From d02a183abb7915c1e3776ee7c2010041fc3700a6 Mon Sep 17 00:00:00 2001 From: 4NK Dev Date: Sun, 5 Oct 2025 22:29:17 +0000 Subject: [PATCH] fix: nginx maintenant dans _4NK_modules/nginx/ comme module 4NK MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Correction complète du script generate_nginx_configs.sh - Tous les fichiers nginx sont maintenant générés dans _4NK_modules/nginx/ - Désactivation du traitement du répertoire nginx/ dans replace_variables_and_copy.sh - Mise à jour des messages d'affichage dans generate.sh - Cohérence avec la structure des modules 4NK - Nginx traité comme un module 4NK standard dans _4NK_modules/ --- storage/dev/nginx/BITCOIN_https.conf | 43 -- storage/dev/nginx/BLINDBIT_ORACLE_https.conf | 43 -- storage/dev/nginx/GRAFANA_https.conf | 43 -- storage/dev/nginx/IHM_CLIENT_https.conf | 43 -- storage/dev/nginx/LECOFFRE_FRONT_https.conf | 43 -- storage/dev/nginx/LOKI_https.conf | 43 -- storage/dev/nginx/NGNIX_https.conf | 43 -- storage/dev/nginx/POSTGRESQL_https.conf | 43 -- storage/dev/nginx/PROMTAIL_https.conf | 43 -- storage/dev/nginx/REDIS_https.conf | 43 -- storage/dev/nginx/SDK_RELAY_https.conf | 43 -- storage/dev/nginx/SDK_STORAGE_https.conf | 43 -- storage/dev/nginx/TOR_https.conf | 43 -- .../dev/nginx/_4NK_CERTIFICATOR_https.conf | 43 -- storage/dev/nginx/_4NK_MINER_https.conf | 43 -- storage/dev/nginx/_4NK_VAULT_https.conf | 43 -- storage/dev/nginx/_4NK_WEB_STATUS_https.conf | 43 -- storage/dev/nginx/app-internal-ports.conf | 360 --------- .../nginx/nginx_dev4.4NKweb.com-https.conf | 711 ------------------ .../nginx/nginx_dev4.4nkweb.com-https.conf | 711 ------------------ .../nginx/nginx_dev4._4NKweb.com-https.conf | 711 ------------------ storage/dev/nginx/proxy_headers.conf | 29 - storage/dev/nginx/upstreams.conf | 102 --- storage/dev/nginx/validate_templates.sh | 73 -- .../nginx/BITCOIN_https.conf | 2 +- .../nginx/BLINDBIT_ORACLE_https.conf | 2 +- .../nginx/GRAFANA_https.conf | 2 +- .../nginx/IHM_CLIENT_https.conf | 2 +- .../nginx/LECOFFRE_FRONT_https.conf | 2 +- .../{ => _4NK_modules}/nginx/LOKI_https.conf | 2 +- .../{ => _4NK_modules}/nginx/NGNIX_https.conf | 2 +- .../nginx/POSTGRESQL_https.conf | 2 +- .../nginx/PROMTAIL_https.conf | 2 +- .../{ => _4NK_modules}/nginx/REDIS_https.conf | 2 +- .../nginx/SDK_RELAY_https.conf | 2 +- .../nginx/SDK_STORAGE_https.conf | 2 +- .../{ => _4NK_modules}/nginx/TOR_https.conf | 2 +- .../nginx/_4NK_CERTIFICATOR_https.conf | 2 +- .../nginx/_4NK_MINER_https.conf | 2 +- .../nginx/_4NK_VAULT_https.conf | 2 +- .../nginx/_4NK_WEB_STATUS_https.conf | 2 +- .../nginx/app-internal-ports.conf | 0 .../nginx/nginx_dev4.4NKweb.com-https.conf | 0 .../nginx/nginx_dev4.4nkweb.com-https.conf | 0 .../nginx/nginx_dev4._4NKweb.com-https.conf | 0 .../nginx/proxy_headers.conf | 0 .../{ => _4NK_modules}/nginx/upstreams.conf | 0 .../nginx/validate_templates.sh | 26 +- templates/dev/generate.sh | 12 +- templates/dev/generate_nginx_configs.sh | 74 +- templates/dev/replace_variables_and_copy.sh | 4 +- 51 files changed, 75 insertions(+), 3503 deletions(-) delete mode 100644 storage/dev/nginx/BITCOIN_https.conf delete mode 100644 storage/dev/nginx/BLINDBIT_ORACLE_https.conf delete mode 100644 storage/dev/nginx/GRAFANA_https.conf delete mode 100644 storage/dev/nginx/IHM_CLIENT_https.conf delete mode 100644 storage/dev/nginx/LECOFFRE_FRONT_https.conf delete mode 100644 storage/dev/nginx/LOKI_https.conf delete mode 100644 storage/dev/nginx/NGNIX_https.conf delete mode 100644 storage/dev/nginx/POSTGRESQL_https.conf delete mode 100644 storage/dev/nginx/PROMTAIL_https.conf delete mode 100644 storage/dev/nginx/REDIS_https.conf delete mode 100644 storage/dev/nginx/SDK_RELAY_https.conf delete mode 100644 storage/dev/nginx/SDK_STORAGE_https.conf delete mode 100644 storage/dev/nginx/TOR_https.conf delete mode 100644 storage/dev/nginx/_4NK_CERTIFICATOR_https.conf delete mode 100644 storage/dev/nginx/_4NK_MINER_https.conf delete mode 100644 storage/dev/nginx/_4NK_VAULT_https.conf delete mode 100644 storage/dev/nginx/_4NK_WEB_STATUS_https.conf delete mode 100644 storage/dev/nginx/app-internal-ports.conf delete mode 100644 storage/dev/nginx/nginx_dev4.4NKweb.com-https.conf delete mode 100644 storage/dev/nginx/nginx_dev4.4nkweb.com-https.conf delete mode 100644 storage/dev/nginx/nginx_dev4._4NKweb.com-https.conf delete mode 100644 storage/dev/nginx/proxy_headers.conf delete mode 100644 storage/dev/nginx/upstreams.conf delete mode 100755 storage/dev/nginx/validate_templates.sh rename templates/dev/{ => _4NK_modules}/nginx/BITCOIN_https.conf (95%) rename templates/dev/{ => _4NK_modules}/nginx/BLINDBIT_ORACLE_https.conf (95%) rename templates/dev/{ => _4NK_modules}/nginx/GRAFANA_https.conf (95%) rename templates/dev/{ => _4NK_modules}/nginx/IHM_CLIENT_https.conf (95%) rename templates/dev/{ => _4NK_modules}/nginx/LECOFFRE_FRONT_https.conf (95%) rename templates/dev/{ => _4NK_modules}/nginx/LOKI_https.conf (95%) rename templates/dev/{ => _4NK_modules}/nginx/NGNIX_https.conf (95%) rename templates/dev/{ => _4NK_modules}/nginx/POSTGRESQL_https.conf (95%) rename templates/dev/{ => _4NK_modules}/nginx/PROMTAIL_https.conf (95%) rename templates/dev/{ => _4NK_modules}/nginx/REDIS_https.conf (95%) rename templates/dev/{ => _4NK_modules}/nginx/SDK_RELAY_https.conf (95%) rename templates/dev/{ => _4NK_modules}/nginx/SDK_STORAGE_https.conf (95%) rename templates/dev/{ => _4NK_modules}/nginx/TOR_https.conf (95%) rename templates/dev/{ => _4NK_modules}/nginx/_4NK_CERTIFICATOR_https.conf (95%) rename templates/dev/{ => _4NK_modules}/nginx/_4NK_MINER_https.conf (95%) rename templates/dev/{ => _4NK_modules}/nginx/_4NK_VAULT_https.conf (95%) rename templates/dev/{ => _4NK_modules}/nginx/_4NK_WEB_STATUS_https.conf (95%) rename templates/dev/{ => _4NK_modules}/nginx/app-internal-ports.conf (100%) rename templates/dev/{ => _4NK_modules}/nginx/nginx_dev4.4NKweb.com-https.conf (100%) rename templates/dev/{ => _4NK_modules}/nginx/nginx_dev4.4nkweb.com-https.conf (100%) rename templates/dev/{ => _4NK_modules}/nginx/nginx_dev4._4NKweb.com-https.conf (100%) rename templates/dev/{ => _4NK_modules}/nginx/proxy_headers.conf (100%) rename templates/dev/{ => _4NK_modules}/nginx/upstreams.conf (100%) rename templates/dev/{ => _4NK_modules}/nginx/validate_templates.sh (64%) diff --git a/storage/dev/nginx/BITCOIN_https.conf b/storage/dev/nginx/BITCOIN_https.conf deleted file mode 100644 index d80eb90..0000000 --- a/storage/dev/nginx/BITCOIN_https.conf +++ /dev/null @@ -1,43 +0,0 @@ -# Configuration HTTPS pour BITCOIN -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 - -server { - listen 80; - server_name bitcoin..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name bitcoin..com; - -ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; - - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://bitcoin; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://bitcoin; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} diff --git a/storage/dev/nginx/BLINDBIT_ORACLE_https.conf b/storage/dev/nginx/BLINDBIT_ORACLE_https.conf deleted file mode 100644 index 3ce4a00..0000000 --- a/storage/dev/nginx/BLINDBIT_ORACLE_https.conf +++ /dev/null @@ -1,43 +0,0 @@ -# Configuration HTTPS pour BLINDBIT_ORACLE -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 - -server { - listen 80; - server_name blindbit-oracle..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name blindbit_oracle..com; - -ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; - - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://blindbit_oracle; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://blindbit_oracle; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} diff --git a/storage/dev/nginx/GRAFANA_https.conf b/storage/dev/nginx/GRAFANA_https.conf deleted file mode 100644 index 4f59745..0000000 --- a/storage/dev/nginx/GRAFANA_https.conf +++ /dev/null @@ -1,43 +0,0 @@ -# Configuration HTTPS pour GRAFANA -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 - -server { - listen 80; - server_name grafana..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name grafana..com; - -ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; - - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://grafana; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://grafana; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} diff --git a/storage/dev/nginx/IHM_CLIENT_https.conf b/storage/dev/nginx/IHM_CLIENT_https.conf deleted file mode 100644 index b9b26f8..0000000 --- a/storage/dev/nginx/IHM_CLIENT_https.conf +++ /dev/null @@ -1,43 +0,0 @@ -# Configuration HTTPS pour IHM_CLIENT -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 - -server { - listen 80; - server_name ihm_client..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name ihm_client..com; - -ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; - - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://ihm_client; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://ihm_client; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} diff --git a/storage/dev/nginx/LECOFFRE_FRONT_https.conf b/storage/dev/nginx/LECOFFRE_FRONT_https.conf deleted file mode 100644 index 8fcc069..0000000 --- a/storage/dev/nginx/LECOFFRE_FRONT_https.conf +++ /dev/null @@ -1,43 +0,0 @@ -# Configuration HTTPS pour LECOFFRE_FRONT -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 - -server { - listen 80; - server_name lecoffre-front..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name lecoffre_front..com; - -ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; - - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://lecoffre_front; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://lecoffre_front; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} diff --git a/storage/dev/nginx/LOKI_https.conf b/storage/dev/nginx/LOKI_https.conf deleted file mode 100644 index c0436d7..0000000 --- a/storage/dev/nginx/LOKI_https.conf +++ /dev/null @@ -1,43 +0,0 @@ -# Configuration HTTPS pour LOKI -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 - -server { - listen 80; - server_name loki..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name loki..com; - -ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; - - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://loki; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://loki; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} diff --git a/storage/dev/nginx/NGNIX_https.conf b/storage/dev/nginx/NGNIX_https.conf deleted file mode 100644 index 1f52c7e..0000000 --- a/storage/dev/nginx/NGNIX_https.conf +++ /dev/null @@ -1,43 +0,0 @@ -# Configuration HTTPS pour NGNIX -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 - -server { - listen 80; - server_name ..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name ngnix..com; - -ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; - - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://ngnix; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://ngnix; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} diff --git a/storage/dev/nginx/POSTGRESQL_https.conf b/storage/dev/nginx/POSTGRESQL_https.conf deleted file mode 100644 index 012d98a..0000000 --- a/storage/dev/nginx/POSTGRESQL_https.conf +++ /dev/null @@ -1,43 +0,0 @@ -# Configuration HTTPS pour POSTGRESQL -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 - -server { - listen 80; - server_name postgresql..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name postgresql..com; - -ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; - - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://postgresql; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://postgresql; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} diff --git a/storage/dev/nginx/PROMTAIL_https.conf b/storage/dev/nginx/PROMTAIL_https.conf deleted file mode 100644 index b0d8246..0000000 --- a/storage/dev/nginx/PROMTAIL_https.conf +++ /dev/null @@ -1,43 +0,0 @@ -# Configuration HTTPS pour PROMTAIL -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 - -server { - listen 80; - server_name promtail..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name promtail..com; - -ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; - - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://promtail; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://promtail; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} diff --git a/storage/dev/nginx/REDIS_https.conf b/storage/dev/nginx/REDIS_https.conf deleted file mode 100644 index 436149a..0000000 --- a/storage/dev/nginx/REDIS_https.conf +++ /dev/null @@ -1,43 +0,0 @@ -# Configuration HTTPS pour REDIS -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 - -server { - listen 80; - server_name redis..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name redis..com; - -ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; - - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://redis; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://redis; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} diff --git a/storage/dev/nginx/SDK_RELAY_https.conf b/storage/dev/nginx/SDK_RELAY_https.conf deleted file mode 100644 index 439ca11..0000000 --- a/storage/dev/nginx/SDK_RELAY_https.conf +++ /dev/null @@ -1,43 +0,0 @@ -# Configuration HTTPS pour SDK_RELAY -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 - -server { - listen 80; - server_name sdk_relay..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name sdk_relay..com; - -ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; - - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://sdk_relay; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://sdk_relay; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} diff --git a/storage/dev/nginx/SDK_STORAGE_https.conf b/storage/dev/nginx/SDK_STORAGE_https.conf deleted file mode 100644 index d1262a4..0000000 --- a/storage/dev/nginx/SDK_STORAGE_https.conf +++ /dev/null @@ -1,43 +0,0 @@ -# Configuration HTTPS pour SDK_STORAGE -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 - -server { - listen 80; - server_name sdk_storage..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name sdk_storage..com; - -ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; - - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://sdk_storage; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://sdk_storage; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} diff --git a/storage/dev/nginx/TOR_https.conf b/storage/dev/nginx/TOR_https.conf deleted file mode 100644 index 8e78d7d..0000000 --- a/storage/dev/nginx/TOR_https.conf +++ /dev/null @@ -1,43 +0,0 @@ -# Configuration HTTPS pour TOR -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 - -server { - listen 80; - server_name tor-proxy..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name tor..com; - -ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; - - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://tor; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://tor; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} diff --git a/storage/dev/nginx/_4NK_CERTIFICATOR_https.conf b/storage/dev/nginx/_4NK_CERTIFICATOR_https.conf deleted file mode 100644 index 14bf053..0000000 --- a/storage/dev/nginx/_4NK_CERTIFICATOR_https.conf +++ /dev/null @@ -1,43 +0,0 @@ -# Configuration HTTPS pour _4NK_CERTIFICATOR -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 - -server { - listen 80; - server_name _4NK_certificator..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name _4nk_certificator..com; - -ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; - - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://_4nk_certificator; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://_4nk_certificator; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} diff --git a/storage/dev/nginx/_4NK_MINER_https.conf b/storage/dev/nginx/_4NK_MINER_https.conf deleted file mode 100644 index e8a024c..0000000 --- a/storage/dev/nginx/_4NK_MINER_https.conf +++ /dev/null @@ -1,43 +0,0 @@ -# Configuration HTTPS pour _4NK_MINER -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 - -server { - listen 80; - server_name _4NK_miner..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name _4nk_miner..com; - -ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; - - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://_4nk_miner; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://_4nk_miner; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} diff --git a/storage/dev/nginx/_4NK_VAULT_https.conf b/storage/dev/nginx/_4NK_VAULT_https.conf deleted file mode 100644 index 77f9f60..0000000 --- a/storage/dev/nginx/_4NK_VAULT_https.conf +++ /dev/null @@ -1,43 +0,0 @@ -# Configuration HTTPS pour _4NK_VAULT -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 - -server { - listen 80; - server_name _4NK_vault..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name _4nk_vault..com; - -ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; - - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://_4nk_vault; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://_4nk_vault; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} diff --git a/storage/dev/nginx/_4NK_WEB_STATUS_https.conf b/storage/dev/nginx/_4NK_WEB_STATUS_https.conf deleted file mode 100644 index c1ee2be..0000000 --- a/storage/dev/nginx/_4NK_WEB_STATUS_https.conf +++ /dev/null @@ -1,43 +0,0 @@ -# Configuration HTTPS pour _4NK_WEB_STATUS -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 - -server { - listen 80; - server_name _4NK_web_status..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name _4nk_web_status..com; - -ssl_certificate /etc/letsencrypt/live/dev4._4NKweb.com/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/dev4._4NKweb.com/privkey.pem; - - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://_4nk_web_status; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://_4nk_web_status; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} diff --git a/storage/dev/nginx/app-internal-ports.conf b/storage/dev/nginx/app-internal-ports.conf deleted file mode 100644 index 0d195f7..0000000 --- a/storage/dev/nginx/app-internal-ports.conf +++ /dev/null @@ -1,360 +0,0 @@ -# Configurations internes générées automatiquement -# Généré le $(date) - - -server { - listen 6379:6379 default_server; - server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://redis; - include $/proxy_headers.conf; - } - - # websocket (si nécessaire) - location /ws/ { - proxy_pass http://redis; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -server { - listen 5432:5432 default_server; - server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://postgresql; - include $/proxy_headers.conf; - } - - # websocket (si nécessaire) - location /ws/ { - proxy_pass http://postgresql; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -server { - listen 3100:3100 default_server; - server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://loki; - include $/proxy_headers.conf; - } - - # websocket (si nécessaire) - location /ws/ { - proxy_pass http://loki; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -server { - listen 8090:8090 default_server; - server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://promtail; - include $/proxy_headers.conf; - } - - # websocket (si nécessaire) - location /ws/ { - proxy_pass http://promtail; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -server { - listen 3001:3001 default_server; - server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://grafana; - include $/proxy_headers.conf; - } - - # websocket (si nécessaire) - location /ws/ { - proxy_pass http://grafana; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -server { - listen default_server; - server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://ngnix; - include $/proxy_headers.conf; - } - - # websocket (si nécessaire) - location /ws/ { - proxy_pass http://ngnix; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -server { - listen 9050:9050 default_server; - server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://tor; - include $/proxy_headers.conf; - } - - # websocket (si nécessaire) - location /ws/ { - proxy_pass http://tor; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -server { - listen default_server; - server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://_4nk_vault; - include $/proxy_headers.conf; - } - - # websocket (si nécessaire) - location /ws/ { - proxy_pass http://_4nk_vault; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -server { - listen 38332:38332 default_server; - server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://bitcoin; - include $/proxy_headers.conf; - } - - # websocket (si nécessaire) - location /ws/ { - proxy_pass http://bitcoin; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -server { - listen 8000:8000 default_server; - server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://blindbit_oracle; - include $/proxy_headers.conf; - } - - # websocket (si nécessaire) - location /ws/ { - proxy_pass http://blindbit_oracle; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -server { - listen 8080:8080 default_server; - server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://sdk_relay; - include $/proxy_headers.conf; - } - - # websocket (si nécessaire) - location /ws/ { - proxy_pass http://sdk_relay; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -server { - listen 8081:8081 default_server; - server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://sdk_storage; - include $/proxy_headers.conf; - } - - # websocket (si nécessaire) - location /ws/ { - proxy_pass http://sdk_storage; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -server { - listen 3003:3003 default_server; - server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://ihm_client; - include $/proxy_headers.conf; - } - - # websocket (si nécessaire) - location /ws/ { - proxy_pass http://ihm_client; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -server { - listen 8082:8082 default_server; - server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://_4nk_certificator; - include $/proxy_headers.conf; - } - - # websocket (si nécessaire) - location /ws/ { - proxy_pass http://_4nk_certificator; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -server { - listen 8083:8083 default_server; - server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://_4nk_miner; - include $/proxy_headers.conf; - } - - # websocket (si nécessaire) - location /ws/ { - proxy_pass http://_4nk_miner; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -server { - listen 3000:3000 default_server; - server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://lecoffre_front; - include $/proxy_headers.conf; - } - - # websocket (si nécessaire) - location /ws/ { - proxy_pass http://lecoffre_front; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -server { - listen 3006:3006 default_server; - server_name _; # pas d'host requis - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://_4nk_web_status; - include $/proxy_headers.conf; - } - - # websocket (si nécessaire) - location /ws/ { - proxy_pass http://_4nk_web_status; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} diff --git a/storage/dev/nginx/nginx_dev4.4NKweb.com-https.conf b/storage/dev/nginx/nginx_dev4.4NKweb.com-https.conf deleted file mode 100644 index 9d589ea..0000000 --- a/storage/dev/nginx/nginx_dev4.4NKweb.com-https.conf +++ /dev/null @@ -1,711 +0,0 @@ -# Configuration Nginx consolidée pour dev4._4NKweb.com -# Générée automatiquement le $(date) - -# Inclusion du format de log JSON et des upstreams -include upstreams.conf; - - -# Redirection globale HTTP→HTTPS -server { - listen 80; - server_name dev4._4NKweb.com *.dev4._4NKweb.com; - return 301 https://; -} - - -# Configuration HTTPS pour REDIS -server { - listen 80; - server_name redis..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name redis..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://redis; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://redis; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour POSTGRESQL -server { - listen 80; - server_name postgresql..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name postgresql..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://postgresql; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://postgresql; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour LOKI -server { - listen 80; - server_name loki..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name loki..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://loki; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://loki; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour PROMTAIL -server { - listen 80; - server_name promtail..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name promtail..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://promtail; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://promtail; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour GRAFANA -server { - listen 80; - server_name grafana..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name grafana..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://grafana; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://grafana; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour NGNIX -server { - listen 80; - server_name ..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name ngnix..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://ngnix; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://ngnix; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour TOR -server { - listen 80; - server_name tor-proxy..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name tor..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://tor; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://tor; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour _4NK_VAULT -server { - listen 80; - server_name _4NK_vault..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name _4nk_vault..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://_4nk_vault; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://_4nk_vault; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour BITCOIN -server { - listen 80; - server_name bitcoin..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name bitcoin..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://bitcoin; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://bitcoin; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour BLINDBIT_ORACLE -server { - listen 80; - server_name blindbit-oracle..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name blindbit_oracle..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://blindbit_oracle; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://blindbit_oracle; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour SDK_RELAY -server { - listen 80; - server_name sdk_relay..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name sdk_relay..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://sdk_relay; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://sdk_relay; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour SDK_STORAGE -server { - listen 80; - server_name sdk_storage..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name sdk_storage..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://sdk_storage; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://sdk_storage; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour IHM_CLIENT -server { - listen 80; - server_name ihm_client..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name ihm_client..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://ihm_client; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://ihm_client; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour _4NK_CERTIFICATOR -server { - listen 80; - server_name _4NK_certificator..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name _4nk_certificator..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://_4nk_certificator; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://_4nk_certificator; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour _4NK_MINER -server { - listen 80; - server_name _4NK_miner..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name _4nk_miner..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://_4nk_miner; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://_4nk_miner; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour LECOFFRE_FRONT -server { - listen 80; - server_name lecoffre-front..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name lecoffre_front..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://lecoffre_front; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://lecoffre_front; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour _4NK_WEB_STATUS -server { - listen 80; - server_name _4NK_web_status..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name _4nk_web_status..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://_4nk_web_status; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://_4nk_web_status; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} diff --git a/storage/dev/nginx/nginx_dev4.4nkweb.com-https.conf b/storage/dev/nginx/nginx_dev4.4nkweb.com-https.conf deleted file mode 100644 index 9d589ea..0000000 --- a/storage/dev/nginx/nginx_dev4.4nkweb.com-https.conf +++ /dev/null @@ -1,711 +0,0 @@ -# Configuration Nginx consolidée pour dev4._4NKweb.com -# Générée automatiquement le $(date) - -# Inclusion du format de log JSON et des upstreams -include upstreams.conf; - - -# Redirection globale HTTP→HTTPS -server { - listen 80; - server_name dev4._4NKweb.com *.dev4._4NKweb.com; - return 301 https://; -} - - -# Configuration HTTPS pour REDIS -server { - listen 80; - server_name redis..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name redis..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://redis; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://redis; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour POSTGRESQL -server { - listen 80; - server_name postgresql..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name postgresql..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://postgresql; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://postgresql; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour LOKI -server { - listen 80; - server_name loki..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name loki..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://loki; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://loki; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour PROMTAIL -server { - listen 80; - server_name promtail..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name promtail..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://promtail; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://promtail; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour GRAFANA -server { - listen 80; - server_name grafana..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name grafana..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://grafana; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://grafana; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour NGNIX -server { - listen 80; - server_name ..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name ngnix..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://ngnix; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://ngnix; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour TOR -server { - listen 80; - server_name tor-proxy..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name tor..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://tor; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://tor; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour _4NK_VAULT -server { - listen 80; - server_name _4NK_vault..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name _4nk_vault..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://_4nk_vault; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://_4nk_vault; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour BITCOIN -server { - listen 80; - server_name bitcoin..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name bitcoin..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://bitcoin; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://bitcoin; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour BLINDBIT_ORACLE -server { - listen 80; - server_name blindbit-oracle..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name blindbit_oracle..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://blindbit_oracle; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://blindbit_oracle; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour SDK_RELAY -server { - listen 80; - server_name sdk_relay..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name sdk_relay..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://sdk_relay; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://sdk_relay; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour SDK_STORAGE -server { - listen 80; - server_name sdk_storage..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name sdk_storage..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://sdk_storage; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://sdk_storage; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour IHM_CLIENT -server { - listen 80; - server_name ihm_client..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name ihm_client..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://ihm_client; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://ihm_client; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour _4NK_CERTIFICATOR -server { - listen 80; - server_name _4NK_certificator..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name _4nk_certificator..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://_4nk_certificator; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://_4nk_certificator; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour _4NK_MINER -server { - listen 80; - server_name _4NK_miner..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name _4nk_miner..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://_4nk_miner; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://_4nk_miner; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour LECOFFRE_FRONT -server { - listen 80; - server_name lecoffre-front..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name lecoffre_front..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://lecoffre_front; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://lecoffre_front; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour _4NK_WEB_STATUS -server { - listen 80; - server_name _4NK_web_status..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name _4nk_web_status..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/DOCKER_GLOBAL_NAME/logs/nginx/.log app_json; - - location / { - proxy_pass http://_4nk_web_status; - include $/etc/nginx/conf.d/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://_4nk_web_status; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/etc/nginx/conf.d/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} diff --git a/storage/dev/nginx/nginx_dev4._4NKweb.com-https.conf b/storage/dev/nginx/nginx_dev4._4NKweb.com-https.conf deleted file mode 100644 index 6cc2a52..0000000 --- a/storage/dev/nginx/nginx_dev4._4NKweb.com-https.conf +++ /dev/null @@ -1,711 +0,0 @@ -# Configuration Nginx consolidée pour dev4._4NKweb.com -# Générée automatiquement le $(date) - -# Inclusion du format de log JSON et des upstreams -include upstreams.conf; - - -# Redirection globale HTTP→HTTPS -server { - listen 80; - server_name dev4._4NKweb.com *.dev4._4NKweb.com; - return 301 https://; -} - - -# Configuration HTTPS pour REDIS -server { - listen 80; - server_name redis..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name redis..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://redis; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://redis; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour POSTGRESQL -server { - listen 80; - server_name postgresql..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name postgresql..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://postgresql; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://postgresql; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour LOKI -server { - listen 80; - server_name loki..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name loki..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://loki; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://loki; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour PROMTAIL -server { - listen 80; - server_name promtail..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name promtail..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://promtail; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://promtail; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour GRAFANA -server { - listen 80; - server_name grafana..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name grafana..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://grafana; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://grafana; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour NGNIX -server { - listen 80; - server_name ..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name ngnix..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://ngnix; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://ngnix; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour TOR -server { - listen 80; - server_name tor-proxy..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name tor..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://tor; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://tor; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour _4NK_VAULT -server { - listen 80; - server_name _4NK_vault..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name _4nk_vault..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://_4nk_vault; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://_4nk_vault; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour BITCOIN -server { - listen 80; - server_name bitcoin..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name bitcoin..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://bitcoin; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://bitcoin; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour BLINDBIT_ORACLE -server { - listen 80; - server_name blindbit-oracle..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name blindbit_oracle..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://blindbit_oracle; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://blindbit_oracle; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour SDK_RELAY -server { - listen 80; - server_name sdk_relay..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name sdk_relay..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://sdk_relay; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://sdk_relay; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour SDK_STORAGE -server { - listen 80; - server_name sdk_storage..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name sdk_storage..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://sdk_storage; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://sdk_storage; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour IHM_CLIENT -server { - listen 80; - server_name ihm_client..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name ihm_client..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://ihm_client; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://ihm_client; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour _4NK_CERTIFICATOR -server { - listen 80; - server_name _4NK_certificator..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name _4nk_certificator..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://_4nk_certificator; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://_4nk_certificator; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour _4NK_MINER -server { - listen 80; - server_name _4NK_miner..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name _4nk_miner..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://_4nk_miner; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://_4nk_miner; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour LECOFFRE_FRONT -server { - listen 80; - server_name lecoffre-front..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name lecoffre_front..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://lecoffre_front; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://lecoffre_front; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} - -# Configuration HTTPS pour _4NK_WEB_STATUS -server { - listen 80; - server_name _4NK_web_status..com; - # redirection HTTP→HTTPS pour l'externe - return 301 https://; -} - -server { - listen 443 ssl http2; - server_name _4nk_web_status..com; - - ssl_certificate $/etc/letsencrypt/live/dev4._4NKweb.com/certs/fullchain.pem; - ssl_certificate_key $/etc/letsencrypt/live/dev4._4NKweb.com/private/privkey.pem; - - # réglages TLS minimaux (adapter selon politique) - ssl_session_timeout 1d; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - - # HSTS (activer seulement si tout le domaine est en HTTPS) - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - access_log $/home/debian/_4NK_env/projects/lecoffre/lecoffre_node/logs/nginx/.log app_json; - - location / { - proxy_pass http://_4nk_web_status; - include $/proxy_headers.conf; - } - - location /ws/ { - proxy_pass http://_4nk_web_status; - proxy_http_version 1.1; - proxy_set_header Upgrade ; - proxy_set_header Connection "upgrade"; - include $/proxy_headers.conf; - proxy_read_timeout 3600s; - } -} diff --git a/storage/dev/nginx/proxy_headers.conf b/storage/dev/nginx/proxy_headers.conf deleted file mode 100644 index fde5efe..0000000 --- a/storage/dev/nginx/proxy_headers.conf +++ /dev/null @@ -1,29 +0,0 @@ -# Headers de proxy générés automatiquement -# Généré le $(date) - -proxy_set_header Host ; -proxy_set_header X-Real-IP ; -proxy_set_header X-Forwarded-For ; -proxy_set_header X-Forwarded-Proto ; -proxy_set_header X-Forwarded-Host ; -proxy_set_header X-Forwarded-Port ; - -# Directives de proxy -proxy_redirect off; # si l'app sait générer ses URLs -add_header X-Debug-Scheme always; -add_header X-Debug-XFP always; - -# Timeouts -proxy_connect_timeout 60s; -proxy_send_timeout 60s; -proxy_read_timeout 60s; - -# Buffer settings -proxy_buffering on; -proxy_buffer_size 4k; -proxy_buffers 8 4k; -proxy_busy_buffers_size 8k; - -# Cache settings -proxy_cache_bypass ; -proxy_no_cache ; diff --git a/storage/dev/nginx/upstreams.conf b/storage/dev/nginx/upstreams.conf deleted file mode 100644 index 11139ce..0000000 --- a/storage/dev/nginx/upstreams.conf +++ /dev/null @@ -1,102 +0,0 @@ -# Upstreams générés automatiquement -# Généré le $(date) - -log_format app_json escape=json - '{ "time":"",' - ' "client":"",' - ' "xff":"",' - ' "method":"",' - ' "host":"",' - ' "uri":"",' - ' "status":,' - ' "bytes":,' - ' "ua":"",' - ' "upstream":"",' - ' "rt":,' - ' "urt": }'; - - -upstream redis { - server redis:6379:6379; - keepalive 64; -} - -upstream postgresql { - server postgresql:5432:5432; - keepalive 64; -} - -upstream loki { - server loki:3100:3100; - keepalive 64; -} - -upstream promtail { - server promtail:8090:8090; - keepalive 64; -} - -upstream grafana { - server grafana:3001:3001; - keepalive 64; -} - -upstream { - server ngnix:; - keepalive 64; -} - -upstream tor-proxy { - server tor:9050:9050; - keepalive 64; -} - -upstream _4NK_vault { - server _4nk_vault:; - keepalive 64; -} - -upstream bitcoin { - server bitcoin:38332:38332; - keepalive 64; -} - -upstream blindbit-oracle { - server blindbit_oracle:8000:8000; - keepalive 64; -} - -upstream sdk_relay { - server sdk_relay:8080:8080; - keepalive 64; -} - -upstream sdk_storage { - server sdk_storage:8081:8081; - keepalive 64; -} - -upstream ihm_client { - server ihm_client:3003:3003; - keepalive 64; -} - -upstream _4NK_certificator { - server _4nk_certificator:8082:8082; - keepalive 64; -} - -upstream _4NK_miner { - server _4nk_miner:8083:8083; - keepalive 64; -} - -upstream lecoffre-front { - server lecoffre_front:3000:3000; - keepalive 64; -} - -upstream _4NK_web_status { - server _4nk_web_status:3006:3006; - keepalive 64; -} diff --git a/storage/dev/nginx/validate_templates.sh b/storage/dev/nginx/validate_templates.sh deleted file mode 100755 index d9eaa11..0000000 --- a/storage/dev/nginx/validate_templates.sh +++ /dev/null @@ -1,73 +0,0 @@ -#!/bin/bash - -# Script de validation des templates Nginx générés -# Généré automatiquement le $(date) - -set -euo pipefail - -# Couleurs pour les messages -RED='\033[0;31m' -GREEN='\033[0;32m' -YELLOW='\033[1;33m' -BLUE='\033[0;34m' -NC='\033[0m' - -# Fonctions d'affichage -print_error() { echo -e "❌ ERREUR: $1"; } -print_success() { echo -e "✅ SUCCÈS: $1"; } -print_info() { echo -e "ℹ️ INFO: $1"; } -print_warning() { echo -e "⚠️ ATTENTION: $1"; } - -# Charger les variables d'environnement -if [ -f ".env" ]; then - # Charger .env en mode silencieux pour éviter les erreurs de syntaxe - source .env 2>/dev/null || true -fi - -# Vérifier que HOST est défini -if [ -z "${HOST:-}" ]; then - print_warning "Variable HOST non définie, utilisation de la valeur par défaut" - export HOST="dev4._4NKweb.com" -fi - -print_info "Validation des templates Nginx pour dev4._4NKweb.com" - -# Vérifier que les fichiers existent -missing_files=0 - -if [ ! -f "nginx/upstreams.conf" ]; then - print_error "Template nginx/upstreams.conf non trouvé" - missing_files=$((missing_files + 1)) -fi - -if [ ! -f "nginx/app-internal-ports.conf" ]; then - print_error "Template nginx/app-internal-ports.conf non trouvé" - missing_files=$((missing_files + 1)) -fi - -if [ ! -f "nginx/proxy_headers.conf" ]; then - print_error "Template nginx/proxy_headers.conf non trouvé" - missing_files=$((missing_files + 1)) -fi - -if [ ! -f "nginx/nginx_dev4._4NKweb.com-https.conf" ]; then - print_error "Template nginx/nginx_dev4._4NKweb.com-https.conf non trouvé" - missing_files=$((missing_files + 1)) -fi - -if [ -eq 0 ]; then - print_success "Tous les templates de configuration sont présents" - print_info "Templates générés:" - echo " • nginx/upstreams.conf" - echo " • nginx/app-internal-ports.conf" - echo " • nginx/proxy_headers.conf" - echo " • nginx/*_https.conf (configurations HTTPS individuelles)" - echo " • nginx/nginx_dev4._4NKweb.com-https.conf" - - print_info "Ces templates sont prêts à être utilisés dans votre infrastructure" - print_warning "Adaptez les chemins et configurations selon vos besoins spécifiques" -else - print_error " template(s) manquant(s)" - exit 1 -fi - diff --git a/templates/dev/nginx/BITCOIN_https.conf b/templates/dev/_4NK_modules/nginx/BITCOIN_https.conf similarity index 95% rename from templates/dev/nginx/BITCOIN_https.conf rename to templates/dev/_4NK_modules/nginx/BITCOIN_https.conf index c867da1..28f1e60 100644 --- a/templates/dev/nginx/BITCOIN_https.conf +++ b/templates/dev/_4NK_modules/nginx/BITCOIN_https.conf @@ -1,5 +1,5 @@ # Configuration HTTPS pour BITCOIN -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 +# Généré automatiquement le Sun Oct 5 22:28:54 UTC 2025 server { listen 80; diff --git a/templates/dev/nginx/BLINDBIT_ORACLE_https.conf b/templates/dev/_4NK_modules/nginx/BLINDBIT_ORACLE_https.conf similarity index 95% rename from templates/dev/nginx/BLINDBIT_ORACLE_https.conf rename to templates/dev/_4NK_modules/nginx/BLINDBIT_ORACLE_https.conf index f5301c9..e197f00 100644 --- a/templates/dev/nginx/BLINDBIT_ORACLE_https.conf +++ b/templates/dev/_4NK_modules/nginx/BLINDBIT_ORACLE_https.conf @@ -1,5 +1,5 @@ # Configuration HTTPS pour BLINDBIT_ORACLE -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 +# Généré automatiquement le Sun Oct 5 22:28:54 UTC 2025 server { listen 80; diff --git a/templates/dev/nginx/GRAFANA_https.conf b/templates/dev/_4NK_modules/nginx/GRAFANA_https.conf similarity index 95% rename from templates/dev/nginx/GRAFANA_https.conf rename to templates/dev/_4NK_modules/nginx/GRAFANA_https.conf index 98cd5cb..36ece98 100644 --- a/templates/dev/nginx/GRAFANA_https.conf +++ b/templates/dev/_4NK_modules/nginx/GRAFANA_https.conf @@ -1,5 +1,5 @@ # Configuration HTTPS pour GRAFANA -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 +# Généré automatiquement le Sun Oct 5 22:28:54 UTC 2025 server { listen 80; diff --git a/templates/dev/nginx/IHM_CLIENT_https.conf b/templates/dev/_4NK_modules/nginx/IHM_CLIENT_https.conf similarity index 95% rename from templates/dev/nginx/IHM_CLIENT_https.conf rename to templates/dev/_4NK_modules/nginx/IHM_CLIENT_https.conf index e6d50d9..e1cbede 100644 --- a/templates/dev/nginx/IHM_CLIENT_https.conf +++ b/templates/dev/_4NK_modules/nginx/IHM_CLIENT_https.conf @@ -1,5 +1,5 @@ # Configuration HTTPS pour IHM_CLIENT -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 +# Généré automatiquement le Sun Oct 5 22:28:54 UTC 2025 server { listen 80; diff --git a/templates/dev/nginx/LECOFFRE_FRONT_https.conf b/templates/dev/_4NK_modules/nginx/LECOFFRE_FRONT_https.conf similarity index 95% rename from templates/dev/nginx/LECOFFRE_FRONT_https.conf rename to templates/dev/_4NK_modules/nginx/LECOFFRE_FRONT_https.conf index 4654ab4..b1a253e 100644 --- a/templates/dev/nginx/LECOFFRE_FRONT_https.conf +++ b/templates/dev/_4NK_modules/nginx/LECOFFRE_FRONT_https.conf @@ -1,5 +1,5 @@ # Configuration HTTPS pour LECOFFRE_FRONT -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 +# Généré automatiquement le Sun Oct 5 22:28:54 UTC 2025 server { listen 80; diff --git a/templates/dev/nginx/LOKI_https.conf b/templates/dev/_4NK_modules/nginx/LOKI_https.conf similarity index 95% rename from templates/dev/nginx/LOKI_https.conf rename to templates/dev/_4NK_modules/nginx/LOKI_https.conf index 37cb67a..ae3e5a6 100644 --- a/templates/dev/nginx/LOKI_https.conf +++ b/templates/dev/_4NK_modules/nginx/LOKI_https.conf @@ -1,5 +1,5 @@ # Configuration HTTPS pour LOKI -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 +# Généré automatiquement le Sun Oct 5 22:28:54 UTC 2025 server { listen 80; diff --git a/templates/dev/nginx/NGNIX_https.conf b/templates/dev/_4NK_modules/nginx/NGNIX_https.conf similarity index 95% rename from templates/dev/nginx/NGNIX_https.conf rename to templates/dev/_4NK_modules/nginx/NGNIX_https.conf index 4791873..69754d1 100644 --- a/templates/dev/nginx/NGNIX_https.conf +++ b/templates/dev/_4NK_modules/nginx/NGNIX_https.conf @@ -1,5 +1,5 @@ # Configuration HTTPS pour NGNIX -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 +# Généré automatiquement le Sun Oct 5 22:28:54 UTC 2025 server { listen 80; diff --git a/templates/dev/nginx/POSTGRESQL_https.conf b/templates/dev/_4NK_modules/nginx/POSTGRESQL_https.conf similarity index 95% rename from templates/dev/nginx/POSTGRESQL_https.conf rename to templates/dev/_4NK_modules/nginx/POSTGRESQL_https.conf index 3609804..7245d21 100644 --- a/templates/dev/nginx/POSTGRESQL_https.conf +++ b/templates/dev/_4NK_modules/nginx/POSTGRESQL_https.conf @@ -1,5 +1,5 @@ # Configuration HTTPS pour POSTGRESQL -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 +# Généré automatiquement le Sun Oct 5 22:28:54 UTC 2025 server { listen 80; diff --git a/templates/dev/nginx/PROMTAIL_https.conf b/templates/dev/_4NK_modules/nginx/PROMTAIL_https.conf similarity index 95% rename from templates/dev/nginx/PROMTAIL_https.conf rename to templates/dev/_4NK_modules/nginx/PROMTAIL_https.conf index 56d8c38..9d3602b 100644 --- a/templates/dev/nginx/PROMTAIL_https.conf +++ b/templates/dev/_4NK_modules/nginx/PROMTAIL_https.conf @@ -1,5 +1,5 @@ # Configuration HTTPS pour PROMTAIL -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 +# Généré automatiquement le Sun Oct 5 22:28:54 UTC 2025 server { listen 80; diff --git a/templates/dev/nginx/REDIS_https.conf b/templates/dev/_4NK_modules/nginx/REDIS_https.conf similarity index 95% rename from templates/dev/nginx/REDIS_https.conf rename to templates/dev/_4NK_modules/nginx/REDIS_https.conf index 344307a..7c9a6da 100644 --- a/templates/dev/nginx/REDIS_https.conf +++ b/templates/dev/_4NK_modules/nginx/REDIS_https.conf @@ -1,5 +1,5 @@ # Configuration HTTPS pour REDIS -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 +# Généré automatiquement le Sun Oct 5 22:28:54 UTC 2025 server { listen 80; diff --git a/templates/dev/nginx/SDK_RELAY_https.conf b/templates/dev/_4NK_modules/nginx/SDK_RELAY_https.conf similarity index 95% rename from templates/dev/nginx/SDK_RELAY_https.conf rename to templates/dev/_4NK_modules/nginx/SDK_RELAY_https.conf index eda12cc..bb212aa 100644 --- a/templates/dev/nginx/SDK_RELAY_https.conf +++ b/templates/dev/_4NK_modules/nginx/SDK_RELAY_https.conf @@ -1,5 +1,5 @@ # Configuration HTTPS pour SDK_RELAY -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 +# Généré automatiquement le Sun Oct 5 22:28:54 UTC 2025 server { listen 80; diff --git a/templates/dev/nginx/SDK_STORAGE_https.conf b/templates/dev/_4NK_modules/nginx/SDK_STORAGE_https.conf similarity index 95% rename from templates/dev/nginx/SDK_STORAGE_https.conf rename to templates/dev/_4NK_modules/nginx/SDK_STORAGE_https.conf index 4d07c7b..6f48670 100644 --- a/templates/dev/nginx/SDK_STORAGE_https.conf +++ b/templates/dev/_4NK_modules/nginx/SDK_STORAGE_https.conf @@ -1,5 +1,5 @@ # Configuration HTTPS pour SDK_STORAGE -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 +# Généré automatiquement le Sun Oct 5 22:28:54 UTC 2025 server { listen 80; diff --git a/templates/dev/nginx/TOR_https.conf b/templates/dev/_4NK_modules/nginx/TOR_https.conf similarity index 95% rename from templates/dev/nginx/TOR_https.conf rename to templates/dev/_4NK_modules/nginx/TOR_https.conf index 2138a9c..11d24d2 100644 --- a/templates/dev/nginx/TOR_https.conf +++ b/templates/dev/_4NK_modules/nginx/TOR_https.conf @@ -1,5 +1,5 @@ # Configuration HTTPS pour TOR -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 +# Généré automatiquement le Sun Oct 5 22:28:54 UTC 2025 server { listen 80; diff --git a/templates/dev/nginx/_4NK_CERTIFICATOR_https.conf b/templates/dev/_4NK_modules/nginx/_4NK_CERTIFICATOR_https.conf similarity index 95% rename from templates/dev/nginx/_4NK_CERTIFICATOR_https.conf rename to templates/dev/_4NK_modules/nginx/_4NK_CERTIFICATOR_https.conf index ac75c4d..6b6781e 100644 --- a/templates/dev/nginx/_4NK_CERTIFICATOR_https.conf +++ b/templates/dev/_4NK_modules/nginx/_4NK_CERTIFICATOR_https.conf @@ -1,5 +1,5 @@ # Configuration HTTPS pour _4NK_CERTIFICATOR -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 +# Généré automatiquement le Sun Oct 5 22:28:54 UTC 2025 server { listen 80; diff --git a/templates/dev/nginx/_4NK_MINER_https.conf b/templates/dev/_4NK_modules/nginx/_4NK_MINER_https.conf similarity index 95% rename from templates/dev/nginx/_4NK_MINER_https.conf rename to templates/dev/_4NK_modules/nginx/_4NK_MINER_https.conf index ce8459d..690dfc8 100644 --- a/templates/dev/nginx/_4NK_MINER_https.conf +++ b/templates/dev/_4NK_modules/nginx/_4NK_MINER_https.conf @@ -1,5 +1,5 @@ # Configuration HTTPS pour _4NK_MINER -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 +# Généré automatiquement le Sun Oct 5 22:28:54 UTC 2025 server { listen 80; diff --git a/templates/dev/nginx/_4NK_VAULT_https.conf b/templates/dev/_4NK_modules/nginx/_4NK_VAULT_https.conf similarity index 95% rename from templates/dev/nginx/_4NK_VAULT_https.conf rename to templates/dev/_4NK_modules/nginx/_4NK_VAULT_https.conf index eaad184..84739e6 100644 --- a/templates/dev/nginx/_4NK_VAULT_https.conf +++ b/templates/dev/_4NK_modules/nginx/_4NK_VAULT_https.conf @@ -1,5 +1,5 @@ # Configuration HTTPS pour _4NK_VAULT -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 +# Généré automatiquement le Sun Oct 5 22:28:54 UTC 2025 server { listen 80; diff --git a/templates/dev/nginx/_4NK_WEB_STATUS_https.conf b/templates/dev/_4NK_modules/nginx/_4NK_WEB_STATUS_https.conf similarity index 95% rename from templates/dev/nginx/_4NK_WEB_STATUS_https.conf rename to templates/dev/_4NK_modules/nginx/_4NK_WEB_STATUS_https.conf index 64b7269..41f7561 100644 --- a/templates/dev/nginx/_4NK_WEB_STATUS_https.conf +++ b/templates/dev/_4NK_modules/nginx/_4NK_WEB_STATUS_https.conf @@ -1,5 +1,5 @@ # Configuration HTTPS pour _4NK_WEB_STATUS -# Généré automatiquement le Sun Oct 5 22:04:53 UTC 2025 +# Généré automatiquement le Sun Oct 5 22:28:54 UTC 2025 server { listen 80; diff --git a/templates/dev/nginx/app-internal-ports.conf b/templates/dev/_4NK_modules/nginx/app-internal-ports.conf similarity index 100% rename from templates/dev/nginx/app-internal-ports.conf rename to templates/dev/_4NK_modules/nginx/app-internal-ports.conf diff --git a/templates/dev/nginx/nginx_dev4.4NKweb.com-https.conf b/templates/dev/_4NK_modules/nginx/nginx_dev4.4NKweb.com-https.conf similarity index 100% rename from templates/dev/nginx/nginx_dev4.4NKweb.com-https.conf rename to templates/dev/_4NK_modules/nginx/nginx_dev4.4NKweb.com-https.conf diff --git a/templates/dev/nginx/nginx_dev4.4nkweb.com-https.conf b/templates/dev/_4NK_modules/nginx/nginx_dev4.4nkweb.com-https.conf similarity index 100% rename from templates/dev/nginx/nginx_dev4.4nkweb.com-https.conf rename to templates/dev/_4NK_modules/nginx/nginx_dev4.4nkweb.com-https.conf diff --git a/templates/dev/nginx/nginx_dev4._4NKweb.com-https.conf b/templates/dev/_4NK_modules/nginx/nginx_dev4._4NKweb.com-https.conf similarity index 100% rename from templates/dev/nginx/nginx_dev4._4NKweb.com-https.conf rename to templates/dev/_4NK_modules/nginx/nginx_dev4._4NKweb.com-https.conf diff --git a/templates/dev/nginx/proxy_headers.conf b/templates/dev/_4NK_modules/nginx/proxy_headers.conf similarity index 100% rename from templates/dev/nginx/proxy_headers.conf rename to templates/dev/_4NK_modules/nginx/proxy_headers.conf diff --git a/templates/dev/nginx/upstreams.conf b/templates/dev/_4NK_modules/nginx/upstreams.conf similarity index 100% rename from templates/dev/nginx/upstreams.conf rename to templates/dev/_4NK_modules/nginx/upstreams.conf diff --git a/templates/dev/nginx/validate_templates.sh b/templates/dev/_4NK_modules/nginx/validate_templates.sh similarity index 64% rename from templates/dev/nginx/validate_templates.sh rename to templates/dev/_4NK_modules/nginx/validate_templates.sh index 2e1d6a5..9ec6d5e 100755 --- a/templates/dev/nginx/validate_templates.sh +++ b/templates/dev/_4NK_modules/nginx/validate_templates.sh @@ -35,34 +35,34 @@ print_info "Validation des templates Nginx pour $HOST" # Vérifier que les fichiers existent missing_files=0 -if [ ! -f "nginx/upstreams.conf" ]; then - print_error "Template nginx/upstreams.conf non trouvé" +if [ ! -f "_4NK_modules/nginx/upstreams.conf" ]; then + print_error "Template _4NK_modules/nginx/upstreams.conf non trouvé" missing_files=$((missing_files + 1)) fi -if [ ! -f "nginx/app-internal-ports.conf" ]; then - print_error "Template nginx/app-internal-ports.conf non trouvé" +if [ ! -f "_4NK_modules/nginx/app-internal-ports.conf" ]; then + print_error "Template _4NK_modules/nginx/app-internal-ports.conf non trouvé" missing_files=$((missing_files + 1)) fi -if [ ! -f "nginx/proxy_headers.conf" ]; then - print_error "Template nginx/proxy_headers.conf non trouvé" +if [ ! -f "_4NK_modules/nginx/proxy_headers.conf" ]; then + print_error "Template _4NK_modules/nginx/proxy_headers.conf non trouvé" missing_files=$((missing_files + 1)) fi -if [ ! -f "nginx/nginx_$HOST-https.conf" ]; then - print_error "Template nginx/nginx_$HOST-https.conf non trouvé" +if [ ! -f "_4NK_modules/nginx/nginx_$HOST-https.conf" ]; then + print_error "Template _4NK_modules/nginx/nginx_$HOST-https.conf non trouvé" missing_files=$((missing_files + 1)) fi if [ $missing_files -eq 0 ]; then print_success "Tous les templates de configuration sont présents" print_info "Templates générés:" - echo " • nginx/upstreams.conf" - echo " • nginx/app-internal-ports.conf" - echo " • nginx/proxy_headers.conf" - echo " • nginx/*_https.conf (configurations HTTPS individuelles)" - echo " • nginx/nginx_$HOST-https.conf" + echo " • _4NK_modules/nginx/upstreams.conf" + echo " • _4NK_modules/nginx/app-internal-ports.conf" + echo " • _4NK_modules/nginx/proxy_headers.conf" + echo " • _4NK_modules/nginx/*_https.conf (configurations HTTPS individuelles)" + echo " • _4NK_modules/nginx/nginx_$HOST-https.conf" print_info "Ces templates sont prêts à être utilisés dans votre infrastructure" print_warning "Adaptez les chemins et configurations selon vos besoins spécifiques" diff --git a/templates/dev/generate.sh b/templates/dev/generate.sh index 0121e60..03c07be 100755 --- a/templates/dev/generate.sh +++ b/templates/dev/generate.sh @@ -160,7 +160,7 @@ show_summary() { echo -e " • ${GREEN}_4NK_modules/grafana/dashboards/${NC} - Dashboards Grafana" echo -e " • ${GREEN}_4NK_modules/promtail/promtail.yml${NC} - Configuration Promtail" echo -e " • ${GREEN}logrotade/${NC} - Configurations Logrotate" - echo -e " • ${GREEN}nginx/${NC} - Configurations Nginx" + echo -e " • ${GREEN}_4NK_modules/nginx/${NC} - Configurations Nginx" echo -e "\n${CYAN}🚀 Prochaines étapes recommandées:${NC}" echo -e " 1. Vérifiez les fichiers générés dans ../../storage/dev/" @@ -301,11 +301,11 @@ main() { if execute_script "generate_nginx_configs.sh" "./generate_nginx_configs.sh" "Génère toutes les configurations Nginx (upstreams, internes, HTTPS)"; then print_success "Configurations Nginx générées avec succès" print_info "Fichiers créés:" - [ -f "nginx/upstreams.conf" ] && echo " • nginx/upstreams.conf" - [ -f "nginx/app-internal-ports.conf" ] && echo " • nginx/app-internal-ports.conf" - [ -d "nginx/https-configs" ] && echo " • nginx/https-configs/ (configurations HTTPS)" - [ -f "nginx/nginx_${HOST:-dev4._4NKweb.com}-https.conf" ] && echo " • nginx/nginx_${HOST:-dev4._4NKweb.com}-https.conf" - [ -f "nginx/proxy_headers.conf" ] && echo " • nginx/proxy_headers.conf" + [ -f "_4NK_modules/nginx/upstreams.conf" ] && echo " • _4NK_modules/nginx/upstreams.conf" + [ -f "_4NK_modules/nginx/app-internal-ports.conf" ] && echo " • _4NK_modules/nginx/app-internal-ports.conf" + [ -d "_4NK_modules/nginx/https-configs" ] && echo " • _4NK_modules/nginx/https-configs/ (configurations HTTPS)" + [ -f "_4NK_modules/nginx/nginx_${HOST:-dev4._4NKweb.com}-https.conf" ] && echo " • _4NK_modules/nginx/nginx_${HOST:-dev4._4NKweb.com}-https.conf" + [ -f "_4NK_modules/nginx/proxy_headers.conf" ] && echo " • _4NK_modules/nginx/proxy_headers.conf" else print_error "Échec de la génération des configurations Nginx" fi diff --git a/templates/dev/generate_nginx_configs.sh b/templates/dev/generate_nginx_configs.sh index 7923564..8de5d32 100755 --- a/templates/dev/generate_nginx_configs.sh +++ b/templates/dev/generate_nginx_configs.sh @@ -22,17 +22,17 @@ generate_upstreams() { echo "🔧 Génération du fichier upstreams.conf" # Créer le répertoire si nécessaire - mkdir -p "nginx" + mkdir -p "_4NK_modules/nginx" # Générer le fichier upstreams.conf - cat > "nginx/upstreams.conf" << 'EOF' + cat > "_4NK_modules/nginx/upstreams.conf" << 'EOF' # Upstreams générés automatiquement # Généré le $(date) EOF # Ajouter le format de log JSON - cat >> "nginx/upstreams.conf" << 'EOF' + cat >> "_4NK_modules/nginx/upstreams.conf" << 'EOF' log_format app_json escape=json '{ "time":"$time_iso8601",' ' "client":"$remote_addr",' @@ -53,7 +53,7 @@ EOF for SERVICE_VAR in "${SERVICES[@]}"; do echo " 🔄 Génération upstream pour $SERVICE_VAR" - cat >> "nginx/upstreams.conf" << EOF + cat >> "_4NK_modules/nginx/upstreams.conf" << EOF upstream \$${SERVICE_VAR} { server \$${SERVICE_VAR}_DOCKER_NAME:\$${SERVICE_VAR}_PORT; @@ -70,10 +70,10 @@ generate_internal_configs() { echo "🔧 Génération du fichier app-internal-ports.conf" # Créer le répertoire si nécessaire - mkdir -p "nginx" + mkdir -p "_4NK_modules/nginx" # Générer le fichier app-internal-ports.conf - cat > "nginx/app-internal-ports.conf" << 'EOF' + cat > "_4NK_modules/nginx/app-internal-ports.conf" << 'EOF' # Configurations internes générées automatiquement # Généré le $(date) @@ -83,7 +83,7 @@ EOF for SERVICE_VAR in "${SERVICES[@]}"; do echo " 🔄 Génération config interne pour $SERVICE_VAR" - cat >> "nginx/app-internal-ports.conf" << EOF + cat >> "_4NK_modules/nginx/app-internal-ports.conf" << EOF server { listen \$${SERVICE_VAR}_PORT default_server; @@ -119,7 +119,7 @@ generate_https_configs() { for SERVICE_VAR in "${SERVICES[@]}"; do echo " 🔄 Génération config HTTPS pour $SERVICE_VAR" - local CONFIG_FILE="nginx/${SERVICE_VAR}_https.conf" + local CONFIG_FILE="_4NK_modules/nginx/${SERVICE_VAR}_https.conf" cat > "$CONFIG_FILE" << EOF # Configuration HTTPS pour $SERVICE_VAR @@ -178,10 +178,10 @@ generate_consolidated_https_config() { echo "🔧 Génération du fichier nginx_$HOST-https.conf consolidé" # Créer le répertoire si nécessaire - mkdir -p "nginx" + mkdir -p "_4NK_modules/nginx" # Générer le fichier consolidé - cat > "nginx/nginx_$HOST-https.conf" << 'EOF' + cat > "_4NK_modules/nginx/nginx_$HOST-https.conf" << 'EOF' # Configuration Nginx consolidée pour $HOST # Générée automatiquement le $(date) @@ -191,7 +191,7 @@ include upstreams.conf; EOF # Ajouter la redirection HTTP→HTTPS globale - cat >> "nginx/nginx_$HOST-https.conf" << 'EOF' + cat >> "_4NK_modules/nginx/nginx_$HOST-https.conf" << 'EOF' # Redirection globale HTTP→HTTPS server { @@ -206,7 +206,7 @@ EOF for SERVICE_VAR in "${SERVICES[@]}"; do echo " 🔄 Ajout de la config HTTPS pour $SERVICE_VAR dans le fichier consolidé" - cat >> "nginx/nginx_$HOST-https.conf" << EOF + cat >> "_4NK_modules/nginx/nginx_$HOST-https.conf" << EOF # Configuration HTTPS pour $SERVICE_VAR server { @@ -259,10 +259,10 @@ generate_proxy_headers() { echo "🔧 Génération du fichier proxy_headers.conf" # Créer le répertoire si nécessaire - mkdir -p "nginx" + mkdir -p "_4NK_modules/nginx" # Générer le fichier proxy_headers.conf - cat > "nginx/proxy_headers.conf" << 'EOF' + cat > "_4NK_modules/nginx/proxy_headers.conf" << 'EOF' # Headers de proxy générés automatiquement # Généré le $(date) @@ -301,7 +301,7 @@ EOF generate_deploy_script() { echo "🔧 Génération du script de validation des templates" - cat > "nginx/validate_templates.sh" << 'EOF' + cat > "_4NK_modules/nginx/validate_templates.sh" << 'EOF' #!/bin/bash # Script de validation des templates Nginx générés @@ -339,34 +339,34 @@ print_info "Validation des templates Nginx pour $HOST" # Vérifier que les fichiers existent missing_files=0 -if [ ! -f "nginx/upstreams.conf" ]; then - print_error "Template nginx/upstreams.conf non trouvé" +if [ ! -f "_4NK_modules/nginx/upstreams.conf" ]; then + print_error "Template _4NK_modules/nginx/upstreams.conf non trouvé" missing_files=$((missing_files + 1)) fi -if [ ! -f "nginx/app-internal-ports.conf" ]; then - print_error "Template nginx/app-internal-ports.conf non trouvé" +if [ ! -f "_4NK_modules/nginx/app-internal-ports.conf" ]; then + print_error "Template _4NK_modules/nginx/app-internal-ports.conf non trouvé" missing_files=$((missing_files + 1)) fi -if [ ! -f "nginx/proxy_headers.conf" ]; then - print_error "Template nginx/proxy_headers.conf non trouvé" +if [ ! -f "_4NK_modules/nginx/proxy_headers.conf" ]; then + print_error "Template _4NK_modules/nginx/proxy_headers.conf non trouvé" missing_files=$((missing_files + 1)) fi -if [ ! -f "nginx/nginx_$HOST-https.conf" ]; then - print_error "Template nginx/nginx_$HOST-https.conf non trouvé" +if [ ! -f "_4NK_modules/nginx/nginx_$HOST-https.conf" ]; then + print_error "Template _4NK_modules/nginx/nginx_$HOST-https.conf non trouvé" missing_files=$((missing_files + 1)) fi if [ $missing_files -eq 0 ]; then print_success "Tous les templates de configuration sont présents" print_info "Templates générés:" - echo " • nginx/upstreams.conf" - echo " • nginx/app-internal-ports.conf" - echo " • nginx/proxy_headers.conf" - echo " • nginx/*_https.conf (configurations HTTPS individuelles)" - echo " • nginx/nginx_$HOST-https.conf" + echo " • _4NK_modules/nginx/upstreams.conf" + echo " • _4NK_modules/nginx/app-internal-ports.conf" + echo " • _4NK_modules/nginx/proxy_headers.conf" + echo " • _4NK_modules/nginx/*_https.conf (configurations HTTPS individuelles)" + echo " • _4NK_modules/nginx/nginx_$HOST-https.conf" print_info "Ces templates sont prêts à être utilisés dans votre infrastructure" print_warning "Adaptez les chemins et configurations selon vos besoins spécifiques" @@ -377,7 +377,7 @@ fi EOF - chmod +x "nginx/validate_templates.sh" + chmod +x "_4NK_modules/nginx/validate_templates.sh" echo "✅ Script de validation des templates généré" } @@ -400,15 +400,15 @@ main() { echo " Services: ${SERVICES[*]}" # Supprimer les fichiers de sortie existants (remplacer complètement) - rm -f "nginx/upstreams.conf" 2>/dev/null || true - rm -f "nginx/app-internal-ports.conf" 2>/dev/null || true - rm -f "nginx/proxy_headers.conf" 2>/dev/null || true - rm -f "nginx/nginx_${HOST:-dev4._4NKweb.com}-https.conf" 2>/dev/null || true - rm -f "nginx/deploy_configs.sh" 2>/dev/null || true - rm -f "nginx/"*_https.conf 2>/dev/null || true + rm -f "_4NK_modules/nginx/upstreams.conf" 2>/dev/null || true + rm -f "_4NK_modules/nginx/app-internal-ports.conf" 2>/dev/null || true + rm -f "_4NK_modules/nginx/proxy_headers.conf" 2>/dev/null || true + rm -f "_4NK_modules/nginx/nginx_${HOST:-dev4._4NKweb.com}-https.conf" 2>/dev/null || true + rm -f "_4NK_modules/nginx/deploy_configs.sh" 2>/dev/null || true + rm -f "_4NK_modules/nginx/"*_https.conf 2>/dev/null || true # Créer le répertoire de sortie - mkdir -p "nginx" + mkdir -p "_4NK_modules/nginx" # Générer tous les fichiers de configuration generate_upstreams @@ -420,7 +420,7 @@ main() { echo "" echo "✅ GÉNÉRATION TERMINÉE !" - echo "📁 Configurations générées dans: nginx/" + echo "📁 Configurations générées dans: _4NK_modules/nginx/" echo "🔧 Les configurations utilisent les variables d'environnement" echo "📊 Services traités: ${#SERVICES[@]}" } diff --git a/templates/dev/replace_variables_and_copy.sh b/templates/dev/replace_variables_and_copy.sh index e748142..be9195b 100755 --- a/templates/dev/replace_variables_and_copy.sh +++ b/templates/dev/replace_variables_and_copy.sh @@ -303,8 +303,8 @@ main() { # Configurations logrotate [ -d "logrotade" ] && process_directory "logrotade" "logrotade" - # Configurations nginx - [ -d "nginx" ] && process_directory "nginx" "nginx" + # Configurations nginx - DÉSACTIVÉ car généré dans _4NK_modules/nginx + # [ -d "nginx" ] && process_directory "nginx" "nginx" # Configuration git [ -d "git" ] && process_directory "git" "git"