite (1h)", + "type": "stat" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "custom": { + "align": "auto", + "cellOptions": { + "type": "auto" + }, + "inspect": false + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 12 + }, + "id": 7, + "options": { + "cellHeight": "sm", + "footer": { + "countRows": false, + "fields": "", + "reducer": [ + "sum" + ], + "show": false + }, + "showHeader": true + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "{container=~\"lecoffre-front|ihm_client\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.container}} - {{.message}}\"", + "queryType": "", + "refId": "A" + } + ], + "title": "Erreurs Récentes Frontend", + "type": "table" + } + ], + "refresh": "5s", + "schemaVersion": 37, + "style": "dark", + "tags": [ + "frontend", + "lecoffre", + "ihm", + "client" + ], + "templating": { + "list": [] + }, + "time": { + "from": "now-1h", + "to": "now" + }, + "timepicker": {}, + "timezone": "", + "title": "Frontend Services - Monitoring", + "uid": "frontend-services", + "version": 1, + "weekStart": "" +} + diff --git a/templates/dev/_4NK_modules/grafana/dashboards/lecoffre-overview.json b/templates/dev/_4NK_modules/grafana/dashboards/lecoffre-overview.json new file mode 100644 index 0000000..9ecf781 --- /dev/null +++ b/templates/dev/_4NK_modules/grafana/dashboards/lecoffre-overview.json @@ -0,0 +1,252 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "target": { + "limit": 100, + "matchAny": false, + "tags": [], + "type": "dashboard" + }, + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": null, + "links": [], + "liveNow": false, + "panels": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "short" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 0 + }, + "id": 1, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom" + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum by (service) (count_over_time({job=~\".*\"} |= \"error\" [5m]))", + "queryType": "", + "refId": "A" + } + ], + "title": "Erreurs par Service (5 dernières minutes)", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "short" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 0 + }, + "id": 2, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom" + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum by (service) (count_over_time({job=~\".*\"} [5m]))", + "queryType": "", + "refId": "A" + } + ], + "title": "Volume de Logs par Service (5 dernières minutes)", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "gridPos": { + "h": 12, + "w": 24, + "x": 0, + "y": 8 + }, + "id": 3, + "options": { + "showTime": false, + "showLabels": false, + "showCommonLabels": false, + "wrapLogMessage": false, + "prettifyLogMessage": false, + "enableLogDetails": true, + "dedupStrategy": "none", + "sortOrder": "Descending" + }, + "title": "Logs d'Erreur - Tous Services", + "type": "logs" + } + ], + "refresh": "30s", + "schemaVersion": 36, + "style": "dark", + "tags": ["lecoffre", "monitoring"], + "templating": { + "list": [] + }, + "time": { + "from": "now-1h", + "to": "now" + }, + "timepicker": {}, + "timezone": "", + "title": "LeCoffre Node - Vue d'ensemble", + "uid": "lecoffre-overview", + "version": 1, + "weekStart": "" +} diff --git a/templates/dev/_4NK_modules/grafana/dashboards/sdk-services.json b/templates/dev/_4NK_modules/grafana/dashboards/sdk-services.json new file mode 100644 index 0000000..112fa6a --- /dev/null +++ b/templates/dev/_4NK_modules/grafana/dashboards/sdk-services.json @@ -0,0 +1,594 @@ +{ + "annotations": { + "list": [] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": null, + "links": [], + "liveNow": false, + "panels": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 8, + "x": 0, + "y": 0 + }, + "id": 1, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom" + }, + "tooltip": { + "mode": "single" + } + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum(rate({container=~\"sdk_.*\"} |= \"message\" [5m])) by (container)", + "queryType": "", + "refId": "A" + } + ], + "title": "Messages par Service SDK", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 8, + "x": 8, + "y": 0 + }, + "id": 2, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom" + }, + "tooltip": { + "mode": "single" + } + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum(rate({container=\"sdk_relay\"} |= \"transaction\" [5m])) by (container)", + "queryType": "", + "refId": "A" + } + ], + "title": "Transactions Relay", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 8, + "x": 16, + "y": 0 + }, + "id": 3, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom" + }, + "tooltip": { + "mode": "single" + } + }, + "title": "Signatures Signer", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 0, + "y": 8 + }, + "id": 4, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "count_over_time({container=\"sdk_relay\"} |= \"ERROR\" [1h])", + "queryType": "", + "refId": "A" + } + ], + "title": "Erreurs Relay (1h)", + "type": "stat" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 6, + "y": 8 + }, + "id": 5, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "10.0.0", + "title": "Erreurs Signer (1h)", + "type": "stat" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 12, + "y": 8 + }, + "id": 6, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "count_over_time({container=\"sdk_storage\"} |= \"ERROR\" [1h])", + "queryType": "", + "refId": "A" + } + ], + "title": "Erreurs Storage (1h)", + "type": "stat" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 4, + "w": 6, + "x": 18, + "y": 8 + }, + "id": 7, + "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "auto" + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum(count_over_time({container=~\"sdk_.*\"} [1h]))", + "queryType": "", + "refId": "A" + } + ], + "title": "Total Logs SDK (1h)", + "type": "stat" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "custom": { + "align": "auto", + "cellOptions": { + "type": "auto" + }, + "inspect": false + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 24, + "x": 0, + "y": 12 + }, + "id": 8, + "options": { + "cellHeight": "sm", + "footer": { + "countRows": false, + "fields": "", + "reducer": [ + "sum" + ], + "show": false + }, + "showHeader": true + }, + "pluginVersion": "10.0.0", + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "{container=~\"sdk_.*\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.container}} - {{.message}}\"", + "queryType": "", + "refId": "A" + } + ], + "title": "Erreurs Récentes SDK", + "type": "table" + } + ], + "refresh": "5s", + "schemaVersion": 37, + "style": "dark", + "tags": [ + "sdk", + "relay", + "signer", + "storage" + ], + "templating": { + "list": [] + }, + "time": { + "from": "now-1h", + "to": "now" + }, + "timepicker": {}, + "timezone": "", + "title": "SDK Services - Monitoring", + "uid": "sdk-services", + "version": 1, + "weekStart": "" +} diff --git a/templates/dev/_4NK_modules/grafana/dashboards/services-overview.json b/templates/dev/_4NK_modules/grafana/dashboards/services-overview.json new file mode 100644 index 0000000..b27238f --- /dev/null +++ b/templates/dev/_4NK_modules/grafana/dashboards/services-overview.json @@ -0,0 +1,418 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "target": { + "limit": 100, + "matchAny": false, + "tags": [], + "type": "dashboard" + }, + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "id": null, + "links": [], + "liveNow": false, + "panels": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "short" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 6, + "x": 0, + "y": 0 + }, + "id": 1, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom" + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "title": "LeCoffre Backend - Volume Logs", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "short" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 6, + "x": 6, + "y": 0 + }, + "id": 2, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom" + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum by (service) (count_over_time({job=\"lecoffre-front\"} [5m]))", + "queryType": "", + "refId": "A" + } + ], + "title": "LeCoffre Frontend - Volume Logs", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "short" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 6, + "x": 12, + "y": 0 + }, + "id": 3, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom" + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum by (service) (count_over_time({job=\"ihm_client\"} [5m]))", + "queryType": "", + "refId": "A" + } + ], + "title": "IHM Client - Volume Logs", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "vis": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "short" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 6, + "x": 18, + "y": 0 + }, + "id": 4, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom" + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "editorMode": "code", + "expr": "sum by (service) (count_over_time({job=\"sdk_relay\"} [5m]))", + "queryType": "", + "refId": "A" + } + ], + "title": "SDK Relay - Volume Logs", + "type": "timeseries" + }, + { + "datasource": { + "type": "loki", + "uid": "loki" + }, + "gridPos": { + "h": 12, + "w": 24, + "x": 0, + "y": 8 + }, + "id": 5, + "options": { + "showTime": false, + "showLabels": false, + "showCommonLabels": false, + "wrapLogMessage": false, + "prettifyLogMessage": false, + "enableLogDetails": true, + "dedupStrategy": "none", + "sortOrder": "Descending" + }, + "title": "Logs d'Erreur - Services Applications", + "type": "logs" + } + ], + "refresh": "30s", + "schemaVersion": 36, + "style": "dark", + "tags": ["services", "applications"], + "templating": { + "list": [] + }, + "time": { + "from": "now-1h", + "to": "now" + }, + "timepicker": {}, + "timezone": "", + "title": "Services Applications - Monitoring", + "uid": "services-overview", + "version": 1, + "weekStart": "" +} diff --git a/templates/dev/_4NK_modules/grafana/grafana.ini b/templates/dev/_4NK_modules/grafana/grafana.ini new file mode 100644 index 0000000..a3c3e02 --- /dev/null +++ b/templates/dev/_4NK_modules/grafana/grafana.ini @@ -0,0 +1,57 @@ +# Configuration Grafana avancée pour LeCoffre Node + +[server] +# URL publique de Grafana +root_url = $GRAFANA_URL + +# Configuration de sécurité +enable_gzip = true +cert_file = +cert_key = +enforce_domain = false + +[security] +# Configuration de sécurité +admin_user = $GRAFANA_ADMIN_USER +admin_password = $GRAFANA_ADMIN_PASSWORD +secret_key = lecoffre_grafana_secret_key_2025 + +# Configuration des sessions +cookie_secure = true +cookie_samesite = strict + +[users] +# Configuration des utilisateurs +allow_sign_up = false +allow_org_create = false +auto_assign_org = true +auto_assign_org_id = 1 +auto_assign_org_role = Viewer + +[auth.anonymous] +# Accès anonyme désactivé pour la sécurité +enabled = false + +[dashboards] +# Configuration des dashboards +default_home_dashboard_path = $GRAFANA_CONF_DIR/dashboards/lecoffre-overview.json + +[unified_alerting] +# Configuration des alertes unifiées +enabled = true + +[log] +# Configuration des logs Grafana +mode = console +level = info +format = json + +[metrics] +# Métriques Prometheus +enabled = true +basic_auth_username = +basic_auth_password = + +[feature_toggles] +# Fonctionnalités activées +enable = traceqlEditor diff --git a/templates/dev/_4NK_modules/ihm_client/.env b/templates/dev/_4NK_modules/ihm_client/.env new file mode 100644 index 0000000..7fe28d5 --- /dev/null +++ b/templates/dev/_4NK_modules/ihm_client/.env @@ -0,0 +1,7 @@ +NEXT_PUBLIC_4NK_IFRAME_URL=$IHM_CLIENT_URL +VITE_JWT_SECRET_KEY=$VITE_JWT_SECRET_KEY +VITE_API_BASE_URL=$LECOFFRE_BACK_URL +VITE_WS_URL=$RELAY_URL +VITE_SIGNER_URL=$SIGNER_URL +VITE_BOOTSTRAPURL=$RELAY_BOOSTRAP_URL +RELAY_URLS=$RELAY_URLS diff --git a/templates/dev/_4NK_modules/ihm_client/.gitkeep b/templates/dev/_4NK_modules/ihm_client/.gitkeep new file mode 100644 index 0000000..6a04314 --- /dev/null +++ b/templates/dev/_4NK_modules/ihm_client/.gitkeep @@ -0,0 +1 @@ +./ \ No newline at end of file diff --git a/templates/dev/_4NK_modules/loki/.env b/templates/dev/_4NK_modules/loki/.env new file mode 100644 index 0000000..53be051 --- /dev/null +++ b/templates/dev/_4NK_modules/loki/.env @@ -0,0 +1 @@ +LOKI_URL=$LOKI_URL diff --git a/templates/dev/_4NK_modules/loki/.gitkeep b/templates/dev/_4NK_modules/loki/.gitkeep new file mode 100644 index 0000000..6a04314 --- /dev/null +++ b/templates/dev/_4NK_modules/loki/.gitkeep @@ -0,0 +1 @@ +./ \ No newline at end of file diff --git a/templates/dev/_4NK_modules/loki/loki-config.yaml b/templates/dev/_4NK_modules/loki/loki-config.yaml new file mode 100644 index 0000000..d4eece1 --- /dev/null +++ b/templates/dev/_4NK_modules/loki/loki-config.yaml @@ -0,0 +1,76 @@ +auth_enabled: false + +server: + http_listen_port: $LOKI_PORT + grpc_listen_port: 9096 + http_listen_address: 0.0.0.0 + grpc_listen_address: 0.0.0.0 + +common: + instance_addr: 0.0.0.0 + path_prefix: /loki + storage: + filesystem: + chunks_directory: /loki/chunks + rules_directory: /loki/rules + replication_factor: 1 + ring: + kvstore: + store: inmemory + +schema_config: + configs: + - from: 2020-10-24 + store: tsdb + object_store: filesystem + schema: v13 + index: + prefix: index_ + period: 24h + +ruler: + alertmanager_url: http://localhost:$LOKI_PORT + +# Configuration de l'ingester - SEULEMENT le paramètre crucial +ingester: + lifecycler: + min_ready_duration: 5s # Réduit le délai de 15s à 5s + +# Configuration des limites +limits_config: + reject_old_samples: true + reject_old_samples_max_age: 168h + max_cache_freshness_per_query: 10m + split_queries_by_interval: 15m + max_query_parallelism: 32 + max_streams_per_user: 0 + max_line_size: 256000 + ingestion_rate_mb: 16 + ingestion_burst_size_mb: 32 + per_stream_rate_limit: 3MB + per_stream_rate_limit_burst: 15MB + max_entries_limit_per_query: 5000 + max_query_series: 500 + max_query_length: 721h + cardinality_limit: 100000 + max_streams_matchers_per_query: 1000 + max_concurrent_tail_requests: 10 + +# Configuration du storage +storage_config: + tsdb_shipper: + active_index_directory: /loki/tsdb-index + cache_location: /loki/tsdb-cache + filesystem: + directory: /loki/chunks + +# Configuration du compactor +compactor: + working_directory: /loki/compactor + compaction_interval: 10m + retention_enabled: false + delete_request_store: filesystem + +# Analytics désactivés +analytics: + reporting_enabled: false \ No newline at end of file diff --git a/templates/dev/_4NK_modules/promtail/.env b/templates/dev/_4NK_modules/promtail/.env new file mode 100644 index 0000000..997aa2f --- /dev/null +++ b/templates/dev/_4NK_modules/promtail/.env @@ -0,0 +1 @@ +PROMTAIL_CONFIG_FILE=$PROMTAIL_CONF_DIR/config.yml diff --git a/templates/dev/_4NK_modules/promtail/.gitkeep b/templates/dev/_4NK_modules/promtail/.gitkeep new file mode 100644 index 0000000..6a04314 --- /dev/null +++ b/templates/dev/_4NK_modules/promtail/.gitkeep @@ -0,0 +1 @@ +./ \ No newline at end of file diff --git a/templates/dev/_4NK_modules/promtail/promtail.yml b/templates/dev/_4NK_modules/promtail/promtail.yml new file mode 100644 index 0000000..40d27ea --- /dev/null +++ b/templates/dev/_4NK_modules/promtail/promtail.yml @@ -0,0 +1,107 @@ +server: + http_listen_port: $PROMTAIL_PORT + grpc_listen_port: 0 + +positions: + filename: /tmp/positions.yaml + +clients: + - url: $LOKI_URL/loki/api/v1/push + +scrape_configs: + # Bitcoin Signet Logs + - job_name: bitcoin + static_configs: + - targets: + - localhost + labels: + job: bitcoin + service: bitcoin-signet + __path__: $BITCOIN_LOGS_DIR/*.log + + # Blindbit Oracle Logs + - job_name: blindbit + static_configs: + - targets: + - localhost + labels: + job: blindbit + service: blindbit-oracle + __path__: $BLINDBIT_LOGS_DIR/*.log + + # SDK Relay Logs + - job_name: sdk_relay + static_configs: + - targets: + - localhost + labels: + job: sdk_relay + service: sdk_relay + __path__: $SDK_RELAY_LOGS_DIR/*.log + + # SDK Storage Logs + - job_name: sdk_storage + static_configs: + - targets: + - localhost + labels: + job: sdk_storage + service: sdk_storage + __path__: $SDK_STORAGE_LOGS_DIR/*.log + + # LeCoffre Frontend Logs + - job_name: lecoffre-front + static_configs: + - targets: + - localhost + labels: + job: lecoffre-front + service: lecoffre-front + __path__: $LECOFFRE_FRONT_LOGS_DIR/*.log + + # IHM Client Logs + - job_name: ihm_client + static_configs: + - targets: + - localhost + labels: + job: ihm_client + service: ihm_client + __path__: $IHM_CLIENT_LOGS_DIR/*.log + + # Miner Logs + - job_name: miner + static_configs: + - targets: + - localhost + labels: + job: miner + service: signet_miner + __path__: $MINER_LOGS_DIR/*.log + + # Tor Logs + - job_name: tor + static_configs: + - targets: + - localhost + labels: + job: tor + service: tor-proxy + __path__: $TOR_LOGS_DIR/*.log + + # Docker Container Logs + - job_name: docker + docker_sd_configs: + - host: unix:///var/run/docker.sock + refresh_interval: 5s + filters: + - name: label + values: ["com.centurylinklabs.watchtower.enable=true"] + relabel_configs: + - source_labels: ['__meta_docker_container_name'] + regex: '/?(.*)' + target_label: 'container_name' + - source_labels: ['__meta_docker_container_log_stream'] + target_label: 'logstream' + - source_labels: ['__meta_docker_container_label_logging_job_name'] + target_label: 'job' diff --git a/templates/dev/_4NK_modules/redis/.gitkeep b/templates/dev/_4NK_modules/redis/.gitkeep new file mode 100644 index 0000000..6a04314 --- /dev/null +++ b/templates/dev/_4NK_modules/redis/.gitkeep @@ -0,0 +1 @@ +./ \ No newline at end of file diff --git a/templates/dev/_4NK_modules/sdk_relay/.conf b/templates/dev/_4NK_modules/sdk_relay/.conf new file mode 100644 index 0000000..99417d0 --- /dev/null +++ b/templates/dev/_4NK_modules/sdk_relay/.conf @@ -0,0 +1,16 @@ +core_url="$BITCOIN_RPC_URL" +ws_url="$RELAY_URL" +wallet_name="default" +network="signet" +blindbit_url="$BLINDBIT_URL" +zmq_url=$ZMQ_URL +storage=$STORAGE_URL +data_dir=$SDK_RELAY_DATA_DIR +bitcoin_data_dir=$SDK_RELAY_DATA_DIR +bootstrap_url=$RELAY_BOOSTRAP_URL +bootstrap_faucet=true +RUST_LOG="DEBUG,reqwest=DEBUG,tokio_tungstenite=DEBUG" +NODE_OPTIONS="--max-old-space-size=2048" + +SIGNER_API_KEY="$SIGNER_API_KEY" +VITE_JWT_SECRET_KEY="$VITE_JWT_SECRET_KEY" diff --git a/templates/dev/_4NK_modules/sdk_relay/.env b/templates/dev/_4NK_modules/sdk_relay/.env new file mode 100644 index 0000000..6e603f8 --- /dev/null +++ b/templates/dev/_4NK_modules/sdk_relay/.env @@ -0,0 +1,14 @@ +SDK_RELAY_WS_URL=$RELAY_URL +SDK_RELAY_WALLET_NAME=$BITCOIN_WALLET_NAME +SDK_RELAY_NETWORK=signet +SDK_RELAY_BLINDBIT_URL=$BLINDBIT_URL +SDK_RELAY_STORAGE=$STORAGE_URL +SDK_RELAY_DATA_DIR=$SDK_RELAY_DATA_DIR +SDK_RELAY_BOOTSTRAP_URL=$RELAY_BOOSTRAP_URL +SDK_RELAY_BOOTSTRAP_FAUCET=https://$BOOTSTRAP_HOST/api/v1/faucet + +SDK_RELAY_CORE_URL=$BITCOIN_RPC_URL +SDK_RELAY_NETWORK=signet +SDK_RELAY_ZMQ_URL=tcp://$BITCOIN_DOCKER_NAME:$BITCOIN_ZMQPBUBHASHBLOCK_PORT +SDK_RELAY_BITCOIN_DATA_DIR=$BITCOIN_DATA_DIR +HOME=/$SDK_RELAY_DOCKER_NAME \ No newline at end of file diff --git a/templates/dev/_4NK_modules/sdk_relay/.gitkeep b/templates/dev/_4NK_modules/sdk_relay/.gitkeep new file mode 100644 index 0000000..6a04314 --- /dev/null +++ b/templates/dev/_4NK_modules/sdk_relay/.gitkeep @@ -0,0 +1 @@ +./ \ No newline at end of file diff --git a/templates/dev/_4NK_modules/sdk_signer/.gitkeep b/templates/dev/_4NK_modules/sdk_signer/.gitkeep new file mode 100644 index 0000000..6a04314 --- /dev/null +++ b/templates/dev/_4NK_modules/sdk_signer/.gitkeep @@ -0,0 +1 @@ +./ \ No newline at end of file diff --git a/templates/dev/_4NK_modules/sdk_storage/.env b/templates/dev/_4NK_modules/sdk_storage/.env new file mode 100644 index 0000000..2ed03c0 --- /dev/null +++ b/templates/dev/_4NK_modules/sdk_storage/.env @@ -0,0 +1,10 @@ +# =========================================== +# Variables d'environnement pour sdk_storage +# =========================================== + +# Configuration SDK Storage +STORAGE_URL=$STORAGE_URL +STORAGE_PORT=$STORAGE_PORT +STORAGE_DATA_DIR=$SDK_STORAGE_DATA_DIR +VITE_STORAGE_URL=$SDK_STORAGE_DATA_DIR +DOMAIN=$DOMAIN diff --git a/templates/dev/_4NK_modules/sdk_storage/.gitkeep b/templates/dev/_4NK_modules/sdk_storage/.gitkeep new file mode 100644 index 0000000..6a04314 --- /dev/null +++ b/templates/dev/_4NK_modules/sdk_storage/.gitkeep @@ -0,0 +1 @@ +./ \ No newline at end of file diff --git a/templates/dev/_4NK_modules/tor-proxy/.gitkeep b/templates/dev/_4NK_modules/tor-proxy/.gitkeep new file mode 100644 index 0000000..6a04314 --- /dev/null +++ b/templates/dev/_4NK_modules/tor-proxy/.gitkeep @@ -0,0 +1 @@ +./ \ No newline at end of file diff --git a/templates/dev/_4NK_modules/tor-proxy/torrc b/templates/dev/_4NK_modules/tor-proxy/torrc new file mode 100644 index 0000000..7ee029a --- /dev/null +++ b/templates/dev/_4NK_modules/tor-proxy/torrc @@ -0,0 +1,18 @@ +# Configuration Tor pour LeCoffre Node +# Écoute sur 127.0.0.1 pour la sécurité + +# Port SOCKS pour les connexions sortantes +SOCKSPort 127.0.0.1:$TOR_PORT + +# Configuration de base +Log notice file $TOR_LOGS_DIR/tor.log +DataDirectory $SDK_TOR_DATA_DIR + +# Configuration réseau +ClientOnly 1 +SafeLogging 1 +WarnUnsafeSocks 1 + +# Désactiver les services cachés +# HiddenServiceDir $SDK_TOR_DATA_DIR/hidden_service/ +# HiddenServicePort 80 127.0.0.1:80 diff --git a/templates/dev/docker-compose.yml.auto b/templates/dev/docker-compose.yml.auto new file mode 100644 index 0000000..2b220e6 --- /dev/null +++ b/templates/dev/docker-compose.yml.auto @@ -0,0 +1,535 @@ + +services: + + + $REDIS_DOCKER_NAME: + image: $REDIS_DOCKER_IMAGE + container_name: $REDIS_DOCKER_NAME + working_dir: /$REDIS_DOCKER_NAME + ports: + - "0.0.0.0:$REDIS_EXTERNAL_PORT" + - "0.0.0.0:$REDIS_PORT" + - "0.0.0.0:$REDIS_PORT2" + - "0.0.0.0:$REDIS_PORT3" + volumes: + - $REDIS_CONFS_DIR:$REDIS_DOCKER_CONFS_DIR + - $REDIS_LOGS_DIR:$REDIS_DOCKER_LOGS_DIR + - $REDIS_RUNS_DIR:$REDIS_DOCKER_RUNS_DIR + - $REDIS_DATAS_DIR:$REDIS_DOCKER_DATAS_DIR + - $REDIS_BACKUPS_DIR:$REDIS_DOCKER_BACKUPS_DIR + - $REDIS_SCRIPTS_DIR:$REDIS_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $REDIS_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$REDIS_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$REDIS.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $POSTGRESQL_DOCKER_NAME: + image: $POSTGRESQL_DOCKER_IMAGE + container_name: $POSTGRESQL_DOCKER_NAME + working_dir: /$POSTGRESQL_DOCKER_NAME + ports: + - "0.0.0.0:$POSTGRESQL_EXTERNAL_PORT" + - "0.0.0.0:$POSTGRESQL_PORT" + - "0.0.0.0:$POSTGRESQL_PORT2" + - "0.0.0.0:$POSTGRESQL_PORT3" + volumes: + - $POSTGRESQL_CONFS_DIR:$POSTGRESQL_DOCKER_CONFS_DIR + - $POSTGRESQL_LOGS_DIR:$POSTGRESQL_DOCKER_LOGS_DIR + - $POSTGRESQL_RUNS_DIR:$POSTGRESQL_DOCKER_RUNS_DIR + - $POSTGRESQL_DATAS_DIR:$POSTGRESQL_DOCKER_DATAS_DIR + - $POSTGRESQL_BACKUPS_DIR:$POSTGRESQL_DOCKER_BACKUPS_DIR + - $POSTGRESQL_SCRIPTS_DIR:$POSTGRESQL_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $POSTGRESQL_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$POSTGRESQL_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$POSTGRESQL.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $LOKI_DOCKER_NAME: + image: $LOKI_DOCKER_IMAGE + container_name: $LOKI_DOCKER_NAME + working_dir: /$LOKI_DOCKER_NAME + ports: + - "0.0.0.0:$LOKI_EXTERNAL_PORT" + - "0.0.0.0:$LOKI_PORT" + - "0.0.0.0:$LOKI_PORT2" + - "0.0.0.0:$LOKI_PORT3" + volumes: + - $LOKI_CONFS_DIR:$LOKI_DOCKER_CONFS_DIR + - $LOKI_LOGS_DIR:$LOKI_DOCKER_LOGS_DIR + - $LOKI_RUNS_DIR:$LOKI_DOCKER_RUNS_DIR + - $LOKI_DATAS_DIR:$LOKI_DOCKER_DATAS_DIR + - $LOKI_BACKUPS_DIR:$LOKI_DOCKER_BACKUPS_DIR + - $LOKI_SCRIPTS_DIR:$LOKI_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $LOKI_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$LOKI_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$LOKI.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $PROMTAIL_DOCKER_NAME: + image: $PROMTAIL_DOCKER_IMAGE + container_name: $PROMTAIL_DOCKER_NAME + working_dir: /$PROMTAIL_DOCKER_NAME + ports: + - "0.0.0.0:$PROMTAIL_EXTERNAL_PORT" + - "0.0.0.0:$PROMTAIL_PORT" + - "0.0.0.0:$PROMTAIL_PORT2" + - "0.0.0.0:$PROMTAIL_PORT3" + volumes: + - $PROMTAIL_CONFS_DIR:$PROMTAIL_DOCKER_CONFS_DIR + - $PROMTAIL_LOGS_DIR:$PROMTAIL_DOCKER_LOGS_DIR + - $PROMTAIL_RUNS_DIR:$PROMTAIL_DOCKER_RUNS_DIR + - $PROMTAIL_DATAS_DIR:$PROMTAIL_DOCKER_DATAS_DIR + - $PROMTAIL_BACKUPS_DIR:$PROMTAIL_DOCKER_BACKUPS_DIR + - $PROMTAIL_SCRIPTS_DIR:$PROMTAIL_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $PROMTAIL_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$PROMTAIL_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$PROMTAIL.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $GRAFANA_DOCKER_NAME: + image: $GRAFANA_DOCKER_IMAGE + container_name: $GRAFANA_DOCKER_NAME + working_dir: /$GRAFANA_DOCKER_NAME + ports: + - "0.0.0.0:$GRAFANA_EXTERNAL_PORT" + - "0.0.0.0:$GRAFANA_PORT" + - "0.0.0.0:$GRAFANA_PORT2" + - "0.0.0.0:$GRAFANA_PORT3" + volumes: + - $GRAFANA_CONFS_DIR:$GRAFANA_DOCKER_CONFS_DIR + - $GRAFANA_LOGS_DIR:$GRAFANA_DOCKER_LOGS_DIR + - $GRAFANA_RUNS_DIR:$GRAFANA_DOCKER_RUNS_DIR + - $GRAFANA_DATAS_DIR:$GRAFANA_DOCKER_DATAS_DIR + - $GRAFANA_BACKUPS_DIR:$GRAFANA_DOCKER_BACKUPS_DIR + - $GRAFANA_SCRIPTS_DIR:$GRAFANA_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $GRAFANA_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$GRAFANA_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$GRAFANA.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $NGNIX_DOCKER_NAME: + image: $NGNIX_DOCKER_IMAGE + container_name: $NGNIX_DOCKER_NAME + working_dir: /$NGNIX_DOCKER_NAME + ports: + - "0.0.0.0:$NGNIX_EXTERNAL_PORT" + - "0.0.0.0:$NGNIX_PORT" + - "0.0.0.0:$NGNIX_PORT2" + - "0.0.0.0:$NGNIX_PORT3" + volumes: + - $NGNIX_CONFS_DIR:$NGNIX_DOCKER_CONFS_DIR + - $NGNIX_LOGS_DIR:$NGNIX_DOCKER_LOGS_DIR + - $NGNIX_RUNS_DIR:$NGNIX_DOCKER_RUNS_DIR + - $NGNIX_DATAS_DIR:$NGNIX_DOCKER_DATAS_DIR + - $NGNIX_BACKUPS_DIR:$NGNIX_DOCKER_BACKUPS_DIR + - $NGNIX_SCRIPTS_DIR:$NGNIX_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $NGNIX_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$NGNIX_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$NGNIX.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $TOR_DOCKER_NAME: + image: $TOR_DOCKER_IMAGE + container_name: $TOR_DOCKER_NAME + working_dir: /$TOR_DOCKER_NAME + ports: + - "0.0.0.0:$TOR_EXTERNAL_PORT" + - "0.0.0.0:$TOR_PORT" + - "0.0.0.0:$TOR_PORT2" + - "0.0.0.0:$TOR_PORT3" + volumes: + - $TOR_CONFS_DIR:$TOR_DOCKER_CONFS_DIR + - $TOR_LOGS_DIR:$TOR_DOCKER_LOGS_DIR + - $TOR_RUNS_DIR:$TOR_DOCKER_RUNS_DIR + - $TOR_DATAS_DIR:$TOR_DOCKER_DATAS_DIR + - $TOR_BACKUPS_DIR:$TOR_DOCKER_BACKUPS_DIR + - $TOR_SCRIPTS_DIR:$TOR_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $TOR_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$TOR_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$TOR.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $_4NK_VAULT_DOCKER_NAME: + image: $_4NK_VAULT_DOCKER_IMAGE + container_name: $_4NK_VAULT_DOCKER_NAME + working_dir: /$_4NK_VAULT_DOCKER_NAME + ports: + - "0.0.0.0:$_4NK_VAULT_EXTERNAL_PORT" + - "0.0.0.0:$_4NK_VAULT_PORT" + - "0.0.0.0:$_4NK_VAULT_PORT2" + - "0.0.0.0:$_4NK_VAULT_PORT3" + volumes: + - $_4NK_VAULT_CONFS_DIR:$_4NK_VAULT_DOCKER_CONFS_DIR + - $_4NK_VAULT_LOGS_DIR:$_4NK_VAULT_DOCKER_LOGS_DIR + - $_4NK_VAULT_RUNS_DIR:$_4NK_VAULT_DOCKER_RUNS_DIR + - $_4NK_VAULT_DATAS_DIR:$_4NK_VAULT_DOCKER_DATAS_DIR + - $_4NK_VAULT_BACKUPS_DIR:$_4NK_VAULT_DOCKER_BACKUPS_DIR + - $_4NK_VAULT_SCRIPTS_DIR:$_4NK_VAULT_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $_4NK_VAULT_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$_4NK_VAULT_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$_4NK_VAULT.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $BITCOIN_DOCKER_NAME: + image: $BITCOIN_DOCKER_IMAGE + container_name: $BITCOIN_DOCKER_NAME + working_dir: /$BITCOIN_DOCKER_NAME + ports: + - "0.0.0.0:$BITCOIN_EXTERNAL_PORT" + - "0.0.0.0:$BITCOIN_PORT" + - "0.0.0.0:$BITCOIN_PORT2" + - "0.0.0.0:$BITCOIN_PORT3" + volumes: + - $BITCOIN_CONFS_DIR:$BITCOIN_DOCKER_CONFS_DIR + - $BITCOIN_LOGS_DIR:$BITCOIN_DOCKER_LOGS_DIR + - $BITCOIN_RUNS_DIR:$BITCOIN_DOCKER_RUNS_DIR + - $BITCOIN_DATAS_DIR:$BITCOIN_DOCKER_DATAS_DIR + - $BITCOIN_BACKUPS_DIR:$BITCOIN_DOCKER_BACKUPS_DIR + - $BITCOIN_SCRIPTS_DIR:$BITCOIN_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $BITCOIN_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$BITCOIN_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$BITCOIN.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $BLINDBIT_ORACLE_DOCKER_NAME: + image: $BLINDBIT_ORACLE_DOCKER_IMAGE + container_name: $BLINDBIT_ORACLE_DOCKER_NAME + working_dir: /$BLINDBIT_ORACLE_DOCKER_NAME + ports: + - "0.0.0.0:$BLINDBIT_ORACLE_EXTERNAL_PORT" + - "0.0.0.0:$BLINDBIT_ORACLE_PORT" + - "0.0.0.0:$BLINDBIT_ORACLE_PORT2" + - "0.0.0.0:$BLINDBIT_ORACLE_PORT3" + volumes: + - $BLINDBIT_ORACLE_CONFS_DIR:$BLINDBIT_ORACLE_DOCKER_CONFS_DIR + - $BLINDBIT_ORACLE_LOGS_DIR:$BLINDBIT_ORACLE_DOCKER_LOGS_DIR + - $BLINDBIT_ORACLE_RUNS_DIR:$BLINDBIT_ORACLE_DOCKER_RUNS_DIR + - $BLINDBIT_ORACLE_DATAS_DIR:$BLINDBIT_ORACLE_DOCKER_DATAS_DIR + - $BLINDBIT_ORACLE_BACKUPS_DIR:$BLINDBIT_ORACLE_DOCKER_BACKUPS_DIR + - $BLINDBIT_ORACLE_SCRIPTS_DIR:$BLINDBIT_ORACLE_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $BLINDBIT_ORACLE_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$BLINDBIT_ORACLE_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$BLINDBIT_ORACLE.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $SDK_RELAY_DOCKER_NAME: + image: $SDK_RELAY_DOCKER_IMAGE + container_name: $SDK_RELAY_DOCKER_NAME + working_dir: /$SDK_RELAY_DOCKER_NAME + ports: + - "0.0.0.0:$SDK_RELAY_EXTERNAL_PORT" + - "0.0.0.0:$SDK_RELAY_PORT" + - "0.0.0.0:$SDK_RELAY_PORT2" + - "0.0.0.0:$SDK_RELAY_PORT3" + volumes: + - $SDK_RELAY_CONFS_DIR:$SDK_RELAY_DOCKER_CONFS_DIR + - $SDK_RELAY_LOGS_DIR:$SDK_RELAY_DOCKER_LOGS_DIR + - $SDK_RELAY_RUNS_DIR:$SDK_RELAY_DOCKER_RUNS_DIR + - $SDK_RELAY_DATAS_DIR:$SDK_RELAY_DOCKER_DATAS_DIR + - $SDK_RELAY_BACKUPS_DIR:$SDK_RELAY_DOCKER_BACKUPS_DIR + - $SDK_RELAY_SCRIPTS_DIR:$SDK_RELAY_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $SDK_RELAY_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$SDK_RELAY_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$SDK_RELAY.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $SDK_STORAGE_DOCKER_NAME: + image: $SDK_STORAGE_DOCKER_IMAGE + container_name: $SDK_STORAGE_DOCKER_NAME + working_dir: /$SDK_STORAGE_DOCKER_NAME + ports: + - "0.0.0.0:$SDK_STORAGE_EXTERNAL_PORT" + - "0.0.0.0:$SDK_STORAGE_PORT" + - "0.0.0.0:$SDK_STORAGE_PORT2" + - "0.0.0.0:$SDK_STORAGE_PORT3" + volumes: + - $SDK_STORAGE_CONFS_DIR:$SDK_STORAGE_DOCKER_CONFS_DIR + - $SDK_STORAGE_LOGS_DIR:$SDK_STORAGE_DOCKER_LOGS_DIR + - $SDK_STORAGE_RUNS_DIR:$SDK_STORAGE_DOCKER_RUNS_DIR + - $SDK_STORAGE_DATAS_DIR:$SDK_STORAGE_DOCKER_DATAS_DIR + - $SDK_STORAGE_BACKUPS_DIR:$SDK_STORAGE_DOCKER_BACKUPS_DIR + - $SDK_STORAGE_SCRIPTS_DIR:$SDK_STORAGE_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $SDK_STORAGE_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$SDK_STORAGE_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$SDK_STORAGE.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $IHM_CLIENT_DOCKER_NAME: + image: $IHM_CLIENT_DOCKER_IMAGE + container_name: $IHM_CLIENT_DOCKER_NAME + working_dir: /$IHM_CLIENT_DOCKER_NAME + ports: + - "0.0.0.0:$IHM_CLIENT_EXTERNAL_PORT" + - "0.0.0.0:$IHM_CLIENT_PORT" + - "0.0.0.0:$IHM_CLIENT_PORT2" + - "0.0.0.0:$IHM_CLIENT_PORT3" + volumes: + - $IHM_CLIENT_CONFS_DIR:$IHM_CLIENT_DOCKER_CONFS_DIR + - $IHM_CLIENT_LOGS_DIR:$IHM_CLIENT_DOCKER_LOGS_DIR + - $IHM_CLIENT_RUNS_DIR:$IHM_CLIENT_DOCKER_RUNS_DIR + - $IHM_CLIENT_DATAS_DIR:$IHM_CLIENT_DOCKER_DATAS_DIR + - $IHM_CLIENT_BACKUPS_DIR:$IHM_CLIENT_DOCKER_BACKUPS_DIR + - $IHM_CLIENT_SCRIPTS_DIR:$IHM_CLIENT_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $IHM_CLIENT_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$IHM_CLIENT_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$IHM_CLIENT.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $_4NK_CERTIFICATOR_DOCKER_NAME: + image: $_4NK_CERTIFICATOR_DOCKER_IMAGE + container_name: $_4NK_CERTIFICATOR_DOCKER_NAME + working_dir: /$_4NK_CERTIFICATOR_DOCKER_NAME + ports: + - "0.0.0.0:$_4NK_CERTIFICATOR_EXTERNAL_PORT" + - "0.0.0.0:$_4NK_CERTIFICATOR_PORT" + - "0.0.0.0:$_4NK_CERTIFICATOR_PORT2" + - "0.0.0.0:$_4NK_CERTIFICATOR_PORT3" + volumes: + - $_4NK_CERTIFICATOR_CONFS_DIR:$_4NK_CERTIFICATOR_DOCKER_CONFS_DIR + - $_4NK_CERTIFICATOR_LOGS_DIR:$_4NK_CERTIFICATOR_DOCKER_LOGS_DIR + - $_4NK_CERTIFICATOR_RUNS_DIR:$_4NK_CERTIFICATOR_DOCKER_RUNS_DIR + - $_4NK_CERTIFICATOR_DATAS_DIR:$_4NK_CERTIFICATOR_DOCKER_DATAS_DIR + - $_4NK_CERTIFICATOR_BACKUPS_DIR:$_4NK_CERTIFICATOR_DOCKER_BACKUPS_DIR + - $_4NK_CERTIFICATOR_SCRIPTS_DIR:$_4NK_CERTIFICATOR_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $_4NK_CERTIFICATOR_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$_4NK_CERTIFICATOR_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$_4NK_CERTIFICATOR.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $_4NK_MINER_DOCKER_NAME: + image: $_4NK_MINER_DOCKER_IMAGE + container_name: $_4NK_MINER_DOCKER_NAME + working_dir: /$_4NK_MINER_DOCKER_NAME + ports: + - "0.0.0.0:$_4NK_MINER_EXTERNAL_PORT" + - "0.0.0.0:$_4NK_MINER_PORT" + - "0.0.0.0:$_4NK_MINER_PORT2" + - "0.0.0.0:$_4NK_MINER_PORT3" + volumes: + - $_4NK_MINER_CONFS_DIR:$_4NK_MINER_DOCKER_CONFS_DIR + - $_4NK_MINER_LOGS_DIR:$_4NK_MINER_DOCKER_LOGS_DIR + - $_4NK_MINER_RUNS_DIR:$_4NK_MINER_DOCKER_RUNS_DIR + - $_4NK_MINER_DATAS_DIR:$_4NK_MINER_DOCKER_DATAS_DIR + - $_4NK_MINER_BACKUPS_DIR:$_4NK_MINER_DOCKER_BACKUPS_DIR + - $_4NK_MINER_SCRIPTS_DIR:$_4NK_MINER_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $_4NK_MINER_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$_4NK_MINER_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$_4NK_MINER.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $LECOFFRE_FRONT_DOCKER_NAME: + image: $LECOFFRE_FRONT_DOCKER_IMAGE + container_name: $LECOFFRE_FRONT_DOCKER_NAME + working_dir: /$LECOFFRE_FRONT_DOCKER_NAME + ports: + - "0.0.0.0:$LECOFFRE_FRONT_EXTERNAL_PORT" + - "0.0.0.0:$LECOFFRE_FRONT_PORT" + - "0.0.0.0:$LECOFFRE_FRONT_PORT2" + - "0.0.0.0:$LECOFFRE_FRONT_PORT3" + volumes: + - $LECOFFRE_FRONT_CONFS_DIR:$LECOFFRE_FRONT_DOCKER_CONFS_DIR + - $LECOFFRE_FRONT_LOGS_DIR:$LECOFFRE_FRONT_DOCKER_LOGS_DIR + - $LECOFFRE_FRONT_RUNS_DIR:$LECOFFRE_FRONT_DOCKER_RUNS_DIR + - $LECOFFRE_FRONT_DATAS_DIR:$LECOFFRE_FRONT_DOCKER_DATAS_DIR + - $LECOFFRE_FRONT_BACKUPS_DIR:$LECOFFRE_FRONT_DOCKER_BACKUPS_DIR + - $LECOFFRE_FRONT_SCRIPTS_DIR:$LECOFFRE_FRONT_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $LECOFFRE_FRONT_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$LECOFFRE_FRONT_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$LECOFFRE_FRONT.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $_4NK_WEB_STATUS_DOCKER_NAME: + image: $_4NK_WEB_STATUS_DOCKER_IMAGE + container_name: $_4NK_WEB_STATUS_DOCKER_NAME + working_dir: /$_4NK_WEB_STATUS_DOCKER_NAME + ports: + - "0.0.0.0:$_4NK_WEB_STATUS_EXTERNAL_PORT" + - "0.0.0.0:$_4NK_WEB_STATUS_PORT" + - "0.0.0.0:$_4NK_WEB_STATUS_PORT2" + - "0.0.0.0:$_4NK_WEB_STATUS_PORT3" + volumes: + - $_4NK_WEB_STATUS_CONFS_DIR:$_4NK_WEB_STATUS_DOCKER_CONFS_DIR + - $_4NK_WEB_STATUS_LOGS_DIR:$_4NK_WEB_STATUS_DOCKER_LOGS_DIR + - $_4NK_WEB_STATUS_RUNS_DIR:$_4NK_WEB_STATUS_DOCKER_RUNS_DIR + - $_4NK_WEB_STATUS_DATAS_DIR:$_4NK_WEB_STATUS_DOCKER_DATAS_DIR + - $_4NK_WEB_STATUS_BACKUPS_DIR:$_4NK_WEB_STATUS_DOCKER_BACKUPS_DIR + - $_4NK_WEB_STATUS_SCRIPTS_DIR:$_4NK_WEB_STATUS_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $_4NK_WEB_STATUS_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$_4NK_WEB_STATUS_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$_4NK_WEB_STATUS.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + + watchtower: + image: containrrr/watchtower + container_name: watchtower + volumes: + - /var/run/docker.sock:/var/run/docker.sock + command: --interval 30 --label-enable + networks: + - btcnet + restart: unless-stopped + +networks: + btcnet: + name: _4NK_node_btcnet + driver: bridge + ipam: + config: + - subnet: 172.20.0.0/16 + + + diff --git a/storage/dev/generate.sh b/templates/dev/generate.sh similarity index 89% rename from storage/dev/generate.sh rename to templates/dev/generate.sh index 4a61c4a..ea0a487 100755 --- a/storage/dev/generate.sh +++ b/templates/dev/generate.sh @@ -15,7 +15,7 @@ NC='\033[0m' # No Color # Compteurs SCRIPTS_EXECUTED=0 SCRIPTS_FAILED=0 -TOTAL_SCRIPTS=3 +TOTAL_SCRIPTS=6 # Fonction pour afficher les messages avec couleurs print_header() { @@ -120,6 +120,11 @@ check_prerequisites() { exit 1 fi + if [ ! -f "replace_variables_and_copy.sh" ]; then + print_error "Script replace_variables_and_copy.sh non trouvé" + exit 1 + fi + # Vérifier la variable HOST if [ -z "${HOST:-}" ]; then print_warning "Variable HOST non définie, utilisation de la valeur par défaut" @@ -152,13 +157,13 @@ show_summary() { echo -e "\n${CYAN}📁 Fichiers générés:${NC}" echo -e " • ${GREEN}docker-compose.yml.auto${NC} - Configuration Docker" echo -e " • ${GREEN}.env.auto${NC} - Variables d'environnement" - echo -e " • ${GREEN}_4NK_modules/grafana/dashboards/${NC} - Dashboards Grafana" - echo -e " • ${GREEN}_4NK_modules/promtail/promtail.yml${NC} - Configuration Promtail" + echo -e " • ${GREEN}4NK_modules/grafana/dashboards/${NC} - Dashboards Grafana" + echo -e " • ${GREEN}4NK_modules/promtail/promtail.yml${NC} - Configuration Promtail" echo -e " • ${GREEN}logrotade/${NC} - Configurations Logrotate" echo -e " • ${GREEN}nginx/${NC} - Configurations Nginx" echo -e "\n${CYAN}🚀 Prochaines étapes recommandées:${NC}" - echo -e " 1. Vérifiez les fichiers générés" + echo -e " 1. Vérifiez les fichiers générés dans ../../storage/dev/" echo -e " 2. Déployez avec Docker Compose si nécessaire" echo -e " 3. Testez les configurations Nginx" echo -e " 4. Déployez les configurations Nginx si validées" @@ -196,6 +201,7 @@ show_help() { echo " 3. generate_promtail_config.sh - Génère la configuration Promtail" echo " 4. generate_logrotate_configs.sh - Génère les configurations Logrotate" echo " 5. generate_nginx_configs.sh - Génère les configurations Nginx" + echo " 6. replace_variables_and_copy.sh - Remplace les variables et copie vers storage/" echo "" echo -e "${CYAN}Utilisation:${NC}" echo " ./generate.sh [options]" @@ -265,7 +271,7 @@ main() { if execute_script "generate_grafana_dashboards.sh" "./generate_grafana_dashboards.sh" "Génère les dashboards Grafana"; then print_success "Dashboards Grafana générés avec succès" print_info "Fichiers créés:" - [ -d "_4NK_modules/grafana/dashboards" ] && echo " • _4NK_modules/grafana/dashboards/ (dashboards)" + [ -d "4NK_modules/grafana/dashboards" ] && echo " • 4NK_modules/grafana/dashboards/ (dashboards)" else print_error "Échec de la génération des dashboards Grafana" fi @@ -275,7 +281,7 @@ main() { if execute_script "generate_promtail_config.sh" "./generate_promtail_config.sh" "Génère la configuration Promtail"; then print_success "Configuration Promtail générée avec succès" print_info "Fichiers créés:" - [ -f "_4NK_modules/promtail/promtail.yml" ] && echo " • _4NK_modules/promtail/promtail.yml" + [ -f "4NK_modules/promtail/promtail.yml" ] && echo " • 4NK_modules/promtail/promtail.yml" else print_error "Échec de la génération de la configuration Promtail" fi @@ -291,7 +297,7 @@ main() { fi # ÉTAPE 5: Génération des configurations Nginx - print_step "5/5" "Génération des configurations Nginx" + print_step "5/6" "Génération des configurations Nginx" if execute_script "generate_nginx_configs.sh" "./generate_nginx_configs.sh" "Génère toutes les configurations Nginx (upstreams, internes, HTTPS)"; then print_success "Configurations Nginx générées avec succès" print_info "Fichiers créés:" @@ -304,6 +310,15 @@ main() { print_error "Échec de la génération des configurations Nginx" fi + # ÉTAPE 6: Remplacement des variables et copie vers storage/ + print_step "6/6" "Remplacement des variables et copie vers storage/" + if execute_script "replace_variables_and_copy.sh" "./replace_variables_and_copy.sh" "Remplace les variables d'environnement et copie les fichiers vers storage/"; then + print_success "Variables remplacées et fichiers copiés avec succès" + print_info "Fichiers traités et copiés vers ../../storage/dev/" + else + print_error "Échec du remplacement des variables et de la copie" + fi + # Affichage du résumé final show_summary diff --git a/storage/dev/generate_grafana_dashboards.sh b/templates/dev/generate_grafana_dashboards.sh similarity index 96% rename from storage/dev/generate_grafana_dashboards.sh rename to templates/dev/generate_grafana_dashboards.sh index 1c03e8d..85b70cd 100755 --- a/storage/dev/generate_grafana_dashboards.sh +++ b/templates/dev/generate_grafana_dashboards.sh @@ -26,10 +26,10 @@ generate_service_dashboard() { echo "🔧 Génération du dashboard pour $SERVICE ($SERVICE_NAME)" # Créer le répertoire si nécessaire - mkdir -p "_4NK_modules/grafana/dashboards" + mkdir -p "4NK_modules/grafana/dashboards" # Générer le nom du fichier - local DASHBOARD_FILE="_4NK_modules/grafana/dashboards/${SERVICE_NAME}.json" + local DASHBOARD_FILE="4NK_modules/grafana/dashboards/${SERVICE_NAME}.json" # Générer le contenu JSON du dashboard cat > "$DASHBOARD_FILE" << EOF @@ -350,9 +350,9 @@ EOF generate_overview_dashboard() { echo "🔧 Génération du dashboard overview" - mkdir -p "_4NK_modules/grafana/dashboards" + mkdir -p "4NK_modules/grafana/dashboards" - cat > "_4NK_modules/grafana/dashboards/services-overview.json" << EOF + cat > "4NK_modules/grafana/dashboards/services-overview.json" << EOF { "annotations": { "list": [] @@ -518,10 +518,10 @@ main() { load_env_files # Supprimer les fichiers de sortie existants (remplacer complètement) - rm -f "_4NK_modules/grafana/dashboards"/*.json 2>/dev/null || true + rm -f "4NK_modules/grafana/dashboards"/*.json 2>/dev/null || true # Créer le répertoire des dashboards - mkdir -p "_4NK_modules/grafana/dashboards" + mkdir -p "4NK_modules/grafana/dashboards" echo "📋 Génération des dashboards pour ${#SERVICES[@]} services..." @@ -543,7 +543,7 @@ main() { echo "" echo "✅ GÉNÉRATION TERMINÉE !" - echo "📁 Dashboards générés dans: _4NK_modules/grafana/dashboards/" + echo "📁 Dashboards générés dans: 4NK_modules/grafana/dashboards/" echo "🔧 Les dashboards utilisent les variables d'environnement pour les noms de containers" echo "📊 Services traités: ${#SERVICES[@]}" } diff --git a/storage/dev/generate_logrotate_configs.sh b/templates/dev/generate_logrotate_configs.sh similarity index 100% rename from storage/dev/generate_logrotate_configs.sh rename to templates/dev/generate_logrotate_configs.sh diff --git a/storage/dev/generate_nginx_configs.sh b/templates/dev/generate_nginx_configs.sh similarity index 100% rename from storage/dev/generate_nginx_configs.sh rename to templates/dev/generate_nginx_configs.sh diff --git a/storage/dev/generate_promtail_config.sh b/templates/dev/generate_promtail_config.sh similarity index 90% rename from storage/dev/generate_promtail_config.sh rename to templates/dev/generate_promtail_config.sh index 4c54877..1d49b78 100755 --- a/storage/dev/generate_promtail_config.sh +++ b/templates/dev/generate_promtail_config.sh @@ -38,10 +38,10 @@ generate_promtail_config() { echo "🔧 Génération de la configuration Promtail" # Créer le répertoire si nécessaire - mkdir -p "_4NK_modules/promtail" + mkdir -p "4NK_modules/promtail" # Générer le fichier promtail.yml - cat > "_4NK_modules/promtail/promtail.yml" << EOF + cat > "4NK_modules/promtail/promtail.yml" << EOF server: http_listen_port: 9080 grpc_listen_port: 0 @@ -59,7 +59,7 @@ EOF for SERVICE_VAR in "${SERVICES[@]}"; do echo " 🔄 Ajout config Promtail pour $SERVICE_VAR" - cat >> "_4NK_modules/promtail/promtail.yml" << EOF + cat >> "4NK_modules/promtail/promtail.yml" << EOF - job_name: '$SERVICE_VAR' static_configs: @@ -94,10 +94,10 @@ main() { load_env_files # Supprimer le fichier de sortie existant (remplacer complètement) - rm -f "_4NK_modules/promtail/promtail.yml" 2>/dev/null || true + rm -f "4NK_modules/promtail/promtail.yml" 2>/dev/null || true # Créer le répertoire si nécessaire - mkdir -p "_4NK_modules/promtail" + mkdir -p "4NK_modules/promtail" # Vérifier que SERVICES est défini if [ -z "${SERVICES[*]:-}" ]; then @@ -112,7 +112,7 @@ main() { echo "" echo "✅ GÉNÉRATION TERMINÉE !" - echo "📁 Configuration générée: _4NK_modules/promtail/promtail.yml" + echo "📁 Configuration générée: 4NK_modules/promtail/promtail.yml" echo "🔧 Configuration Promtail pour ${#SERVICES[@]} services" echo "📊 Services traités: ${#SERVICES[@]}" } diff --git a/storage/dev/generate_variables.sh b/templates/dev/generate_variables.sh similarity index 65% rename from storage/dev/generate_variables.sh rename to templates/dev/generate_variables.sh index 0d4b0e4..35b5476 100755 --- a/storage/dev/generate_variables.sh +++ b/templates/dev/generate_variables.sh @@ -4,7 +4,7 @@ # Fonction pour charger les fichiers d'environnement dans l'ordre load_env_files() { - local env_files=(".env") + local env_files=(".env.secrets" ".env" ".env.post") for env_file in "${env_files[@]}"; do if [ -f "$env_file" ]; then @@ -39,30 +39,31 @@ generate_variables() { echo "# ====== INTERNAL $VARIABLE ======" echo "" - echo "${VARIABLE}_DOCKER_NAME=\$${VARIABLE}" - echo "${VARIABLE}_CONFS_DIR=\$DOCKER_GLOBAL/confs/\$${VARIABLE}" - echo "${VARIABLE}_LOGS_DIR=\$DOCKER_GLOBAL/logs/\$${VARIABLE}" - echo "${VARIABLE}_RUNS_DIR=\$DOCKER_GLOBAL/runs/\$${VARIABLE}" - echo "${VARIABLE}_DATAS_DIR=\$DOCKER_GLOBAL/datas/\$${VARIABLE}" - echo "${VARIABLE}_BACKUPS_DIR=\$DOCKER_GLOBAL/backups/\$${VARIABLE}" - echo "${VARIABLE}_SCRIPTS_DIR=\$DOCKER_GLOBAL/scripts/\$${VARIABLE}" + printf '%s_DOCKER_NAME=$%s\n' "$VARIABLE" "$VARIABLE" + printf '%s_CONFS_DIR=$DOCKER_GLOBAL/confs/$%s\n' "$VARIABLE" "$VARIABLE" + printf '%s_LOGS_DIR=$DOCKER_GLOBAL/logs/$%s\n' "$VARIABLE" "$VARIABLE" + printf '%s_RUNS_DIR=$DOCKER_GLOBAL/runs/$%s\n' "$VARIABLE" "$VARIABLE" + printf '%s_DATAS_DIR=$DOCKER_GLOBAL/datas/$%s\n' "$VARIABLE" "$VARIABLE" + printf '%s_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$%s\n' "$VARIABLE" "$VARIABLE" + printf '%s_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$%s\n' "$VARIABLE" "$VARIABLE" echo "${VARIABLE}_DOCKER_WORKING_DIR=/home/\$${VARIABLE}" echo "" - echo "${VARIABLE}_DOCKER_CONFS_DIR=\$DOCKER_GLOBAL/confs/\$${VARIABLE}" - echo "${VARIABLE}_DOCKER_LOGS_DIR=\$DOCKER_GLOBAL/logs/\$${VARIABLE}" - echo "${VARIABLE}_DOCKER_RUNS_DIR=\$DOCKER_GLOBAL/runs/\$${VARIABLE}" - echo "${VARIABLE}_DOCKER_DATAS_DIR=\$DOCKER_GLOBAL/datas/\$${VARIABLE}" - echo "${VARIABLE}_DOCKER_BACKUPS_DIR=\$DOCKER_GLOBAL/backups/\$${VARIABLE}" - echo "${VARIABLE}_DOCKER_SCRIPTS_DIR=\$DOCKER_GLOBAL/scripts/\$${VARIABLE}" + echo '${VARIABLE}_DOCKER_CONFS_DIR=$DOCKER_GLOBAL/confs/$'${VARIABLE} + echo '${VARIABLE}_DOCKER_LOGS_DIR=$DOCKER_GLOBAL/logs/$'${VARIABLE} + echo '${VARIABLE}_DOCKER_RUNS_DIR=$DOCKER_GLOBAL/runs/$'${VARIABLE} + echo '${VARIABLE}_DOCKER_DATAS_DIR=$DOCKER_GLOBAL/datas/$'${VARIABLE} + echo '${VARIABLE}_DOCKER_BACKUPS_DIR=$DOCKER_GLOBAL/backups/$'${VARIABLE} + echo '${VARIABLE}_DOCKER_SCRIPTS_DIR=$DOCKER_GLOBAL/scripts/$'${VARIABLE} echo "${VARIABLE}_DOCKER_WORKING_DIR=/home/\$${VARIABLE}" echo "" echo "${VARIABLE}_DOCKER_WORKING_DIR_CREATE=\"id -u \$${VARIABLE} >/dev/null 2>&1 || adduser --disabled-password --gecos '' \$${VARIABLE}; chown -R \$${VARIABLE}:\$${VARIABLE} /home/root/.\$${VARIABLE} || echo 'warn: chown partiel (fichiers bind-mount Windows)'; exec \\\"\$@\\\"\"" + echo '${VARIABLE}_DOCKER_PORT=$'${VARIABLE}'_PORT' echo "${VARIABLE}_URL_ROUTE=/\$${VARIABLE}" - echo "${VARIABLE}_URL=http://\\\$${VARIABLE}_DOCKER_NAME:\$${VARIABLE}_DOCKER_PORT" + echo '${VARIABLE}_URL=http://$'${VARIABLE}'_DOCKER_NAME:$'${VARIABLE}'_DOCKER_PORT' echo "${VARIABLE}_URL_EXTERNAL=https://\$HOST\$${VARIABLE}_URL_ROUTE" - echo "${VARIABLE}_URL_WS=ws://\\\$${VARIABLE}_DOCKER_PORT" + echo '${VARIABLE}_URL_WS=ws://$'${VARIABLE}'_DOCKER_PORT' echo "${VARIABLE}_URL_WS_EXTERNAL=wss://\$HOST\ws" echo "" echo " @@ -104,8 +105,8 @@ function generate_variables_external() { echo "# ====== EXTERNAL $VARIABLE ======" echo "" - echo "${VARIABLE}_URL_EXTERNAL=https://\${VARIABLE}_HOST:\${VARIABLE}_EXTERNAL_PORT\${VARIABLE}_URL_ROUTE" - echo "${VARIABLE}_URL_WS_EXTERNAL=wss://\${VARIABLE}_HOST:\${VARIABLE}_EXTERNAL_PORT\ws" + echo "${VARIABLE}_URL_EXTERNAL=https://\$${VARIABLE}_HOST:\$${VARIABLE}_EXTERNAL_PORT\$${VARIABLE}_URL_ROUTE" + echo "${VARIABLE}_URL_WS_EXTERNAL=wss://\$${VARIABLE}_HOST:\$${VARIABLE}_EXTERNAL_PORT/ws" echo "" } @@ -121,6 +122,13 @@ for VARIABLE in "${SERVICES_EXTERNAL[@]}"; do generate_variables_external "$VARIABLE" >> .env.auto done +# Générer les variables pour BOOTSTRAP (correction de l'incohérence BOOSTRAP/BOOTSTRAP) +echo "# ====== EXTERNAL BOOTSTRAP (correction) ======" >> .env.auto +echo "BOOTSTRAP_URL_ROUTE=/\$BOOTSTRAP" >> .env.auto +echo "BOOTSTRAP_URL_EXTERNAL=https://\$BOOTSTRAP_HOST:\$BOOTSTRAP_EXTERNAL_PORT\$BOOTSTRAP_URL_ROUTE" >> .env.auto +echo "BOOTSTRAP_URL_WS_EXTERNAL=wss://\$BOOTSTRAP_HOST:\$BOOTSTRAP_EXTERNAL_PORT/ws" >> .env.auto +echo "" >> .env.auto + echo " diff --git a/templates/dev/git/.env b/templates/dev/git/.env new file mode 100644 index 0000000..c276fe4 --- /dev/null +++ b/templates/dev/git/.env @@ -0,0 +1,4 @@ +GITEA_BASE_URL=git._4NKweb.com +GIT_TOKEN=$GIT_TOKEN +GITEA_OWNER="nicolas.cantu,Omar" +GITEA_RUNNER_NAME=debian-runner \ No newline at end of file diff --git a/templates/dev/git/.gitkeep b/templates/dev/git/.gitkeep new file mode 100644 index 0000000..6a04314 --- /dev/null +++ b/templates/dev/git/.gitkeep @@ -0,0 +1 @@ +./ \ No newline at end of file diff --git a/templates/dev/logrotade/_4nk_certificator.conf b/templates/dev/logrotade/_4nk_certificator.conf new file mode 100644 index 0000000..64a66e8 --- /dev/null +++ b/templates/dev/logrotade/_4nk_certificator.conf @@ -0,0 +1,13 @@ +$_4NK_CERTIFICATOR_LOGS_DIR/*.log { + daily + missingok + rotate 7 + compress + delaycompress + notifempty + create 644 root root + postrotate + # Redémarrer le service si nécessaire + docker restart $_4NK_CERTIFICATOR_DOCKER_NAME 2>/dev/null || true + endscript +} diff --git a/templates/dev/logrotade/_4nk_miner.conf b/templates/dev/logrotade/_4nk_miner.conf new file mode 100644 index 0000000..f33033a --- /dev/null +++ b/templates/dev/logrotade/_4nk_miner.conf @@ -0,0 +1,13 @@ +$_4NK_MINER_LOGS_DIR/*.log { + daily + missingok + rotate 7 + compress + delaycompress + notifempty + create 644 root root + postrotate + # Redémarrer le service si nécessaire + docker restart $_4NK_MINER_DOCKER_NAME 2>/dev/null || true + endscript +} diff --git a/templates/dev/logrotade/_4nk_vault.conf b/templates/dev/logrotade/_4nk_vault.conf new file mode 100644 index 0000000..4b62c19 --- /dev/null +++ b/templates/dev/logrotade/_4nk_vault.conf @@ -0,0 +1,13 @@ +$_4NK_VAULT_LOGS_DIR/*.log { + daily + missingok + rotate 7 + compress + delaycompress + notifempty + create 644 root root + postrotate + # Redémarrer le service si nécessaire + docker restart $_4NK_VAULT_DOCKER_NAME 2>/dev/null || true + endscript +} diff --git a/templates/dev/logrotade/_4nk_web_status.conf b/templates/dev/logrotade/_4nk_web_status.conf new file mode 100644 index 0000000..fc7906b --- /dev/null +++ b/templates/dev/logrotade/_4nk_web_status.conf @@ -0,0 +1,13 @@ +$_4NK_WEB_STATUS_LOGS_DIR/*.log { + daily + missingok + rotate 7 + compress + delaycompress + notifempty + create 644 root root + postrotate + # Redémarrer le service si nécessaire + docker restart $_4NK_WEB_STATUS_DOCKER_NAME 2>/dev/null || true + endscript +} diff --git a/templates/dev/logrotade/bitcoin.conf b/templates/dev/logrotade/bitcoin.conf new file mode 100644 index 0000000..86b43ec --- /dev/null +++ b/templates/dev/logrotade/bitcoin.conf @@ -0,0 +1,13 @@ +$BITCOIN_LOGS_DIR/*.log { + daily + missingok + rotate 7 + compress + delaycompress + notifempty + create 644 root root + postrotate + # Redémarrer le service si nécessaire + docker restart $BITCOIN_DOCKER_NAME 2>/dev/null || true + endscript +} diff --git a/templates/dev/logrotade/blindbit_oracle.conf b/templates/dev/logrotade/blindbit_oracle.conf new file mode 100644 index 0000000..aab8bac --- /dev/null +++ b/templates/dev/logrotade/blindbit_oracle.conf @@ -0,0 +1,13 @@ +$BLINDBIT_ORACLE_LOGS_DIR/*.log { + daily + missingok + rotate 7 + compress + delaycompress + notifempty + create 644 root root + postrotate + # Redémarrer le service si nécessaire + docker restart $BLINDBIT_ORACLE_DOCKER_NAME 2>/dev/null || true + endscript +} diff --git a/templates/dev/logrotade/grafana.conf b/templates/dev/logrotade/grafana.conf new file mode 100644 index 0000000..fbc9795 --- /dev/null +++ b/templates/dev/logrotade/grafana.conf @@ -0,0 +1,13 @@ +$GRAFANA_LOGS_DIR/*.log { + daily + missingok + rotate 7 + compress + delaycompress + notifempty + create 644 root root + postrotate + # Redémarrer le service si nécessaire + docker restart $GRAFANA_DOCKER_NAME 2>/dev/null || true + endscript +} diff --git a/templates/dev/logrotade/ihm_client.conf b/templates/dev/logrotade/ihm_client.conf new file mode 100644 index 0000000..1ae2269 --- /dev/null +++ b/templates/dev/logrotade/ihm_client.conf @@ -0,0 +1,13 @@ +$IHM_CLIENT_LOGS_DIR/*.log { + daily + missingok + rotate 7 + compress + delaycompress + notifempty + create 644 root root + postrotate + # Redémarrer le service si nécessaire + docker restart $IHM_CLIENT_DOCKER_NAME 2>/dev/null || true + endscript +} diff --git a/templates/dev/logrotade/lecoffre_front.conf b/templates/dev/logrotade/lecoffre_front.conf new file mode 100644 index 0000000..b89abf0 --- /dev/null +++ b/templates/dev/logrotade/lecoffre_front.conf @@ -0,0 +1,13 @@ +$LECOFFRE_FRONT_LOGS_DIR/*.log { + daily + missingok + rotate 7 + compress + delaycompress + notifempty + create 644 root root + postrotate + # Redémarrer le service si nécessaire + docker restart $LECOFFRE_FRONT_DOCKER_NAME 2>/dev/null || true + endscript +} diff --git a/templates/dev/logrotade/loki.conf b/templates/dev/logrotade/loki.conf new file mode 100644 index 0000000..fe65e41 --- /dev/null +++ b/templates/dev/logrotade/loki.conf @@ -0,0 +1,13 @@ +$LOKI_LOGS_DIR/*.log { + daily + missingok + rotate 7 + compress + delaycompress + notifempty + create 644 root root + postrotate + # Redémarrer le service si nécessaire + docker restart $LOKI_DOCKER_NAME 2>/dev/null || true + endscript +} diff --git a/templates/dev/logrotade/ngnix.conf b/templates/dev/logrotade/ngnix.conf new file mode 100644 index 0000000..6c99fa9 --- /dev/null +++ b/templates/dev/logrotade/ngnix.conf @@ -0,0 +1,13 @@ +$NGNIX_LOGS_DIR/*.log { + daily + missingok + rotate 7 + compress + delaycompress + notifempty + create 644 root root + postrotate + # Redémarrer le service si nécessaire + docker restart $NGNIX_DOCKER_NAME 2>/dev/null || true + endscript +} diff --git a/templates/dev/logrotade/postgresql.conf b/templates/dev/logrotade/postgresql.conf new file mode 100644 index 0000000..37ca59d --- /dev/null +++ b/templates/dev/logrotade/postgresql.conf @@ -0,0 +1,13 @@ +$POSTGRESQL_LOGS_DIR/*.log { + daily + missingok + rotate 7 + compress + delaycompress + notifempty + create 644 root root + postrotate + # Redémarrer le service si nécessaire + docker restart $POSTGRESQL_DOCKER_NAME 2>/dev/null || true + endscript +} diff --git a/templates/dev/logrotade/promtail.conf b/templates/dev/logrotade/promtail.conf new file mode 100644 index 0000000..41a9949 --- /dev/null +++ b/templates/dev/logrotade/promtail.conf @@ -0,0 +1,13 @@ +$PROMTAIL_LOGS_DIR/*.log { + daily + missingok + rotate 7 + compress + delaycompress + notifempty + create 644 root root + postrotate + # Redémarrer le service si nécessaire + docker restart $PROMTAIL_DOCKER_NAME 2>/dev/null || true + endscript +} diff --git a/templates/dev/logrotade/redis.conf b/templates/dev/logrotade/redis.conf new file mode 100644 index 0000000..f6a513d --- /dev/null +++ b/templates/dev/logrotade/redis.conf @@ -0,0 +1,13 @@ +$REDIS_LOGS_DIR/*.log { + daily + missingok + rotate 7 + compress + delaycompress + notifempty + create 644 root root + postrotate + # Redémarrer le service si nécessaire + docker restart $REDIS_DOCKER_NAME 2>/dev/null || true + endscript +} diff --git a/templates/dev/logrotade/sdk_relay.conf b/templates/dev/logrotade/sdk_relay.conf new file mode 100644 index 0000000..f21de67 --- /dev/null +++ b/templates/dev/logrotade/sdk_relay.conf @@ -0,0 +1,13 @@ +$SDK_RELAY_LOGS_DIR/*.log { + daily + missingok + rotate 7 + compress + delaycompress + notifempty + create 644 root root + postrotate + # Redémarrer le service si nécessaire + docker restart $SDK_RELAY_DOCKER_NAME 2>/dev/null || true + endscript +} diff --git a/templates/dev/logrotade/sdk_storage.conf b/templates/dev/logrotade/sdk_storage.conf new file mode 100644 index 0000000..f6881ed --- /dev/null +++ b/templates/dev/logrotade/sdk_storage.conf @@ -0,0 +1,13 @@ +$SDK_STORAGE_LOGS_DIR/*.log { + daily + missingok + rotate 7 + compress + delaycompress + notifempty + create 644 root root + postrotate + # Redémarrer le service si nécessaire + docker restart $SDK_STORAGE_DOCKER_NAME 2>/dev/null || true + endscript +} diff --git a/templates/dev/logrotade/tor.conf b/templates/dev/logrotade/tor.conf new file mode 100644 index 0000000..ab46330 --- /dev/null +++ b/templates/dev/logrotade/tor.conf @@ -0,0 +1,13 @@ +$TOR_LOGS_DIR/*.log { + daily + missingok + rotate 7 + compress + delaycompress + notifempty + create 644 root root + postrotate + # Redémarrer le service si nécessaire + docker restart $TOR_DOCKER_NAME 2>/dev/null || true + endscript +} diff --git a/templates/dev/monitoring/.env b/templates/dev/monitoring/.env new file mode 100644 index 0000000..cc7ac91 --- /dev/null +++ b/templates/dev/monitoring/.env @@ -0,0 +1,4 @@ +STATUS_API_PORT=$STATUS_API_PORT +GF_SECURITY_ADMIN_PASSWORD=$GF_SECURITY_ADMIN_PASSWORD +LOKI_URL=$LOKI_URL +DOMAIN=$HOST diff --git a/templates/dev/monitoring/.gitkeep b/templates/dev/monitoring/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/templates/dev/monitoring/monitoring.conf b/templates/dev/monitoring/monitoring.conf new file mode 100644 index 0000000..8fde1a7 --- /dev/null +++ b/templates/dev/monitoring/monitoring.conf @@ -0,0 +1,30 @@ +# Configuration centralisée du monitoring LeCoffre Node +# Généré automatiquement le $(date) + +[monitoring] +# Services de monitoring +grafana_port=$GRAFANA_PORT +loki_port=$LOKI_PORT +promtail_enabled=true + +[grafana] +admin_user=$GRAFANA_ADMIN_USER +admin_password=$GRAFANA_ADMIN_PASSWORD +root_url=$GRAFANA_URL +dashboard_home=lecoffre-overview + +[logs] +# Configuration des logs +log_retention_days=30 +log_rotation=daily +log_compression=true + +[services] +# Services surveillés +services=bitcoin,blindbit,sdk_relay,sdk_storagelecoffre-front,ihm_client,tor,miner + +[alerts] +# Configuration des alertes +error_threshold=10 +warning_threshold=5 +alert_email= diff --git a/templates/dev/nginx/BITCOIN_https.conf b/templates/dev/nginx/BITCOIN_https.conf new file mode 100644 index 0000000..479d1a7 --- /dev/null +++ b/templates/dev/nginx/BITCOIN_https.conf @@ -0,0 +1,43 @@ +# Configuration HTTPS pour BITCOIN +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 + +server { + listen 80; + server_name $BITCOIN.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $BITCOIN_DOCKER_NAME.$_4NKweb.com; + +ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; + + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$BITCOIN_https.log app_json; + + location / { + proxy_pass http://$BITCOIN_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$BITCOIN_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} diff --git a/templates/dev/nginx/BLINDBIT_ORACLE_https.conf b/templates/dev/nginx/BLINDBIT_ORACLE_https.conf new file mode 100644 index 0000000..99d042d --- /dev/null +++ b/templates/dev/nginx/BLINDBIT_ORACLE_https.conf @@ -0,0 +1,43 @@ +# Configuration HTTPS pour BLINDBIT_ORACLE +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 + +server { + listen 80; + server_name $BLINDBIT_ORACLE.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $BLINDBIT_ORACLE_DOCKER_NAME.$_4NKweb.com; + +ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; + + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$BLINDBIT_ORACLE_https.log app_json; + + location / { + proxy_pass http://$BLINDBIT_ORACLE_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$BLINDBIT_ORACLE_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} diff --git a/templates/dev/nginx/GRAFANA_https.conf b/templates/dev/nginx/GRAFANA_https.conf new file mode 100644 index 0000000..ab1040c --- /dev/null +++ b/templates/dev/nginx/GRAFANA_https.conf @@ -0,0 +1,43 @@ +# Configuration HTTPS pour GRAFANA +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 + +server { + listen 80; + server_name $GRAFANA.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $GRAFANA_DOCKER_NAME.$_4NKweb.com; + +ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; + + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$GRAFANA_https.log app_json; + + location / { + proxy_pass http://$GRAFANA_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$GRAFANA_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} diff --git a/templates/dev/nginx/IHM_CLIENT_https.conf b/templates/dev/nginx/IHM_CLIENT_https.conf new file mode 100644 index 0000000..47415c6 --- /dev/null +++ b/templates/dev/nginx/IHM_CLIENT_https.conf @@ -0,0 +1,43 @@ +# Configuration HTTPS pour IHM_CLIENT +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 + +server { + listen 80; + server_name $IHM_CLIENT.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $IHM_CLIENT_DOCKER_NAME.$_4NKweb.com; + +ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; + + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$IHM_CLIENT_https.log app_json; + + location / { + proxy_pass http://$IHM_CLIENT_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$IHM_CLIENT_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} diff --git a/templates/dev/nginx/LECOFFRE_FRONT_https.conf b/templates/dev/nginx/LECOFFRE_FRONT_https.conf new file mode 100644 index 0000000..220a906 --- /dev/null +++ b/templates/dev/nginx/LECOFFRE_FRONT_https.conf @@ -0,0 +1,43 @@ +# Configuration HTTPS pour LECOFFRE_FRONT +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 + +server { + listen 80; + server_name $LECOFFRE_FRONT.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $LECOFFRE_FRONT_DOCKER_NAME.$_4NKweb.com; + +ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; + + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$LECOFFRE_FRONT_https.log app_json; + + location / { + proxy_pass http://$LECOFFRE_FRONT_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$LECOFFRE_FRONT_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} diff --git a/templates/dev/nginx/LOKI_https.conf b/templates/dev/nginx/LOKI_https.conf new file mode 100644 index 0000000..7bddaae --- /dev/null +++ b/templates/dev/nginx/LOKI_https.conf @@ -0,0 +1,43 @@ +# Configuration HTTPS pour LOKI +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 + +server { + listen 80; + server_name $LOKI.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $LOKI_DOCKER_NAME.$_4NKweb.com; + +ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; + + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$LOKI_https.log app_json; + + location / { + proxy_pass http://$LOKI_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$LOKI_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} diff --git a/templates/dev/nginx/NGNIX_https.conf b/templates/dev/nginx/NGNIX_https.conf new file mode 100644 index 0000000..cccdc74 --- /dev/null +++ b/templates/dev/nginx/NGNIX_https.conf @@ -0,0 +1,43 @@ +# Configuration HTTPS pour NGNIX +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 + +server { + listen 80; + server_name $NGNIX.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $NGNIX_DOCKER_NAME.$_4NKweb.com; + +ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; + + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$NGNIX_https.log app_json; + + location / { + proxy_pass http://$NGNIX_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$NGNIX_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} diff --git a/templates/dev/nginx/POSTGRESQL_https.conf b/templates/dev/nginx/POSTGRESQL_https.conf new file mode 100644 index 0000000..3afbb03 --- /dev/null +++ b/templates/dev/nginx/POSTGRESQL_https.conf @@ -0,0 +1,43 @@ +# Configuration HTTPS pour POSTGRESQL +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 + +server { + listen 80; + server_name $POSTGRESQL.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $POSTGRESQL_DOCKER_NAME.$_4NKweb.com; + +ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; + + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$POSTGRESQL_https.log app_json; + + location / { + proxy_pass http://$POSTGRESQL_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$POSTGRESQL_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} diff --git a/templates/dev/nginx/PROMTAIL_https.conf b/templates/dev/nginx/PROMTAIL_https.conf new file mode 100644 index 0000000..03a98ea --- /dev/null +++ b/templates/dev/nginx/PROMTAIL_https.conf @@ -0,0 +1,43 @@ +# Configuration HTTPS pour PROMTAIL +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 + +server { + listen 80; + server_name $PROMTAIL.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $PROMTAIL_DOCKER_NAME.$_4NKweb.com; + +ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; + + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$PROMTAIL_https.log app_json; + + location / { + proxy_pass http://$PROMTAIL_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$PROMTAIL_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} diff --git a/templates/dev/nginx/REDIS_https.conf b/templates/dev/nginx/REDIS_https.conf new file mode 100644 index 0000000..718b501 --- /dev/null +++ b/templates/dev/nginx/REDIS_https.conf @@ -0,0 +1,43 @@ +# Configuration HTTPS pour REDIS +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 + +server { + listen 80; + server_name $REDIS.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $REDIS_DOCKER_NAME.$_4NKweb.com; + +ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; + + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$REDIS_https.log app_json; + + location / { + proxy_pass http://$REDIS_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$REDIS_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} diff --git a/templates/dev/nginx/SDK_RELAY_https.conf b/templates/dev/nginx/SDK_RELAY_https.conf new file mode 100644 index 0000000..f296b0b --- /dev/null +++ b/templates/dev/nginx/SDK_RELAY_https.conf @@ -0,0 +1,43 @@ +# Configuration HTTPS pour SDK_RELAY +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 + +server { + listen 80; + server_name $SDK_RELAY.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $SDK_RELAY_DOCKER_NAME.$_4NKweb.com; + +ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; + + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$SDK_RELAY_https.log app_json; + + location / { + proxy_pass http://$SDK_RELAY_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$SDK_RELAY_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} diff --git a/templates/dev/nginx/SDK_STORAGE_https.conf b/templates/dev/nginx/SDK_STORAGE_https.conf new file mode 100644 index 0000000..cd101af --- /dev/null +++ b/templates/dev/nginx/SDK_STORAGE_https.conf @@ -0,0 +1,43 @@ +# Configuration HTTPS pour SDK_STORAGE +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 + +server { + listen 80; + server_name $SDK_STORAGE.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $SDK_STORAGE_DOCKER_NAME.$_4NKweb.com; + +ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; + + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$SDK_STORAGE_https.log app_json; + + location / { + proxy_pass http://$SDK_STORAGE_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$SDK_STORAGE_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} diff --git a/templates/dev/nginx/TOR_https.conf b/templates/dev/nginx/TOR_https.conf new file mode 100644 index 0000000..f900b80 --- /dev/null +++ b/templates/dev/nginx/TOR_https.conf @@ -0,0 +1,43 @@ +# Configuration HTTPS pour TOR +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 + +server { + listen 80; + server_name $TOR.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $TOR_DOCKER_NAME.$_4NKweb.com; + +ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; + + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$TOR_https.log app_json; + + location / { + proxy_pass http://$TOR_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$TOR_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} diff --git a/templates/dev/nginx/_4NK_CERTIFICATOR_https.conf b/templates/dev/nginx/_4NK_CERTIFICATOR_https.conf new file mode 100644 index 0000000..687ae9a --- /dev/null +++ b/templates/dev/nginx/_4NK_CERTIFICATOR_https.conf @@ -0,0 +1,43 @@ +# Configuration HTTPS pour _4NK_CERTIFICATOR +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 + +server { + listen 80; + server_name $_4NK_CERTIFICATOR.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $_4NK_CERTIFICATOR_DOCKER_NAME.$_4NKweb.com; + +ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; + + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$_4NK_CERTIFICATOR_https.log app_json; + + location / { + proxy_pass http://$_4NK_CERTIFICATOR_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$_4NK_CERTIFICATOR_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} diff --git a/templates/dev/nginx/_4NK_MINER_https.conf b/templates/dev/nginx/_4NK_MINER_https.conf new file mode 100644 index 0000000..2248e70 --- /dev/null +++ b/templates/dev/nginx/_4NK_MINER_https.conf @@ -0,0 +1,43 @@ +# Configuration HTTPS pour _4NK_MINER +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 + +server { + listen 80; + server_name $_4NK_MINER.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $_4NK_MINER_DOCKER_NAME.$_4NKweb.com; + +ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; + + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$_4NK_MINER_https.log app_json; + + location / { + proxy_pass http://$_4NK_MINER_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$_4NK_MINER_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} diff --git a/templates/dev/nginx/_4NK_VAULT_https.conf b/templates/dev/nginx/_4NK_VAULT_https.conf new file mode 100644 index 0000000..db6fdba --- /dev/null +++ b/templates/dev/nginx/_4NK_VAULT_https.conf @@ -0,0 +1,43 @@ +# Configuration HTTPS pour _4NK_VAULT +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 + +server { + listen 80; + server_name $_4NK_VAULT.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $_4NK_VAULT_DOCKER_NAME.$_4NKweb.com; + +ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; + + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$_4NK_VAULT_https.log app_json; + + location / { + proxy_pass http://$_4NK_VAULT_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$_4NK_VAULT_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} diff --git a/templates/dev/nginx/_4NK_WEB_STATUS_https.conf b/templates/dev/nginx/_4NK_WEB_STATUS_https.conf new file mode 100644 index 0000000..d778cc9 --- /dev/null +++ b/templates/dev/nginx/_4NK_WEB_STATUS_https.conf @@ -0,0 +1,43 @@ +# Configuration HTTPS pour _4NK_WEB_STATUS +# Généré automatiquement le Sun Oct 5 13:16:52 UTC 2025 + +server { + listen 80; + server_name $_4NK_WEB_STATUS.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $_4NK_WEB_STATUS_DOCKER_NAME.$_4NKweb.com; + +ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; + + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$_4NK_WEB_STATUS_https.log app_json; + + location / { + proxy_pass http://$_4NK_WEB_STATUS_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$_4NK_WEB_STATUS_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} diff --git a/templates/dev/nginx/app-internal-ports.conf b/templates/dev/nginx/app-internal-ports.conf new file mode 100644 index 0000000..3fbc997 --- /dev/null +++ b/templates/dev/nginx/app-internal-ports.conf @@ -0,0 +1,360 @@ +# Configurations internes générées automatiquement +# Généré le $(date) + + +server { + listen $REDIS_PORT default_server; + server_name _; # pas d'host requis + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$REDIS_int.log app_json; + + location / { + proxy_pass http://$REDIS_DOCKER_NAME; + include $/proxy_headers.conf; + } + + # websocket (si nécessaire) + location /ws/ { + proxy_pass http://$REDIS_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +server { + listen $POSTGRESQL_PORT default_server; + server_name _; # pas d'host requis + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$POSTGRESQL_int.log app_json; + + location / { + proxy_pass http://$POSTGRESQL_DOCKER_NAME; + include $/proxy_headers.conf; + } + + # websocket (si nécessaire) + location /ws/ { + proxy_pass http://$POSTGRESQL_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +server { + listen $LOKI_PORT default_server; + server_name _; # pas d'host requis + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$LOKI_int.log app_json; + + location / { + proxy_pass http://$LOKI_DOCKER_NAME; + include $/proxy_headers.conf; + } + + # websocket (si nécessaire) + location /ws/ { + proxy_pass http://$LOKI_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +server { + listen $PROMTAIL_PORT default_server; + server_name _; # pas d'host requis + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$PROMTAIL_int.log app_json; + + location / { + proxy_pass http://$PROMTAIL_DOCKER_NAME; + include $/proxy_headers.conf; + } + + # websocket (si nécessaire) + location /ws/ { + proxy_pass http://$PROMTAIL_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +server { + listen $GRAFANA_PORT default_server; + server_name _; # pas d'host requis + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$GRAFANA_int.log app_json; + + location / { + proxy_pass http://$GRAFANA_DOCKER_NAME; + include $/proxy_headers.conf; + } + + # websocket (si nécessaire) + location /ws/ { + proxy_pass http://$GRAFANA_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +server { + listen $NGNIX_PORT default_server; + server_name _; # pas d'host requis + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$NGNIX_int.log app_json; + + location / { + proxy_pass http://$NGNIX_DOCKER_NAME; + include $/proxy_headers.conf; + } + + # websocket (si nécessaire) + location /ws/ { + proxy_pass http://$NGNIX_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +server { + listen $TOR_PORT default_server; + server_name _; # pas d'host requis + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$TOR_int.log app_json; + + location / { + proxy_pass http://$TOR_DOCKER_NAME; + include $/proxy_headers.conf; + } + + # websocket (si nécessaire) + location /ws/ { + proxy_pass http://$TOR_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +server { + listen $_4NK_VAULT_PORT default_server; + server_name _; # pas d'host requis + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$_4NK_VAULT_int.log app_json; + + location / { + proxy_pass http://$_4NK_VAULT_DOCKER_NAME; + include $/proxy_headers.conf; + } + + # websocket (si nécessaire) + location /ws/ { + proxy_pass http://$_4NK_VAULT_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +server { + listen $BITCOIN_PORT default_server; + server_name _; # pas d'host requis + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$BITCOIN_int.log app_json; + + location / { + proxy_pass http://$BITCOIN_DOCKER_NAME; + include $/proxy_headers.conf; + } + + # websocket (si nécessaire) + location /ws/ { + proxy_pass http://$BITCOIN_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +server { + listen $BLINDBIT_ORACLE_PORT default_server; + server_name _; # pas d'host requis + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$BLINDBIT_ORACLE_int.log app_json; + + location / { + proxy_pass http://$BLINDBIT_ORACLE_DOCKER_NAME; + include $/proxy_headers.conf; + } + + # websocket (si nécessaire) + location /ws/ { + proxy_pass http://$BLINDBIT_ORACLE_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +server { + listen $SDK_RELAY_PORT default_server; + server_name _; # pas d'host requis + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$SDK_RELAY_int.log app_json; + + location / { + proxy_pass http://$SDK_RELAY_DOCKER_NAME; + include $/proxy_headers.conf; + } + + # websocket (si nécessaire) + location /ws/ { + proxy_pass http://$SDK_RELAY_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +server { + listen $SDK_STORAGE_PORT default_server; + server_name _; # pas d'host requis + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$SDK_STORAGE_int.log app_json; + + location / { + proxy_pass http://$SDK_STORAGE_DOCKER_NAME; + include $/proxy_headers.conf; + } + + # websocket (si nécessaire) + location /ws/ { + proxy_pass http://$SDK_STORAGE_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +server { + listen $IHM_CLIENT_PORT default_server; + server_name _; # pas d'host requis + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$IHM_CLIENT_int.log app_json; + + location / { + proxy_pass http://$IHM_CLIENT_DOCKER_NAME; + include $/proxy_headers.conf; + } + + # websocket (si nécessaire) + location /ws/ { + proxy_pass http://$IHM_CLIENT_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +server { + listen $_4NK_CERTIFICATOR_PORT default_server; + server_name _; # pas d'host requis + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$_4NK_CERTIFICATOR_int.log app_json; + + location / { + proxy_pass http://$_4NK_CERTIFICATOR_DOCKER_NAME; + include $/proxy_headers.conf; + } + + # websocket (si nécessaire) + location /ws/ { + proxy_pass http://$_4NK_CERTIFICATOR_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +server { + listen $_4NK_MINER_PORT default_server; + server_name _; # pas d'host requis + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$_4NK_MINER_int.log app_json; + + location / { + proxy_pass http://$_4NK_MINER_DOCKER_NAME; + include $/proxy_headers.conf; + } + + # websocket (si nécessaire) + location /ws/ { + proxy_pass http://$_4NK_MINER_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +server { + listen $LECOFFRE_FRONT_PORT default_server; + server_name _; # pas d'host requis + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$LECOFFRE_FRONT_int.log app_json; + + location / { + proxy_pass http://$LECOFFRE_FRONT_DOCKER_NAME; + include $/proxy_headers.conf; + } + + # websocket (si nécessaire) + location /ws/ { + proxy_pass http://$LECOFFRE_FRONT_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +server { + listen $_4NK_WEB_STATUS_PORT default_server; + server_name _; # pas d'host requis + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$_4NK_WEB_STATUS_int.log app_json; + + location / { + proxy_pass http://$_4NK_WEB_STATUS_DOCKER_NAME; + include $/proxy_headers.conf; + } + + # websocket (si nécessaire) + location /ws/ { + proxy_pass http://$_4NK_WEB_STATUS_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} diff --git a/templates/dev/nginx/nginx_dev4.4NKweb.com-https.conf b/templates/dev/nginx/nginx_dev4.4NKweb.com-https.conf new file mode 100644 index 0000000..52cbf72 --- /dev/null +++ b/templates/dev/nginx/nginx_dev4.4NKweb.com-https.conf @@ -0,0 +1,711 @@ +# Configuration Nginx consolidée pour $HOST +# Générée automatiquement le $(date) + +# Inclusion du format de log JSON et des upstreams +include upstreams.conf; + + +# Redirection globale HTTP→HTTPS +server { + listen 80; + server_name $HOST *.$HOST; + return 301 https://$host$request_uri; +} + + +# Configuration HTTPS pour REDIS +server { + listen 80; + server_name $REDIS.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $REDIS_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$REDIS_https.log app_json; + + location / { + proxy_pass http://$REDIS_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$REDIS_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour POSTGRESQL +server { + listen 80; + server_name $POSTGRESQL.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $POSTGRESQL_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$POSTGRESQL_https.log app_json; + + location / { + proxy_pass http://$POSTGRESQL_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$POSTGRESQL_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour LOKI +server { + listen 80; + server_name $LOKI.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $LOKI_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$LOKI_https.log app_json; + + location / { + proxy_pass http://$LOKI_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$LOKI_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour PROMTAIL +server { + listen 80; + server_name $PROMTAIL.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $PROMTAIL_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$PROMTAIL_https.log app_json; + + location / { + proxy_pass http://$PROMTAIL_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$PROMTAIL_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour GRAFANA +server { + listen 80; + server_name $GRAFANA.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $GRAFANA_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$GRAFANA_https.log app_json; + + location / { + proxy_pass http://$GRAFANA_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$GRAFANA_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour NGNIX +server { + listen 80; + server_name $NGNIX.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $NGNIX_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$NGNIX_https.log app_json; + + location / { + proxy_pass http://$NGNIX_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$NGNIX_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour TOR +server { + listen 80; + server_name $TOR.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $TOR_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$TOR_https.log app_json; + + location / { + proxy_pass http://$TOR_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$TOR_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour _4NK_VAULT +server { + listen 80; + server_name $_4NK_VAULT.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $_4NK_VAULT_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$_4NK_VAULT_https.log app_json; + + location / { + proxy_pass http://$_4NK_VAULT_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$_4NK_VAULT_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour BITCOIN +server { + listen 80; + server_name $BITCOIN.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $BITCOIN_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$BITCOIN_https.log app_json; + + location / { + proxy_pass http://$BITCOIN_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$BITCOIN_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour BLINDBIT_ORACLE +server { + listen 80; + server_name $BLINDBIT_ORACLE.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $BLINDBIT_ORACLE_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$BLINDBIT_ORACLE_https.log app_json; + + location / { + proxy_pass http://$BLINDBIT_ORACLE_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$BLINDBIT_ORACLE_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour SDK_RELAY +server { + listen 80; + server_name $SDK_RELAY.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $SDK_RELAY_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$SDK_RELAY_https.log app_json; + + location / { + proxy_pass http://$SDK_RELAY_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$SDK_RELAY_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour SDK_STORAGE +server { + listen 80; + server_name $SDK_STORAGE.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $SDK_STORAGE_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$SDK_STORAGE_https.log app_json; + + location / { + proxy_pass http://$SDK_STORAGE_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$SDK_STORAGE_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour IHM_CLIENT +server { + listen 80; + server_name $IHM_CLIENT.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $IHM_CLIENT_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$IHM_CLIENT_https.log app_json; + + location / { + proxy_pass http://$IHM_CLIENT_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$IHM_CLIENT_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour _4NK_CERTIFICATOR +server { + listen 80; + server_name $_4NK_CERTIFICATOR.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $_4NK_CERTIFICATOR_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$_4NK_CERTIFICATOR_https.log app_json; + + location / { + proxy_pass http://$_4NK_CERTIFICATOR_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$_4NK_CERTIFICATOR_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour _4NK_MINER +server { + listen 80; + server_name $_4NK_MINER.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $_4NK_MINER_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$_4NK_MINER_https.log app_json; + + location / { + proxy_pass http://$_4NK_MINER_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$_4NK_MINER_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour LECOFFRE_FRONT +server { + listen 80; + server_name $LECOFFRE_FRONT.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $LECOFFRE_FRONT_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$LECOFFRE_FRONT_https.log app_json; + + location / { + proxy_pass http://$LECOFFRE_FRONT_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$LECOFFRE_FRONT_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour _4NK_WEB_STATUS +server { + listen 80; + server_name $_4NK_WEB_STATUS.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $_4NK_WEB_STATUS_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$_4NK_WEB_STATUS_https.log app_json; + + location / { + proxy_pass http://$_4NK_WEB_STATUS_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$_4NK_WEB_STATUS_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} diff --git a/templates/dev/nginx/nginx_dev4.4nkweb.com-https.conf b/templates/dev/nginx/nginx_dev4.4nkweb.com-https.conf new file mode 100644 index 0000000..52cbf72 --- /dev/null +++ b/templates/dev/nginx/nginx_dev4.4nkweb.com-https.conf @@ -0,0 +1,711 @@ +# Configuration Nginx consolidée pour $HOST +# Générée automatiquement le $(date) + +# Inclusion du format de log JSON et des upstreams +include upstreams.conf; + + +# Redirection globale HTTP→HTTPS +server { + listen 80; + server_name $HOST *.$HOST; + return 301 https://$host$request_uri; +} + + +# Configuration HTTPS pour REDIS +server { + listen 80; + server_name $REDIS.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $REDIS_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$REDIS_https.log app_json; + + location / { + proxy_pass http://$REDIS_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$REDIS_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour POSTGRESQL +server { + listen 80; + server_name $POSTGRESQL.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $POSTGRESQL_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$POSTGRESQL_https.log app_json; + + location / { + proxy_pass http://$POSTGRESQL_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$POSTGRESQL_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour LOKI +server { + listen 80; + server_name $LOKI.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $LOKI_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$LOKI_https.log app_json; + + location / { + proxy_pass http://$LOKI_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$LOKI_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour PROMTAIL +server { + listen 80; + server_name $PROMTAIL.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $PROMTAIL_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$PROMTAIL_https.log app_json; + + location / { + proxy_pass http://$PROMTAIL_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$PROMTAIL_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour GRAFANA +server { + listen 80; + server_name $GRAFANA.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $GRAFANA_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$GRAFANA_https.log app_json; + + location / { + proxy_pass http://$GRAFANA_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$GRAFANA_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour NGNIX +server { + listen 80; + server_name $NGNIX.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $NGNIX_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$NGNIX_https.log app_json; + + location / { + proxy_pass http://$NGNIX_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$NGNIX_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour TOR +server { + listen 80; + server_name $TOR.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $TOR_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$TOR_https.log app_json; + + location / { + proxy_pass http://$TOR_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$TOR_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour _4NK_VAULT +server { + listen 80; + server_name $_4NK_VAULT.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $_4NK_VAULT_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$_4NK_VAULT_https.log app_json; + + location / { + proxy_pass http://$_4NK_VAULT_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$_4NK_VAULT_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour BITCOIN +server { + listen 80; + server_name $BITCOIN.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $BITCOIN_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$BITCOIN_https.log app_json; + + location / { + proxy_pass http://$BITCOIN_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$BITCOIN_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour BLINDBIT_ORACLE +server { + listen 80; + server_name $BLINDBIT_ORACLE.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $BLINDBIT_ORACLE_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$BLINDBIT_ORACLE_https.log app_json; + + location / { + proxy_pass http://$BLINDBIT_ORACLE_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$BLINDBIT_ORACLE_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour SDK_RELAY +server { + listen 80; + server_name $SDK_RELAY.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $SDK_RELAY_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$SDK_RELAY_https.log app_json; + + location / { + proxy_pass http://$SDK_RELAY_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$SDK_RELAY_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour SDK_STORAGE +server { + listen 80; + server_name $SDK_STORAGE.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $SDK_STORAGE_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$SDK_STORAGE_https.log app_json; + + location / { + proxy_pass http://$SDK_STORAGE_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$SDK_STORAGE_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour IHM_CLIENT +server { + listen 80; + server_name $IHM_CLIENT.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $IHM_CLIENT_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$IHM_CLIENT_https.log app_json; + + location / { + proxy_pass http://$IHM_CLIENT_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$IHM_CLIENT_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour _4NK_CERTIFICATOR +server { + listen 80; + server_name $_4NK_CERTIFICATOR.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $_4NK_CERTIFICATOR_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$_4NK_CERTIFICATOR_https.log app_json; + + location / { + proxy_pass http://$_4NK_CERTIFICATOR_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$_4NK_CERTIFICATOR_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour _4NK_MINER +server { + listen 80; + server_name $_4NK_MINER.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $_4NK_MINER_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$_4NK_MINER_https.log app_json; + + location / { + proxy_pass http://$_4NK_MINER_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$_4NK_MINER_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour LECOFFRE_FRONT +server { + listen 80; + server_name $LECOFFRE_FRONT.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $LECOFFRE_FRONT_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$LECOFFRE_FRONT_https.log app_json; + + location / { + proxy_pass http://$LECOFFRE_FRONT_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$LECOFFRE_FRONT_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour _4NK_WEB_STATUS +server { + listen 80; + server_name $_4NK_WEB_STATUS.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $_4NK_WEB_STATUS_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/$_4NK_WEB_STATUS_https.log app_json; + + location / { + proxy_pass http://$_4NK_WEB_STATUS_DOCKER_NAME; + include $/etc/nginx/conf.d/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$_4NK_WEB_STATUS_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/etc/nginx/conf.d/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} diff --git a/templates/dev/nginx/nginx_dev4._4NKweb.com-https.conf b/templates/dev/nginx/nginx_dev4._4NKweb.com-https.conf new file mode 100644 index 0000000..7ce3832 --- /dev/null +++ b/templates/dev/nginx/nginx_dev4._4NKweb.com-https.conf @@ -0,0 +1,711 @@ +# Configuration Nginx consolidée pour $HOST +# Générée automatiquement le $(date) + +# Inclusion du format de log JSON et des upstreams +include upstreams.conf; + + +# Redirection globale HTTP→HTTPS +server { + listen 80; + server_name $HOST *.$HOST; + return 301 https://$host$request_uri; +} + + +# Configuration HTTPS pour REDIS +server { + listen 80; + server_name $REDIS.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $REDIS_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$REDIS_https.log app_json; + + location / { + proxy_pass http://$REDIS_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$REDIS_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour POSTGRESQL +server { + listen 80; + server_name $POSTGRESQL.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $POSTGRESQL_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$POSTGRESQL_https.log app_json; + + location / { + proxy_pass http://$POSTGRESQL_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$POSTGRESQL_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour LOKI +server { + listen 80; + server_name $LOKI.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $LOKI_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$LOKI_https.log app_json; + + location / { + proxy_pass http://$LOKI_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$LOKI_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour PROMTAIL +server { + listen 80; + server_name $PROMTAIL.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $PROMTAIL_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$PROMTAIL_https.log app_json; + + location / { + proxy_pass http://$PROMTAIL_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$PROMTAIL_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour GRAFANA +server { + listen 80; + server_name $GRAFANA.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $GRAFANA_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$GRAFANA_https.log app_json; + + location / { + proxy_pass http://$GRAFANA_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$GRAFANA_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour NGNIX +server { + listen 80; + server_name $NGNIX.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $NGNIX_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$NGNIX_https.log app_json; + + location / { + proxy_pass http://$NGNIX_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$NGNIX_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour TOR +server { + listen 80; + server_name $TOR.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $TOR_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$TOR_https.log app_json; + + location / { + proxy_pass http://$TOR_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$TOR_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour _4NK_VAULT +server { + listen 80; + server_name $_4NK_VAULT.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $_4NK_VAULT_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$_4NK_VAULT_https.log app_json; + + location / { + proxy_pass http://$_4NK_VAULT_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$_4NK_VAULT_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour BITCOIN +server { + listen 80; + server_name $BITCOIN.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $BITCOIN_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$BITCOIN_https.log app_json; + + location / { + proxy_pass http://$BITCOIN_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$BITCOIN_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour BLINDBIT_ORACLE +server { + listen 80; + server_name $BLINDBIT_ORACLE.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $BLINDBIT_ORACLE_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$BLINDBIT_ORACLE_https.log app_json; + + location / { + proxy_pass http://$BLINDBIT_ORACLE_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$BLINDBIT_ORACLE_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour SDK_RELAY +server { + listen 80; + server_name $SDK_RELAY.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $SDK_RELAY_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$SDK_RELAY_https.log app_json; + + location / { + proxy_pass http://$SDK_RELAY_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$SDK_RELAY_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour SDK_STORAGE +server { + listen 80; + server_name $SDK_STORAGE.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $SDK_STORAGE_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$SDK_STORAGE_https.log app_json; + + location / { + proxy_pass http://$SDK_STORAGE_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$SDK_STORAGE_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour IHM_CLIENT +server { + listen 80; + server_name $IHM_CLIENT.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $IHM_CLIENT_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$IHM_CLIENT_https.log app_json; + + location / { + proxy_pass http://$IHM_CLIENT_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$IHM_CLIENT_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour _4NK_CERTIFICATOR +server { + listen 80; + server_name $_4NK_CERTIFICATOR.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $_4NK_CERTIFICATOR_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$_4NK_CERTIFICATOR_https.log app_json; + + location / { + proxy_pass http://$_4NK_CERTIFICATOR_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$_4NK_CERTIFICATOR_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour _4NK_MINER +server { + listen 80; + server_name $_4NK_MINER.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $_4NK_MINER_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$_4NK_MINER_https.log app_json; + + location / { + proxy_pass http://$_4NK_MINER_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$_4NK_MINER_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour LECOFFRE_FRONT +server { + listen 80; + server_name $LECOFFRE_FRONT.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $LECOFFRE_FRONT_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$LECOFFRE_FRONT_https.log app_json; + + location / { + proxy_pass http://$LECOFFRE_FRONT_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$LECOFFRE_FRONT_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} + +# Configuration HTTPS pour _4NK_WEB_STATUS +server { + listen 80; + server_name $_4NK_WEB_STATUS.$_4NKweb.com; + # redirection HTTP→HTTPS pour l'externe + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name $_4NK_WEB_STATUS_DOCKER_NAME.$_4NKweb.com; + + ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; + ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; + + # réglages TLS minimaux (adapter selon politique) + ssl_session_timeout 1d; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + # HSTS (activer seulement si tout le domaine est en HTTPS) + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/$_4NK_WEB_STATUS_https.log app_json; + + location / { + proxy_pass http://$_4NK_WEB_STATUS_DOCKER_NAME; + include $/proxy_headers.conf; + } + + location /ws/ { + proxy_pass http://$_4NK_WEB_STATUS_DOCKER_NAME; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include $/proxy_headers.conf; + proxy_read_timeout 3600s; + } +} diff --git a/templates/dev/nginx/proxy_headers.conf b/templates/dev/nginx/proxy_headers.conf new file mode 100644 index 0000000..6349894 --- /dev/null +++ b/templates/dev/nginx/proxy_headers.conf @@ -0,0 +1,29 @@ +# Headers de proxy générés automatiquement +# Généré le $(date) + +proxy_set_header Host $host; +proxy_set_header X-Real-IP $remote_addr; +proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; +proxy_set_header X-Forwarded-Proto $scheme; +proxy_set_header X-Forwarded-Host $host; +proxy_set_header X-Forwarded-Port $server_port; + +# Directives de proxy +proxy_redirect off; # si l'app sait générer ses URLs +add_header X-Debug-Scheme $scheme always; +add_header X-Debug-XFP $http_x_forwarded_proto always; + +# Timeouts +proxy_connect_timeout 60s; +proxy_send_timeout 60s; +proxy_read_timeout 60s; + +# Buffer settings +proxy_buffering on; +proxy_buffer_size 4k; +proxy_buffers 8 4k; +proxy_busy_buffers_size 8k; + +# Cache settings +proxy_cache_bypass $http_upgrade; +proxy_no_cache $http_upgrade; diff --git a/templates/dev/nginx/upstreams.conf b/templates/dev/nginx/upstreams.conf new file mode 100644 index 0000000..70ea138 --- /dev/null +++ b/templates/dev/nginx/upstreams.conf @@ -0,0 +1,102 @@ +# Upstreams générés automatiquement +# Généré le $(date) + +log_format app_json escape=json + '{ "time":"$time_iso8601",' + ' "client":"$remote_addr",' + ' "xff":"$http_x_forwarded_for",' + ' "method":"$request_method",' + ' "host":"$host",' + ' "uri":"$request_uri",' + ' "status":$status,' + ' "bytes":$body_bytes_sent,' + ' "ua":"$http_user_agent",' + ' "upstream":"$upstream_addr",' + ' "rt":$request_time,' + ' "urt":$upstream_response_time }'; + + +upstream $REDIS { + server $REDIS_DOCKER_NAME:$REDIS_PORT; + keepalive 64; +} + +upstream $POSTGRESQL { + server $POSTGRESQL_DOCKER_NAME:$POSTGRESQL_PORT; + keepalive 64; +} + +upstream $LOKI { + server $LOKI_DOCKER_NAME:$LOKI_PORT; + keepalive 64; +} + +upstream $PROMTAIL { + server $PROMTAIL_DOCKER_NAME:$PROMTAIL_PORT; + keepalive 64; +} + +upstream $GRAFANA { + server $GRAFANA_DOCKER_NAME:$GRAFANA_PORT; + keepalive 64; +} + +upstream $NGNIX { + server $NGNIX_DOCKER_NAME:$NGNIX_PORT; + keepalive 64; +} + +upstream $TOR { + server $TOR_DOCKER_NAME:$TOR_PORT; + keepalive 64; +} + +upstream $_4NK_VAULT { + server $_4NK_VAULT_DOCKER_NAME:$_4NK_VAULT_PORT; + keepalive 64; +} + +upstream $BITCOIN { + server $BITCOIN_DOCKER_NAME:$BITCOIN_PORT; + keepalive 64; +} + +upstream $BLINDBIT_ORACLE { + server $BLINDBIT_ORACLE_DOCKER_NAME:$BLINDBIT_ORACLE_PORT; + keepalive 64; +} + +upstream $SDK_RELAY { + server $SDK_RELAY_DOCKER_NAME:$SDK_RELAY_PORT; + keepalive 64; +} + +upstream $SDK_STORAGE { + server $SDK_STORAGE_DOCKER_NAME:$SDK_STORAGE_PORT; + keepalive 64; +} + +upstream $IHM_CLIENT { + server $IHM_CLIENT_DOCKER_NAME:$IHM_CLIENT_PORT; + keepalive 64; +} + +upstream $_4NK_CERTIFICATOR { + server $_4NK_CERTIFICATOR_DOCKER_NAME:$_4NK_CERTIFICATOR_PORT; + keepalive 64; +} + +upstream $_4NK_MINER { + server $_4NK_MINER_DOCKER_NAME:$_4NK_MINER_PORT; + keepalive 64; +} + +upstream $LECOFFRE_FRONT { + server $LECOFFRE_FRONT_DOCKER_NAME:$LECOFFRE_FRONT_PORT; + keepalive 64; +} + +upstream $_4NK_WEB_STATUS { + server $_4NK_WEB_STATUS_DOCKER_NAME:$_4NK_WEB_STATUS_PORT; + keepalive 64; +} diff --git a/templates/dev/nginx/validate_templates.sh b/templates/dev/nginx/validate_templates.sh new file mode 100755 index 0000000..2e1d6a5 --- /dev/null +++ b/templates/dev/nginx/validate_templates.sh @@ -0,0 +1,73 @@ +#!/bin/bash + +# Script de validation des templates Nginx générés +# Généré automatiquement le $(date) + +set -euo pipefail + +# Couleurs pour les messages +RED='\033[0;31m' +GREEN='\033[0;32m' +YELLOW='\033[1;33m' +BLUE='\033[0;34m' +NC='\033[0m' + +# Fonctions d'affichage +print_error() { echo -e "${RED}❌ ERREUR${NC}: $1"; } +print_success() { echo -e "${GREEN}✅ SUCCÈS${NC}: $1"; } +print_info() { echo -e "${BLUE}ℹ️ INFO${NC}: $1"; } +print_warning() { echo -e "${YELLOW}⚠️ ATTENTION${NC}: $1"; } + +# Charger les variables d'environnement +if [ -f ".env" ]; then + # Charger .env en mode silencieux pour éviter les erreurs de syntaxe + source .env 2>/dev/null || true +fi + +# Vérifier que HOST est défini +if [ -z "${HOST:-}" ]; then + print_warning "Variable HOST non définie, utilisation de la valeur par défaut" + export HOST="dev4._4NKweb.com" +fi + +print_info "Validation des templates Nginx pour $HOST" + +# Vérifier que les fichiers existent +missing_files=0 + +if [ ! -f "nginx/upstreams.conf" ]; then + print_error "Template nginx/upstreams.conf non trouvé" + missing_files=$((missing_files + 1)) +fi + +if [ ! -f "nginx/app-internal-ports.conf" ]; then + print_error "Template nginx/app-internal-ports.conf non trouvé" + missing_files=$((missing_files + 1)) +fi + +if [ ! -f "nginx/proxy_headers.conf" ]; then + print_error "Template nginx/proxy_headers.conf non trouvé" + missing_files=$((missing_files + 1)) +fi + +if [ ! -f "nginx/nginx_$HOST-https.conf" ]; then + print_error "Template nginx/nginx_$HOST-https.conf non trouvé" + missing_files=$((missing_files + 1)) +fi + +if [ $missing_files -eq 0 ]; then + print_success "Tous les templates de configuration sont présents" + print_info "Templates générés:" + echo " • nginx/upstreams.conf" + echo " • nginx/app-internal-ports.conf" + echo " • nginx/proxy_headers.conf" + echo " • nginx/*_https.conf (configurations HTTPS individuelles)" + echo " • nginx/nginx_$HOST-https.conf" + + print_info "Ces templates sont prêts à être utilisés dans votre infrastructure" + print_warning "Adaptez les chemins et configurations selon vos besoins spécifiques" +else + print_error "$missing_files template(s) manquant(s)" + exit 1 +fi + diff --git a/templates/dev/projects/lecoffre/docker-compose.yml.auto b/templates/dev/projects/lecoffre/docker-compose.yml.auto new file mode 100644 index 0000000..0ffbc69 --- /dev/null +++ b/templates/dev/projects/lecoffre/docker-compose.yml.auto @@ -0,0 +1,502 @@ + +services: + + + $REDIS_DOCKER_NAME: + image: $REDIS_DOCKER_IMAGE + container_name: $REDIS_DOCKER_NAME + working_dir: /$REDIS_DOCKER_NAME + ports: + - "0.0.0.0:$REDIS_EXTERNAL_PORT" + - "0.0.0.0:$REDIS_PORT" + - "0.0.0.0:$REDIS_PORT2" + - "0.0.0.0:$REDIS_PORT3" + volumes: + - $REDIS_CONFS_DIR:$REDIS_DOCKER_CONFS_DIR + - $REDIS_LOGS_DIR:$REDIS_DOCKER_LOGS_DIR + - $REDIS_RUNS_DIR:$REDIS_DOCKER_RUNS_DIR + - $REDIS_DATAS_DIR:$REDIS_DOCKER_DATAS_DIR + - $REDIS_BACKUPS_DIR:$REDIS_DOCKER_BACKUPS_DIR + - $REDIS_SCRIPTS_DIR:$REDIS_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $REDIS_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$REDIS_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$REDIS.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $POSTGRESQL_DOCKER_NAME: + image: $POSTGRESQL_DOCKER_IMAGE + container_name: $POSTGRESQL_DOCKER_NAME + working_dir: /$POSTGRESQL_DOCKER_NAME + ports: + - "0.0.0.0:$POSTGRESQL_EXTERNAL_PORT" + - "0.0.0.0:$POSTGRESQL_PORT" + - "0.0.0.0:$POSTGRESQL_PORT2" + - "0.0.0.0:$POSTGRESQL_PORT3" + volumes: + - $POSTGRESQL_CONFS_DIR:$POSTGRESQL_DOCKER_CONFS_DIR + - $POSTGRESQL_LOGS_DIR:$POSTGRESQL_DOCKER_LOGS_DIR + - $POSTGRESQL_RUNS_DIR:$POSTGRESQL_DOCKER_RUNS_DIR + - $POSTGRESQL_DATAS_DIR:$POSTGRESQL_DOCKER_DATAS_DIR + - $POSTGRESQL_BACKUPS_DIR:$POSTGRESQL_DOCKER_BACKUPS_DIR + - $POSTGRESQL_SCRIPTS_DIR:$POSTGRESQL_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $POSTGRESQL_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$POSTGRESQL_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$POSTGRESQL.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $LOKI_DOCKER_NAME: + image: $LOKI_DOCKER_IMAGE + container_name: $LOKI_DOCKER_NAME + working_dir: /$LOKI_DOCKER_NAME + ports: + - "0.0.0.0:$LOKI_EXTERNAL_PORT" + - "0.0.0.0:$LOKI_PORT" + - "0.0.0.0:$LOKI_PORT2" + - "0.0.0.0:$LOKI_PORT3" + volumes: + - $LOKI_CONFS_DIR:$LOKI_DOCKER_CONFS_DIR + - $LOKI_LOGS_DIR:$LOKI_DOCKER_LOGS_DIR + - $LOKI_RUNS_DIR:$LOKI_DOCKER_RUNS_DIR + - $LOKI_DATAS_DIR:$LOKI_DOCKER_DATAS_DIR + - $LOKI_BACKUPS_DIR:$LOKI_DOCKER_BACKUPS_DIR + - $LOKI_SCRIPTS_DIR:$LOKI_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $LOKI_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$LOKI_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$LOKI.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $PROMTAIL_DOCKER_NAME: + image: $PROMTAIL_DOCKER_IMAGE + container_name: $PROMTAIL_DOCKER_NAME + working_dir: /$PROMTAIL_DOCKER_NAME + ports: + - "0.0.0.0:$PROMTAIL_EXTERNAL_PORT" + - "0.0.0.0:$PROMTAIL_PORT" + - "0.0.0.0:$PROMTAIL_PORT2" + - "0.0.0.0:$PROMTAIL_PORT3" + volumes: + - $PROMTAIL_CONFS_DIR:$PROMTAIL_DOCKER_CONFS_DIR + - $PROMTAIL_LOGS_DIR:$PROMTAIL_DOCKER_LOGS_DIR + - $PROMTAIL_RUNS_DIR:$PROMTAIL_DOCKER_RUNS_DIR + - $PROMTAIL_DATAS_DIR:$PROMTAIL_DOCKER_DATAS_DIR + - $PROMTAIL_BACKUPS_DIR:$PROMTAIL_DOCKER_BACKUPS_DIR + - $PROMTAIL_SCRIPTS_DIR:$PROMTAIL_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $PROMTAIL_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$PROMTAIL_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$PROMTAIL.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $GRAFANA_DOCKER_NAME: + image: $GRAFANA_DOCKER_IMAGE + container_name: $GRAFANA_DOCKER_NAME + working_dir: /$GRAFANA_DOCKER_NAME + ports: + - "0.0.0.0:$GRAFANA_EXTERNAL_PORT" + - "0.0.0.0:$GRAFANA_PORT" + - "0.0.0.0:$GRAFANA_PORT2" + - "0.0.0.0:$GRAFANA_PORT3" + volumes: + - $GRAFANA_CONFS_DIR:$GRAFANA_DOCKER_CONFS_DIR + - $GRAFANA_LOGS_DIR:$GRAFANA_DOCKER_LOGS_DIR + - $GRAFANA_RUNS_DIR:$GRAFANA_DOCKER_RUNS_DIR + - $GRAFANA_DATAS_DIR:$GRAFANA_DOCKER_DATAS_DIR + - $GRAFANA_BACKUPS_DIR:$GRAFANA_DOCKER_BACKUPS_DIR + - $GRAFANA_SCRIPTS_DIR:$GRAFANA_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $GRAFANA_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$GRAFANA_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$GRAFANA.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $_4NK_VAULT_DOCKER_NAME: + image: $_4NK_VAULT_DOCKER_IMAGE + container_name: $_4NK_VAULT_DOCKER_NAME + working_dir: /$_4NK_VAULT_DOCKER_NAME + ports: + - "0.0.0.0:$_4NK_VAULT_EXTERNAL_PORT" + - "0.0.0.0:$_4NK_VAULT_PORT" + - "0.0.0.0:$_4NK_VAULT_PORT2" + - "0.0.0.0:$_4NK_VAULT_PORT3" + volumes: + - $_4NK_VAULT_CONFS_DIR:$_4NK_VAULT_DOCKER_CONFS_DIR + - $_4NK_VAULT_LOGS_DIR:$_4NK_VAULT_DOCKER_LOGS_DIR + - $_4NK_VAULT_RUNS_DIR:$_4NK_VAULT_DOCKER_RUNS_DIR + - $_4NK_VAULT_DATAS_DIR:$_4NK_VAULT_DOCKER_DATAS_DIR + - $_4NK_VAULT_BACKUPS_DIR:$_4NK_VAULT_DOCKER_BACKUPS_DIR + - $_4NK_VAULT_SCRIPTS_DIR:$_4NK_VAULT_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $_4NK_VAULT_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$_4NK_VAULT_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$_4NK_VAULT.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $TOR_DOCKER_NAME: + image: $TOR_DOCKER_IMAGE + container_name: $TOR_DOCKER_NAME + working_dir: /$TOR_DOCKER_NAME + ports: + - "0.0.0.0:$TOR_EXTERNAL_PORT" + - "0.0.0.0:$TOR_PORT" + - "0.0.0.0:$TOR_PORT2" + - "0.0.0.0:$TOR_PORT3" + volumes: + - $TOR_CONFS_DIR:$TOR_DOCKER_CONFS_DIR + - $TOR_LOGS_DIR:$TOR_DOCKER_LOGS_DIR + - $TOR_RUNS_DIR:$TOR_DOCKER_RUNS_DIR + - $TOR_DATAS_DIR:$TOR_DOCKER_DATAS_DIR + - $TOR_BACKUPS_DIR:$TOR_DOCKER_BACKUPS_DIR + - $TOR_SCRIPTS_DIR:$TOR_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $TOR_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$TOR_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$TOR.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $BITCOIN_DOCKER_NAME: + image: $BITCOIN_DOCKER_IMAGE + container_name: $BITCOIN_DOCKER_NAME + working_dir: /$BITCOIN_DOCKER_NAME + ports: + - "0.0.0.0:$BITCOIN_EXTERNAL_PORT" + - "0.0.0.0:$BITCOIN_PORT" + - "0.0.0.0:$BITCOIN_PORT2" + - "0.0.0.0:$BITCOIN_PORT3" + volumes: + - $BITCOIN_CONFS_DIR:$BITCOIN_DOCKER_CONFS_DIR + - $BITCOIN_LOGS_DIR:$BITCOIN_DOCKER_LOGS_DIR + - $BITCOIN_RUNS_DIR:$BITCOIN_DOCKER_RUNS_DIR + - $BITCOIN_DATAS_DIR:$BITCOIN_DOCKER_DATAS_DIR + - $BITCOIN_BACKUPS_DIR:$BITCOIN_DOCKER_BACKUPS_DIR + - $BITCOIN_SCRIPTS_DIR:$BITCOIN_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $BITCOIN_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$BITCOIN_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$BITCOIN.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $BLINDBIT_ORACLE_DOCKER_NAME: + image: $BLINDBIT_ORACLE_DOCKER_IMAGE + container_name: $BLINDBIT_ORACLE_DOCKER_NAME + working_dir: /$BLINDBIT_ORACLE_DOCKER_NAME + ports: + - "0.0.0.0:$BLINDBIT_ORACLE_EXTERNAL_PORT" + - "0.0.0.0:$BLINDBIT_ORACLE_PORT" + - "0.0.0.0:$BLINDBIT_ORACLE_PORT2" + - "0.0.0.0:$BLINDBIT_ORACLE_PORT3" + volumes: + - $BLINDBIT_ORACLE_CONFS_DIR:$BLINDBIT_ORACLE_DOCKER_CONFS_DIR + - $BLINDBIT_ORACLE_LOGS_DIR:$BLINDBIT_ORACLE_DOCKER_LOGS_DIR + - $BLINDBIT_ORACLE_RUNS_DIR:$BLINDBIT_ORACLE_DOCKER_RUNS_DIR + - $BLINDBIT_ORACLE_DATAS_DIR:$BLINDBIT_ORACLE_DOCKER_DATAS_DIR + - $BLINDBIT_ORACLE_BACKUPS_DIR:$BLINDBIT_ORACLE_DOCKER_BACKUPS_DIR + - $BLINDBIT_ORACLE_SCRIPTS_DIR:$BLINDBIT_ORACLE_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $BLINDBIT_ORACLE_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$BLINDBIT_ORACLE_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$BLINDBIT_ORACLE.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $SDK_RELAY_DOCKER_NAME: + image: $SDK_RELAY_DOCKER_IMAGE + container_name: $SDK_RELAY_DOCKER_NAME + working_dir: /$SDK_RELAY_DOCKER_NAME + ports: + - "0.0.0.0:$SDK_RELAY_EXTERNAL_PORT" + - "0.0.0.0:$SDK_RELAY_PORT" + - "0.0.0.0:$SDK_RELAY_PORT2" + - "0.0.0.0:$SDK_RELAY_PORT3" + volumes: + - $SDK_RELAY_CONFS_DIR:$SDK_RELAY_DOCKER_CONFS_DIR + - $SDK_RELAY_LOGS_DIR:$SDK_RELAY_DOCKER_LOGS_DIR + - $SDK_RELAY_RUNS_DIR:$SDK_RELAY_DOCKER_RUNS_DIR + - $SDK_RELAY_DATAS_DIR:$SDK_RELAY_DOCKER_DATAS_DIR + - $SDK_RELAY_BACKUPS_DIR:$SDK_RELAY_DOCKER_BACKUPS_DIR + - $SDK_RELAY_SCRIPTS_DIR:$SDK_RELAY_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $SDK_RELAY_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$SDK_RELAY_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$SDK_RELAY.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $SDK_STORAGE_DOCKER_NAME: + image: $SDK_STORAGE_DOCKER_IMAGE + container_name: $SDK_STORAGE_DOCKER_NAME + working_dir: /$SDK_STORAGE_DOCKER_NAME + ports: + - "0.0.0.0:$SDK_STORAGE_EXTERNAL_PORT" + - "0.0.0.0:$SDK_STORAGE_PORT" + - "0.0.0.0:$SDK_STORAGE_PORT2" + - "0.0.0.0:$SDK_STORAGE_PORT3" + volumes: + - $SDK_STORAGE_CONFS_DIR:$SDK_STORAGE_DOCKER_CONFS_DIR + - $SDK_STORAGE_LOGS_DIR:$SDK_STORAGE_DOCKER_LOGS_DIR + - $SDK_STORAGE_RUNS_DIR:$SDK_STORAGE_DOCKER_RUNS_DIR + - $SDK_STORAGE_DATAS_DIR:$SDK_STORAGE_DOCKER_DATAS_DIR + - $SDK_STORAGE_BACKUPS_DIR:$SDK_STORAGE_DOCKER_BACKUPS_DIR + - $SDK_STORAGE_SCRIPTS_DIR:$SDK_STORAGE_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $SDK_STORAGE_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$SDK_STORAGE_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$SDK_STORAGE.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $IHM_CLIENT_DOCKER_NAME: + image: $IHM_CLIENT_DOCKER_IMAGE + container_name: $IHM_CLIENT_DOCKER_NAME + working_dir: /$IHM_CLIENT_DOCKER_NAME + ports: + - "0.0.0.0:$IHM_CLIENT_EXTERNAL_PORT" + - "0.0.0.0:$IHM_CLIENT_PORT" + - "0.0.0.0:$IHM_CLIENT_PORT2" + - "0.0.0.0:$IHM_CLIENT_PORT3" + volumes: + - $IHM_CLIENT_CONFS_DIR:$IHM_CLIENT_DOCKER_CONFS_DIR + - $IHM_CLIENT_LOGS_DIR:$IHM_CLIENT_DOCKER_LOGS_DIR + - $IHM_CLIENT_RUNS_DIR:$IHM_CLIENT_DOCKER_RUNS_DIR + - $IHM_CLIENT_DATAS_DIR:$IHM_CLIENT_DOCKER_DATAS_DIR + - $IHM_CLIENT_BACKUPS_DIR:$IHM_CLIENT_DOCKER_BACKUPS_DIR + - $IHM_CLIENT_SCRIPTS_DIR:$IHM_CLIENT_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $IHM_CLIENT_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$IHM_CLIENT_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$IHM_CLIENT.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $_4NK_CERTIFICATOR_DOCKER_NAME: + image: $_4NK_CERTIFICATOR_DOCKER_IMAGE + container_name: $_4NK_CERTIFICATOR_DOCKER_NAME + working_dir: /$_4NK_CERTIFICATOR_DOCKER_NAME + ports: + - "0.0.0.0:$_4NK_CERTIFICATOR_EXTERNAL_PORT" + - "0.0.0.0:$_4NK_CERTIFICATOR_PORT" + - "0.0.0.0:$_4NK_CERTIFICATOR_PORT2" + - "0.0.0.0:$_4NK_CERTIFICATOR_PORT3" + volumes: + - $_4NK_CERTIFICATOR_CONFS_DIR:$_4NK_CERTIFICATOR_DOCKER_CONFS_DIR + - $_4NK_CERTIFICATOR_LOGS_DIR:$_4NK_CERTIFICATOR_DOCKER_LOGS_DIR + - $_4NK_CERTIFICATOR_RUNS_DIR:$_4NK_CERTIFICATOR_DOCKER_RUNS_DIR + - $_4NK_CERTIFICATOR_DATAS_DIR:$_4NK_CERTIFICATOR_DOCKER_DATAS_DIR + - $_4NK_CERTIFICATOR_BACKUPS_DIR:$_4NK_CERTIFICATOR_DOCKER_BACKUPS_DIR + - $_4NK_CERTIFICATOR_SCRIPTS_DIR:$_4NK_CERTIFICATOR_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $_4NK_CERTIFICATOR_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$_4NK_CERTIFICATOR_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$_4NK_CERTIFICATOR.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $_4NK_MINER_DOCKER_NAME: + image: $_4NK_MINER_DOCKER_IMAGE + container_name: $_4NK_MINER_DOCKER_NAME + working_dir: /$_4NK_MINER_DOCKER_NAME + ports: + - "0.0.0.0:$_4NK_MINER_EXTERNAL_PORT" + - "0.0.0.0:$_4NK_MINER_PORT" + - "0.0.0.0:$_4NK_MINER_PORT2" + - "0.0.0.0:$_4NK_MINER_PORT3" + volumes: + - $_4NK_MINER_CONFS_DIR:$_4NK_MINER_DOCKER_CONFS_DIR + - $_4NK_MINER_LOGS_DIR:$_4NK_MINER_DOCKER_LOGS_DIR + - $_4NK_MINER_RUNS_DIR:$_4NK_MINER_DOCKER_RUNS_DIR + - $_4NK_MINER_DATAS_DIR:$_4NK_MINER_DOCKER_DATAS_DIR + - $_4NK_MINER_BACKUPS_DIR:$_4NK_MINER_DOCKER_BACKUPS_DIR + - $_4NK_MINER_SCRIPTS_DIR:$_4NK_MINER_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $_4NK_MINER_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$_4NK_MINER_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$_4NK_MINER.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $LECOFFRE_FRONT_DOCKER_NAME: + image: $LECOFFRE_FRONT_DOCKER_IMAGE + container_name: $LECOFFRE_FRONT_DOCKER_NAME + working_dir: /$LECOFFRE_FRONT_DOCKER_NAME + ports: + - "0.0.0.0:$LECOFFRE_FRONT_EXTERNAL_PORT" + - "0.0.0.0:$LECOFFRE_FRONT_PORT" + - "0.0.0.0:$LECOFFRE_FRONT_PORT2" + - "0.0.0.0:$LECOFFRE_FRONT_PORT3" + volumes: + - $LECOFFRE_FRONT_CONFS_DIR:$LECOFFRE_FRONT_DOCKER_CONFS_DIR + - $LECOFFRE_FRONT_LOGS_DIR:$LECOFFRE_FRONT_DOCKER_LOGS_DIR + - $LECOFFRE_FRONT_RUNS_DIR:$LECOFFRE_FRONT_DOCKER_RUNS_DIR + - $LECOFFRE_FRONT_DATAS_DIR:$LECOFFRE_FRONT_DOCKER_DATAS_DIR + - $LECOFFRE_FRONT_BACKUPS_DIR:$LECOFFRE_FRONT_DOCKER_BACKUPS_DIR + - $LECOFFRE_FRONT_SCRIPTS_DIR:$LECOFFRE_FRONT_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $LECOFFRE_FRONT_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$LECOFFRE_FRONT_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$LECOFFRE_FRONT.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $_4NK_WEB_STATUS_DOCKER_NAME: + image: $_4NK_WEB_STATUS_DOCKER_IMAGE + container_name: $_4NK_WEB_STATUS_DOCKER_NAME + working_dir: /$_4NK_WEB_STATUS_DOCKER_NAME + ports: + - "0.0.0.0:$_4NK_WEB_STATUS_EXTERNAL_PORT" + - "0.0.0.0:$_4NK_WEB_STATUS_PORT" + - "0.0.0.0:$_4NK_WEB_STATUS_PORT2" + - "0.0.0.0:$_4NK_WEB_STATUS_PORT3" + volumes: + - $_4NK_WEB_STATUS_CONFS_DIR:$_4NK_WEB_STATUS_DOCKER_CONFS_DIR + - $_4NK_WEB_STATUS_LOGS_DIR:$_4NK_WEB_STATUS_DOCKER_LOGS_DIR + - $_4NK_WEB_STATUS_RUNS_DIR:$_4NK_WEB_STATUS_DOCKER_RUNS_DIR + - $_4NK_WEB_STATUS_DATAS_DIR:$_4NK_WEB_STATUS_DOCKER_DATAS_DIR + - $_4NK_WEB_STATUS_BACKUPS_DIR:$_4NK_WEB_STATUS_DOCKER_BACKUPS_DIR + - $_4NK_WEB_STATUS_SCRIPTS_DIR:$_4NK_WEB_STATUS_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $_4NK_WEB_STATUS_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$_4NK_WEB_STATUS_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$_4NK_WEB_STATUS.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + + watchtower: + image: containrrr/watchtower + container_name: watchtower + volumes: + - /var/run/docker.sock:/var/run/docker.sock + command: --interval 30 --label-enable + networks: + - btcnet + restart: unless-stopped + +networks: + btcnet: + name: _4NK_node_btcnet + driver: bridge + ipam: + config: + - subnet: 172.20.0.0/16 diff --git a/templates/dev/projects/lecoffre/lecoffre-back-mini/.gitkeep b/templates/dev/projects/lecoffre/lecoffre-back-mini/.gitkeep new file mode 100644 index 0000000..6a04314 --- /dev/null +++ b/templates/dev/projects/lecoffre/lecoffre-back-mini/.gitkeep @@ -0,0 +1 @@ +./ \ No newline at end of file diff --git a/templates/dev/projects/lecoffre/lecoffre-front/.env b/templates/dev/projects/lecoffre/lecoffre-front/.env new file mode 100644 index 0000000..1c33f18 --- /dev/null +++ b/templates/dev/projects/lecoffre/lecoffre-front/.env @@ -0,0 +1,29 @@ +IDNOT_API_KEY=$IDNOT_API_KEY +IDNOT_CLIENT_ID=$IDNOT_CLIENT_ID +IDNOT_CLIENT_SECRET=$IDNOT_CLIENT_SECRET +IDNOT_ANNUARY_BASE_URL=https://qual-api.notaires.fr/annuaire +IDNOT_REDIRECT_URI=https://lecoffreio._4NKweb.com/authorized-client +IDNOT_TOKEN_URL=https://qual-connexion.idnot.fr/user/IdPOAuth2/token/idnot_idp_v1 +IDNOT_API_BASE_URL=https://qual-api.notaires.fr + +SIGNER_API_KEY=$SIGNER_API_KEY +VITE_JWT_SECRET_KEY=$VITE_JWT_SECRET_KEY + +NEXT_PUBLIC_IDNOT_CLIENT_ID=$NEXT_PUBLIC_IDNOT_CLIENT_ID +NEXT_PUBLIC_4NK_URL=$IHM_CLIENT_URL +NEXT_PUBLIC_FRONT_APP_HOST=$LECOFFRE_FRONT_URL +NEXT_PUBLIC_IDNOT_BASE_URL=https://qual-connexion.idnot.fr +NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT=/IdPOAuth2/authorize/idnot_idp_v1 +NEXT_PUBLIC_BACK_API_PROTOCOL=https +NEXT_PUBLIC_BACK_API_HOST=$LECOFFRE_BACK_HOST +NEXT_PUBLIC_BACK_API_PORT=443 +NEXT_PUBLIC_BACK_API_ROOT_URL=$URL_ROUTE_LECOFFRE_BACK +NEXT_PUBLIC_BACK_API_VERSION=v1 +NEXT_PUBLIC_ANK_BASE_REDIRECT_URI=https://lecoffreio._4NKweb.com/authorized-client +NEXT_PUBLIC_TARGET_ORIGIN=https://$LECOFFRE_BACK_HOST +NEXT_PUBLIC_4NK_IFRAME_URL=$IHM_CLIENT_URL +NEXT_PUBLIC_IDNOT_REDIRECT_URI=https://lecoffreio._4NKweb.com/authorized-client +NEXT_PUBLIC_DOCAPOSTE_API_URL= +NEXT_PUBLIC_API_URL=$LECOFFRE_BACK_URL +NEXT_PUBLIC_DEFAULT_VALIDATOR_ID=$NEXT_PUBLIC_DEFAULT_VALIDATOR_ID +NEXT_PUBLIC_DEFAULT_SDK_STORAGE_URLS=$SDK_STORAGE_URL \ No newline at end of file diff --git a/templates/dev/projects/lecoffre/lecoffre-front/.gitkeep b/templates/dev/projects/lecoffre/lecoffre-front/.gitkeep new file mode 100644 index 0000000..6a04314 --- /dev/null +++ b/templates/dev/projects/lecoffre/lecoffre-front/.gitkeep @@ -0,0 +1 @@ +./ \ No newline at end of file diff --git a/templates/dev/projects/lecoffre/lecoffre_node/.env b/templates/dev/projects/lecoffre/lecoffre_node/.env new file mode 100644 index 0000000..314ea33 --- /dev/null +++ b/templates/dev/projects/lecoffre/lecoffre_node/.env @@ -0,0 +1,151 @@ +# Modifiez ces valeurs selon votre environnement +API_PASS=testpass +ENV_NAME=DEV +DOMAIN=_4NKweb.com +HOST=dev4.$DOMAIN +DOCKER_LOG_LEVEL=info +COMPOSE_LOG_LEVEL=WARNING +NODE_OPTIONS=--max-old-space-size=4096 +NODE_ENV=production +DOCKER_GLOBAL=project/lecoffre/lecoffre_node + +# Répertoires +ROOT_DIR=/home/debian/_4NK_env +$DOCKER_GLOBAL/datas=$ROOT_DIR/$DOCKER_GLOBAL/data +BITCOIN_DATA_DIR=$$DOCKER_GLOBAL/datas/bitcoin +BITCOIN_COOKIE_PATH=$BITCOIN_DATA_DIR/signet/.cookie +SIGNER_DATA_DIR=$$DOCKER_GLOBAL/datas/signer +SDK_RELAY_DATA_DIR=$$DOCKER_GLOBAL/datas/sdk_relay +SDK_STORAGE_DATA_DIR=$$DOCKER_GLOBAL/datas/sdk_storage +SDK_TOR_DATA_DIR=$$DOCKER_GLOBAL/datas/tor +BLINDBIT_DATA_DIR=$$DOCKER_GLOBAL/datas/blindbit-oracle + +$DOCKER_GLOBAL/logs=$ROOT_DIR/$DOCKER_GLOBAL/logs +BITCOIN_LOGS_DIR=$$DOCKER_GLOBAL/logs/bitcoin +BLINDBIT_LOGS_DIR=$$DOCKER_GLOBAL/logs/blindbit-oracle +IHM_CLIENT_LOGS_DIR=$$DOCKER_GLOBAL/logs/ihm_client +LECOFFRE_FRONT_LOGS_DIR=$$DOCKER_GLOBAL/logs/lecoffre-front +LECOFFRE_BACK_LOGS_DIR=$$DOCKER_GLOBAL/logs/lecoffre-back-mini +MINER_LOGS_DIR=$$DOCKER_GLOBAL/logs/miner +NGINX_LOGS_DIR=$$DOCKER_GLOBAL/logs/nginx +SDK_RELAY_LOGS_DIR=$$DOCKER_GLOBAL/logs/sdk_relay +SDK_STORAGE_LOGS_DIR=$$DOCKER_GLOBAL/logs/sdk_storage +TOR_LOGS_DIR=$$DOCKER_GLOBAL/logs/tor + +$DOCKER_GLOBAL/confs=$ROOT_DIR/$DOCKER_GLOBAL/confs +PROMTAIL_CONF_DIR=$$DOCKER_GLOBAL/confs/promtail +GRAFANA_CONF_DIR=$$DOCKER_GLOBAL/confs/grafana +NGINX_CONF_DIR=$$DOCKER_GLOBAL/confs/nginx +BITCOIN_CONF_DIR=$$DOCKER_GLOBAL/confs/bitcoin + +ROOT_DIR_BACKUPS=$ROOT_DIR/$DOCKER_GLOBAL/backups + +LECOFFRE_NODE_SCRIPTS_DIR=$ROOT_DIR/$DOCKER_GLOBAL/scripts + +CERT_PATH=/etc/letsencrypt/live/$HOST + +# Noms internes +TOR_DOCKER_NAME=tor-proxy +BITCOIN_DOCKER_NAME=bitcoin-signet +BLINDBIT_DOCKER_NAME=blindbit-oracle +SDK_STORAGE_DOCKER_NAME=storage +LOKI_DOCKER_NAME=loki + +# Ports des services +TOR_PORT=9050 +BITCOIN_SIGNET_P2P_PORT=38333 +BITCOIN_SIGNET_RPC_PORT=38332 +BITCOIN_ZMQPUBRAWTX_PORT=29001 +BITCOIN_ZMQPBUBHASHBLOCK_PORT=29000 +BLINDBIT_PORT=8000 +SDK_RELAY_PORT=8080 +STORAGE_PORT=8081 +SIGNER_PORT=9090 +LECOFFRE_FRONT_PORT=3000 +GRAFANA_PORT=3001 +LOKI_PORT=3100 +STATUS_PORT=3005 +STATUS_API_PORT=3006 +PROMTAIL_PORT=8090 +IHM_CLIENT_PORT=3003 +CERTIFICATOR_PORT=8082 +REDIS_PORT=6379 + +# Routes +URL_ROUTE_SIGNER=/signer +URL_ROUTE_STORAGE=/storage +URL_ROUTE_IHM_CLIENT=/ +URL_ROUTE_LECOFFRE_FRONT=/lecoffre +URL_ROUTE_LECOFFRE_FRONT_HMR=/lecoffre-hmr +URL_ROUTE_LECOFFRE_BACK=/api +POSTGRESQL_USER=postgres +POSTGRESQL_PASSWORD=password +URL_ROUTE_RELAY=/relay +URL_ROUTE_GRAFAN=/grafana +URL_ROUTE_STATUS=/status +URL_ROUTE_STATUS_API=/status/api +URL_ROUTE_BLINDBIT=/blindbit +URL_ROUTE_NEXT=/_next + +# URLs et domaines +ROOT_HOST=$HOST +ROOT_URL=https://$ROOT_HOST +BOOTSTRAP_HOST=dev3.$DOMAIN +LECOFFRE_BACK_HOST=dev3.$DOMAIN +LECOFFRE_FRONT_URL=https://$ROOT_HOST$URL_ROUTE_LECOFFRE_FRONT +LECOFFRE_BACK_URL=https://$LECOFFRE_BACK_HOST$URL_ROUTE_LECOFFRE_BACK +IHM_CLIENT_URL=$ROOT_URL$URL_ROUTE_IHM_CLIENT +RELAY_URL=wss://$ROOT_HOST$URL_ROUTE_RELAY +RELAY_BOOSTRAP_URL=wss://$BOOTSTRAP_HOST$URL_ROUTE_RELAY +RELAY_URLS=$RELAY_URL,$RELAY_BOOSTRAP_URL +SIGNER_URL=https://dev3.$DOMAIN$URL_ROUTE_SIGNER +STORAGE_URL=$ROOT_URL$URL_ROUTE_STORAGE +LOKI_URL=http://$LOKI_DOCKER_NAME:$LOKI_PORT +BLINDBIT_URL=http://$BLINDBIT_DOCKER_NAME:$BLINDBIT_PORT +BITCOIN_RPC_URL=http://$BITCOIN_DOCKER_NAME:$BITCOIN_SIGNET_RPC_PORT +GRAFANA_URL=$ROOT_URL$URL_ROUTE_GRAFAN +ZMQ_URL=tcp://$BITCOIN_DOCKER_NAME:$BITCOIN_ZMQPBUBHASHBLOCK_PORT + +# Variables +BITCOIN_WALLET_NAME=mining +BITCOIN_CERTIFICATOR_NAME=certificator + +# DB +CERTIFICATOR_POSTGRESQL_CONNECT=$POSTGRESQL_USER:$POSTGRESQL_PASSWORD//certificator:@certificator_db/certificator_db +CERTIFICATOR_REDIS_CONNECT=redis://certificator_redis:$REDIS_PORT + +# Noms des services Docker +SDK_RELAY_DOCKER_NAME=sdk_relay +LECOFFRE_FRONT_DOCKER_NAME=lecoffre-front +IHM_CLIENT_DOCKER_NAME=ihm_client +SDK_STORAGE_DOCKER_NAME=sdk_storage +WATCHTOWER_DOCKER_NAME=watchtower +SIGNET_MINER_DOCKER_NAME=signet_miner +GRAFANA_DOCKER_NAME=grafana +LOKI_DOCKER_NAME=loki +PROMTAIL_DOCKER_NAME=promtail +STATUS_API_DOCKER_NAME=status-api + +# Ports externes exposés +LECOFFRE_FRONT_EXTERNAL_PORT=3004 +IHM_CLIENT_EXTERNAL_PORT=3003 +SDK_STORAGE_EXTERNAL_PORT=8081 +GRAFANA_EXTERNAL_PORT=3005 +LOKI_EXTERNAL_PORT=3100 +STATUS_API_EXTERNAL_PORT=3006 + +# Mots de passe et secrets +GRAFANA_ADMIN_PASSWORD=Fuy8ZfxQI2xdSdoB8wsGxNjyU + +# Chemins de configuration +LECOFFRE_NODE_CONFS_DIR=/home/debian/_4NK_env/confs +LECOFFRE_NODE_LOGS_DIR=/home/debian/_4NK_env/logs + +# Ports supplémentaires +BLINDBIT_EXTERNAL_PORT=8000 +SDK_RELAY_EXTERNAL_PORT_1=8090 +SDK_RELAY_EXTERNAL_PORT_2=8091 + +# Routes manquantes + +# Variables manquantes pour la DB diff --git a/templates/dev/projects/lecoffre/lecoffre_node/.gitkeep b/templates/dev/projects/lecoffre/lecoffre_node/.gitkeep new file mode 100644 index 0000000..6a04314 --- /dev/null +++ b/templates/dev/projects/lecoffre/lecoffre_node/.gitkeep @@ -0,0 +1 @@ +./ \ No newline at end of file diff --git a/templates/dev/projects/lecoffre/lecoffre_node/docker-compose.yml b/templates/dev/projects/lecoffre/lecoffre_node/docker-compose.yml new file mode 100644 index 0000000..df1f1b8 --- /dev/null +++ b/templates/dev/projects/lecoffre/lecoffre_node/docker-compose.yml @@ -0,0 +1,339 @@ +services: + tor-proxy: + image: btcpayserver/tor:0.4.8.10 + container_name: tor-proxy + working_dir: /tor-proxy + volumes: + - /home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/tor-proxy:/var/log/tor + - $LECOFFRE_NODE_SCRIPTS_DIR:/scripts:ro + networks: + btcnet: + aliases: + - tor-proxy + healthcheck: + test: ["CMD", "sh", "$LECOFFRE_NODE_SCRIPTS_DIR/tor-progress.sh"] + interval: 10s + timeout: 5s + retries: 50 + restart: unless-stopped + + bitcoin: + build: ./bitcoin + container_name: bitcoin + working_dir: /bitcoin + depends_on: + tor-proxy: + condition: service_healthy + volumes: + - bitcoin_DATA_DIR:/home/bitcoin/.bitcoin + - bitcoin_CONF_DIR/bitcoin.conf:/etc/bitcoin/bitcoin.conf + - /home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/bitcoin:/var/log/bitcoin + - $LECOFFRE_NODE_SCRIPTS_DIR:/scripts:ro + networks: + btcnet: + aliases: + - bitcoin + user: root + entrypoint: > + /bin/sh -c " + chown -R bitcoin:bitcoin /home/bitcoin/.bitcoin || echo 'warn: chown partiel (fichiers bind-mount Windows)'; + exec su-exec bitcoin bitcoind -conf=/etc/bitcoin/bitcoin.conf -signet" + healthcheck: + test: ["CMD", "sh", "$LECOFFRE_NODE_SCRIPTS_DIR/bitcoin-progress.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped + + $BLINDBIT_DOCKER_NAME: + image: git._4NKweb.com/_4NK/blindbit-oracle:fixed-source + container_name: $BLINDBIT_DOCKER_NAME + working_dir: /$BLINDBIT_DOCKER_NAME + depends_on: + bitcoin: + condition: service_healthy + volumes: + - $BLINDBIT_DATA_DIR:/root/.blindbit-oracle + # - $LECOFFRE_NODE_CONFS_DIR/blindbit-oracle/blindbit.toml:/tmp/blindbit.toml:ro + - bitcoin_DATA_DIR:/home/bitcoin/.bitcoin + - $BLINDBIT_LOGS_DIR:/var/log/blindbit + entrypoint: > + sh -c "mkdir -p /root/.blindbit-oracle && + if [ ! -f /root/.blindbit-oracle/blindbit.toml ]; then + cp /tmp/blindbit.toml /root/.blindbit-oracle/blindbit.toml; + fi && + echo 'Starting BlindBit Oracle with corrected host binding...' && + exec ./main -datadir /root/.blindbit-oracle" + networks: + btcnet: + aliases: + - $BLINDBIT_DOCKER_NAME + ports: + - "0.0.0.0:$BLINDBIT_EXTERNAL_PORT" + healthcheck: + test: ["CMD", "sh", "$LECOFFRE_NODE_SCRIPTS_DIR/blindbit-progress.sh"] + interval: 10s + timeout: 5s + retries: 60 + start_period: 180s + restart: unless-stopped + + sdk_relay: + image: git._4NKweb.com/_4NK/sdk_relay:ext + container_name: sdk_relay + working_dir: /sdk_relay + env_file: + - sdk_relay_CONF_DIR/.env + depends_on: + $BLINDBIT_DOCKER_NAME: + condition: service_healthy + volumes: + - sdk_relay_CONF_DIR/.conf:/SDK_RELAY_DOCKER_NAME/.conf:ro + - sdk_relay_DATA_DIR:/SDK_RELAY_DOCKER_NAME/._4NK + - bitcoin_DATA_DIR:/SDK_RELAY_DOCKER_NAME/.bitcoin + - /home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/sdk_relay:/var/log/sdk_relay + ports: + - "0.0.0.0:8080:8080" + networks: + btcnet: + aliases: + - sdk_relay + logging: + driver: "json-file" + options: + max-size: "10m" + max-file: "3" + healthcheck: + test: ["CMD", "sh", "$LECOFFRE_NODE_SCRIPTS_DIR/sdk-relay-progress.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped + + lecoffre-front: + image: git._4NKweb.com/_4NK/lecoffre-front:ext + container_name: lecoffre-front + working_dir: /lecoffre-front + env_file: + - $LECOFFRE_NODE_CONFS_DIR/.env + ports: + - "0.0.0.0:lecoffre-front_EXTERNAL_PORT:8080" + volumes: + - $LECOFFRE_NODE_LOGS_DIR/lecoffre-front:/var/log/lecoffre-front + networks: + btcnet: + aliases: + - lecoffre-front + depends_on: + ihm_client: + condition: service_healthy + sdk_storage: + condition: service_healthy + user: lecoffreuser + command: ["sh", "-c", "exec npm run start >> /var/log/lecoffre-front/stdout.log 2>&1"] + healthcheck: + test: ["CMD", "sh", "-c", "if ps aux | grep -v grep | grep next-server >/dev/null 2>&1; then echo 'LeCoffre Frontend ready: Next.js server running'; exit 0; else echo 'LeCoffre Frontend starting: Next.js server not yet ready'; exit 1; fi"] + interval: 30s + timeout: 10s + retries: 50 + start_period: 30s + labels: + - "com.centurylinklabs.watchtower.enable=true" + restart: unless-stopped + + ihm_client: + image: git._4NKweb.com/_4NK/ihm_client:ext + container_name: ihm_client + env_file: + - $LECOFFRE_NODE_CONFS_DIR/ihm_client/.env + ports: + - "0.0.0.0:ihm_client_EXTERNAL_PORT:3003" + volumes: + - $LECOFFRE_NODE_LOGS_DIR/ihm_client:/var/log/ihm_client + networks: + btcnet: + aliases: + - ihm_client + depends_on: + sdk_relay: + condition: service_healthy + sdk_storage: + condition: service_healthy + user: root + command: ["sh", "-c", "exec npm start >> /var/log/ihm_client/stdout.log 2>&1"] + healthcheck: + test: ["CMD", "sh", "-c", "if curl -f http://localhost:3003/ >/dev/null 2>&1; then echo 'IHM Client ready: Vite dev server responding'; exit 0; else echo 'IHM Client starting: Vite dev server not yet ready'; exit 1; fi"] + interval: 30s + timeout: 10s + retries: 50 + start_period: 30s + labels: + - "com.centurylinklabs.watchtower.enable=true" + restart: unless-stopped + + sdk_storage: + image: git._4NKweb.com/_4NK/sdk_storage:ext + container_name: sdk_storage + ports: + - "0.0.0.0:sdk_storage_EXTERNAL_PORT:8080" + volumes: + - sdk_storage_data:/app/data + - $LECOFFRE_NODE_LOGS_DIR/sdk_storage:/var/log/sdk_storage + healthcheck: + test: ["CMD", "sh", "-c", "if curl -f http://localhost:8080/health >/dev/null 2>&1; then echo 'SDK Storage ready: API responding'; exit 0; else echo 'SDK Storage starting: API not yet ready'; exit 1; fi"] + interval: 30s + timeout: 10s + retries: 50 + start_period: 30s + networks: + btcnet: + aliases: + - sdk_storage + labels: + - "com.centurylinklabs.watchtower.enable=true" + restart: unless-stopped + + watchtower: + image: containrrr/watchtower + container_name: watchtower + volumes: + - /var/run/docker.sock:/var/run/docker.sock + command: --interval 30 --label-enable + networks: + - btcnet + restart: unless-stopped + + signet_miner: + build: + context: ./miner + container_name: signet_miner + depends_on: + bitcoin: + condition: service_healthy + # env_file: + # - $LECOFFRE_NODE_CONFS_DIR/lecoffre_node/.env + volumes: + - bitcoin_data:/bitcoin:ro + - $LECOFFRE_NODE_LOGS_DIR/miner:/var/log/miner + networks: + btcnet: + aliases: + - signet_miner + profiles: ["miner"] + restart: unless-stopped + + grafana: + image: grafana/grafana:latest + container_name: grafana + ports: + - "0.0.0.0:grafana_EXTERNAL_PORT:3000" + volumes: + - grafana_data:/var/lib/grafana + # - $LECOFFRE_NODE_CONFS_DIR/grafana/provisioning:/etc/grafana/provisioning + # - $LECOFFRE_NODE_CONFS_DIR/grafana/dashboards:/var/lib/grafana/dashboards + # - $LECOFFRE_NODE_CONFS_DIR/grafana/grafana.ini:/etc/grafana/grafana.ini:ro + - $LECOFFRE_NODE_LOGS_DIR:/var/log/lecoffre:ro + environment: + - GF_SECURITY_ADMIN_PASSWORD=Fuy8ZfxQI2xdSdoB8wsGxNjyU + - GF_USERS_ALLOW_SIGN_UP=false + - GF_SERVER_ROOT_URL=http://\grafana:grafana_DOCKER_PORT/ + - GF_PLUGINS_PREINSTALL_SYNC=grafana-clock-panel,grafana-simple-json-datasource + networks: + btcnet: + aliases: + - grafana + depends_on: + loki: + condition: service_healthy + promtail: + condition: service_healthy + healthcheck: + test: ["CMD", "sh", "-c", "if curl -f http://localhost:3000/api/health >/dev/null 2>&1; then echo 'Grafana ready: Dashboard service responding'; exit 0; else echo 'Grafana starting: Dashboard service not yet ready'; exit 1; fi"] + interval: 30s + timeout: 10s + retries: 50 + start_period: 60s + labels: + - "com.centurylinklabs.watchtower.enable=true" + restart: unless-stopped + + loki: + image: grafana/loki:latest + container_name: loki + ports: + - "0.0.0.0:loki_EXTERNAL_PORT:3100" + volumes: + - loki_data:/loki + # - $LECOFFRE_NODE_CONFS_DIR/loki/loki-config.yaml:/etc/loki/loki-config.yaml:ro + command: -config.file=/etc/loki/loki-config.yaml + networks: + btcnet: + aliases: + - loki + healthcheck: + test: ["CMD", "wget", "-q", "--spider", "http://localhost:3100/ready"] + interval: 30s + timeout: 15s + retries: 50 + start_period: 120s + restart: unless-stopped + + promtail: + image: grafana/promtail:latest + container_name: promtail + volumes: + - $LECOFFRE_NODE_LOGS_DIR:$LECOFFRE_NODE_LOGS_DIR:ro + # - $LECOFFRE_NODE_CONFS_DIR/promtail/promtail.yml:/etc/promtail/config.yml:ro + - /var/run/docker.sock:/var/run/docker.sock + command: -config.file=/etc/promtail/config.yml + networks: + btcnet: + aliases: + - promtail + depends_on: + loki: + condition: service_healthy + healthcheck: + test: ["CMD", "sh", "-c", "if [ -f /tmp/positions.yaml ]; then echo 'Promtail ready: Log collection service responding'; exit 0; else echo 'Promtail starting: Log collection service not yet ready'; exit 1; fi"] + interval: 30s + timeout: 10s + retries: 50 + start_period: 30s + restart: unless-stopped + + # Service de statut des services + status-api: + build: + context: ./web/status + dockerfile: Dockerfile.python + container_name: status-api + # env_file: + # - $LECOFFRE_NODE_CONFS_DIR/monitoring/.env + ports: + - "0.0.0.0:$STATUS_API_EXTERNAL_PORT:3006" + volumes: + - ./web/status/api.py:/app/api.py:ro + - /var/run/docker.sock:/var/run/docker.sock:ro + - $LECOFFRE_NODE_LOGS_DIR:/var/log/lecoffre:ro + - $LECOFFRE_NODE_SCRIPTS_DIR:$LECOFFRE_NODE_SCRIPTS_DIR:ro + networks: + btcnet: + aliases: + - status-api + healthcheck: + test: ["CMD", "sh", "-c", "if curl -f http://localhost:3006/api >/dev/null 2>&1; then echo 'Status API ready: Service monitoring API responding'; exit 0; else echo 'Status API starting: Service monitoring API not yet ready'; exit 1; fi"] + interval: 30s + timeout: 10s + retries: 50 + start_period: 30s + labels: + - "com.centurylinklabs.watchtower.enable=true" + restart: unless-stopped + +networks: + btcnet: + name: _4NK_node_btcnet + driver: bridge + ipam: + config: + - subnet: 172.20.0.0/16 diff --git a/templates/dev/projects/lecoffre/lecoffre_node/docker-compose.yml.auto b/templates/dev/projects/lecoffre/lecoffre_node/docker-compose.yml.auto new file mode 100644 index 0000000..0ffbc69 --- /dev/null +++ b/templates/dev/projects/lecoffre/lecoffre_node/docker-compose.yml.auto @@ -0,0 +1,502 @@ + +services: + + + $REDIS_DOCKER_NAME: + image: $REDIS_DOCKER_IMAGE + container_name: $REDIS_DOCKER_NAME + working_dir: /$REDIS_DOCKER_NAME + ports: + - "0.0.0.0:$REDIS_EXTERNAL_PORT" + - "0.0.0.0:$REDIS_PORT" + - "0.0.0.0:$REDIS_PORT2" + - "0.0.0.0:$REDIS_PORT3" + volumes: + - $REDIS_CONFS_DIR:$REDIS_DOCKER_CONFS_DIR + - $REDIS_LOGS_DIR:$REDIS_DOCKER_LOGS_DIR + - $REDIS_RUNS_DIR:$REDIS_DOCKER_RUNS_DIR + - $REDIS_DATAS_DIR:$REDIS_DOCKER_DATAS_DIR + - $REDIS_BACKUPS_DIR:$REDIS_DOCKER_BACKUPS_DIR + - $REDIS_SCRIPTS_DIR:$REDIS_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $REDIS_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$REDIS_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$REDIS.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $POSTGRESQL_DOCKER_NAME: + image: $POSTGRESQL_DOCKER_IMAGE + container_name: $POSTGRESQL_DOCKER_NAME + working_dir: /$POSTGRESQL_DOCKER_NAME + ports: + - "0.0.0.0:$POSTGRESQL_EXTERNAL_PORT" + - "0.0.0.0:$POSTGRESQL_PORT" + - "0.0.0.0:$POSTGRESQL_PORT2" + - "0.0.0.0:$POSTGRESQL_PORT3" + volumes: + - $POSTGRESQL_CONFS_DIR:$POSTGRESQL_DOCKER_CONFS_DIR + - $POSTGRESQL_LOGS_DIR:$POSTGRESQL_DOCKER_LOGS_DIR + - $POSTGRESQL_RUNS_DIR:$POSTGRESQL_DOCKER_RUNS_DIR + - $POSTGRESQL_DATAS_DIR:$POSTGRESQL_DOCKER_DATAS_DIR + - $POSTGRESQL_BACKUPS_DIR:$POSTGRESQL_DOCKER_BACKUPS_DIR + - $POSTGRESQL_SCRIPTS_DIR:$POSTGRESQL_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $POSTGRESQL_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$POSTGRESQL_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$POSTGRESQL.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $LOKI_DOCKER_NAME: + image: $LOKI_DOCKER_IMAGE + container_name: $LOKI_DOCKER_NAME + working_dir: /$LOKI_DOCKER_NAME + ports: + - "0.0.0.0:$LOKI_EXTERNAL_PORT" + - "0.0.0.0:$LOKI_PORT" + - "0.0.0.0:$LOKI_PORT2" + - "0.0.0.0:$LOKI_PORT3" + volumes: + - $LOKI_CONFS_DIR:$LOKI_DOCKER_CONFS_DIR + - $LOKI_LOGS_DIR:$LOKI_DOCKER_LOGS_DIR + - $LOKI_RUNS_DIR:$LOKI_DOCKER_RUNS_DIR + - $LOKI_DATAS_DIR:$LOKI_DOCKER_DATAS_DIR + - $LOKI_BACKUPS_DIR:$LOKI_DOCKER_BACKUPS_DIR + - $LOKI_SCRIPTS_DIR:$LOKI_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $LOKI_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$LOKI_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$LOKI.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $PROMTAIL_DOCKER_NAME: + image: $PROMTAIL_DOCKER_IMAGE + container_name: $PROMTAIL_DOCKER_NAME + working_dir: /$PROMTAIL_DOCKER_NAME + ports: + - "0.0.0.0:$PROMTAIL_EXTERNAL_PORT" + - "0.0.0.0:$PROMTAIL_PORT" + - "0.0.0.0:$PROMTAIL_PORT2" + - "0.0.0.0:$PROMTAIL_PORT3" + volumes: + - $PROMTAIL_CONFS_DIR:$PROMTAIL_DOCKER_CONFS_DIR + - $PROMTAIL_LOGS_DIR:$PROMTAIL_DOCKER_LOGS_DIR + - $PROMTAIL_RUNS_DIR:$PROMTAIL_DOCKER_RUNS_DIR + - $PROMTAIL_DATAS_DIR:$PROMTAIL_DOCKER_DATAS_DIR + - $PROMTAIL_BACKUPS_DIR:$PROMTAIL_DOCKER_BACKUPS_DIR + - $PROMTAIL_SCRIPTS_DIR:$PROMTAIL_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $PROMTAIL_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$PROMTAIL_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$PROMTAIL.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $GRAFANA_DOCKER_NAME: + image: $GRAFANA_DOCKER_IMAGE + container_name: $GRAFANA_DOCKER_NAME + working_dir: /$GRAFANA_DOCKER_NAME + ports: + - "0.0.0.0:$GRAFANA_EXTERNAL_PORT" + - "0.0.0.0:$GRAFANA_PORT" + - "0.0.0.0:$GRAFANA_PORT2" + - "0.0.0.0:$GRAFANA_PORT3" + volumes: + - $GRAFANA_CONFS_DIR:$GRAFANA_DOCKER_CONFS_DIR + - $GRAFANA_LOGS_DIR:$GRAFANA_DOCKER_LOGS_DIR + - $GRAFANA_RUNS_DIR:$GRAFANA_DOCKER_RUNS_DIR + - $GRAFANA_DATAS_DIR:$GRAFANA_DOCKER_DATAS_DIR + - $GRAFANA_BACKUPS_DIR:$GRAFANA_DOCKER_BACKUPS_DIR + - $GRAFANA_SCRIPTS_DIR:$GRAFANA_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $GRAFANA_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$GRAFANA_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$GRAFANA.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $_4NK_VAULT_DOCKER_NAME: + image: $_4NK_VAULT_DOCKER_IMAGE + container_name: $_4NK_VAULT_DOCKER_NAME + working_dir: /$_4NK_VAULT_DOCKER_NAME + ports: + - "0.0.0.0:$_4NK_VAULT_EXTERNAL_PORT" + - "0.0.0.0:$_4NK_VAULT_PORT" + - "0.0.0.0:$_4NK_VAULT_PORT2" + - "0.0.0.0:$_4NK_VAULT_PORT3" + volumes: + - $_4NK_VAULT_CONFS_DIR:$_4NK_VAULT_DOCKER_CONFS_DIR + - $_4NK_VAULT_LOGS_DIR:$_4NK_VAULT_DOCKER_LOGS_DIR + - $_4NK_VAULT_RUNS_DIR:$_4NK_VAULT_DOCKER_RUNS_DIR + - $_4NK_VAULT_DATAS_DIR:$_4NK_VAULT_DOCKER_DATAS_DIR + - $_4NK_VAULT_BACKUPS_DIR:$_4NK_VAULT_DOCKER_BACKUPS_DIR + - $_4NK_VAULT_SCRIPTS_DIR:$_4NK_VAULT_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $_4NK_VAULT_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$_4NK_VAULT_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$_4NK_VAULT.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $TOR_DOCKER_NAME: + image: $TOR_DOCKER_IMAGE + container_name: $TOR_DOCKER_NAME + working_dir: /$TOR_DOCKER_NAME + ports: + - "0.0.0.0:$TOR_EXTERNAL_PORT" + - "0.0.0.0:$TOR_PORT" + - "0.0.0.0:$TOR_PORT2" + - "0.0.0.0:$TOR_PORT3" + volumes: + - $TOR_CONFS_DIR:$TOR_DOCKER_CONFS_DIR + - $TOR_LOGS_DIR:$TOR_DOCKER_LOGS_DIR + - $TOR_RUNS_DIR:$TOR_DOCKER_RUNS_DIR + - $TOR_DATAS_DIR:$TOR_DOCKER_DATAS_DIR + - $TOR_BACKUPS_DIR:$TOR_DOCKER_BACKUPS_DIR + - $TOR_SCRIPTS_DIR:$TOR_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $TOR_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$TOR_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$TOR.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $BITCOIN_DOCKER_NAME: + image: $BITCOIN_DOCKER_IMAGE + container_name: $BITCOIN_DOCKER_NAME + working_dir: /$BITCOIN_DOCKER_NAME + ports: + - "0.0.0.0:$BITCOIN_EXTERNAL_PORT" + - "0.0.0.0:$BITCOIN_PORT" + - "0.0.0.0:$BITCOIN_PORT2" + - "0.0.0.0:$BITCOIN_PORT3" + volumes: + - $BITCOIN_CONFS_DIR:$BITCOIN_DOCKER_CONFS_DIR + - $BITCOIN_LOGS_DIR:$BITCOIN_DOCKER_LOGS_DIR + - $BITCOIN_RUNS_DIR:$BITCOIN_DOCKER_RUNS_DIR + - $BITCOIN_DATAS_DIR:$BITCOIN_DOCKER_DATAS_DIR + - $BITCOIN_BACKUPS_DIR:$BITCOIN_DOCKER_BACKUPS_DIR + - $BITCOIN_SCRIPTS_DIR:$BITCOIN_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $BITCOIN_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$BITCOIN_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$BITCOIN.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $BLINDBIT_ORACLE_DOCKER_NAME: + image: $BLINDBIT_ORACLE_DOCKER_IMAGE + container_name: $BLINDBIT_ORACLE_DOCKER_NAME + working_dir: /$BLINDBIT_ORACLE_DOCKER_NAME + ports: + - "0.0.0.0:$BLINDBIT_ORACLE_EXTERNAL_PORT" + - "0.0.0.0:$BLINDBIT_ORACLE_PORT" + - "0.0.0.0:$BLINDBIT_ORACLE_PORT2" + - "0.0.0.0:$BLINDBIT_ORACLE_PORT3" + volumes: + - $BLINDBIT_ORACLE_CONFS_DIR:$BLINDBIT_ORACLE_DOCKER_CONFS_DIR + - $BLINDBIT_ORACLE_LOGS_DIR:$BLINDBIT_ORACLE_DOCKER_LOGS_DIR + - $BLINDBIT_ORACLE_RUNS_DIR:$BLINDBIT_ORACLE_DOCKER_RUNS_DIR + - $BLINDBIT_ORACLE_DATAS_DIR:$BLINDBIT_ORACLE_DOCKER_DATAS_DIR + - $BLINDBIT_ORACLE_BACKUPS_DIR:$BLINDBIT_ORACLE_DOCKER_BACKUPS_DIR + - $BLINDBIT_ORACLE_SCRIPTS_DIR:$BLINDBIT_ORACLE_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $BLINDBIT_ORACLE_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$BLINDBIT_ORACLE_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$BLINDBIT_ORACLE.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $SDK_RELAY_DOCKER_NAME: + image: $SDK_RELAY_DOCKER_IMAGE + container_name: $SDK_RELAY_DOCKER_NAME + working_dir: /$SDK_RELAY_DOCKER_NAME + ports: + - "0.0.0.0:$SDK_RELAY_EXTERNAL_PORT" + - "0.0.0.0:$SDK_RELAY_PORT" + - "0.0.0.0:$SDK_RELAY_PORT2" + - "0.0.0.0:$SDK_RELAY_PORT3" + volumes: + - $SDK_RELAY_CONFS_DIR:$SDK_RELAY_DOCKER_CONFS_DIR + - $SDK_RELAY_LOGS_DIR:$SDK_RELAY_DOCKER_LOGS_DIR + - $SDK_RELAY_RUNS_DIR:$SDK_RELAY_DOCKER_RUNS_DIR + - $SDK_RELAY_DATAS_DIR:$SDK_RELAY_DOCKER_DATAS_DIR + - $SDK_RELAY_BACKUPS_DIR:$SDK_RELAY_DOCKER_BACKUPS_DIR + - $SDK_RELAY_SCRIPTS_DIR:$SDK_RELAY_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $SDK_RELAY_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$SDK_RELAY_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$SDK_RELAY.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $SDK_STORAGE_DOCKER_NAME: + image: $SDK_STORAGE_DOCKER_IMAGE + container_name: $SDK_STORAGE_DOCKER_NAME + working_dir: /$SDK_STORAGE_DOCKER_NAME + ports: + - "0.0.0.0:$SDK_STORAGE_EXTERNAL_PORT" + - "0.0.0.0:$SDK_STORAGE_PORT" + - "0.0.0.0:$SDK_STORAGE_PORT2" + - "0.0.0.0:$SDK_STORAGE_PORT3" + volumes: + - $SDK_STORAGE_CONFS_DIR:$SDK_STORAGE_DOCKER_CONFS_DIR + - $SDK_STORAGE_LOGS_DIR:$SDK_STORAGE_DOCKER_LOGS_DIR + - $SDK_STORAGE_RUNS_DIR:$SDK_STORAGE_DOCKER_RUNS_DIR + - $SDK_STORAGE_DATAS_DIR:$SDK_STORAGE_DOCKER_DATAS_DIR + - $SDK_STORAGE_BACKUPS_DIR:$SDK_STORAGE_DOCKER_BACKUPS_DIR + - $SDK_STORAGE_SCRIPTS_DIR:$SDK_STORAGE_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $SDK_STORAGE_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$SDK_STORAGE_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$SDK_STORAGE.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $IHM_CLIENT_DOCKER_NAME: + image: $IHM_CLIENT_DOCKER_IMAGE + container_name: $IHM_CLIENT_DOCKER_NAME + working_dir: /$IHM_CLIENT_DOCKER_NAME + ports: + - "0.0.0.0:$IHM_CLIENT_EXTERNAL_PORT" + - "0.0.0.0:$IHM_CLIENT_PORT" + - "0.0.0.0:$IHM_CLIENT_PORT2" + - "0.0.0.0:$IHM_CLIENT_PORT3" + volumes: + - $IHM_CLIENT_CONFS_DIR:$IHM_CLIENT_DOCKER_CONFS_DIR + - $IHM_CLIENT_LOGS_DIR:$IHM_CLIENT_DOCKER_LOGS_DIR + - $IHM_CLIENT_RUNS_DIR:$IHM_CLIENT_DOCKER_RUNS_DIR + - $IHM_CLIENT_DATAS_DIR:$IHM_CLIENT_DOCKER_DATAS_DIR + - $IHM_CLIENT_BACKUPS_DIR:$IHM_CLIENT_DOCKER_BACKUPS_DIR + - $IHM_CLIENT_SCRIPTS_DIR:$IHM_CLIENT_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $IHM_CLIENT_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$IHM_CLIENT_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$IHM_CLIENT.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $_4NK_CERTIFICATOR_DOCKER_NAME: + image: $_4NK_CERTIFICATOR_DOCKER_IMAGE + container_name: $_4NK_CERTIFICATOR_DOCKER_NAME + working_dir: /$_4NK_CERTIFICATOR_DOCKER_NAME + ports: + - "0.0.0.0:$_4NK_CERTIFICATOR_EXTERNAL_PORT" + - "0.0.0.0:$_4NK_CERTIFICATOR_PORT" + - "0.0.0.0:$_4NK_CERTIFICATOR_PORT2" + - "0.0.0.0:$_4NK_CERTIFICATOR_PORT3" + volumes: + - $_4NK_CERTIFICATOR_CONFS_DIR:$_4NK_CERTIFICATOR_DOCKER_CONFS_DIR + - $_4NK_CERTIFICATOR_LOGS_DIR:$_4NK_CERTIFICATOR_DOCKER_LOGS_DIR + - $_4NK_CERTIFICATOR_RUNS_DIR:$_4NK_CERTIFICATOR_DOCKER_RUNS_DIR + - $_4NK_CERTIFICATOR_DATAS_DIR:$_4NK_CERTIFICATOR_DOCKER_DATAS_DIR + - $_4NK_CERTIFICATOR_BACKUPS_DIR:$_4NK_CERTIFICATOR_DOCKER_BACKUPS_DIR + - $_4NK_CERTIFICATOR_SCRIPTS_DIR:$_4NK_CERTIFICATOR_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $_4NK_CERTIFICATOR_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$_4NK_CERTIFICATOR_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$_4NK_CERTIFICATOR.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $_4NK_MINER_DOCKER_NAME: + image: $_4NK_MINER_DOCKER_IMAGE + container_name: $_4NK_MINER_DOCKER_NAME + working_dir: /$_4NK_MINER_DOCKER_NAME + ports: + - "0.0.0.0:$_4NK_MINER_EXTERNAL_PORT" + - "0.0.0.0:$_4NK_MINER_PORT" + - "0.0.0.0:$_4NK_MINER_PORT2" + - "0.0.0.0:$_4NK_MINER_PORT3" + volumes: + - $_4NK_MINER_CONFS_DIR:$_4NK_MINER_DOCKER_CONFS_DIR + - $_4NK_MINER_LOGS_DIR:$_4NK_MINER_DOCKER_LOGS_DIR + - $_4NK_MINER_RUNS_DIR:$_4NK_MINER_DOCKER_RUNS_DIR + - $_4NK_MINER_DATAS_DIR:$_4NK_MINER_DOCKER_DATAS_DIR + - $_4NK_MINER_BACKUPS_DIR:$_4NK_MINER_DOCKER_BACKUPS_DIR + - $_4NK_MINER_SCRIPTS_DIR:$_4NK_MINER_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $_4NK_MINER_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$_4NK_MINER_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$_4NK_MINER.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $LECOFFRE_FRONT_DOCKER_NAME: + image: $LECOFFRE_FRONT_DOCKER_IMAGE + container_name: $LECOFFRE_FRONT_DOCKER_NAME + working_dir: /$LECOFFRE_FRONT_DOCKER_NAME + ports: + - "0.0.0.0:$LECOFFRE_FRONT_EXTERNAL_PORT" + - "0.0.0.0:$LECOFFRE_FRONT_PORT" + - "0.0.0.0:$LECOFFRE_FRONT_PORT2" + - "0.0.0.0:$LECOFFRE_FRONT_PORT3" + volumes: + - $LECOFFRE_FRONT_CONFS_DIR:$LECOFFRE_FRONT_DOCKER_CONFS_DIR + - $LECOFFRE_FRONT_LOGS_DIR:$LECOFFRE_FRONT_DOCKER_LOGS_DIR + - $LECOFFRE_FRONT_RUNS_DIR:$LECOFFRE_FRONT_DOCKER_RUNS_DIR + - $LECOFFRE_FRONT_DATAS_DIR:$LECOFFRE_FRONT_DOCKER_DATAS_DIR + - $LECOFFRE_FRONT_BACKUPS_DIR:$LECOFFRE_FRONT_DOCKER_BACKUPS_DIR + - $LECOFFRE_FRONT_SCRIPTS_DIR:$LECOFFRE_FRONT_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $LECOFFRE_FRONT_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$LECOFFRE_FRONT_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$LECOFFRE_FRONT.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + $_4NK_WEB_STATUS_DOCKER_NAME: + image: $_4NK_WEB_STATUS_DOCKER_IMAGE + container_name: $_4NK_WEB_STATUS_DOCKER_NAME + working_dir: /$_4NK_WEB_STATUS_DOCKER_NAME + ports: + - "0.0.0.0:$_4NK_WEB_STATUS_EXTERNAL_PORT" + - "0.0.0.0:$_4NK_WEB_STATUS_PORT" + - "0.0.0.0:$_4NK_WEB_STATUS_PORT2" + - "0.0.0.0:$_4NK_WEB_STATUS_PORT3" + volumes: + - $_4NK_WEB_STATUS_CONFS_DIR:$_4NK_WEB_STATUS_DOCKER_CONFS_DIR + - $_4NK_WEB_STATUS_LOGS_DIR:$_4NK_WEB_STATUS_DOCKER_LOGS_DIR + - $_4NK_WEB_STATUS_RUNS_DIR:$_4NK_WEB_STATUS_DOCKER_RUNS_DIR + - $_4NK_WEB_STATUS_DATAS_DIR:$_4NK_WEB_STATUS_DOCKER_DATAS_DIR + - $_4NK_WEB_STATUS_BACKUPS_DIR:$_4NK_WEB_STATUS_DOCKER_BACKUPS_DIR + - $_4NK_WEB_STATUS_SCRIPTS_DIR:$_4NK_WEB_STATUS_DOCKER_SCRIPTS_DIR + networks: + btcnet: + aliases: + - $_4NK_WEB_STATUS_DOCKER_NAME + user: root + entrypoint: \> + /bin/sh -c "$_4NK_WEB_STATUS_DOCKER_WORKING_DIR_CREATE" + healthcheck: + test: ["CMD", "sh", "$LECONFFRE-FRONT_CONFS_DIR/healthcheck_$_4NK_WEB_STATUS.sh"] + interval: 30s + timeout: 10s + retries: 50 + restart: unless-stopped" + + + watchtower: + image: containrrr/watchtower + container_name: watchtower + volumes: + - /var/run/docker.sock:/var/run/docker.sock + command: --interval 30 --label-enable + networks: + - btcnet + restart: unless-stopped + +networks: + btcnet: + name: _4NK_node_btcnet + driver: bridge + ipam: + config: + - subnet: 172.20.0.0/16 diff --git a/templates/dev/replace_variables_and_copy.sh b/templates/dev/replace_variables_and_copy.sh new file mode 100755 index 0000000..c658b98 --- /dev/null +++ b/templates/dev/replace_variables_and_copy.sh @@ -0,0 +1,327 @@ +#!/bin/bash + +# Script de remplacement de variables et copie vers storage/ +# Remplace les variables d'environnement dans les fichiers générés et les copie vers storage/ + +set -euo pipefail + +# Couleurs pour les messages +RED='\033[0;31m' +GREEN='\033[0;32m' +YELLOW='\033[1;33m' +BLUE='\033[0;34m' +PURPLE='\033[0;35m' +CYAN='\033[0;36m' +NC='\033[0m' # No Color + +# Fonctions d'affichage +print_error() { echo -e "${RED}❌ ERREUR${NC}: $1"; } +print_success() { echo -e "${GREEN}✅ SUCCÈS${NC}: $1"; } +print_info() { echo -e "${BLUE}ℹ️ INFO${NC}: $1"; } +print_warning() { echo -e "${YELLOW}⚠️ ATTENTION${NC}: $1"; } +print_step() { echo -e "${CYAN}🔄 $1${NC}"; } + +# Variables globales +TEMPLATES_DIR="$(pwd)" +STORAGE_DIR="../../storage/dev" +FILES_PROCESSED=0 +FILES_COPIED=0 + +# Fonction pour charger toutes les variables d'environnement +load_all_env_vars() { + print_step "Chargement des variables d'environnement" + + local env_files=(".env.secrets" ".env") + local total_vars=0 + + for env_file in "${env_files[@]}"; do + if [ -f "$env_file" ]; then + print_info "Chargement de $env_file..." + + # Désactiver temporairement l'option 'set -u' pour éviter les erreurs sur les variables non définies + set +u + # Compter les variables avant le chargement + local vars_before=$(env | wc -l) + # shellcheck source=/dev/null + source "$env_file" 2>/dev/null || { + print_warning "Erreur lors du chargement de $env_file, tentative de chargement ligne par ligne" + + # Chargement ligne par ligne en ignorant les erreurs + while IFS='=' read -r key value || [ -n "$key" ]; do + # Ignorer les commentaires et lignes vides + if [[ ! "$key" =~ ^[[:space:]]*# ]] && [[ -n "$key" ]]; then + # Nettoyer la clé et la valeur + key=$(echo "$key" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//') + value=$(echo "$value" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//') + + # Ignorer les tableaux bash (lignes avec des parenthèses) + if [[ ! "$key" =~ \($ ]] && [[ -n "$key" ]]; then + export "$key"="$value" 2>/dev/null || true + total_vars=$((total_vars + 1)) + fi + fi + done < "$env_file" + } + # Compter les variables après le chargement + local vars_after=$(env | wc -l) + local vars_added=$((vars_after - vars_before)) + total_vars=$((total_vars + vars_added)) + print_info "Variables ajoutées depuis $env_file: $vars_added" + + # Exporter toutes les variables définies dans ce fichier + if [ -f "$env_file" ]; then + while IFS='=' read -r key value || [ -n "$key" ]; do + # Ignorer les commentaires et lignes vides + if [[ ! "$key" =~ ^[[:space:]]*# ]] && [[ -n "$key" ]]; then + # Nettoyer la clé et la valeur + key=$(echo "$key" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//') + value=$(echo "$value" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//') + + # Ignorer les tableaux bash (lignes avec des parenthèses) + if [[ ! "$key" =~ \($ ]] && [[ -n "$key" ]]; then + export "$key"="$value" 2>/dev/null || true + fi + fi + done < "$env_file" + fi + + # Réactiver l'option 'set -u' + set -u + else + print_warning "Fichier $env_file non trouvé, ignoré" + fi + done + + # Traiter .env.auto pour charger les variables générées + if [ -f ".env.auto" ]; then + print_info "Traitement de .env.auto pour charger les variables générées..." + local temp_env=$(mktemp) + envsubst < .env.auto > "$temp_env" + source "$temp_env" 2>/dev/null || { + print_warning "Erreur lors du chargement de .env.auto traité" + } + rm -f "$temp_env" + fi + + # Traiter .env.post pour charger les variables finales + if [ -f ".env.post" ]; then + print_info "Traitement de .env.post pour charger les variables finales..." + local temp_env=$(mktemp) + envsubst < .env.post > "$temp_env" + source "$temp_env" 2>/dev/null || { + print_warning "Erreur lors du chargement de .env.post traité" + } + rm -f "$temp_env" + fi + + print_success "$total_vars variables d'environnement chargées" +} + +# Fonction pour remplacer les variables dans un fichier +replace_variables_in_file() { + local input_file="$1" + local output_file="$2" + + if [ ! -f "$input_file" ]; then + print_warning "Fichier source $input_file non trouvé, ignoré" + return 1 + fi + + print_info "Traitement de $input_file -> $output_file" + + # Créer le répertoire de destination si nécessaire + mkdir -p "$(dirname "$output_file")" + + # Copier le fichier et remplacer les variables + cp "$input_file" "$output_file" + + # Remplacer toutes les variables $VARIABLE par leurs valeurs + # Utiliser envsubst pour le remplacement sécurisé avec résolution multi-passes + if command -v envsubst >/dev/null 2>&1; then + # Faire plusieurs passes pour résoudre les variables imbriquées + local temp_file1=$(mktemp) + local temp_file2=$(mktemp) + + # Première passe + envsubst < "$input_file" > "$temp_file1" + + # Faire jusqu'à 5 passes pour résoudre les variables imbriquées + for i in {1..5}; do + # Vérifier s'il y a encore des variables non résolues + if grep -q '\$[A-Za-z_][A-Za-z0-9_]*' "$temp_file1"; then + # Passer par envsubst + envsubst < "$temp_file1" > "$temp_file2" + # Échanger les fichiers + mv "$temp_file2" "$temp_file1" + else + break + fi + done + + # Copier le résultat final + cp "$temp_file1" "$output_file" + + # Nettoyer les fichiers temporaires + rm -f "$temp_file1" "$temp_file2" + else + print_warning "envsubst non disponible, utilisation de sed pour le remplacement basique" + + # Méthode de remplacement basique avec sed + local temp_file=$(mktemp) + cp "$input_file" "$temp_file" + + # Remplacer les variables une par une + while IFS='=' read -r key value || [ -n "$key" ]; do + if [[ ! "$key" =~ ^[[:space:]]*# ]] && [[ -n "$key" ]]; then + key=$(echo "$key" | sed 's/^[[:space:]]*//;s/[[:space:]]*$//') + if [[ -n "$key" ]]; then + # Échapper les caractères spéciaux dans la valeur + escaped_value=$(echo "$value" | sed 's/[[\.*^$()+?{|]/\\&/g') + # Remplacer \$KEY par la valeur + sed -i "s|\\\$${key}|${escaped_value}|g" "$temp_file" + fi + fi + done < <(env | grep -v '^_') + + mv "$temp_file" "$output_file" + fi + + FILES_PROCESSED=$((FILES_PROCESSED + 1)) + print_success "Variables remplacées dans $input_file" +} + +# Fonction pour copier un fichier vers storage/ +copy_file_to_storage() { + local source_file="$1" + local relative_path="$2" + local dest_file="$STORAGE_DIR/$relative_path" + + if [ ! -f "$source_file" ]; then + print_warning "Fichier source $source_file non trouvé, ignoré" + return 1 + fi + + print_info "Copie de $source_file vers $dest_file" + + # Créer le répertoire de destination si nécessaire + mkdir -p "$(dirname "$dest_file")" + + # Copier le fichier + cp "$source_file" "$dest_file" + + FILES_COPIED=$((FILES_COPIED + 1)) + print_success "Fichier copié: $relative_path" +} + +# Fonction pour traiter un fichier (remplacer variables + copier) +process_and_copy_file() { + local source_file="$1" + local relative_path="$2" + + # Créer un fichier temporaire avec les variables remplacées + local temp_file=$(mktemp) + + # Remplacer les variables dans le fichier source + if replace_variables_in_file "$source_file" "$temp_file"; then + # Copier le fichier traité vers storage/ + copy_file_to_storage "$temp_file" "$relative_path" + fi + + # Nettoyer le fichier temporaire + rm -f "$temp_file" +} + +# Fonction pour traiter un répertoire récursivement +process_directory() { + local source_dir="$1" + local relative_base="$2" + + if [ ! -d "$source_dir" ]; then + print_warning "Répertoire source $source_dir non trouvé, ignoré" + return 1 + fi + + print_step "Traitement du répertoire $source_dir" + + # Traiter tous les fichiers dans le répertoire + find "$source_dir" -type f \( -name "*.yml" -o -name "*.yaml" -o -name "*.json" -o -name "*.conf" -o -name "*.auto" -o -name ".env.auto" \) | while read -r file; do + # Calculer le chemin relatif + local relative_path="${file#$source_dir/}" + local full_relative_path="$relative_base/$relative_path" + + # Traiter le fichier + process_and_copy_file "$file" "$full_relative_path" + done +} + +# Fonction principale +main() { + echo -e "${BLUE}🚀 REMPLACEMENT DE VARIABLES ET COPIE VERS STORAGE${NC}" + echo -e "${BLUE}==================================================${NC}" + + # Vérifier que nous sommes dans le bon répertoire + if [ ! -f "generate_variables.sh" ]; then + print_error "Script generate_variables.sh non trouvé. Assurez-vous d'être dans templates/dev/" + exit 1 + fi + + # Charger toutes les variables d'environnement + load_all_env_vars + + # Vérifier que le répertoire storage existe + if [ ! -d "$STORAGE_DIR" ]; then + print_error "Répertoire storage non trouvé: $STORAGE_DIR" + exit 1 + fi + + print_step "Début du traitement des fichiers" + + # Traiter les fichiers individuels + print_step "Traitement des fichiers individuels" + + # Variables d'environnement + [ -f ".env.auto" ] && process_and_copy_file ".env.auto" ".env.auto" + + # Docker Compose + [ -f "docker-compose.yml.auto" ] && process_and_copy_file "docker-compose.yml.auto" "docker-compose.yml.auto" + + # Traiter les répertoires + print_step "Traitement des répertoires" + + # Modules 4NK (avec underscore) + [ -d "_4NK_modules" ] && process_directory "_4NK_modules" "_4NK_modules" + + # Modules 4NK (sans underscore) + [ -d "4NK_modules" ] && process_directory "4NK_modules" "4NK_modules" + + # Configurations logrotate + [ -d "logrotade" ] && process_directory "logrotade" "logrotade" + + # Configurations nginx + [ -d "nginx" ] && process_directory "nginx" "nginx" + + # Afficher le résumé + echo -e "\n${PURPLE}📊 RÉSUMÉ DU TRAITEMENT${NC}" + echo -e "${PURPLE}========================${NC}" + echo -e "Fichiers traités: ${GREEN}$FILES_PROCESSED${NC}" + echo -e "Fichiers copiés: ${GREEN}$FILES_COPIED${NC}" + echo -e "Répertoire source: ${CYAN}$TEMPLATES_DIR${NC}" + echo -e "Répertoire destination: ${CYAN}$STORAGE_DIR${NC}" + + if [ $FILES_COPIED -gt 0 ]; then + print_success "Traitement terminé avec succès !" + echo -e "\n${CYAN}🚀 Prochaines étapes:${NC}" + echo -e " 1. Vérifiez les fichiers dans $STORAGE_DIR" + echo -e " 2. Testez les configurations générées" + echo -e " 3. Déployez si nécessaire" + else + print_warning "Aucun fichier n'a été traité" + echo -e "\n${YELLOW}🔧 Vérifications recommandées:${NC}" + echo -e " 1. Vérifiez que les scripts de génération ont été exécutés" + echo -e " 2. Vérifiez que les fichiers sources existent dans templates/dev/" + echo -e " 3. Vérifiez les variables d'environnement" + fi +} + +# Exécuter le script principal +main "$@" diff --git a/templates/dev/supervisor/.gitkeep b/templates/dev/supervisor/.gitkeep new file mode 100644 index 0000000..6a04314 --- /dev/null +++ b/templates/dev/supervisor/.gitkeep @@ -0,0 +1 @@ +./ \ No newline at end of file diff --git a/templates/dev/supervisor/supervisord.conf b/templates/dev/supervisor/supervisord.conf new file mode 100644 index 0000000..08fdd4d --- /dev/null +++ b/templates/dev/supervisor/supervisord.conf @@ -0,0 +1,50 @@ +[supervisord] +nodaemon=true +user=root +logfile=/home/debian/_4NK_env_LOGS/supervisor/supervisord.log +pidfile=/home/debian/_4NK_env_RUN/supervisord.pid +childlogdir=/home/debian/_4NK_env_LOGS/supervisor + +[unix_http_server] +file=/home/debian/_4NK_env_RUN/supervisor.sock +chmod=0700 + +[supervisorctl] +serverurl=unix:///home/debian/_4NK_env_RUN/supervisor.sock + +[rpcinterface:supervisor] +supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface + +[program:nginx] +command=/usr/sbin/nginx -g "daemon off;" +autostart=true +autorestart=true +stderr_logfile=/home/debian/_4NK_env_LOGS/supervisor/nginx.err.log +stdout_logfile=/home/debian/_4NK_env_LOGS/supervisor/nginx.out.log +user=root + +[program:docker-compose] +command=/app/scripts/startup.sh +directory=/app +autostart=true +autorestart=true +stderr_logfile=/home/debian/_4NK_env_LOGS/supervisor/docker-compose.err.log +stdout_logfile=/home/debian/_4NK_env_LOGS/supervisor/docker-compose.out.log +user=appuser +environment=HOME="/app" + +[program:cron] +command=/usr/sbin/cron -f +autostart=true +autorestart=true +stderr_logfile=/home/debian/_4NK_env_LOGS/supervisor/cron.err.log +stdout_logfile=/home/debian/_4NK_env_LOGS/supervisor/cron.out.log +user=root + +[program:logrotate] +command=/usr/sbin/logrotate /home/debian/_4NK_env_CONFS/logrotate/lecoffre +autostart=true +autorestart=false +startsecs=0 +exitcodes=0 +user=root