From 47a256197a7e06124c918cc6444989c180914012 Mon Sep 17 00:00:00 2001
From: Your Name <you@example.com>
Date: Tue, 26 Aug 2025 03:42:55 +0200
Subject: [PATCH] revert: restauration fichiers Docker et Nginx

---
 Dockerfile                  | 67 ++++++++++++++++++++++++++
 docker-compose.4nk-node.yml | 43 +++++++++++++++++
 nginx.4nk-node.conf         | 96 +++++++++++++++++++++++++++++++++++++
 nginx.dev.conf              | 48 +++++++++++++++++++
 4 files changed, 254 insertions(+)
 create mode 100755 Dockerfile
 create mode 100644 docker-compose.4nk-node.yml
 create mode 100644 nginx.4nk-node.conf
 create mode 100644 nginx.dev.conf

diff --git a/Dockerfile b/Dockerfile
new file mode 100755
index 0000000..80f905c
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,67 @@
+# Dockerfile optimisé pour l'intégration dans 4NK_node
+FROM node:20-alpine AS builder
+
+WORKDIR /app
+
+# Installation des dépendances système
+RUN apk update && apk add --no-cache \
+    git \
+    build-base \
+    python3 \
+    make \
+    g++ \
+    curl \
+    ca-certificates
+
+# Copie des fichiers de dépendances
+COPY package*.json ./
+
+# Installation des dépendances (inclut les devDependencies nécessaires au build)
+RUN npm install
+
+# Copie du code source
+COPY . .
+
+# Préparation des dépendances wasm (pkg/sdk_client)
+ARG SDK_CLIENT_PKG_URL=""
+ARG SDK_CLIENT_PKG_TARBALL=""
+ARG SDK_CLIENT_PKG_BASE="https://git.4nkweb.com/4nk/ihm_client/raw/branch/docker-support/pkg"
+ENV SDK_CLIENT_PKG_URL=${SDK_CLIENT_PKG_URL}
+ENV SDK_CLIENT_PKG_TARBALL=${SDK_CLIENT_PKG_TARBALL}
+ENV SDK_CLIENT_PKG_BASE=${SDK_CLIENT_PKG_BASE}
+RUN chmod +x ./scripts/setup-remote-deps.sh && npm run build_wasm
+
+# Build de l'application
+RUN npm run build
+
+# Image de production
+FROM nginx:alpine
+
+# Installation de Node.js pour les scripts de démarrage
+RUN apk update && apk add --no-cache nodejs npm wget
+
+# Copie des fichiers buildés
+COPY --from=builder /app/dist /usr/share/nginx/html
+COPY --from=builder /app/package*.json /app/
+
+# Index HTML minimal chargeant le bundle
+RUN printf '<!doctype html>\n<html lang="fr">\n<head>\n  <meta charset="UTF-8" />\n  <meta name="viewport" content="width=device-width, initial-scale=1.0" />\n  <title>4NK UI</title>\n</head>\n<body>\n  <div id="app"></div>\n  <script type="module" src="/index.js"></script>\n</body>\n</html>\n' > /usr/share/nginx/html/index.html
+
+# Copie de la configuration nginx optimisée pour 4NK_node
+COPY nginx.conf /etc/nginx/conf.d/default.conf
+
+# Script de démarrage
+COPY start.sh /start-4nk-node.sh
+RUN chmod +x /start-4nk-node.sh
+
+# Exposition des ports
+EXPOSE 80 3003
+
+# Variables d'environnement pour 4NK_node
+ENV SDK_RELAY_WS_URL=ws://sdk_relay_1:8090
+ENV SDK_RELAY_HTTP_URL=http://sdk_relay_1:8091
+ENV BITCOIN_RPC_URL=http://bitcoin:18443
+ENV BLINDBIT_URL=http://blindbit:8000
+
+# Point d'entrée
+CMD ["/start-4nk-node.sh"]
diff --git a/docker-compose.4nk-node.yml b/docker-compose.4nk-node.yml
new file mode 100644
index 0000000..a35dd3b
--- /dev/null
+++ b/docker-compose.4nk-node.yml
@@ -0,0 +1,43 @@
+version: '3.8'
+
+services:
+  ihm_client:
+    build:
+      context: .
+      dockerfile: Dockerfile.4nk-node
+    container_name: 4nk-ihm-client
+    ports:
+      - "8080:80"
+      - "3003:3003"
+    environment:
+      - SDK_RELAY_WS_URL=ws://sdk_relay_1:8090
+      - SDK_RELAY_HTTP_URL=http://sdk_relay_1:8091
+      - BITCOIN_RPC_URL=http://bitcoin:18443
+      - BLINDBIT_URL=http://blindbit:8000
+      - NODE_ENV=production
+    volumes:
+      - ihm_client_logs:/var/log/nginx
+      - ihm_client_data:/usr/share/nginx/html/data
+    networks:
+      - btcnet
+    depends_on:
+      - sdk_relay_1
+      - sdk_relay_2
+      - sdk_relay_3
+    restart: unless-stopped
+    healthcheck:
+      test: ["CMD", "wget", "--quiet", "--tries=1", "--timeout=5", "--spider", "http://localhost"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 40s
+
+volumes:
+  ihm_client_logs:
+    driver: local
+  ihm_client_data:
+    driver: local
+
+networks:
+  btcnet:
+    external: true
diff --git a/nginx.4nk-node.conf b/nginx.4nk-node.conf
new file mode 100644
index 0000000..318b3e4
--- /dev/null
+++ b/nginx.4nk-node.conf
@@ -0,0 +1,96 @@
+server {
+    listen 80;
+    server_name localhost;
+    root /usr/share/nginx/html;
+    index index.html;
+
+    # Gestion des fichiers statiques
+    location / {
+        try_files $uri $uri/ /index.html;
+
+        # Headers de sécurité
+        add_header X-Frame-Options "SAMEORIGIN" always;
+        add_header X-Content-Type-Options "nosniff" always;
+        add_header X-XSS-Protection "1; mode=block" always;
+        add_header Referrer-Policy "strict-origin-when-cross-origin" always;
+    }
+
+    # Proxy vers sdk_relay WebSocket
+    location /ws/ {
+        proxy_pass http://sdk_relay_1:8090;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_read_timeout 86400;
+        proxy_send_timeout 86400;
+    }
+
+    # Proxy vers sdk_relay HTTP API
+    location /api/ {
+        proxy_pass http://sdk_relay_1:8091/;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+
+        # CORS headers
+        add_header Access-Control-Allow-Origin "*" always;
+        add_header Access-Control-Allow-Methods "GET, POST, OPTIONS, PUT, DELETE" always;
+        add_header Access-Control-Allow-Headers "Authorization,Content-Type,Accept,X-Requested-With" always;
+
+        # Gestion des requêtes OPTIONS
+        if ($request_method = 'OPTIONS') {
+            add_header Access-Control-Allow-Origin "*";
+            add_header Access-Control-Allow-Methods "GET, POST, OPTIONS, PUT, DELETE";
+            add_header Access-Control-Allow-Headers "Authorization,Content-Type,Accept,X-Requested-With";
+            add_header Content-Length 0;
+            add_header Content-Type text/plain;
+            return 204;
+        }
+    }
+
+    # Proxy vers Bitcoin Core RPC (si nécessaire)
+    location /bitcoin/ {
+        proxy_pass http://bitcoin:18443/;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+
+        # Authentification basique pour Bitcoin RPC
+        auth_basic "Bitcoin RPC";
+        auth_basic_user_file /etc/nginx/.htpasswd;
+    }
+
+    # Proxy vers Blindbit (si nécessaire)
+    location /blindbit/ {
+        proxy_pass http://blindbit:8000/;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+    # Cache pour les assets statiques
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
+        expires 1y;
+        add_header Cache-Control "public, immutable";
+        try_files $uri =404;
+    }
+
+    # Gestion des erreurs
+    error_page 404 /index.html;
+    error_page 500 502 503 504 /50x.html;
+
+    location = /50x.html {
+        root /usr/share/nginx/html;
+    }
+
+    # Logs
+    access_log /var/log/nginx/ihm_client_access.log;
+    error_log /var/log/nginx/ihm_client_error.log;
+}
diff --git a/nginx.dev.conf b/nginx.dev.conf
new file mode 100644
index 0000000..c125de3
--- /dev/null
+++ b/nginx.dev.conf
@@ -0,0 +1,48 @@
+server {
+    listen 80;
+    server_name localhost;
+
+    # Redirection des requêtes HTTP vers Vite
+    location / {
+        proxy_pass http://localhost:3003;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "Upgrade";
+        proxy_set_header Host $host;
+    }
+
+    location /ws/ {
+        proxy_pass http://localhost:8090;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "Upgrade";
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header X-NginX-Proxy true;
+        proxy_read_timeout 86400;
+    }
+
+    location /storage/ {
+        rewrite ^/storage(/.*)$ $1 break;
+        proxy_pass http://localhost:8080;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "Upgrade";
+        proxy_set_header Host $host;
+    }
+
+    location /api/ {
+        proxy_pass http://localhost:8091;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+
+        # CORS headers
+        add_header Access-Control-Allow-Origin "*" always;
+        add_header Access-Control-Allow-Methods "GET, POST, OPTIONS, PUT, DELETE" always;
+        add_header Access-Control-Allow-Headers "Authorization,Content-Type,Accept,X-Requested-With" always;
+    }
+} 
\ No newline at end of file