4nk/anchorage_layer_simple
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
anchorage_layer_simple/configure-nginx-proxy.sh
ncantu 20d115a31c feat: Add APIs, dashboard, documentation and improve scripts 
**Motivations:**
- Add API services for anchorage and faucet functionality
- Add dashboard interface for signet monitoring
- Improve documentation and maintenance guides
- Enhance existing scripts for better functionality

**Root causes:**
- Need for API services to interact with Bitcoin Signet
- Need for user-friendly dashboard interface
- Need for comprehensive documentation
- Scripts required improvements for better reliability

**Correctifs:**
- Updated Dockerfile with better configuration
- Improved gen-bitcoind-conf.sh and gen-signet-keys.sh scripts
- Enhanced mine.sh, miner, run.sh, and setup-signet.sh scripts
- Updated env.example with new configuration options

**Evolutions:**
- Added api-anchorage service with anchor functionality
- Added api-faucet service for testnet coin distribution
- Added signet-dashboard for monitoring and management
- Added comprehensive documentation in docs/ directory
- Added configure-nginx-proxy.sh for proxy configuration
- Added update-signet.sh for signet updates
- Added ETAT_SYSTEME.md and START_DASHBOARD_AND_FAUCET.md guides
- Added .bitcoin-version file for version tracking

**Pages affectées:**
- Dockerfile
- env.example
- gen-bitcoind-conf.sh
- gen-signet-keys.sh
- mine.sh
- miner
- run.sh
- setup-signet.sh
- api-anchorage/ (new)
- api-faucet/ (new)
- signet-dashboard/ (new)
- docs/ (new)
- configure-nginx-proxy.sh (new)
- update-signet.sh (new)
- ETAT_SYSTEME.md (new)
- START_DASHBOARD_AND_FAUCET.md (new)
- .bitcoin-version (new)
- .env (modified)
- mempool/ (added)
2026-01-24 02:40:25 +01:00

235 lines
8.1 KiB
Bash
Executable File
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
# Script de configuration Nginx pour les sous-domaines certificator.4nkweb.com
# Usage: ./configure-nginx-proxy.sh
set -e
PROXY_HOST="192.168.1.100"
PROXY_USER="ncantu"
NGINX_SITES_AVAILABLE="/etc/nginx/sites-available"
NGINX_SITES_ENABLED="/etc/nginx/sites-enabled"
CERTBOT_BIN="/usr/bin/certbot"
echo "=== Configuration Nginx pour certificator.4nkweb.com ==="
echo ""
# Vérifier que nous sommes sur le proxy ou que nous pouvons y accéder
# Note: Le script peut être exécuté localement ou via SSH
CURRENT_IP=$(hostname -I 2>/dev/null | awk '{print $1}' || echo "")
if [ "$CURRENT_IP" != "192.168.1.100" ] && [ -z "$SSH_CONNECTION" ]; then
echo " Ce script peut être exécuté sur le proxy (192.168.1.100)"
echo " Ou via SSH: ssh ${PROXY_USER}@${PROXY_HOST} 'sudo bash -s' < $0"
echo ""
fi
# Vérifier les permissions (sudo disponible pour ncantu)
if [ "$EUID" -ne 0 ]; then
if command -v sudo &> /dev/null && sudo -n true 2>/dev/null; then
echo "✅ Utilisation de sudo (droits non interactifs)"
# Le script continuera avec sudo pour les commandes nécessitant root
else
echo "⚠️ Ce script nécessite les permissions root pour configurer Nginx"
echo " Utilisez: sudo $0"
exit 1
fi
fi
# Fonction pour exécuter les commandes nécessitant root
SUDO_CMD=""
if [ "$EUID" -ne 0 ]; then
SUDO_CMD="sudo"
fi
echo "✅ Vérification de Nginx..."
# Vérifier Nginx (peut être dans /usr/sbin/nginx)
NGINX_BIN=""
if command -v nginx &> /dev/null; then
NGINX_BIN="nginx"
elif [ -f /usr/sbin/nginx ]; then
NGINX_BIN="/usr/sbin/nginx"
elif [ -f /usr/bin/nginx ]; then
NGINX_BIN="/usr/bin/nginx"
else
echo "❌ Nginx n'est pas installé"
exit 1
fi
echo " Nginx trouvé: ${NGINX_BIN}"
echo "✅ Vérification de Certbot..."
# Vérifier Certbot (peut être dans /usr/bin/certbot)
CERTBOT_BIN=""
if command -v certbot &> /dev/null; then
CERTBOT_BIN="certbot"
elif [ -f /usr/bin/certbot ]; then
CERTBOT_BIN="/usr/bin/certbot"
else
echo "⚠️ Certbot n'est pas installé. Installation..."
${SUDO_CMD} apt-get update
${SUDO_CMD} apt-get install -y certbot python3-certbot-nginx
CERTBOT_BIN="certbot"
fi
echo " Certbot trouvé: ${CERTBOT_BIN}"
# Créer les configurations Nginx pour chaque sous-domaine
# 1. Dashboard (port 3020)
echo ""
echo "📝 Configuration de dashboard.certificator.4nkweb.com..."
${SUDO_CMD} tee "${NGINX_SITES_AVAILABLE}/dashboard.certificator.4nkweb.com" > /dev/null << 'EOF'
# Dashboard Bitcoin Signet
server {
listen 80;
server_name dashboard.certificator.4nkweb.com;
# Logs
access_log /var/log/nginx/dashboard.certificator.4nkweb.com.access.log;
error_log /var/log/nginx/dashboard.certificator.4nkweb.com.error.log;
# Proxy vers le service Node.js (port 3020)
# Note: Les services tournent sur 192.168.1.105
location / {
proxy_pass http://192.168.1.105:3020;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_cache_bypass $http_upgrade;
proxy_read_timeout 300s;
proxy_connect_timeout 75s;
}
}
EOF
# 2. Faucet (port 3021)
echo "📝 Configuration de faucet.certificator.4nkweb.com..."
${SUDO_CMD} tee "${NGINX_SITES_AVAILABLE}/faucet.certificator.4nkweb.com" > /dev/null << 'EOF'
# API Faucet Bitcoin Signet
server {
listen 80;
server_name faucet.certificator.4nkweb.com;
# Logs
access_log /var/log/nginx/faucet.certificator.4nkweb.com.access.log;
error_log /var/log/nginx/faucet.certificator.4nkweb.com.error.log;
# Proxy vers le service Node.js (port 3021)
# Note: Les services tournent sur 192.168.1.105
location / {
proxy_pass http://192.168.1.105:3021;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_cache_bypass $http_upgrade;
proxy_read_timeout 300s;
proxy_connect_timeout 75s;
}
}
EOF
# 3. Anchorage (port 3010)
echo "📝 Configuration de anchorage.certificator.4nkweb.com..."
${SUDO_CMD} tee "${NGINX_SITES_AVAILABLE}/anchorage.certificator.4nkweb.com" > /dev/null << 'EOF'
# API Anchorage Bitcoin Signet
server {
listen 80;
server_name anchorage.certificator.4nkweb.com;
# Logs
access_log /var/log/nginx/anchorage.certificator.4nkweb.com.access.log;
error_log /var/log/nginx/anchorage.certificator.4nkweb.com.error.log;
# Proxy vers le service Node.js (port 3010)
# Note: Les services tournent sur 192.168.1.105
location / {
proxy_pass http://192.168.1.105:3010;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_cache_bypass $http_upgrade;
proxy_read_timeout 300s;
proxy_connect_timeout 75s;
}
}
EOF
# Activer les sites
echo ""
echo "🔗 Activation des sites..."
${SUDO_CMD} ln -sf "${NGINX_SITES_AVAILABLE}/dashboard.certificator.4nkweb.com" "${NGINX_SITES_ENABLED}/dashboard.certificator.4nkweb.com"
${SUDO_CMD} ln -sf "${NGINX_SITES_AVAILABLE}/faucet.certificator.4nkweb.com" "${NGINX_SITES_ENABLED}/faucet.certificator.4nkweb.com"
${SUDO_CMD} ln -sf "${NGINX_SITES_AVAILABLE}/anchorage.certificator.4nkweb.com" "${NGINX_SITES_ENABLED}/anchorage.certificator.4nkweb.com"
# Tester la configuration Nginx
echo ""
echo "🔍 Test de la configuration Nginx..."
if ${SUDO_CMD} ${NGINX_BIN} -t; then
echo "✅ Configuration Nginx valide"
else
echo "❌ Erreur dans la configuration Nginx"
exit 1
fi
# Recharger Nginx (configuration HTTP uniquement pour l'instant)
echo ""
echo "🔄 Rechargement de Nginx (configuration HTTP)..."
${SUDO_CMD} systemctl reload nginx || ${SUDO_CMD} service nginx reload
# Générer les certificats SSL avec Certbot
echo ""
echo "🔐 Génération des certificats SSL avec Certbot..."
echo " Note: Certbot va automatiquement créer les configurations HTTPS"
echo ""
# Générer les certificats (un par un pour éviter les erreurs)
DOMAINS=(
"dashboard.certificator.4nkweb.com"
"faucet.certificator.4nkweb.com"
"anchorage.certificator.4nkweb.com"
)
for domain in "${DOMAINS[@]}"; do
echo "📜 Génération du certificat pour ${domain}..."
# Certbot va automatiquement modifier la config pour ajouter HTTPS et redirection
if ${SUDO_CMD} ${CERTBOT_BIN} --nginx -d "${domain}" --non-interactive --agree-tos --email admin@4nkweb.com --redirect; then
echo "✅ Certificat généré et configuration HTTPS créée pour ${domain}"
else
echo "⚠️ Erreur lors de la génération du certificat pour ${domain}"
echo " Vous pouvez le générer manuellement avec:"
echo " sudo ${CERTBOT_BIN} --nginx -d ${domain}"
fi
done
# Recharger Nginx final
echo ""
echo "🔄 Rechargement final de Nginx..."
${SUDO_CMD} systemctl reload nginx || ${SUDO_CMD} service nginx reload
echo ""
echo "✅ Configuration terminée !"
echo ""
echo "📋 Résumé:"
echo " - dashboard.certificator.4nkweb.com -> http://192.168.1.105:3020"
echo " - faucet.certificator.4nkweb.com -> http://192.168.1.105:3021"
echo " - anchorage.certificator.4nkweb.com -> http://192.168.1.105:3010"
echo ""
echo "⚠️ Note: Si les services tournent sur une autre machine,"
echo " modifiez les IP dans les fichiers de configuration Nginx"
echo ""
echo "🔍 Vérification:"
echo " - Test Nginx: nginx -t"
echo " - Status: systemctl status nginx"
echo " - Logs: tail -f /var/log/nginx/*.error.log"
echo ""
Reference in New Issue View Git Blame Copy Permalink