feat(scripts): add nginx conf backup and commit backups\n\nci: docker_tag=ext\n\nBackup local and project nginx configs into backups/nginx/<timestamp>/; include tarball. Ensure reproducible archives for audit.

2025-09-24 18:06:10 +02:00 · 2025-09-24 18:06:10 +02:00 · 8283185022
commit 8283185022
parent efe9dbde1b
80 changed files with 4093 additions and 0 deletions
--- a/.env.bak.1758716763
+++ b/.env.bak.1758716763
@ -0,0 +1,64 @@
+# Configuration OVH
+OVH_APP_KEY=5ab0709bbb65ef26
+OVH_APP_SECRET=de1fac1779d707d263a611a557cd5766
+OVH_CONSUMER_KEY=5fe817829b8a9c780cfa2354f8312ece
+OVH_SMS_SERVICE_NAME=sms-tt802880-1
+
+# Configuration SMS Factor
+SMS_FACTOR_TOKEN=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiI4NzgzNiIsImlhdCI6MTcwMTMzOTY1Mi45NDUzOH0.GNoqLb5MDBWuniNlQjbr1PKolwxGqBZe_tf4IMObvHw
+
+#Configuration Mailchimp
+MAILCHIMP_API_KEY=md-VVfaml-ApIV4nsGgaJKl0A
+MAILCHIMP_KEY=3fa54304bc766dfd0b8043a827b28a3a-us17
+MAILCHIMP_LIST_ID=a48d9ad852
+
+#Configuration Stripe
+STRIPE_SECRET_KEY=sk_test_51OwKmMP5xh1u9BqSeFpqw0Yr15hHtFsh0pvRGaE0VERhlYtvw33ND1qiGA6Dy1DPmmV61B6BqIimlhuv7bwElhjF00PLQwD60n
+STRIPE_WEBHOOK_SECRET=
+STRIPE_STANDARD_SUBSCRIPTION_PRICE_ID=price_1P66fuP5xh1u9BqSHj0O6Uy3
+STRIPE_STANDARD_ANNUAL_SUBSCRIPTION_PRICE_ID=price_1P9NsRP5xh1u9BqSFgkUDbQY
+STRIPE_UNLIMITED_SUBSCRIPTION_PRICE_ID=price_1P66RqP5xh1u9BqSuUzkQNac
+STRIPE_UNLIMITED_ANNUAL_SUBSCRIPTION_PRICE_ID=price_1P9NpKP5xh1u9BqSApFogvUB
+
+# Configuration serveur
+APP_HOST=https://demo.4nkweb.com
+PORT=
+
+# Configuration front-end
+NEXT_PUBLIC_4NK_URL=https://demo.4nkweb.com
+NEXT_PUBLIC_FRONT_APP_HOST=https://demo.4nkweb.com
+NEXT_PUBLIC_IDNOT_BASE_URL=https://qual-connexion.idnot.fr
+NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT=/IdPOAuth2/authorize/idnot_idp_v1
+NEXT_PUBLIC_BACK_API_PROTOCOL=http
+NEXT_PUBLIC_BACK_API_HOST=localhost
+BACK_API_PORT=8081
+BACK_API_ROOT_URL=/api
+BACK_API_VERSION=/v1
+
+# Configuration idnot
+IDNOT_ANNUARY_BASE_URL='https://qual-api.notaires.fr/annuaire'
+IDNOT_API_KEY='ba557f84-0bf6-4dbf-844f-df2767555e3e'
+
+# Configuration PostgreSQL
+DB_HOST=
+DB_PORT=
+DB_NAME=
+DB_USER=
+DB_PASSWORD=
+
+# Variables IdNot manquantes pour l'authentification
+IDNOT_API_BASE_URL='https://qual-api.notaires.fr'
+IDNOT_REDIRECT_URI='https://lecoffreio.4nkweb.com/authorized-client'
+IDNOT_TOKEN_URL='https://qual-connexion.idnot.fr/user/IdPOAuth2/token/idnot_idp_v1'
+
+IDNOT_API_KEY=ba557f84-0bf6-4dbf-844f-df2767555e3e
+IDNOT_CLIENT_ID=B3CE56353EDB15A9
+IDNOT_CLIENT_SECRET=3F733549E879878344B6C949B366BB5CDBB2DB5B7F7AB7EBBEBB0F0DD0776D1C
+NEXT_PUBLIC_IDNOT_CLIENT_ID=B3CE56353EDB15A9
+STATE_TTL_SECONDS=180
+
+
+
+ALLOWED_REDIRECT_HOST_PATTERNS=^lecoffreio\.4nkweb\.com$
+ALLOW_LOCALHOST_REDIRECTS=false
+BACK_HMAC_SECRET=7e0f4a8b7c9d3e2fb6c1a5d4e8f09b1c2d3e4f5a6b7c8d9e0f1a2b3c4d5e6f70
--- a/backups/nginx/20250924-180551.tar.gz
+++ b/backups/nginx/20250924-180551.tar.gz
--- a/backups/nginx/20250924-180551/local_etc_nginx/conf.d/default.conf
+++ b/backups/nginx/20250924-180551/local_etc_nginx/conf.d/default.conf
@ -0,0 +1,44 @@
+server {
+    listen       80;
+    server_name  localhost;
+
+    #access_log  /var/log/nginx/host.access.log  main;
+
+    location / {
+        root   /usr/share/nginx/html;
+        index  index.html index.htm;
+    }
+
+    #error_page  404              /404.html;
+
+    # redirect server error pages to the static page /50x.html
+    #
+    error_page   500 502 503 504  /50x.html;
+    location = /50x.html {
+        root   /usr/share/nginx/html;
+    }
+
+    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
+    #
+    #location ~ \.php$ {
+    #    proxy_pass   http://127.0.0.1;
+    #}
+
+    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
+    #
+    #location ~ \.php$ {
+    #    root           html;
+    #    fastcgi_pass   127.0.0.1:9000;
+    #    fastcgi_index  index.php;
+    #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
+    #    include        fastcgi_params;
+    #}
+
+    # deny access to .htaccess files, if Apache's document root
+    # concurs with nginx's one
+    #
+    #location ~ /\.ht {
+    #    deny  all;
+    #}
+}
+
--- a/backups/nginx/20250924-180551/local_etc_nginx/fastcgi.conf
+++ b/backups/nginx/20250924-180551/local_etc_nginx/fastcgi.conf
@ -0,0 +1,27 @@
+
+fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
+fastcgi_param  QUERY_STRING       $query_string;
+fastcgi_param  REQUEST_METHOD     $request_method;
+fastcgi_param  CONTENT_TYPE       $content_type;
+fastcgi_param  CONTENT_LENGTH     $content_length;
+
+fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
+fastcgi_param  REQUEST_URI        $request_uri;
+fastcgi_param  DOCUMENT_URI       $document_uri;
+fastcgi_param  DOCUMENT_ROOT      $document_root;
+fastcgi_param  SERVER_PROTOCOL    $server_protocol;
+fastcgi_param  REQUEST_SCHEME     $scheme;
+fastcgi_param  HTTPS              $https if_not_empty;
+
+fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
+fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
+
+fastcgi_param  REMOTE_ADDR        $remote_addr;
+fastcgi_param  REMOTE_PORT        $remote_port;
+fastcgi_param  REMOTE_USER        $remote_user;
+fastcgi_param  SERVER_ADDR        $server_addr;
+fastcgi_param  SERVER_PORT        $server_port;
+fastcgi_param  SERVER_NAME        $server_name;
+
+# PHP only, required if PHP was built with --enable-force-cgi-redirect
+fastcgi_param  REDIRECT_STATUS    200;
--- a/backups/nginx/20250924-180551/local_etc_nginx/fastcgi_params
+++ b/backups/nginx/20250924-180551/local_etc_nginx/fastcgi_params
@ -0,0 +1,25 @@
+
+fastcgi_param  QUERY_STRING       $query_string;
+fastcgi_param  REQUEST_METHOD     $request_method;
+fastcgi_param  CONTENT_TYPE       $content_type;
+fastcgi_param  CONTENT_LENGTH     $content_length;
+
+fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
+fastcgi_param  REQUEST_URI        $request_uri;
+fastcgi_param  DOCUMENT_URI       $document_uri;
+fastcgi_param  DOCUMENT_ROOT      $document_root;
+fastcgi_param  SERVER_PROTOCOL    $server_protocol;
+fastcgi_param  REQUEST_SCHEME     $scheme;
+fastcgi_param  HTTPS              $https if_not_empty;
+
+fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
+fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
+
+fastcgi_param  REMOTE_ADDR        $remote_addr;
+fastcgi_param  REMOTE_PORT        $remote_port;
+fastcgi_param  SERVER_ADDR        $server_addr;
+fastcgi_param  SERVER_PORT        $server_port;
+fastcgi_param  SERVER_NAME        $server_name;
+
+# PHP only, required if PHP was built with --enable-force-cgi-redirect
+fastcgi_param  REDIRECT_STATUS    200;
--- a/backups/nginx/20250924-180551/local_etc_nginx/koi-utf
+++ b/backups/nginx/20250924-180551/local_etc_nginx/koi-utf
@ -0,0 +1,109 @@
+
+# This map is not a full koi8-r <> utf8 map: it does not contain
+# box-drawing and some other characters.  Besides this map contains
+# several koi8-u and Byelorussian letters which are not in koi8-r.
+# If you need a full and standard map, use contrib/unicode2nginx/koi-utf
+# map instead.
+
+charset_map  koi8-r  utf-8 {
+
+    80  E282AC ; # euro
+
+    95  E280A2 ; # bullet
+
+    9A  C2A0 ;   # &nbsp;
+
+    9E  C2B7 ;   # &middot;
+
+    A3  D191 ;   # small yo
+    A4  D194 ;   # small Ukrainian ye
+
+    A6  D196 ;   # small Ukrainian i
+    A7  D197 ;   # small Ukrainian yi
+
+    AD  D291 ;   # small Ukrainian soft g
+    AE  D19E ;   # small Byelorussian short u
+
+    B0  C2B0 ;   # &deg;
+
+    B3  D081 ;   # capital YO
+    B4  D084 ;   # capital Ukrainian YE
+
+    B6  D086 ;   # capital Ukrainian I
+    B7  D087 ;   # capital Ukrainian YI
+
+    B9  E28496 ; # numero sign
+
+    BD  D290 ;   # capital Ukrainian soft G
+    BE  D18E ;   # capital Byelorussian short U
+
+    BF  C2A9 ;   # (C)
+
+    C0  D18E ;   # small yu
+    C1  D0B0 ;   # small a
+    C2  D0B1 ;   # small b
+    C3  D186 ;   # small ts
+    C4  D0B4 ;   # small d
+    C5  D0B5 ;   # small ye
+    C6  D184 ;   # small f
+    C7  D0B3 ;   # small g
+    C8  D185 ;   # small kh
+    C9  D0B8 ;   # small i
+    CA  D0B9 ;   # small j
+    CB  D0BA ;   # small k
+    CC  D0BB ;   # small l
+    CD  D0BC ;   # small m
+    CE  D0BD ;   # small n
+    CF  D0BE ;   # small o
+
+    D0  D0BF ;   # small p
+    D1  D18F ;   # small ya
+    D2  D180 ;   # small r
+    D3  D181 ;   # small s
+    D4  D182 ;   # small t
+    D5  D183 ;   # small u
+    D6  D0B6 ;   # small zh
+    D7  D0B2 ;   # small v
+    D8  D18C ;   # small soft sign
+    D9  D18B ;   # small y
+    DA  D0B7 ;   # small z
+    DB  D188 ;   # small sh
+    DC  D18D ;   # small e
+    DD  D189 ;   # small shch
+    DE  D187 ;   # small ch
+    DF  D18A ;   # small hard sign
+
+    E0  D0AE ;   # capital YU
+    E1  D090 ;   # capital A
+    E2  D091 ;   # capital B
+    E3  D0A6 ;   # capital TS
+    E4  D094 ;   # capital D
+    E5  D095 ;   # capital YE
+    E6  D0A4 ;   # capital F
+    E7  D093 ;   # capital G
+    E8  D0A5 ;   # capital KH
+    E9  D098 ;   # capital I
+    EA  D099 ;   # capital J
+    EB  D09A ;   # capital K
+    EC  D09B ;   # capital L
+    ED  D09C ;   # capital M
+    EE  D09D ;   # capital N
+    EF  D09E ;   # capital O
+
+    F0  D09F ;   # capital P
+    F1  D0AF ;   # capital YA
+    F2  D0A0 ;   # capital R
+    F3  D0A1 ;   # capital S
+    F4  D0A2 ;   # capital T
+    F5  D0A3 ;   # capital U
+    F6  D096 ;   # capital ZH
+    F7  D092 ;   # capital V
+    F8  D0AC ;   # capital soft sign
+    F9  D0AB ;   # capital Y
+    FA  D097 ;   # capital Z
+    FB  D0A8 ;   # capital SH
+    FC  D0AD ;   # capital E
+    FD  D0A9 ;   # capital SHCH
+    FE  D0A7 ;   # capital CH
+    FF  D0AA ;   # capital hard sign
+}
--- a/backups/nginx/20250924-180551/local_etc_nginx/koi-win
+++ b/backups/nginx/20250924-180551/local_etc_nginx/koi-win
@ -0,0 +1,103 @@
+
+charset_map  koi8-r  windows-1251 {
+
+    80  88 ; # euro
+
+    95  95 ; # bullet
+
+    9A  A0 ; # &nbsp;
+
+    9E  B7 ; # &middot;
+
+    A3  B8 ; # small yo
+    A4  BA ; # small Ukrainian ye
+
+    A6  B3 ; # small Ukrainian i
+    A7  BF ; # small Ukrainian yi
+
+    AD  B4 ; # small Ukrainian soft g
+    AE  A2 ; # small Byelorussian short u
+
+    B0  B0 ; # &deg;
+
+    B3  A8 ; # capital YO
+    B4  AA ; # capital Ukrainian YE
+
+    B6  B2 ; # capital Ukrainian I
+    B7  AF ; # capital Ukrainian YI
+
+    B9  B9 ; # numero sign
+
+    BD  A5 ; # capital Ukrainian soft G
+    BE  A1 ; # capital Byelorussian short U
+
+    BF  A9 ; # (C)
+
+    C0  FE ; # small yu
+    C1  E0 ; # small a
+    C2  E1 ; # small b
+    C3  F6 ; # small ts
+    C4  E4 ; # small d
+    C5  E5 ; # small ye
+    C6  F4 ; # small f
+    C7  E3 ; # small g
+    C8  F5 ; # small kh
+    C9  E8 ; # small i
+    CA  E9 ; # small j
+    CB  EA ; # small k
+    CC  EB ; # small l
+    CD  EC ; # small m
+    CE  ED ; # small n
+    CF  EE ; # small o
+
+    D0  EF ; # small p
+    D1  FF ; # small ya
+    D2  F0 ; # small r
+    D3  F1 ; # small s
+    D4  F2 ; # small t
+    D5  F3 ; # small u
+    D6  E6 ; # small zh
+    D7  E2 ; # small v
+    D8  FC ; # small soft sign
+    D9  FB ; # small y
+    DA  E7 ; # small z
+    DB  F8 ; # small sh
+    DC  FD ; # small e
+    DD  F9 ; # small shch
+    DE  F7 ; # small ch
+    DF  FA ; # small hard sign
+
+    E0  DE ; # capital YU
+    E1  C0 ; # capital A
+    E2  C1 ; # capital B
+    E3  D6 ; # capital TS
+    E4  C4 ; # capital D
+    E5  C5 ; # capital YE
+    E6  D4 ; # capital F
+    E7  C3 ; # capital G
+    E8  D5 ; # capital KH
+    E9  C8 ; # capital I
+    EA  C9 ; # capital J
+    EB  CA ; # capital K
+    EC  CB ; # capital L
+    ED  CC ; # capital M
+    EE  CD ; # capital N
+    EF  CE ; # capital O
+
+    F0  CF ; # capital P
+    F1  DF ; # capital YA
+    F2  D0 ; # capital R
+    F3  D1 ; # capital S
+    F4  D2 ; # capital T
+    F5  D3 ; # capital U
+    F6  C6 ; # capital ZH
+    F7  C2 ; # capital V
+    F8  DC ; # capital soft sign
+    F9  DB ; # capital Y
+    FA  C7 ; # capital Z
+    FB  D8 ; # capital SH
+    FC  DD ; # capital E
+    FD  D9 ; # capital SHCH
+    FE  D7 ; # capital CH
+    FF  DA ; # capital hard sign
+}
--- a/backups/nginx/20250924-180551/local_etc_nginx/mime.types
+++ b/backups/nginx/20250924-180551/local_etc_nginx/mime.types
@ -0,0 +1,99 @@
+
+types {
+    text/html                                        html htm shtml;
+    text/css                                         css;
+    text/xml                                         xml;
+    image/gif                                        gif;
+    image/jpeg                                       jpeg jpg;
+    application/javascript                           js;
+    application/atom+xml                             atom;
+    application/rss+xml                              rss;
+
+    text/mathml                                      mml;
+    text/plain                                       txt;
+    text/vnd.sun.j2me.app-descriptor                 jad;
+    text/vnd.wap.wml                                 wml;
+    text/x-component                                 htc;
+
+    image/avif                                       avif;
+    image/png                                        png;
+    image/svg+xml                                    svg svgz;
+    image/tiff                                       tif tiff;
+    image/vnd.wap.wbmp                               wbmp;
+    image/webp                                       webp;
+    image/x-icon                                     ico;
+    image/x-jng                                      jng;
+    image/x-ms-bmp                                   bmp;
+
+    font/woff                                        woff;
+    font/woff2                                       woff2;
+
+    application/java-archive                         jar war ear;
+    application/json                                 json;
+    application/mac-binhex40                         hqx;
+    application/msword                               doc;
+    application/pdf                                  pdf;
+    application/postscript                           ps eps ai;
+    application/rtf                                  rtf;
+    application/vnd.apple.mpegurl                    m3u8;
+    application/vnd.google-earth.kml+xml             kml;
+    application/vnd.google-earth.kmz                 kmz;
+    application/vnd.ms-excel                         xls;
+    application/vnd.ms-fontobject                    eot;
+    application/vnd.ms-powerpoint                    ppt;
+    application/vnd.oasis.opendocument.graphics      odg;
+    application/vnd.oasis.opendocument.presentation  odp;
+    application/vnd.oasis.opendocument.spreadsheet   ods;
+    application/vnd.oasis.opendocument.text          odt;
+    application/vnd.openxmlformats-officedocument.presentationml.presentation
+                                                     pptx;
+    application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
+                                                     xlsx;
+    application/vnd.openxmlformats-officedocument.wordprocessingml.document
+                                                     docx;
+    application/vnd.wap.wmlc                         wmlc;
+    application/wasm                                 wasm;
+    application/x-7z-compressed                      7z;
+    application/x-cocoa                              cco;
+    application/x-java-archive-diff                  jardiff;
+    application/x-java-jnlp-file                     jnlp;
+    application/x-makeself                           run;
+    application/x-perl                               pl pm;
+    application/x-pilot                              prc pdb;
+    application/x-rar-compressed                     rar;
+    application/x-redhat-package-manager             rpm;
+    application/x-sea                                sea;
+    application/x-shockwave-flash                    swf;
+    application/x-stuffit                            sit;
+    application/x-tcl                                tcl tk;
+    application/x-x509-ca-cert                       der pem crt;
+    application/x-xpinstall                          xpi;
+    application/xhtml+xml                            xhtml;
+    application/xspf+xml                             xspf;
+    application/zip                                  zip;
+
+    application/octet-stream                         bin exe dll;
+    application/octet-stream                         deb;
+    application/octet-stream                         dmg;
+    application/octet-stream                         iso img;
+    application/octet-stream                         msi msp msm;
+
+    audio/midi                                       mid midi kar;
+    audio/mpeg                                       mp3;
+    audio/ogg                                        ogg;
+    audio/x-m4a                                      m4a;
+    audio/x-realaudio                                ra;
+
+    video/3gpp                                       3gpp 3gp;
+    video/mp2t                                       ts;
+    video/mp4                                        mp4;
+    video/mpeg                                       mpeg mpg;
+    video/quicktime                                  mov;
+    video/webm                                       webm;
+    video/x-flv                                      flv;
+    video/x-m4v                                      m4v;
+    video/x-mng                                      mng;
+    video/x-ms-asf                                   asx asf;
+    video/x-ms-wmv                                   wmv;
+    video/x-msvideo                                  avi;
+}
--- a/backups/nginx/20250924-180551/local_etc_nginx/modules
+++ b/backups/nginx/20250924-180551/local_etc_nginx/modules
@ -0,0 +1 @@
+/usr/lib/nginx/modules
--- a/backups/nginx/20250924-180551/local_etc_nginx/modules-enabled/50-mod-http-geoip.conf.removed
+++ b/backups/nginx/20250924-180551/local_etc_nginx/modules-enabled/50-mod-http-geoip.conf.removed
@ -0,0 +1 @@
+/usr/share/nginx/modules-available/mod-http-geoip.conf
--- a/backups/nginx/20250924-180551/local_etc_nginx/modules-enabled/50-mod-http-image-filter.conf.removed
+++ b/backups/nginx/20250924-180551/local_etc_nginx/modules-enabled/50-mod-http-image-filter.conf.removed
@ -0,0 +1 @@
+/usr/share/nginx/modules-available/mod-http-image-filter.conf
--- a/backups/nginx/20250924-180551/local_etc_nginx/modules-enabled/50-mod-http-xslt-filter.conf.removed
+++ b/backups/nginx/20250924-180551/local_etc_nginx/modules-enabled/50-mod-http-xslt-filter.conf.removed
@ -0,0 +1 @@
+/usr/share/nginx/modules-available/mod-http-xslt-filter.conf
--- a/backups/nginx/20250924-180551/local_etc_nginx/modules-enabled/50-mod-mail.conf.removed
+++ b/backups/nginx/20250924-180551/local_etc_nginx/modules-enabled/50-mod-mail.conf.removed
@ -0,0 +1 @@
+/usr/share/nginx/modules-available/mod-mail.conf
--- a/backups/nginx/20250924-180551/local_etc_nginx/modules-enabled/50-mod-stream.conf.removed
+++ b/backups/nginx/20250924-180551/local_etc_nginx/modules-enabled/50-mod-stream.conf.removed
@ -0,0 +1 @@
+/usr/share/nginx/modules-available/mod-stream.conf
--- a/backups/nginx/20250924-180551/local_etc_nginx/modules-enabled/70-mod-stream-geoip.conf.removed
+++ b/backups/nginx/20250924-180551/local_etc_nginx/modules-enabled/70-mod-stream-geoip.conf.removed
@ -0,0 +1 @@
+/usr/share/nginx/modules-available/mod-stream-geoip.conf
--- a/backups/nginx/20250924-180551/local_etc_nginx/nginx.conf
+++ b/backups/nginx/20250924-180551/local_etc_nginx/nginx.conf
@ -0,0 +1,34 @@
+
+user  nginx;
+worker_processes  auto;
+
+error_log  /var/log/nginx/error.log notice;
+pid        /var/run/nginx.pid;
+
+include /etc/nginx/stream.d/*.conf;
+
+events {
+    worker_connections  1024;
+}
+
+
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile        on;
+    #tcp_nopush     on;
+
+    keepalive_timeout  65;
+
+    #gzip  on;
+
+    include /etc/nginx/conf.d/*.conf;
+    include /etc/nginx/sites-enabled/*;
+}
--- a/backups/nginx/20250924-180551/local_etc_nginx/nginx.conf.bak-2025-09-23-151031
+++ b/backups/nginx/20250924-180551/local_etc_nginx/nginx.conf.bak-2025-09-23-151031
@ -0,0 +1,33 @@
+
+user  nginx;
+worker_processes  auto;
+
+error_log  /var/log/nginx/error.log notice;
+pid        /var/run/nginx.pid;
+
+
+events {
+    worker_connections  1024;
+}
+
+
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile        on;
+    #tcp_nopush     on;
+
+    keepalive_timeout  65;
+
+    #gzip  on;
+
+    include /etc/nginx/conf.d/*.conf;
+    include /etc/nginx/sites-enabled/*;
+}
--- a/backups/nginx/20250924-180551/local_etc_nginx/nginx.conf.bak-2025-09-23-151432
+++ b/backups/nginx/20250924-180551/local_etc_nginx/nginx.conf.bak-2025-09-23-151432
@ -0,0 +1,34 @@
+
+user  nginx;
+worker_processes  auto;
+
+error_log  /var/log/nginx/error.log notice;
+pid        /var/run/nginx.pid;
+
+include /etc/nginx/stream.d/*.conf;
+
+events {
+    worker_connections  1024;
+}
+
+
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile        on;
+    #tcp_nopush     on;
+
+    keepalive_timeout  65;
+
+    #gzip  on;
+
+    include /etc/nginx/conf.d/*.conf;
+    include /etc/nginx/sites-enabled/*;
+}
--- a/backups/nginx/20250924-180551/local_etc_nginx/nginx.conf.bak-2025-09-23-151838
+++ b/backups/nginx/20250924-180551/local_etc_nginx/nginx.conf.bak-2025-09-23-151838
@ -0,0 +1,35 @@
+
+user  nginx;
+worker_processes  auto;
+
+error_log  /var/log/nginx/error.log notice;
+pid        /var/run/nginx.pid;
+
+include /etc/nginx/stream.d/*.conf;
+include /etc/nginx/stream.d/*.conf;
+
+events {
+    worker_connections  1024;
+}
+
+
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile        on;
+    #tcp_nopush     on;
+
+    keepalive_timeout  65;
+
+    #gzip  on;
+
+    include /etc/nginx/conf.d/*.conf;
+    include /etc/nginx/sites-enabled/*;
+}
--- a/backups/nginx/20250924-180551/local_etc_nginx/proxy_params
+++ b/backups/nginx/20250924-180551/local_etc_nginx/proxy_params
@ -0,0 +1,4 @@
+proxy_set_header Host $http_host;
+proxy_set_header X-Real-IP $remote_addr;
+proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+proxy_set_header X-Forwarded-Proto $scheme;
--- a/backups/nginx/20250924-180551/local_etc_nginx/scgi_params
+++ b/backups/nginx/20250924-180551/local_etc_nginx/scgi_params
@ -0,0 +1,17 @@
+
+scgi_param  REQUEST_METHOD     $request_method;
+scgi_param  REQUEST_URI        $request_uri;
+scgi_param  QUERY_STRING       $query_string;
+scgi_param  CONTENT_TYPE       $content_type;
+
+scgi_param  DOCUMENT_URI       $document_uri;
+scgi_param  DOCUMENT_ROOT      $document_root;
+scgi_param  SCGI               1;
+scgi_param  SERVER_PROTOCOL    $server_protocol;
+scgi_param  REQUEST_SCHEME     $scheme;
+scgi_param  HTTPS              $https if_not_empty;
+
+scgi_param  REMOTE_ADDR        $remote_addr;
+scgi_param  REMOTE_PORT        $remote_port;
+scgi_param  SERVER_PORT        $server_port;
+scgi_param  SERVER_NAME        $server_name;
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/demo.4nkweb.com
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/demo.4nkweb.com
@ -0,0 +1,100 @@
+
+server {
+        listen 443 ssl;
+        server_name demo.4nkweb.com;
+	
+	ssl_certificate /etc/letsencrypt/live/demo.4nkweb.com/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/demo.4nkweb.com/privkey.pem;
+
+        ssl_protocols TLSv1.2 TLSv1.3;
+        ssl_prefer_server_ciphers on;
+        ssl_ciphers HIGH:!aNULL:!MD5;
+        # Redirection des requêtes HTTP normales vers Vite
+        location / {
+                proxy_pass http://localhost:3003;
+                proxy_http_version 1.1;
+                proxy_set_header Upgrade $http_upgrade;
+                proxy_set_header Connection "Upgrade";
+                proxy_set_header Host $host;
+        }
+
+        location /ws {
+                proxy_pass http://127.0.0.1:8090/;
+                proxy_http_version 1.1;
+                proxy_set_header Upgrade $http_upgrade;
+                proxy_set_header Connection "Upgrade";
+                proxy_set_header Host $host;
+                proxy_set_header X-Real-IP $remote_addr;
+                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+                proxy_set_header X-Forwarded-Proto $scheme;
+                proxy_set_header X-NginX-Proxy true;
+
+                proxy_read_timeout 86400;  # Keep connection open for WebSocket
+#               proxy_set_header Connection "Upgrade";
+                proxy_redirect off;
+            }
+
+	location /ws/ {
+		proxy_pass http://127.0.0.1:8090/;
+		proxy_http_version 1.1;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "Upgrade";
+		proxy_set_header Host $host;
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto $scheme;
+		proxy_set_header X-NginX-Proxy true;
+
+		proxy_read_timeout 86400;  # Keep connection open for WebSocket
+#		proxy_set_header Connection "Upgrade";
+		proxy_redirect off;
+	    }
+
+        location /signer/ {
+                proxy_pass http://localhost:9090;
+                proxy_http_version 1.1;
+                proxy_set_header Upgrade $http_upgrade;
+                proxy_set_header Connection "Upgrade";
+                proxy_set_header Host $host;
+                proxy_set_header X-Real-IP $remote_addr;
+                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+                proxy_set_header X-Forwarded-Proto $scheme;
+                proxy_set_header X-NginX-Proxy true;
+
+                proxy_read_timeout 86400;  # Keep connection open for WebSocket
+                proxy_set_header Connection "Upgrade";
+            }
+
+        location /storage/ {
+
+                proxy_pass http://localhost:8081/;
+                proxy_http_version 1.1;
+                proxy_set_header Upgrade $http_upgrade;
+                proxy_set_header Connection "Upgrade";
+                proxy_set_header Host $host;
+        }
+
+        location /blindbit/ {
+                proxy_pass http://localhost:8000/;
+                proxy_http_version 1.1;
+                proxy_set_header Upgrade $http_upgrade;
+                proxy_set_header Connection "Upgrade";
+                proxy_set_header Host $host;
+        }
+
+        location /back/ {
+                proxy_pass http://localhost:8081/;
+                proxy_http_version 1.1;
+                proxy_set_header Upgrade $http_upgrade;
+                proxy_set_header Connection "Upgrade";
+                proxy_set_header Host $host;
+        }
+}
+
+server {
+    listen 80;
+    server_name demo.4nkweb.com;
+
+    return 301 https://$host$request_uri;
+}
+
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev1.4nkweb.com
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev1.4nkweb.com
@ -0,0 +1,60 @@
+server {
+        listen 443 ssl;
+        server_name dev1.4nkweb.com;
+
+        ssl_certificate /etc/letsencrypt/live/dev1.4nkweb.com/fullchain.pem;
+        ssl_certificate_key /etc/letsencrypt/live/dev1.4nkweb.com/privkey.pem;
+
+        ssl_protocols TLSv1.2 TLSv1.3;
+        ssl_prefer_server_ciphers on;
+        ssl_ciphers HIGH:!aNULL:!MD5;
+        # Redirection des requêtes HTTP normales vers Vite
+        location / {
+                proxy_pass http://localhost:3002;
+                proxy_http_version 1.1;
+                proxy_set_header Upgrade $http_upgrade;
+                proxy_set_header Connection "Upgrade";
+                proxy_set_header Host $host;
+        }
+
+        location /ws/ {
+                proxy_pass http://localhost:8090;
+                proxy_http_version 1.1;
+                proxy_set_header Upgrade $http_upgrade;
+                proxy_set_header Connection "Upgrade";
+                proxy_set_header Host $host;
+                proxy_set_header X-Real-IP $remote_addr;
+                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+                proxy_set_header X-Forwarded-Proto $scheme;
+                proxy_set_header X-NginX-Proxy true;
+
+                proxy_read_timeout 86400;  # Keep connection open for WebSocket
+                proxy_set_header Connection "Upgrade";
+            }
+
+        location /storage/ {
+                rewrite ^/storage(/.*)$ $1 break;
+                proxy_pass http://localhost:8080;
+                proxy_http_version 1.1;
+                proxy_set_header Upgrade $http_upgrade;
+                proxy_set_header Connection "Upgrade";
+                proxy_set_header Host $host;
+        }
+
+    ssl_certificate /etc/letsencrypt/live/dev1.4nkweb.com/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/dev1.4nkweb.com/privkey.pem; # managed by Certbot
+}
+
+server {
+    if ($host = dev1.4nkweb.com) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+    listen 80;
+    server_name dev1.4nkweb.com;
+
+    return 301 https://$host$request_uri;
+
+
+}
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev2.4nkweb.com
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev2.4nkweb.com
@ -0,0 +1,60 @@
+server {
+        listen 443 ssl;
+        server_name dev2.4nkweb.com;
+
+        ssl_certificate /etc/letsencrypt/live/demo.4nkweb.com/fullchain.pem;
+        ssl_certificate_key /etc/letsencrypt/live/demo.4nkweb.com/privkey.pem;
+
+        ssl_protocols TLSv1.2 TLSv1.3;
+        ssl_prefer_server_ciphers on;
+        ssl_ciphers HIGH:!aNULL:!MD5;
+        # Redirection des requêtes HTTP normales vers Vite
+        location / {
+                proxy_pass http://localhost:3003;
+                proxy_http_version 1.1;
+                proxy_set_header Upgrade $http_upgrade;
+                proxy_set_header Connection "Upgrade";
+                proxy_set_header Host $host;
+        }
+
+        location /ws/ {
+                proxy_pass http://localhost:8090;
+                proxy_http_version 1.1;
+                proxy_set_header Upgrade $http_upgrade;
+                proxy_set_header Connection "Upgrade";
+                proxy_set_header Host $host;
+                proxy_set_header X-Real-IP $remote_addr;
+                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+                proxy_set_header X-Forwarded-Proto $scheme;
+                proxy_set_header X-NginX-Proxy true;
+
+                proxy_read_timeout 86400;  # Keep connection open for WebSocket
+                proxy_set_header Connection "Upgrade";
+            }
+
+        location /storage/ {
+                rewrite ^/storage(/.*)$ $1 break;
+                proxy_pass http://localhost:8080;
+                proxy_http_version 1.1;
+                proxy_set_header Upgrade $http_upgrade;
+                proxy_set_header Connection "Upgrade";
+                proxy_set_header Host $host;
+        }
+
+    ssl_certificate /etc/letsencrypt/live/dev2.4nkweb.com/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/dev2.4nkweb.com/privkey.pem; # managed by Certbot
+}
+
+server {
+    if ($host = dev2.4nkweb.com) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+    listen 80;
+    server_name dev2.4nkweb.com;
+
+    return 301 https://$host$request_uri;
+
+
+}
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev3.4nkweb.com
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev3.4nkweb.com
@ -0,0 +1,162 @@
+server {
+	listen 443 ssl;
+	server_name dev3.4nkweb.com;
+
+    # Callback IdNot -> backend, avec CORS dynamique et masquage des en-têtes upstream
+    location = /idnot/callback {
+        # Masquer les en-têtes CORS envoyés par l'upstream (Express)
+        proxy_hide_header Access-Control-Allow-Origin;
+        proxy_hide_header Access-Control-Allow-Credentials;
+        proxy_hide_header Access-Control-Allow-Headers;
+        proxy_hide_header Access-Control-Allow-Methods;
+
+        # CORS dynamique: autorise dev4, local.4nkweb.com:3000, localhost:3000 et sous-domaines *.4nkweb.com
+        set $cors_origin "";
+        if ($http_origin ~* ^(https://dev4\.4nkweb\.com|http://local\.4nkweb\.com:3000|http://localhost:3000|https://.*\.4nkweb\.com)$) {
+            set $cors_origin $http_origin;
+        }
+
+        # Préflight OPTIONS
+        if ($request_method = OPTIONS) {
+            add_header Access-Control-Allow-Origin $cors_origin always;
+            add_header Access-Control-Allow-Credentials "true" always;
+            add_header Access-Control-Allow-Headers "Content-Type, Authorization, x-session-id" always;
+            add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always;
+            add_header Vary "Origin, Access-Control-Request-Method, Access-Control-Request-Headers" always;
+            return 204;
+        }
+
+        # En-têtes CORS pour les autres méthodes
+        add_header Access-Control-Allow-Origin $cors_origin always;
+        add_header Access-Control-Allow-Credentials "true" always;
+        add_header Access-Control-Allow-Headers "Content-Type, Authorization, x-session-id" always;
+        add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always;
+        add_header Vary "Origin, Access-Control-Request-Method, Access-Control-Request-Headers" always;
+
+        proxy_pass http://127.0.0.1:8080;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+	ssl_certificate /etc/letsencrypt/live/dev3.4nkweb.com/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/dev3.4nkweb.com/privkey.pem;
+
+	ssl_protocols TLSv1.2 TLSv1.3;
+	ssl_prefer_server_ciphers on;
+	ssl_ciphers HIGH:!aNULL:!MD5;
+	# Redirection des requêtes HTTP normales vers Vite
+	location / {
+		proxy_pass http://localhost:3004;
+		proxy_http_version 1.1;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "Upgrade";
+		proxy_set_header Host $host;
+	}
+
+	location /ws/ {
+		proxy_pass http://localhost:8090;
+		proxy_http_version 1.1;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "Upgrade";
+		proxy_set_header Host $host;
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto $scheme;
+		proxy_set_header X-NginX-Proxy true;
+
+		proxy_read_timeout 86400;
+		proxy_set_header Connection "Upgrade";
+	}
+
+	location /storage/ {
+		if ($request_method = 'OPTIONS') {
+			add_header 'Access-Control-Allow-Origin' '*' always;
+			add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
+			add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, X-Requested-With' always;
+			add_header 'Access-Control-Max-Age' 86400;
+			add_header 'Content-Length' 0;
+			add_header 'Content-Type' 'text/plain';
+			return 204;
+		}
+
+		add_header 'Access-Control-Allow-Origin' '*' always;
+		add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
+		add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, X-Requested-With' always;
+
+		rewrite ^/storage(/.*)$ $1 break;
+		proxy_pass http://localhost:8080;
+		proxy_http_version 1.1;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "Upgrade";
+		proxy_set_header Host $host;
+	}
+
+	location ^~ /api/ {
+		# Masquer les en-têtes CORS de l'upstream (Express)
+		proxy_hide_header Access-Control-Allow-Origin;
+		proxy_hide_header Access-Control-Allow-Credentials;
+		proxy_hide_header Access-Control-Allow-Headers;
+		proxy_hide_header Access-Control-Allow-Methods;
+
+		# CORS dynamique: autorise dev4, local.4nkweb.com:3000, localhost:3000 et sous-domaines *.4nkweb.com
+		set $cors_origin "";
+		if ($http_origin ~* ^(https://dev4\.4nkweb\.com|http://local\.4nkweb\.com:3000|http://localhost:3000|https://.*\.4nkweb\.com)$) {
+			set $cors_origin $http_origin;
+		}
+
+		# Préflight OPTIONS
+		if ($request_method = OPTIONS) {
+			add_header Access-Control-Allow-Origin $cors_origin always;
+			add_header Access-Control-Allow-Credentials "true" always;
+			add_header Access-Control-Allow-Headers "Content-Type, Authorization, x-session-id" always;
+			add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always;
+			add_header Vary "Origin, Access-Control-Request-Method, Access-Control-Request-Headers" always;
+			return 204;
+		}
+
+		# En-têtes CORS pour les autres méthodes
+		add_header Access-Control-Allow-Origin $cors_origin always;
+		add_header Access-Control-Allow-Credentials "true" always;
+		add_header Access-Control-Allow-Headers "Content-Type, Authorization, x-session-id" always;
+		add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always;
+		add_header Vary "Origin, Access-Control-Request-Method, Access-Control-Request-Headers" always;
+
+		proxy_pass http://127.0.0.1:8080;
+		proxy_set_header Host              $host;
+		proxy_set_header X-Real-IP         $remote_addr;
+		proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto $scheme;
+	}
+
+	location @handle_502 {
+		internal;
+		add_header Access-Control-Allow-Origin  "*" always;
+		add_header Access-Control-Allow-Methods "GET, POST, OPTIONS, PUT, DELETE" always;
+		add_header Access-Control-Allow-Headers "Authorization, Content-Type, Accept, X-Requested-With" always;
+		return 502;
+	}
+
+}
+
+server {
+	if ($host = dev3.4nkweb.com) {
+		return 301 https://$host$request_uri;
+	} # managed by Certbot
+
+
+	listen 80;
+	server_name dev3.4nkweb.com;
+    location = /idnot/callback {
+        proxy_pass http://127.0.0.1:8080;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+	return 301 https://$host$request_uri;
+
+
+}
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev3.4nkweb.com.bak.2025-09-23-095706
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev3.4nkweb.com.bak.2025-09-23-095706
@ -0,0 +1,105 @@
+server {
+	listen 443 ssl;
+	server_name dev3.4nkweb.com;
+    location = /idnot/callback {
+        proxy_pass http://127.0.0.1:8080;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+    location = /idnot/callback {\n        proxy_pass http://127.0.0.1:8080;\n        proxy_set_header Host $host;\n        proxy_set_header X-Real-IP $remote_addr;\n        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n        proxy_set_header X-Forwarded-Proto $scheme;\n    }
+
+	ssl_certificate /etc/letsencrypt/live/dev3.4nkweb.com/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/dev3.4nkweb.com/privkey.pem;
+
+	ssl_protocols TLSv1.2 TLSv1.3;
+	ssl_prefer_server_ciphers on;
+	ssl_ciphers HIGH:!aNULL:!MD5;
+	# Redirection des requêtes HTTP normales vers Vite
+	location / {
+		proxy_pass http://localhost:3004;
+		proxy_http_version 1.1;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "Upgrade";
+		proxy_set_header Host $host;
+	}
+
+	location /ws/ {
+		proxy_pass http://localhost:8090;
+		proxy_http_version 1.1;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "Upgrade";
+		proxy_set_header Host $host;
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto $scheme;
+		proxy_set_header X-NginX-Proxy true;
+
+		proxy_read_timeout 86400;  
+		proxy_set_header Connection "Upgrade";
+	}
+
+	location /storage/ {
+		if ($request_method = 'OPTIONS') {
+			add_header 'Access-Control-Allow-Origin' '*' always;
+			add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
+			add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, X-Requested-With' always;
+			add_header 'Access-Control-Max-Age' 86400;
+			add_header 'Content-Length' 0;
+			add_header 'Content-Type' 'text/plain';
+			return 204;
+		}
+
+		add_header 'Access-Control-Allow-Origin' '*' always;
+		add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
+		add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, X-Requested-With' always;
+
+		rewrite ^/storage(/.*)$ $1 break;
+		proxy_pass http://localhost:8080;
+		proxy_http_version 1.1;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "Upgrade";
+		proxy_set_header Host $host;
+	}
+
+	location ^~ /api/ {
+		proxy_pass http://127.0.0.1:8080;
+		proxy_set_header Host              $host;
+		proxy_set_header X-Real-IP         $remote_addr;
+		proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto $scheme;
+	}
+
+	location @handle_502 {
+		internal;
+		add_header Access-Control-Allow-Origin  "*" always;
+		add_header Access-Control-Allow-Methods "GET, POST, OPTIONS, PUT, DELETE" always;
+		add_header Access-Control-Allow-Headers "Authorization, Content-Type, Accept, X-Requested-With" always;
+		return 502;
+	}
+
+}
+
+server {
+	if ($host = dev3.4nkweb.com) {
+		return 301 https://$host$request_uri;
+	} # managed by Certbot
+
+
+	listen 80;
+	server_name dev3.4nkweb.com;
+    location = /idnot/callback {
+        proxy_pass http://127.0.0.1:8080;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+	return 301 https://$host$request_uri;
+
+
+}
+
+
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev3.4nkweb.com.bak.2025-09-23-095909
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev3.4nkweb.com.bak.2025-09-23-095909
@ -0,0 +1,105 @@
+server {
+	listen 443 ssl;
+	server_name dev3.4nkweb.com;
+    location = /idnot/callback {
+        proxy_pass http://127.0.0.1:8080;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+    location = /idnot/callback {\n        proxy_pass http://127.0.0.1:8080;\n        proxy_set_header Host $host;\n        proxy_set_header X-Real-IP $remote_addr;\n        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n        proxy_set_header X-Forwarded-Proto $scheme;\n    }
+
+	ssl_certificate /etc/letsencrypt/live/dev3.4nkweb.com/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/dev3.4nkweb.com/privkey.pem;
+
+	ssl_protocols TLSv1.2 TLSv1.3;
+	ssl_prefer_server_ciphers on;
+	ssl_ciphers HIGH:!aNULL:!MD5;
+	# Redirection des requêtes HTTP normales vers Vite
+	location / {
+		proxy_pass http://localhost:3004;
+		proxy_http_version 1.1;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "Upgrade";
+		proxy_set_header Host $host;
+	}
+
+	location /ws/ {
+		proxy_pass http://localhost:8090;
+		proxy_http_version 1.1;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "Upgrade";
+		proxy_set_header Host $host;
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto $scheme;
+		proxy_set_header X-NginX-Proxy true;
+
+		proxy_read_timeout 86400;  
+		proxy_set_header Connection "Upgrade";
+	}
+
+	location /storage/ {
+		if ($request_method = 'OPTIONS') {
+			add_header 'Access-Control-Allow-Origin' '*' always;
+			add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
+			add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, X-Requested-With' always;
+			add_header 'Access-Control-Max-Age' 86400;
+			add_header 'Content-Length' 0;
+			add_header 'Content-Type' 'text/plain';
+			return 204;
+		}
+
+		add_header 'Access-Control-Allow-Origin' '*' always;
+		add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
+		add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, X-Requested-With' always;
+
+		rewrite ^/storage(/.*)$ $1 break;
+		proxy_pass http://localhost:8080;
+		proxy_http_version 1.1;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "Upgrade";
+		proxy_set_header Host $host;
+	}
+
+	location ^~ /api/ {
+		proxy_pass http://127.0.0.1:8080;
+		proxy_set_header Host              $host;
+		proxy_set_header X-Real-IP         $remote_addr;
+		proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto $scheme;
+	}
+
+	location @handle_502 {
+		internal;
+		add_header Access-Control-Allow-Origin  "*" always;
+		add_header Access-Control-Allow-Methods "GET, POST, OPTIONS, PUT, DELETE" always;
+		add_header Access-Control-Allow-Headers "Authorization, Content-Type, Accept, X-Requested-With" always;
+		return 502;
+	}
+
+}
+
+server {
+	if ($host = dev3.4nkweb.com) {
+		return 301 https://$host$request_uri;
+	} # managed by Certbot
+
+
+	listen 80;
+	server_name dev3.4nkweb.com;
+    location = /idnot/callback {
+        proxy_pass http://127.0.0.1:8080;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+	return 301 https://$host$request_uri;
+
+
+}
+
+
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev3.4nkweb.com.bak.2025-09-23-100249
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev3.4nkweb.com.bak.2025-09-23-100249
@ -0,0 +1,105 @@
+server {
+	listen 443 ssl;
+	server_name dev3.4nkweb.com;
+    location = /idnot/callback {
+        proxy_pass http://127.0.0.1:8080;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+    location = /idnot/callback {\n        proxy_pass http://127.0.0.1:8080;\n        proxy_set_header Host $host;\n        proxy_set_header X-Real-IP $remote_addr;\n        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n        proxy_set_header X-Forwarded-Proto $scheme;\n    }
+
+	ssl_certificate /etc/letsencrypt/live/dev3.4nkweb.com/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/dev3.4nkweb.com/privkey.pem;
+
+	ssl_protocols TLSv1.2 TLSv1.3;
+	ssl_prefer_server_ciphers on;
+	ssl_ciphers HIGH:!aNULL:!MD5;
+	# Redirection des requêtes HTTP normales vers Vite
+	location / {
+		proxy_pass http://localhost:3004;
+		proxy_http_version 1.1;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "Upgrade";
+		proxy_set_header Host $host;
+	}
+
+	location /ws/ {
+		proxy_pass http://localhost:8090;
+		proxy_http_version 1.1;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "Upgrade";
+		proxy_set_header Host $host;
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto $scheme;
+		proxy_set_header X-NginX-Proxy true;
+
+		proxy_read_timeout 86400;  
+		proxy_set_header Connection "Upgrade";
+	}
+
+	location /storage/ {
+		if ($request_method = 'OPTIONS') {
+			add_header 'Access-Control-Allow-Origin' '*' always;
+			add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
+			add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, X-Requested-With' always;
+			add_header 'Access-Control-Max-Age' 86400;
+			add_header 'Content-Length' 0;
+			add_header 'Content-Type' 'text/plain';
+			return 204;
+		}
+
+		add_header 'Access-Control-Allow-Origin' '*' always;
+		add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
+		add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, X-Requested-With' always;
+
+		rewrite ^/storage(/.*)$ $1 break;
+		proxy_pass http://localhost:8080;
+		proxy_http_version 1.1;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "Upgrade";
+		proxy_set_header Host $host;
+	}
+
+	location ^~ /api/ {
+		proxy_pass http://127.0.0.1:8080;
+		proxy_set_header Host              $host;
+		proxy_set_header X-Real-IP         $remote_addr;
+		proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto $scheme;
+	}
+
+	location @handle_502 {
+		internal;
+		add_header Access-Control-Allow-Origin  "*" always;
+		add_header Access-Control-Allow-Methods "GET, POST, OPTIONS, PUT, DELETE" always;
+		add_header Access-Control-Allow-Headers "Authorization, Content-Type, Accept, X-Requested-With" always;
+		return 502;
+	}
+
+}
+
+server {
+	if ($host = dev3.4nkweb.com) {
+		return 301 https://$host$request_uri;
+	} # managed by Certbot
+
+
+	listen 80;
+	server_name dev3.4nkweb.com;
+    location = /idnot/callback {
+        proxy_pass http://127.0.0.1:8080;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+	return 301 https://$host$request_uri;
+
+
+}
+
+
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev3.4nkweb.com.bak.20250922-214746
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev3.4nkweb.com.bak.20250922-214746
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev3.4nkweb.com.bak.20250922-214758
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev3.4nkweb.com.bak.20250922-214758
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev3.4nkweb.com.bak.20250922-214802
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev3.4nkweb.com.bak.20250922-214802
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev3.4nkweb.com.bak.20250922-214824
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev3.4nkweb.com.bak.20250922-214824
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev3.4nkweb.com.bak.20250922-215020
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev3.4nkweb.com.bak.20250922-215020
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev3.4nkweb.com.bak.20250922-215027
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev3.4nkweb.com.bak.20250922-215027
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev3.4nkweb.com.bak.20250922-215117
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev3.4nkweb.com.bak.20250922-215117
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev3.4nkweb.com.bak.20250922-215123
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev3.4nkweb.com.bak.20250922-215123
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev3.4nkweb.com.bak.20250922-215806
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/dev3.4nkweb.com.bak.20250922-215806
@ -0,0 +1,107 @@
+server {
+	listen 443 ssl;
+	server_name dev3.4nkweb.com;
+
+	ssl_certificate /etc/letsencrypt/live/dev3.4nkweb.com/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/dev3.4nkweb.com/privkey.pem;
+
+	ssl_protocols TLSv1.2 TLSv1.3;
+	ssl_prefer_server_ciphers on;
+	ssl_ciphers HIGH:!aNULL:!MD5;
+	# Redirection des requêtes HTTP normales vers Vite
+	location / {
+		proxy_pass http://localhost:3004;
+		proxy_http_version 1.1;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "Upgrade";
+		proxy_set_header Host $host;
+	}
+
+	location /ws/ {
+		proxy_pass http://localhost:8090;
+		proxy_http_version 1.1;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "Upgrade";
+		proxy_set_header Host $host;
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto $scheme;
+		proxy_set_header X-NginX-Proxy true;
+
+		proxy_read_timeout 86400;  
+		proxy_set_header Connection "Upgrade";
+	}
+
+	location /storage/ {
+		if ($request_method = 'OPTIONS') {
+			add_header 'Access-Control-Allow-Origin' '*' always;
+			add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
+			add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, X-Requested-With' always;
+			add_header 'Access-Control-Max-Age' 86400;
+			add_header 'Content-Length' 0;
+			add_header 'Content-Type' 'text/plain';
+			return 204;
+		}
+
+		add_header 'Access-Control-Allow-Origin' '*' always;
+		add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
+		add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, X-Requested-With' always;
+
+		rewrite ^/storage(/.*)$ $1 break;
+		proxy_pass http://localhost:8080;
+		proxy_http_version 1.1;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "Upgrade";
+		proxy_set_header Host $host;
+	}
+
+	location ^~ /api/ {
+		if ($request_method = OPTIONS) {
+			add_header Access-Control-Allow-Origin	"*" always;
+			add_header Access-Control-Allow-Methods  "GET, POST, OPTIONS, PUT, DELETE" always;
+			add_header Access-Control-Allow-Headers  "Authorization,Content-Type,Accept" always;
+			add_header Access-Control-Max-Age       600;
+			return 204;
+		}
+
+		proxy_pass http://127.0.0.1:8091;
+		proxy_set_header Host              $host;
+		proxy_set_header X-Real-IP         $remote_addr;
+		proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto $scheme;
+
+		add_header Access-Control-Allow-Origin  "http://local.lecoffreio.4nkweb:3000" always ;
+		add_header Access-Control-Allow-Methods  "GET, POST, OPTIONS, PUT, DELETE" always;
+		add_header Access-Control-Allow-Headers  "Authorization,Content-Type,Accept,X-Requested-With" always;
+	}
+
+	location @handle_502 {
+		internal;
+		add_header Access-Control-Allow-Origin  "*" always;
+		add_header Access-Control-Allow-Methods "GET, POST, OPTIONS, PUT, DELETE" always;
+		add_header Access-Control-Allow-Headers "Authorization, Content-Type, Accept, X-Requested-With" always;
+		return 502;
+	}
+
+	ssl_certificate /etc/letsencrypt/live/dev3.4nkweb.com/fullchain.pem; # managed by Certbot
+		ssl_certificate_key /etc/letsencrypt/live/dev3.4nkweb.com/privkey.pem; # managed by Certbot
+
+		ssl_certificate /etc/letsencrypt/live/dev3.4nkweb.com/fullchain.pem; # managed by Certbot
+		ssl_certificate_key /etc/letsencrypt/live/dev3.4nkweb.com/privkey.pem; # managed by Certbot
+}
+
+server {
+	if ($host = dev3.4nkweb.com) {
+		return 301 https://$host$request_uri;
+	} # managed by Certbot
+
+
+	listen 80;
+	server_name dev3.4nkweb.com;
+
+	return 301 https://$host$request_uri;
+
+
+}
+
+
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/lecoffreio-dev2.4nkweb.com
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/lecoffreio-dev2.4nkweb.com
@ -0,0 +1,37 @@
+server {
+    listen 443 ssl;
+    server_name lecoffreio-dev2.4nkweb.com;
+
+#    ssl_certificate /etc/letsencrypt/live/lecoffreio.4nkweb.com/fullchain.pem;
+#    ssl_certificate_key /etc/letsencrypt/live/lecoffreio.4nkweb.com/privkey.pem;
+
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_prefer_server_ciphers on;
+    ssl_ciphers HIGH:!aNULL:!MD5;
+
+    location / {
+        proxy_pass http://localhost:3006;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "Upgrade";
+        proxy_set_header Host $host;
+    }
+    ssl_certificate /etc/letsencrypt/live/lecoffreio-dev2.4nkweb.com/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/lecoffreio-dev2.4nkweb.com/privkey.pem; # managed by Certbot
+
+}
+
+server {
+    if ($host = lecoffreio-dev2.4nkweb.com) {
+        return 301 https://$host$request_uri;
+    } 
+
+    listen 80;
+    server_name lecoffreio-dev2.4nkweb.com;
+
+    return 301 https://$host$request_uri;
+
+
+
+
+}
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/lecoffreio.4nkweb.com
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/lecoffreio.4nkweb.com
@ -0,0 +1,65 @@
+server {
+    listen 443 ssl;
+    server_name lecoffreio.4nkweb.com;
+
+#    ssl_certificate /etc/letsencrypt/live/lecoffreio.4nkweb.com/fullchain.pem;
+#    ssl_certificate_key /etc/letsencrypt/live/lecoffreio.4nkweb.com/privkey.pem;
+
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_prefer_server_ciphers on;
+    ssl_ciphers HIGH:!aNULL:!MD5;
+
+    location / {
+        proxy_pass http://localhost:3000;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "Upgrade";
+        proxy_set_header Host $host;
+    }
+
+    location /api/ {
+	proxy_pass http://127.0.0.1:8081/api/;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    }
+
+    location /ws/ {
+        proxy_pass http://localhost:8090;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "Upgrade";
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header X-NginX-Proxy true;
+        proxy_read_timeout 86400;
+        proxy_set_header Connection "Upgrade";
+    }
+
+    location /storage/ {
+        rewrite ^/storage(/.*)$ $1 break;
+        proxy_pass http://localhost:8080;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "Upgrade";
+        proxy_set_header Host $host;
+    }
+
+    ssl_certificate /etc/letsencrypt/live/lecoffreio.4nkweb.com/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/lecoffreio.4nkweb.com/privkey.pem; # managed by Certbot
+}
+
+server {
+    if ($host = lecoffreio.4nkweb.com) {
+        return 301 https://$host$request_uri;
+    } 
+
+    listen 80;
+    server_name lecoffreio.4nkweb.com;
+
+    return 301 https://$host$request_uri;
+
+
+}
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.4nkweb.com-3000
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.4nkweb.com-3000
@ -0,0 +1,8 @@
+server {
+    listen 3001;
+    server_name local.4nkweb.com;
+
+    # Redirige vers le callback en conservant intégralement la query (code + state)
+    return 301 https://dev3.4nkweb.com/idnot/callback$is_args$args;
+}
+
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.4nkweb.com-3000-ssl
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.4nkweb.com-3000-ssl
@ -0,0 +1,11 @@
+server {
+    listen 3443 ssl;
+    listen 3443;
+    server_name local.4nkweb.com;
+
+    ssl_certificate /etc/letsencrypt/live/local.4nkweb.com/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/local.4nkweb.com/privkey.pem;
+
+    # Redirige vers le callback en conservant intégralement la query (code + state)
+    return 301 https://dev3.4nkweb.com/idnot/callback$is_args$args;
+}
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.4nkweb.com-3000-ssl.bak-2025-09-23-151115
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.4nkweb.com-3000-ssl.bak-2025-09-23-151115
@ -0,0 +1,11 @@
+server {
+    listen 3443 ssl;
+	listen 3000;
+    server_name local.4nkweb.com;
+
+    ssl_certificate /etc/letsencrypt/live/local.4nkweb.com/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/local.4nkweb.com/privkey.pem;
+
+    # Redirige vers le callback en conservant intégralement la query (code + state)
+    return 301 https://dev3.4nkweb.com/idnot/callback$is_args$args;
+}
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.4nkweb.com-3000-ssl.bak-2025-09-23-151628
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.4nkweb.com-3000-ssl.bak-2025-09-23-151628
@ -0,0 +1,11 @@
+server {
+    listen 3443 ssl;
+	listen 3000;
+    server_name local.4nkweb.com;
+
+    ssl_certificate /etc/letsencrypt/live/local.4nkweb.com/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/local.4nkweb.com/privkey.pem;
+
+    # Redirige vers le callback en conservant intégralement la query (code + state)
+    return 301 https://dev3.4nkweb.com/idnot/callback$is_args$args;
+}
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.4nkweb.com-3000-ssl.bak-20250923
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.4nkweb.com-3000-ssl.bak-20250923
@ -0,0 +1,20 @@
+server {
+    listen 3000 ssl;
+    server_name local.4nkweb.com;
+
+    ssl_certificate /etc/letsencrypt/live/local.4nkweb.com/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/local.4nkweb.com/privkey.pem;
+
+    # Redirige vers le callback en conservant intégralement la query (code + state)
+    return 301 https://dev3.4nkweb.com/idnot/callback$is_args$args;
+}
+
+server {
+    listen 3000 ssl;
+    server_name local.4nkweb.com;
+
+    ssl_certificate /etc/letsencrypt/live/local.4nkweb.com/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/local.4nkweb.com/privkey.pem;
+
+    return 301 https://dev3.4nkweb.com/idnot/callback;
+}
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.4nkweb.com-3000-ssl.bak.2025-09-23-150811
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.4nkweb.com-3000-ssl.bak.2025-09-23-150811
@ -0,0 +1,12 @@
+server {
+    listen 3000 ssl;
+	listen 3000;
+    server_name local.4nkweb.com;
+
+    ssl_certificate /etc/letsencrypt/live/local.4nkweb.com/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/local.4nkweb.com/privkey.pem;
+
+    # Redirige vers le callback en conservant intégralement la query (code + state)
+    return 301 https://dev3.4nkweb.com/idnot/callback$is_args$args;
+}
+
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.4nkweb.com-3000.bak
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.4nkweb.com-3000.bak
@ -0,0 +1,7 @@
+server {
+    listen 3000;
+    server_name local.4nkweb.com;
+
+    # Redirige vers le front final en conservant chemin + query
+    return 301 https://dev4.4nkweb.com/lecoffre$request_uri;
+}
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.4nkweb.com-3000.bak-2025-09-23-151054
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.4nkweb.com-3000.bak-2025-09-23-151054
@ -0,0 +1,8 @@
+server {
+    listen 3001;
+    server_name local.4nkweb.com;
+
+    # Redirige vers le callback en conservant intégralement la query (code + state)
+    return 301 https://dev3.4nkweb.com/idnot/callback$is_args$args;
+}
+
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.4nkweb.com-3000.bak-2025-09-23-151523
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.4nkweb.com-3000.bak-2025-09-23-151523
@ -0,0 +1,8 @@
+server {
+    listen 3001;
+    server_name local.4nkweb.com;
+
+    # Redirige vers le callback en conservant intégralement la query (code + state)
+    return 301 https://dev3.4nkweb.com/idnot/callback$is_args$args;
+}
+
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.4nkweb.com-3000.bak-2025-09-23-151529
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.4nkweb.com-3000.bak-2025-09-23-151529
@ -0,0 +1,8 @@
+server {
+    listen 3001;
+    server_name local.4nkweb.com;
+
+    # Redirige vers le callback en conservant intégralement la query (code + state)
+    return 301 https://dev3.4nkweb.com/idnot/callback$is_args$args;
+}
+
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.4nkweb.com-3000.bak-20250923
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.4nkweb.com-3000.bak-20250923
@ -0,0 +1,13 @@
+server {
+    listen 3000;
+    server_name local.4nkweb.com;
+
+    # Redirige vers le callback en conservant intégralement la query (code + state)
+    return 301 https://dev3.4nkweb.com/idnot/callback$is_args$args;
+}
+
+server {
+    listen 3000;
+    server_name local.4nkweb.com;
+    return 301 https://dev3.4nkweb.com/idnot/callback;
+}
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.4nkweb.com-3000.bak.2025-09-23-150734
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.4nkweb.com-3000.bak.2025-09-23-150734
@ -0,0 +1,8 @@
+server {
+    listen 3000;
+    server_name local.4nkweb.com;
+
+    # Redirige vers le callback en conservant intégralement la query (code + state)
+    return 301 https://dev3.4nkweb.com/idnot/callback$is_args$args;
+}
+
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.lecoffreio.4nkweb.com
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.lecoffreio.4nkweb.com
@ -0,0 +1,7 @@
+server {
+    listen 80;
+    server_name local.lecoffreio.4nkweb.com;
+
+    # Redirige vers le front final en conservant chemin + query
+    return 301 https://dev3.4nkweb.com/idnot/callback$is_args$args;
+}
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.lecoffreio.4nkweb.com.bak
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.lecoffreio.4nkweb.com.bak
@ -0,0 +1,7 @@
+server {
+    listen 80;
+    server_name local.lecoffreio.4nkweb.com;
+
+    # Redirige vers le front final en conservant chemin + query
+    return 301 https://dev4.4nkweb.com/lecoffre$request_uri;
+}
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.lecoffreio.4nkweb.com.bak.20250922-223714
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.lecoffreio.4nkweb.com.bak.20250922-223714
@ -0,0 +1,7 @@
+server {
+    listen 80;
+    server_name local.lecoffreio.4nkweb.com;
+
+    # Redirige vers le front final en conservant chemin + query
+    return 301 https://dev4.4nkweb.com/lecoffre$request_uri;
+}
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.lecoffreio.4nkweb.com.bak.20250922-223836
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.lecoffreio.4nkweb.com.bak.20250922-223836
@ -0,0 +1,7 @@
+server {
+    listen 80;
+    server_name local.lecoffreio.4nkweb.com;
+
+    # Redirige vers le front final en conservant chemin + query
+    return 301 https://dev4.4nkweb.com/lecoffre$request_uri;
+}
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.lecoffreio.4nkweb.com.bak.20250922-224059
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/local.lecoffreio.4nkweb.com.bak.20250922-224059
@ -0,0 +1,7 @@
+server {
+    listen 80;
+    server_name local.lecoffreio.4nkweb.com;
+
+    # Redirige vers le front final en conservant chemin + query
+    return 301 https://dev4.4nkweb.com/lecoffre$request_uri;
+}
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-available/relay235.4nkweb.com
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-available/relay235.4nkweb.com
@ -0,0 +1,28 @@
+upstream backend {
+	server 127.0.0.1:3000;
+}
+
+server {
+	listen 443 ssl;
+	server_name relay235.4nkweb.com;
+	client_max_body_size 200M;
+	access_log /var/log/nginx/rocket.chat.access.log;
+	error_log /var/log/nginx/rocket.chat.error.log;
+	ssl_certificate /etc/letsencrypt/live/relay235.4nkweb.com/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/relay235.4nkweb.com/privkey.pem;
+	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+
+	location / {
+		proxy_pass http://backend;
+		proxy_http_version 1.1;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "upgrade";
+		proxy_set_header Host $http_host;
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto https;
+		proxy_set_header X-Nginx-Proxy true;
+		proxy_redirect off;
+	}
+}
+
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-enabled/demo.4nkweb.com
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-enabled/demo.4nkweb.com
@ -0,0 +1 @@
+/etc/nginx/sites-available/demo.4nkweb.com
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-enabled/dev1.4nkweb.com
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-enabled/dev1.4nkweb.com
@ -0,0 +1 @@
+/etc/nginx/sites-available/dev1.4nkweb.com
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-enabled/dev2.4nkweb.com
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-enabled/dev2.4nkweb.com
@ -0,0 +1 @@
+/etc/nginx/sites-available/dev2.4nkweb.com
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-enabled/dev3.4nkweb.com
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-enabled/dev3.4nkweb.com
@ -0,0 +1,162 @@
+server {
+	listen 443 ssl;
+	server_name dev3.4nkweb.com;
+
+    # Callback IdNot -> backend, avec CORS dynamique et masquage des en-têtes upstream
+    location = /idnot/callback {
+        # Masquer les en-têtes CORS envoyés par l'upstream (Express)
+        proxy_hide_header Access-Control-Allow-Origin;
+        proxy_hide_header Access-Control-Allow-Credentials;
+        proxy_hide_header Access-Control-Allow-Headers;
+        proxy_hide_header Access-Control-Allow-Methods;
+
+        # CORS dynamique: autorise dev4, local.4nkweb.com:3000, localhost:3000 et sous-domaines *.4nkweb.com
+        set $cors_origin "";
+        if ($http_origin ~* ^(https://dev4\.4nkweb\.com|http://local\.4nkweb\.com:3000|http://localhost:3000|https://.*\.4nkweb\.com)$) {
+            set $cors_origin $http_origin;
+        }
+
+        # Préflight OPTIONS
+        if ($request_method = OPTIONS) {
+            add_header Access-Control-Allow-Origin $cors_origin always;
+            add_header Access-Control-Allow-Credentials "true" always;
+            add_header Access-Control-Allow-Headers "Content-Type, Authorization, x-session-id" always;
+            add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always;
+            add_header Vary "Origin, Access-Control-Request-Method, Access-Control-Request-Headers" always;
+            return 204;
+        }
+
+        # En-têtes CORS pour les autres méthodes
+        add_header Access-Control-Allow-Origin $cors_origin always;
+        add_header Access-Control-Allow-Credentials "true" always;
+        add_header Access-Control-Allow-Headers "Content-Type, Authorization, x-session-id" always;
+        add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always;
+        add_header Vary "Origin, Access-Control-Request-Method, Access-Control-Request-Headers" always;
+
+        proxy_pass http://127.0.0.1:8080;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+	ssl_certificate /etc/letsencrypt/live/dev3.4nkweb.com/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/dev3.4nkweb.com/privkey.pem;
+
+	ssl_protocols TLSv1.2 TLSv1.3;
+	ssl_prefer_server_ciphers on;
+	ssl_ciphers HIGH:!aNULL:!MD5;
+	# Redirection des requêtes HTTP normales vers Vite
+	location / {
+		proxy_pass http://localhost:3004;
+		proxy_http_version 1.1;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "Upgrade";
+		proxy_set_header Host $host;
+	}
+
+	location /ws/ {
+		proxy_pass http://localhost:8090;
+		proxy_http_version 1.1;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "Upgrade";
+		proxy_set_header Host $host;
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto $scheme;
+		proxy_set_header X-NginX-Proxy true;
+
+		proxy_read_timeout 86400;
+		proxy_set_header Connection "Upgrade";
+	}
+
+	location /storage/ {
+		if ($request_method = 'OPTIONS') {
+			add_header 'Access-Control-Allow-Origin' '*' always;
+			add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
+			add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, X-Requested-With' always;
+			add_header 'Access-Control-Max-Age' 86400;
+			add_header 'Content-Length' 0;
+			add_header 'Content-Type' 'text/plain';
+			return 204;
+		}
+
+		add_header 'Access-Control-Allow-Origin' '*' always;
+		add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
+		add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, X-Requested-With' always;
+
+		rewrite ^/storage(/.*)$ $1 break;
+		proxy_pass http://localhost:8080;
+		proxy_http_version 1.1;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "Upgrade";
+		proxy_set_header Host $host;
+	}
+
+	location ^~ /api/ {
+		# Masquer les en-têtes CORS de l'upstream (Express)
+		proxy_hide_header Access-Control-Allow-Origin;
+		proxy_hide_header Access-Control-Allow-Credentials;
+		proxy_hide_header Access-Control-Allow-Headers;
+		proxy_hide_header Access-Control-Allow-Methods;
+
+		# CORS dynamique: autorise dev4, local.4nkweb.com:3000, localhost:3000 et sous-domaines *.4nkweb.com
+		set $cors_origin "";
+		if ($http_origin ~* ^(https://dev4\.4nkweb\.com|http://local\.4nkweb\.com:3000|http://localhost:3000|https://.*\.4nkweb\.com)$) {
+			set $cors_origin $http_origin;
+		}
+
+		# Préflight OPTIONS
+		if ($request_method = OPTIONS) {
+			add_header Access-Control-Allow-Origin $cors_origin always;
+			add_header Access-Control-Allow-Credentials "true" always;
+			add_header Access-Control-Allow-Headers "Content-Type, Authorization, x-session-id" always;
+			add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always;
+			add_header Vary "Origin, Access-Control-Request-Method, Access-Control-Request-Headers" always;
+			return 204;
+		}
+
+		# En-têtes CORS pour les autres méthodes
+		add_header Access-Control-Allow-Origin $cors_origin always;
+		add_header Access-Control-Allow-Credentials "true" always;
+		add_header Access-Control-Allow-Headers "Content-Type, Authorization, x-session-id" always;
+		add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always;
+		add_header Vary "Origin, Access-Control-Request-Method, Access-Control-Request-Headers" always;
+
+		proxy_pass http://127.0.0.1:8080;
+		proxy_set_header Host              $host;
+		proxy_set_header X-Real-IP         $remote_addr;
+		proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto $scheme;
+	}
+
+	location @handle_502 {
+		internal;
+		add_header Access-Control-Allow-Origin  "*" always;
+		add_header Access-Control-Allow-Methods "GET, POST, OPTIONS, PUT, DELETE" always;
+		add_header Access-Control-Allow-Headers "Authorization, Content-Type, Accept, X-Requested-With" always;
+		return 502;
+	}
+
+}
+
+server {
+	if ($host = dev3.4nkweb.com) {
+		return 301 https://$host$request_uri;
+	} # managed by Certbot
+
+
+	listen 80;
+	server_name dev3.4nkweb.com;
+    location = /idnot/callback {
+        proxy_pass http://127.0.0.1:8080;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+	return 301 https://$host$request_uri;
+
+
+}
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-enabled/lecoffreio-dev2.4nkweb.com
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-enabled/lecoffreio-dev2.4nkweb.com
@ -0,0 +1 @@
+/etc/nginx/sites-available/lecoffreio-dev2.4nkweb.com
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-enabled/lecoffreio.4nkweb.com
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-enabled/lecoffreio.4nkweb.com
@ -0,0 +1 @@
+/etc/nginx/sites-available/lecoffreio.4nkweb.com
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-enabled/local.4nkweb.com-3001
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-enabled/local.4nkweb.com-3001
@ -0,0 +1 @@
+/etc/nginx/sites-available/local.4nkweb.com-3000
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-enabled/local.lecoffreio.4nkweb.com
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-enabled/local.lecoffreio.4nkweb.com
@ -0,0 +1,7 @@
+server {
+    listen 80;
+    server_name local.lecoffreio.4nkweb.com;
+
+    # Redirige vers le front final en conservant chemin + query
+    return 301 https://dev3.4nkweb.com/idnot/callback$is_args$args;
+}
--- a/backups/nginx/20250924-180551/local_etc_nginx/sites-enabled/relay235.4nkweb.com
+++ b/backups/nginx/20250924-180551/local_etc_nginx/sites-enabled/relay235.4nkweb.com
@ -0,0 +1 @@
+/etc/nginx/sites-available/relay235.4nkweb.com
--- a/backups/nginx/20250924-180551/local_etc_nginx/snippets/fastcgi-php.conf
+++ b/backups/nginx/20250924-180551/local_etc_nginx/snippets/fastcgi-php.conf
@ -0,0 +1,13 @@
+# regex to split $uri to $fastcgi_script_name and $fastcgi_path
+fastcgi_split_path_info ^(.+?\.php)(/.*)$;
+
+# Check that the PHP script exists before passing it
+try_files $fastcgi_script_name =404;
+
+# Bypass the fact that try_files resets $fastcgi_path_info
+# see: http://trac.nginx.org/nginx/ticket/321
+set $path_info $fastcgi_path_info;
+fastcgi_param PATH_INFO $path_info;
+
+fastcgi_index index.php;
+include fastcgi.conf;
--- a/backups/nginx/20250924-180551/local_etc_nginx/snippets/snakeoil.conf
+++ b/backups/nginx/20250924-180551/local_etc_nginx/snippets/snakeoil.conf
@ -0,0 +1,5 @@
+# Self signed certificates generated by the ssl-cert package
+# Don't use them in a production server!
+
+ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
+ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
--- a/backups/nginx/20250924-180551/local_etc_nginx/stream.d/3000-multiplex.conf
+++ b/backups/nginx/20250924-180551/local_etc_nginx/stream.d/3000-multiplex.conf
@ -0,0 +1,11 @@
+stream {
+    map $ssl_preread_protocol $upstream_3000 {
+        ""       127.0.0.1:3001;   # HTTP clair
+        default  127.0.0.1:3443;   # TLS -> HTTPS
+    }
+    server {
+        listen 3000;
+        proxy_pass $upstream_3000;
+        ssl_preread on;
+    }
+}
--- a/backups/nginx/20250924-180551/local_etc_nginx/uwsgi_params
+++ b/backups/nginx/20250924-180551/local_etc_nginx/uwsgi_params
@ -0,0 +1,17 @@
+
+uwsgi_param  QUERY_STRING       $query_string;
+uwsgi_param  REQUEST_METHOD     $request_method;
+uwsgi_param  CONTENT_TYPE       $content_type;
+uwsgi_param  CONTENT_LENGTH     $content_length;
+
+uwsgi_param  REQUEST_URI        $request_uri;
+uwsgi_param  PATH_INFO          $document_uri;
+uwsgi_param  DOCUMENT_ROOT      $document_root;
+uwsgi_param  SERVER_PROTOCOL    $server_protocol;
+uwsgi_param  REQUEST_SCHEME     $scheme;
+uwsgi_param  HTTPS              $https if_not_empty;
+
+uwsgi_param  REMOTE_ADDR        $remote_addr;
+uwsgi_param  REMOTE_PORT        $remote_port;
+uwsgi_param  SERVER_PORT        $server_port;
+uwsgi_param  SERVER_NAME        $server_name;
--- a/backups/nginx/20250924-180551/local_etc_nginx/win-utf
+++ b/backups/nginx/20250924-180551/local_etc_nginx/win-utf
@ -0,0 +1,125 @@
+# This map is not a full windows-1251 <> utf8 map: it does not
+# contain Serbian and Macedonian letters.	If you need a full map,
+# use contrib/unicode2nginx/win-utf map instead.
+
+charset_map	windows-1251	utf-8 {
+
+	82	E2809A; # single low-9 quotation mark
+
+	84	E2809E; # double low-9 quotation mark
+	85	E280A6; # ellipsis
+	86	E280A0; # dagger
+	87	E280A1; # double dagger
+	88	E282AC; # euro
+	89	E280B0; # per mille
+
+	91	E28098; # left single quotation mark
+	92	E28099; # right single quotation mark
+	93	E2809C; # left double quotation mark
+	94	E2809D; # right double quotation mark
+	95	E280A2; # bullet
+	96	E28093; # en dash
+	97	E28094; # em dash
+
+	99	E284A2; # trade mark sign
+
+	A0	C2A0;   # &nbsp;
+	A1	D18E;   # capital Byelorussian short U
+	A2	D19E;   # small Byelorussian short u
+
+	A4	C2A4;   # currency sign
+	A5	D290;   # capital Ukrainian soft G
+	A6	C2A6;   # borken bar
+	A7	C2A7;   # section sign
+	A8	D081;   # capital YO
+	A9	C2A9;   # (C)
+	AA	D084;   # capital Ukrainian YE
+	AB	C2AB;   # left-pointing double angle quotation mark
+	AC	C2AC;   # not sign
+	AD	C2AD;   # soft hypen
+	AE	C2AE;   # (R)
+	AF	D087;   # capital Ukrainian YI
+
+	B0	C2B0;   # &deg;
+	B1	C2B1;   # plus-minus sign
+	B2	D086;   # capital Ukrainian I
+	B3	D196;   # small Ukrainian i
+	B4	D291;   # small Ukrainian soft g
+	B5	C2B5;   # micro sign
+	B6	C2B6;   # pilcrow sign
+	B7	C2B7;   # &middot;
+	B8	D191;   # small yo
+	B9	E28496; # numero sign
+	BA	D194;   # small Ukrainian ye
+	BB	C2BB;   # right-pointing double angle quotation mark
+
+	BF	D197;   # small Ukrainian yi
+
+	C0	D090;   # capital A
+	C1	D091;   # capital B
+	C2	D092;   # capital V
+	C3	D093;   # capital G
+	C4	D094;   # capital D
+	C5	D095;   # capital YE
+	C6	D096;   # capital ZH
+	C7	D097;   # capital Z
+	C8	D098;   # capital I
+	C9	D099;   # capital J
+	CA	D09A;   # capital K
+	CB	D09B;   # capital L
+	CC	D09C;   # capital M
+	CD	D09D;   # capital N
+	CE	D09E;   # capital O
+	CF	D09F;   # capital P
+
+	D0	D0A0;   # capital R
+	D1	D0A1;   # capital S
+	D2	D0A2;   # capital T
+	D3	D0A3;   # capital U
+	D4	D0A4;   # capital F
+	D5	D0A5;   # capital KH
+	D6	D0A6;   # capital TS
+	D7	D0A7;   # capital CH
+	D8	D0A8;   # capital SH
+	D9	D0A9;   # capital SHCH
+	DA	D0AA;   # capital hard sign
+	DB	D0AB;   # capital Y
+	DC	D0AC;   # capital soft sign
+	DD	D0AD;   # capital E
+	DE	D0AE;   # capital YU
+	DF	D0AF;   # capital YA
+
+	E0	D0B0;   # small a
+	E1	D0B1;   # small b
+	E2	D0B2;   # small v
+	E3	D0B3;   # small g
+	E4	D0B4;   # small d
+	E5	D0B5;   # small ye
+	E6	D0B6;   # small zh
+	E7	D0B7;   # small z
+	E8	D0B8;   # small i
+	E9	D0B9;   # small j
+	EA	D0BA;   # small k
+	EB	D0BB;   # small l
+	EC	D0BC;   # small m
+	ED	D0BD;   # small n
+	EE	D0BE;   # small o
+	EF	D0BF;   # small p
+
+	F0	D180;   # small r
+	F1	D181;   # small s
+	F2	D182;   # small t
+	F3	D183;   # small u
+	F4	D184;   # small f
+	F5	D185;   # small kh
+	F6	D186;   # small ts
+	F7	D187;   # small ch
+	F8	D188;   # small sh
+	F9	D189;   # small shch
+	FA	D18A;   # small hard sign
+	FB	D18B;   # small y
+	FC	D18C;   # small soft sign
+	FD	D18D;   # small e
+	FE	D18E;   # small yu
+	FF	D18F;   # small ya
+}
--- a/backups/nginx/20250924-180551/project/dev3.4nkweb.com.conf
+++ b/backups/nginx/20250924-180551/project/dev3.4nkweb.com.conf
@ -0,0 +1,162 @@
+server {
+	listen 443 ssl;
+	server_name dev3.4nkweb.com;
+
+    # Callback IdNot -> backend, avec CORS dynamique et masquage des en-têtes upstream
+    location = /idnot/callback {
+        # Masquer les en-têtes CORS envoyés par l'upstream (Express)
+        proxy_hide_header Access-Control-Allow-Origin;
+        proxy_hide_header Access-Control-Allow-Credentials;
+        proxy_hide_header Access-Control-Allow-Headers;
+        proxy_hide_header Access-Control-Allow-Methods;
+
+        # CORS dynamique: autorise dev4, lecoffreio.4nkweb.com, localhost:3000 et sous-domaines *.4nkweb.com
+        set $cors_origin "";
+        if ($http_origin ~* ^(https://dev4\.4nkweb\.com|http://local\.4nkweb\.com:3000|http://localhost:3000|https://.*\.4nkweb\.com)$) {
+            set $cors_origin $http_origin;
+        }
+
+        # Préflight OPTIONS
+        if ($request_method = OPTIONS) {
+            add_header Access-Control-Allow-Origin $cors_origin always;
+            add_header Access-Control-Allow-Credentials "true" always;
+            add_header Access-Control-Allow-Headers "Content-Type, Authorization, x-session-id" always;
+            add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always;
+            add_header Vary "Origin, Access-Control-Request-Method, Access-Control-Request-Headers" always;
+            return 204;
+        }
+
+        # En-têtes CORS pour les autres méthodes
+        add_header Access-Control-Allow-Origin $cors_origin always;
+        add_header Access-Control-Allow-Credentials "true" always;
+        add_header Access-Control-Allow-Headers "Content-Type, Authorization, x-session-id" always;
+        add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always;
+        add_header Vary "Origin, Access-Control-Request-Method, Access-Control-Request-Headers" always;
+
+        proxy_pass http://127.0.0.1:8080;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+	ssl_certificate /etc/letsencrypt/live/dev3.4nkweb.com/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/dev3.4nkweb.com/privkey.pem;
+
+	ssl_protocols TLSv1.2 TLSv1.3;
+	ssl_prefer_server_ciphers on;
+	ssl_ciphers HIGH:!aNULL:!MD5;
+	# Redirection des requêtes HTTP normales vers Vite
+	location / {
+		proxy_pass http://localhost:3004;
+		proxy_http_version 1.1;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "Upgrade";
+		proxy_set_header Host $host;
+	}
+
+	location /ws/ {
+		proxy_pass http://localhost:8090;
+		proxy_http_version 1.1;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "Upgrade";
+		proxy_set_header Host $host;
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto $scheme;
+		proxy_set_header X-NginX-Proxy true;
+
+		proxy_read_timeout 86400;
+		proxy_set_header Connection "Upgrade";
+	}
+
+	location /storage/ {
+		if ($request_method = 'OPTIONS') {
+			add_header 'Access-Control-Allow-Origin' '*' always;
+			add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
+			add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, X-Requested-With' always;
+			add_header 'Access-Control-Max-Age' 86400;
+			add_header 'Content-Length' 0;
+			add_header 'Content-Type' 'text/plain';
+			return 204;
+		}
+
+		add_header 'Access-Control-Allow-Origin' '*' always;
+		add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
+		add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, X-Requested-With' always;
+
+		rewrite ^/storage(/.*)$ $1 break;
+		proxy_pass http://localhost:8080;
+		proxy_http_version 1.1;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "Upgrade";
+		proxy_set_header Host $host;
+	}
+
+	location ^~ /api/ {
+		# Masquer les en-têtes CORS de l'upstream (Express)
+		proxy_hide_header Access-Control-Allow-Origin;
+		proxy_hide_header Access-Control-Allow-Credentials;
+		proxy_hide_header Access-Control-Allow-Headers;
+		proxy_hide_header Access-Control-Allow-Methods;
+
+		# CORS dynamique: autorise dev4, lecoffreio.4nkweb.com, localhost:3000 et sous-domaines *.4nkweb.com
+		set $cors_origin "";
+		if ($http_origin ~* ^(https://dev4\.4nkweb\.com|http://local\.4nkweb\.com:3000|http://localhost:3000|https://.*\.4nkweb\.com)$) {
+			set $cors_origin $http_origin;
+		}
+
+		# Préflight OPTIONS
+		if ($request_method = OPTIONS) {
+			add_header Access-Control-Allow-Origin $cors_origin always;
+			add_header Access-Control-Allow-Credentials "true" always;
+			add_header Access-Control-Allow-Headers "Content-Type, Authorization, x-session-id" always;
+			add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always;
+			add_header Vary "Origin, Access-Control-Request-Method, Access-Control-Request-Headers" always;
+			return 204;
+		}
+
+		# En-têtes CORS pour les autres méthodes
+		add_header Access-Control-Allow-Origin $cors_origin always;
+		add_header Access-Control-Allow-Credentials "true" always;
+		add_header Access-Control-Allow-Headers "Content-Type, Authorization, x-session-id" always;
+		add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always;
+		add_header Vary "Origin, Access-Control-Request-Method, Access-Control-Request-Headers" always;
+
+		proxy_pass http://127.0.0.1:8080;
+		proxy_set_header Host              $host;
+		proxy_set_header X-Real-IP         $remote_addr;
+		proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto $scheme;
+	}
+
+	location @handle_502 {
+		internal;
+		add_header Access-Control-Allow-Origin  "*" always;
+		add_header Access-Control-Allow-Methods "GET, POST, OPTIONS, PUT, DELETE" always;
+		add_header Access-Control-Allow-Headers "Authorization, Content-Type, Accept, X-Requested-With" always;
+		return 502;
+	}
+
+}
+
+server {
+	if ($host = dev3.4nkweb.com) {
+		return 301 https://$host$request_uri;
+	} # managed by Certbot
+
+
+	listen 80;
+	server_name dev3.4nkweb.com;
+    location = /idnot/callback {
+        proxy_pass http://127.0.0.1:8080;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+	return 301 https://$host$request_uri;
+
+
+}
--- a/backups/nginx/20250924-180551/project/dev3.4nkweb.com.fixed.conf
+++ b/backups/nginx/20250924-180551/project/dev3.4nkweb.com.fixed.conf
@ -0,0 +1,176 @@
+server {
+    listen 443 ssl;
+    server_name dev3.4nkweb.com;
+    location = /idnot/callback {
+        # Hide upstream CORS headers
+        proxy_hide_header Access-Control-Allow-Origin;
+        proxy_hide_header Access-Control-Allow-Credentials;
+        proxy_hide_header Access-Control-Allow-Headers;
+        proxy_hide_header Access-Control-Allow-Methods;
+
+        # Dynamic CORS allowlist
+        set $cors_origin "";
+        if ($http_origin ~* ^(https://dev4\.4nkweb\.com|http://local\.(4nkweb|4nkdev)\.com:3000|http://localhost:3000|https://.*\.4nkweb\.com)$) {
+            set $cors_origin $http_origin;
+        }
+
+        if ($request_method = OPTIONS) {
+            add_header Access-Control-Allow-Origin $cors_origin always;
+            add_header Access-Control-Allow-Credentials "true" always;
+            add_header Access-Control-Allow-Headers "Content-Type, Authorization, x-session-id" always;
+            add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always;
+            add_header Vary "Origin, Access-Control-Request-Method, Access-Control-Request-Headers" always;
+            return 204;
+        }
+
+        add_header Access-Control-Allow-Origin $cors_origin always;
+        add_header Access-Control-Allow-Credentials "true" always;
+        add_header Access-Control-Allow-Headers "Content-Type, Authorization, x-session-id" always;
+        add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always;
+        add_header Vary "Origin, Access-Control-Request-Method, Access-Control-Request-Headers" always;
+
+        proxy_pass http://127.0.0.1:8080;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+	ssl_certificate /etc/letsencrypt/live/dev3.4nkweb.com/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/dev3.4nkweb.com/privkey.pem;
+
+	ssl_protocols TLSv1.2 TLSv1.3;
+	ssl_prefer_server_ciphers on;
+	ssl_ciphers HIGH:!aNULL:!MD5;
+	# Redirection des requêtes HTTP normales vers Vite
+	location / {
+		proxy_pass http://localhost:3004;
+		proxy_http_version 1.1;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "Upgrade";
+		proxy_set_header Host $host;
+	}
+
+	location /ws/ {
+		proxy_pass http://localhost:8090;
+		proxy_http_version 1.1;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "Upgrade";
+		proxy_set_header Host $host;
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto $scheme;
+		proxy_set_header X-NginX-Proxy true;
+
+		proxy_read_timeout 86400;
+		proxy_set_header Connection "Upgrade";
+	}
+
+	location /storage/ {
+		if ($request_method = 'OPTIONS') {
+			add_header 'Access-Control-Allow-Origin' '*' always;
+			add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
+			add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, X-Requested-With' always;
+			add_header 'Access-Control-Max-Age' 86400;
+			add_header 'Content-Length' 0;
+			add_header 'Content-Type' 'text/plain';
+			return 204;
+		}
+
+		add_header 'Access-Control-Allow-Origin' '*' always;
+		add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
+		add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, X-Requested-With' always;
+
+		rewrite ^/storage(/.*)$ $1 break;
+		proxy_pass http://localhost:8080;
+		proxy_http_version 1.1;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "Upgrade";
+		proxy_set_header Host $host;
+	}
+
+    location ^~ /api/ {
+        # Hide upstream CORS headers
+        proxy_hide_header Access-Control-Allow-Origin;
+        proxy_hide_header Access-Control-Allow-Credentials;
+        proxy_hide_header Access-Control-Allow-Headers;
+        proxy_hide_header Access-Control-Allow-Methods;
+
+        # Dynamic CORS allowlist
+        set $cors_origin "";
+        if ($http_origin ~* ^(https://dev4\.4nkweb\.com|http://local\.(4nkweb|4nkdev)\.com:3000|http://localhost:3000|https://.*\.4nkweb\.com)$) {
+            set $cors_origin $http_origin;
+        }
+
+        if ($request_method = OPTIONS) {
+            add_header Access-Control-Allow-Origin $cors_origin always;
+            add_header Access-Control-Allow-Credentials "true" always;
+            add_header Access-Control-Allow-Headers "Content-Type, Authorization, x-session-id" always;
+            add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always;
+            add_header Vary "Origin, Access-Control-Request-Method, Access-Control-Request-Headers" always;
+            return 204;
+        }
+
+        add_header Access-Control-Allow-Origin $cors_origin always;
+        add_header Access-Control-Allow-Credentials "true" always;
+        add_header Access-Control-Allow-Headers "Content-Type, Authorization, x-session-id" always;
+        add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always;
+        add_header Vary "Origin, Access-Control-Request-Method, Access-Control-Request-Headers" always;
+
+        proxy_pass http://127.0.0.1:8080;
+        proxy_set_header Host              $host;
+        proxy_set_header X-Real-IP         $remote_addr;
+        proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+	location @handle_502 {
+		internal;
+		add_header Access-Control-Allow-Origin  "*" always;
+		add_header Access-Control-Allow-Methods "GET, POST, OPTIONS, PUT, DELETE" always;
+		add_header Access-Control-Allow-Headers "Authorization, Content-Type, Accept, X-Requested-With" always;
+		return 502;
+	}
+
+}
+
+server {
+	if ($host = dev3.4nkweb.com) {
+		return 301 https://$host$request_uri;
+	} # managed by Certbot
+
+
+	listen 80;
+	server_name dev3.4nkweb.com;
+    location = /idnot/callback {
+        proxy_pass http://127.0.0.1:8080;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+	return 301 https://$host$request_uri;
+
+
+}
+server {
+    if ($host = dev3.4nkweb.com) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+    listen 80;
+    server_name dev3.4nkweb.com;
+    location = /idnot/callback {
+        proxy_pass http://127.0.0.1:8080;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+    return 301 https://$host$request_uri;
+
+
+}
--- a/backups/nginx/20250924-180551/project/dev3.4nkweb.com.fixed.conf.b64
+++ b/backups/nginx/20250924-180551/project/dev3.4nkweb.com.fixed.conf.b64
@ -0,0 +1,45 @@
+server {
+	listen 443 ssl;
+	server_name dev3.4nkweb.com;
+    location = /idnot/callback {
+        proxy_pass http://127.0.0.1:8080;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+	ssl_certificate /etc/letsencrypt/live/dev3.4nkweb.com/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/dev3.4nkweb.com/privkey.pem;
+
+	ssl_protocols TLSv1.2 TLSv1.3;
+	ssl_prefer_server_ciphers on;
+	ssl_ciphers HIGH:!aNULL:!MD5;
+	# Redirection des requêtes HTTP normales vers Vite
+	location / {
+		proxy_pass http://localhost:3004;
+		proxy_http_version 1.1;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "Upgrade";
+		proxy_set_header Host $host;
+	}
+
+	location /ws/ {
+		proxy_pass http://localhost:8090;
+		proxy_http_version 1.1;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "Upgrade";
+		proxy_set_header Host $host;
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto $scheme;
+		proxy_set_header X-NginX-Proxy true;
+
+		proxy_read_timeout 86400;  
+		proxy_set_header Connection "Upgrade";
+	}
+
+	location /storage/ {
+		if ($request_method = OPTIONS) {
+			add_header Access-Control-Allow-Origin * always;
+			add_header Access-Control-Allow-Methods GET,
--- a/backups/nginx/20250924-180551/project/local.4nkweb.com-3000.conf
+++ b/backups/nginx/20250924-180551/project/local.4nkweb.com-3000.conf
@ -0,0 +1,7 @@
+server {
+    listen 3000;
+    server_name local.4nkweb.com;
+
+    # Redirige vers le front final en conservant chemin + query
+    return 301 https://dev3.4nkweb.com/idnot/callback$is_args$args;
+}
--- a/backups/nginx/20250924-180551/project/local.lecoffreio.4nkweb.com.conf
+++ b/backups/nginx/20250924-180551/project/local.lecoffreio.4nkweb.com.conf
@ -0,0 +1,7 @@
+server {
+    listen 80;
+    server_name local.lecoffreio.4nkweb.com;
+
+    # Redirige vers le front final en conservant chemin + query
+    return 301 https://dev3.4nkweb.com/idnot/callback$is_args$args;
+}
--- a/logs/backend.out
+++ b/logs/backend.out
@ -9811,3 +9811,886 @@ npm error A complete log of this run can be found in: /home/ank/.npm/_logs/2025-
    statusCode: 200
  }
 }
+❌ [ERROR] 2025-09-24T10:18:59.808Z Unhandled error
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: {
+    message: "Expected property name or '}' in JSON at position 1 (line 1 column 2)",
+    name: 'SyntaxError',
+    stack: "SyntaxError: Expected property name or '}' in JSON at position 1 (line 1 column 2)\n" +
+      '    at JSON.parse (<anonymous>)\n' +
+      '    at parse (/home/ank/dev/lecoffre-back-mini/node_modules/body-parser/lib/types/jso'... 632 more characters
+  },
+  request: {
+    body: {},
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'curl/8.14.1'
+  },
+  requestId: 'req_1758709139807_4q5qihz83'
+}
+❌ [ERROR] 2025-09-24T10:18:59.912Z Unhandled error
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: {
+    message: "Expected property name or '}' in JSON at position 1 (line 1 column 2)",
+    name: 'SyntaxError',
+    stack: "SyntaxError: Expected property name or '}' in JSON at position 1 (line 1 column 2)\n" +
+      '    at JSON.parse (<anonymous>)\n' +
+      '    at parse (/home/ank/dev/lecoffre-back-mini/node_modules/body-parser/lib/types/jso'... 632 more characters
+  },
+  request: {
+    body: {},
+    ip: '::ffff:92.243.24.12',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'curl/8.14.1'
+  },
+  requestId: 'req_1758709139911_2i5wacr3j'
+}
+[IdNotCallback] incoming request {
+  originalUrl: '/idnot/callback?code=fake&state=null',
+  method: 'HEAD',
+  query: {
+    code_present: true,
+    code_length: 4,
+    state_present: true,
+    state_length: 4
+  },
+  headers: {
+    host: 'dev3.4nkweb.com',
+    'x-forwarded-for': '92.243.24.12',
+    'x-forwarded-proto': 'https'
+  }
+}
+❌ [ERROR] 2025-09-24T10:19:00.038Z Unhandled error
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: {
+    message: 'Invalid state format',
+    name: 'Error',
+    stack: 'Error: Invalid state format\n' +
+      '    at Object.verifyState (/home/ank/dev/lecoffre-back-mini/dist/services/state.service.js:70:19)\n' +
+      '    at /home/ank/dev/lecoffre-back-mini/dist/handlers/idnot-callback.handl'... 1454 more characters
+  },
+  request: {
+    body: {},
+    ip: '::ffff:127.0.0.1',
+    method: 'HEAD',
+    url: '/idnot/callback?code=fake&state=null',
+    userAgent: 'curl/8.14.1'
+  },
+  requestId: 'req_1758709140037_neb8qywmn'
+}
+❌ [ERROR] 2025-09-24T10:19:00.039Z HTTP HEAD /idnot/callback?code=fake&state=null - 500
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 2,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'HEAD',
+    url: '/idnot/callback?code=fake&state=null',
+    userAgent: 'curl/8.14.1'
+  },
+  requestId: 'req_1758709140037_neb8qywmn',
+  response: {
+    statusCode: 500
+  }
+}
+❌ [ERROR] 2025-09-24T10:20:34.290Z Unhandled error
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: {
+    message: 'next_url host not allowed',
+    name: 'Error',
+    stack: 'Error: next_url host not allowed\n' +
+      '    at validateNextUrl (/home/ank/dev/lecoffre-back-mini/dist/services/state.service.js:39:19)\n' +
+      '    at Object.signState (/home/ank/dev/lecoffre-back-mini/dist/services/'... 1422 more characters
+  },
+  request: {
+    body: {
+      next_url: 'https://lecoffreio.4nkweb.com/authorized-client'
+    },
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'curl/7.74.0'
+  },
+  requestId: 'req_1758709234289_zvj3iukxo'
+}
+❌ [ERROR] 2025-09-24T10:20:34.291Z HTTP POST /api/v1/idnot/state - 500
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 2,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'curl/7.74.0'
+  },
+  requestId: 'req_1758709234289_zvj3iukxo',
+  response: {
+    statusCode: 500
+  }
+}
+❌ [ERROR] 2025-09-24T10:20:46.142Z Unhandled error
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: {
+    message: 'next_url host not allowed',
+    name: 'Error',
+    stack: 'Error: next_url host not allowed\n' +
+      '    at validateNextUrl (/home/ank/dev/lecoffre-back-mini/dist/services/state.service.js:39:19)\n' +
+      '    at Object.signState (/home/ank/dev/lecoffre-back-mini/dist/services/'... 1422 more characters
+  },
+  request: {
+    body: {
+      next_url: 'https://lecoffreio.4nkweb.com/authorized-client'
+    },
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'curl/7.74.0'
+  },
+  requestId: 'req_1758709246142_uph0sxbkt'
+}
+❌ [ERROR] 2025-09-24T10:20:46.143Z HTTP POST /api/v1/idnot/state - 500
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 1,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'curl/7.74.0'
+  },
+  requestId: 'req_1758709246142_uph0sxbkt',
+  response: {
+    statusCode: 500
+  }
+}
+ℹ️  [INFO] 2025-09-24T10:22:10.516Z SIGTERM received, shutting down gracefully
+[dotenv@17.2.2] injecting env (40) from .env -- tip: 🔐 prevent committing .env to code: https://dotenvx.com/precommit
+ℹ️  [INFO] 2025-09-24T10:22:11.238Z Initializing Signer service
+Server started on port 8080
+✅ Connected to SDK Signer server
+ℹ️  [INFO] 2025-09-24T10:22:11.253Z Signer connected
+ℹ️  [INFO] 2025-09-24T10:22:11.254Z Signer connected
+ℹ️  [INFO] 2025-09-24T10:22:11.254Z Signer service initialized
+Server error: Device not paired
+Full error response: {
+  "type": "ERROR",
+  "error": "Device not paired",
+  "messageId": "msg_1758709361249_j1m0ykcur"
+}
+❌ [ERROR] 2025-09-24T10:22:41.253Z Signer WebSocket error
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: 'Device not paired'
+}
+❌ [ERROR] 2025-09-24T10:22:41.253Z Signer connection error
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: 'Device not paired'
+}
+⚠️  [WARN] 2025-09-24T10:22:41.254Z Signer disconnected - reconnecting...
+⚠️  [WARN] 2025-09-24T10:22:41.254Z Signer disconnected
+⚠️  [WARN] 2025-09-24T10:22:41.254Z Signer health check failed - connection may be stale
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: 'Server error for GET_PAIRING_ID: Device not paired'
+}
+ℹ️  [INFO] 2025-09-24T10:25:07.860Z HTTP POST /api/v1/idnot/state - 200
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 8,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'curl/7.74.0'
+  },
+  requestId: 'req_1758709507836_xdo4lv33f',
+  response: {
+    statusCode: 200
+  }
+}
+ℹ️  [INFO] 2025-09-24T10:25:18.090Z HTTP POST /api/v1/idnot/state - 200
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 2,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'curl/7.74.0'
+  },
+  requestId: 'req_1758709518087_ou6jmdpno',
+  response: {
+    statusCode: 200
+  }
+}
+❌ [ERROR] 2025-09-24T10:34:26.922Z Unhandled error
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: {
+    message: 'next_url host not allowed',
+    name: 'Error',
+    stack: 'Error: next_url host not allowed\n' +
+      '    at validateNextUrl (/home/ank/dev/lecoffre-back-mini/dist/services/state.service.js:39:19)\n' +
+      '    at Object.signState (/home/ank/dev/lecoffre-back-mini/dist/services/'... 1422 more characters
+  },
+  request: {
+    body: {
+      next_url: 'https://dev4.4nkweb.com/authorized-client'
+    },
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'curl/8.14.1'
+  },
+  requestId: 'req_1758710066904_27m9n7w60'
+}
+❌ [ERROR] 2025-09-24T10:34:26.925Z HTTP POST /api/v1/idnot/state - 500
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 15,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'curl/8.14.1'
+  },
+  requestId: 'req_1758710066904_27m9n7w60',
+  response: {
+    statusCode: 500
+  }
+}
+❌ [ERROR] 2025-09-24T10:34:27.017Z Unhandled error
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: {
+    message: 'next_url host not allowed',
+    name: 'Error',
+    stack: 'Error: next_url host not allowed\n' +
+      '    at validateNextUrl (/home/ank/dev/lecoffre-back-mini/dist/services/state.service.js:39:19)\n' +
+      '    at Object.signState (/home/ank/dev/lecoffre-back-mini/dist/services/'... 1422 more characters
+  },
+  request: {
+    body: {
+      next_url: 'https://dev4.4nkweb.com/authorized-client'
+    },
+    ip: '::ffff:92.243.24.12',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'curl/8.14.1'
+  },
+  requestId: 'req_1758710067015_3kjktqu9g'
+}
+❌ [ERROR] 2025-09-24T10:34:27.018Z HTTP POST /api/v1/idnot/state - 500
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 2,
+  request: {
+    ip: '::ffff:92.243.24.12',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'curl/8.14.1'
+  },
+  requestId: 'req_1758710067015_3kjktqu9g',
+  response: {
+    statusCode: 500
+  }
+}
+❌ [ERROR] 2025-09-24T10:47:37.979Z Unhandled error
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: {
+    message: "Expected property name or '}' in JSON at position 1 (line 1 column 2)",
+    name: 'SyntaxError',
+    stack: "SyntaxError: Expected property name or '}' in JSON at position 1 (line 1 column 2)\n" +
+      '    at JSON.parse (<anonymous>)\n' +
+      '    at parse (/home/ank/dev/lecoffre-back-mini/node_modules/body-parser/lib/types/jso'... 632 more characters
+  },
+  request: {
+    body: {},
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'curl/8.14.1'
+  },
+  requestId: 'req_1758710857977_3x2tff0uc'
+}
+❌ [ERROR] 2025-09-24T10:47:38.066Z Unhandled error
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: {
+    message: "Expected property name or '}' in JSON at position 1 (line 1 column 2)",
+    name: 'SyntaxError',
+    stack: "SyntaxError: Expected property name or '}' in JSON at position 1 (line 1 column 2)\n" +
+      '    at JSON.parse (<anonymous>)\n' +
+      '    at parse (/home/ank/dev/lecoffre-back-mini/node_modules/body-parser/lib/types/jso'... 632 more characters
+  },
+  request: {
+    body: {},
+    ip: '::ffff:92.243.24.12',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'curl/8.14.1'
+  },
+  requestId: 'req_1758710858066_ifwqr8nuh'
+}
+ℹ️  [INFO] 2025-09-24T10:49:25.159Z HTTP POST /api/v1/idnot/state - 200
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 1,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'curl/7.74.0'
+  },
+  requestId: 'req_1758710965156_bo5sx3ixk',
+  response: {
+    statusCode: 200
+  }
+}
+ℹ️  [INFO] 2025-09-24T10:49:41.619Z HTTP POST /api/v1/idnot/state - 200
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 0,
+  request: {
+    ip: '::ffff:92.243.24.12',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'curl/7.74.0'
+  },
+  requestId: 'req_1758710981618_ebi2gpw1s',
+  response: {
+    statusCode: 200
+  }
+}
+❌ [ERROR] 2025-09-24T10:51:22.782Z Unhandled error
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: {
+    message: 'next_url host not allowed',
+    name: 'Error',
+    stack: 'Error: next_url host not allowed\n' +
+      '    at validateNextUrl (/home/ank/dev/lecoffre-back-mini/dist/services/state.service.js:39:19)\n' +
+      '    at Object.signState (/home/ank/dev/lecoffre-back-mini/dist/services/'... 1422 more characters
+  },
+  request: {
+    body: {
+      next_url: 'https://dev4.4nkweb.com/authorized-client'
+    },
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36 Edg/140.0.0.0'
+  },
+  requestId: 'req_1758711082780_j597urba0'
+}
+❌ [ERROR] 2025-09-24T10:51:22.784Z HTTP POST /api/v1/idnot/state - 500
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 2,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36 Edg/140.0.0.0'
+  },
+  requestId: 'req_1758711082780_j597urba0',
+  response: {
+    statusCode: 500
+  }
+}
+ℹ️  [INFO] 2025-09-24T11:01:58.450Z HTTP POST /api/v1/idnot/state - 200
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 2,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'curl/8.14.1'
+  },
+  requestId: 'req_1758711718448_di1jkndj4',
+  response: {
+    statusCode: 200
+  }
+}
+ℹ️  [INFO] 2025-09-24T11:01:58.565Z HTTP POST /api/v1/idnot/state - 200
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 1,
+  request: {
+    ip: '::ffff:92.243.24.12',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'curl/8.14.1'
+  },
+  requestId: 'req_1758711718563_hcmejk267',
+  response: {
+    statusCode: 200
+  }
+}
+[IdNotCallback] incoming request {
+  originalUrl: '/idnot/callback?code=eyzP3g1U9rR_eU8posVgD-XrJHNyhgcf7Act7o2BLu3NDffTMYHDf8PnhBa87X1DpVlZiFfpAUZ5sDe0O1wwsLYYJqZG03XR6iy-FUvVRBq4_TBxteN6QlMNBrGZa8PIPLDduSgvTNd9co_9PG2NhvYk5ZDSZcaFVzSWC2IRYZNzKPnOfWd1NMr9aFK62xfpYnzMSER879r-IVOVR92hjXF63MA-TuuxQOO9WQgQ9gRrauQlJTrYIvnnjtoTd3hUjXiaK4wvlRyNNqYSkQXjdF2k4fanB9H4k8ioeQ3i6WcfPYiAoS4bP_DGhDOX4ed_Oso7XTk8RjymKAHVf-mR-of2n-WWQW0jAJFMlaJSFvSgm0KGZvsJcJX_oVQEiZ38dpiEJyVPiGV7WYzOH9Y35gzIl3CcFhAaIz9bqkpHLmZvNKQD_Q5NyaVa-WBoijrIltXfssA016g4qi6q4owykra7hOhH5URlk8_wfpR-jwe80NKZ55vPB0vhso-PWZ07aqc1oHVNpnN2dJGZSQJLm8nTTgEcDlFA7PewIXIg6eWHwUkZmJVLeU6hpAnlfgtUARoCczFcpktRLGzfY2XW-NHec1aIL0VC-7I0giWZtxY',
+  method: 'GET',
+  query: {
+    code_present: true,
+    code_length: 619,
+    state_present: false,
+    state_length: undefined
+  },
+  headers: {
+    host: 'dev3.4nkweb.com',
+    'x-forwarded-for': '37.167.14.251',
+    'x-forwarded-proto': 'https'
+  }
+}
+❌ [ERROR] 2025-09-24T11:03:39.390Z Application error occurred
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: {
+    code: 'VALIDATION_ERROR',
+    details: [
+      {
+        constraints: [
+          'required'
+        ],
+        field: 'code',
+        value: 'eyzP3g1U9rR_eU8posVgD-XrJHNyhgcf7Act7o2BLu3NDffTMYHDf8PnhBa87X1DpVlZiFfpAUZ5sDe0O1wwsLYYJqZG03XR6iy-FUvVRBq4_TBxteN6QlMNBrGZa8PIPLDduSgvTNd9co_9PG2NhvYk5ZDSZcaFVzSWC2IRYZNzKPnOfWd1NMr9aFK62xfpYnzMSER8'... 419 more characters
+      },
+      {
+        constraints: [
+          'required'
+        ],
+        field: 'state',
+        value: undefined
+      }
+    ],
+    message: 'Missing code or state',
+    stack: 'Error: Missing code or state\n' +
+      '    at new ValidationError (/home/ank/dev/lecoffre-back-mini/dist/types/errors.js:64:9)\n' +
+      '    at /home/ank/dev/lecoffre-back-mini/dist/handlers/idnot-callback.handlers.js:39'... 1445 more characters,
+    statusCode: 400
+  },
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'GET',
+    url: '/idnot/callback?code=eyzP3g1U9rR_eU8posVgD-XrJHNyhgcf7Act7o2BLu3NDffTMYHDf8PnhBa87X1DpVlZiFfpAUZ5sDe0O1wwsLYYJqZG03XR6iy-FUvVRBq4_TBxteN6QlMNBrGZa8PIPLDduSgvTNd9co_9PG2NhvYk5ZDSZcaFVzSWC2IRYZNzKPnOfWd'... 440 more characters,
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36'
+  },
+  requestId: 'req_1758711819389_nf34png2h'
+}
+❌ [ERROR] 2025-09-24T11:03:39.392Z HTTP GET /idnot/callback?code=eyzP3g1U9rR_eU8posVgD-XrJHNyhgcf7Act7o2BLu3NDffTMYHDf8PnhBa87X1DpVlZiFfpAUZ5sDe0O1wwsLYYJqZG03XR6iy-FUvVRBq4_TBxteN6QlMNBrGZa8PIPLDduSgvTNd9co_9PG2NhvYk5ZDSZcaFVzSWC2IRYZNzKPnOfWd1NMr9aFK62xfpYnzMSER879r-IVOVR92hjXF63MA-TuuxQOO9WQgQ9gRrauQlJTrYIvnnjtoTd3hUjXiaK4wvlRyNNqYSkQXjdF2k4fanB9H4k8ioeQ3i6WcfPYiAoS4bP_DGhDOX4ed_Oso7XTk8RjymKAHVf-mR-of2n-WWQW0jAJFMlaJSFvSgm0KGZvsJcJX_oVQEiZ38dpiEJyVPiGV7WYzOH9Y35gzIl3CcFhAaIz9bqkpHLmZvNKQD_Q5NyaVa-WBoijrIltXfssA016g4qi6q4owykra7hOhH5URlk8_wfpR-jwe80NKZ55vPB0vhso-PWZ07aqc1oHVNpnN2dJGZSQJLm8nTTgEcDlFA7PewIXIg6eWHwUkZmJVLeU6hpAnlfgtUARoCczFcpktRLGzfY2XW-NHec1aIL0VC-7I0giWZtxY - 400
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 3,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'GET',
+    url: '/idnot/callback?code=eyzP3g1U9rR_eU8posVgD-XrJHNyhgcf7Act7o2BLu3NDffTMYHDf8PnhBa87X1DpVlZiFfpAUZ5sDe0O1wwsLYYJqZG03XR6iy-FUvVRBq4_TBxteN6QlMNBrGZa8PIPLDduSgvTNd9co_9PG2NhvYk5ZDSZcaFVzSWC2IRYZNzKPnOfWd'... 440 more characters,
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36'
+  },
+  requestId: 'req_1758711819389_nf34png2h',
+  response: {
+    statusCode: 400
+  }
+}
+❌ [ERROR] 2025-09-24T11:03:49.801Z Unhandled error
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: {
+    message: 'next_url host not allowed',
+    name: 'Error',
+    stack: 'Error: next_url host not allowed\n' +
+      '    at validateNextUrl (/home/ank/dev/lecoffre-back-mini/dist/services/state.service.js:39:19)\n' +
+      '    at Object.signState (/home/ank/dev/lecoffre-back-mini/dist/services/'... 1422 more characters
+  },
+  request: {
+    body: {
+      next_url: 'https://dev4.4nkweb.com/authorized-client'
+    },
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36'
+  },
+  requestId: 'req_1758711829800_f8l7fdg5v'
+}
+❌ [ERROR] 2025-09-24T11:03:49.802Z HTTP POST /api/v1/idnot/state - 500
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 2,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36'
+  },
+  requestId: 'req_1758711829800_f8l7fdg5v',
+  response: {
+    statusCode: 500
+  }
+}
+❌ [ERROR] 2025-09-24T11:03:53.921Z Unhandled error
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: {
+    message: 'next_url host not allowed',
+    name: 'Error',
+    stack: 'Error: next_url host not allowed\n' +
+      '    at validateNextUrl (/home/ank/dev/lecoffre-back-mini/dist/services/state.service.js:39:19)\n' +
+      '    at Object.signState (/home/ank/dev/lecoffre-back-mini/dist/services/'... 1422 more characters
+  },
+  request: {
+    body: {
+      next_url: 'https://dev4.4nkweb.com/authorized-client'
+    },
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36'
+  },
+  requestId: 'req_1758711833920_50d813ejt'
+}
+❌ [ERROR] 2025-09-24T11:03:53.921Z HTTP POST /api/v1/idnot/state - 500
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 1,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36'
+  },
+  requestId: 'req_1758711833920_50d813ejt',
+  response: {
+    statusCode: 500
+  }
+}
+ℹ️  [INFO] 2025-09-24T11:08:45.074Z HTTP POST /api/v1/idnot/state - 200
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 1,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'curl/8.14.1'
+  },
+  requestId: 'req_1758712125073_9bz1sg77c',
+  response: {
+    statusCode: 200
+  }
+}
+❌ [ERROR] 2025-09-24T11:09:08.000Z Unhandled error
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: {
+    message: 'next_url host not allowed',
+    name: 'Error',
+    stack: 'Error: next_url host not allowed\n' +
+      '    at validateNextUrl (/home/ank/dev/lecoffre-back-mini/dist/services/state.service.js:39:19)\n' +
+      '    at Object.signState (/home/ank/dev/lecoffre-back-mini/dist/services/'... 1422 more characters
+  },
+  request: {
+    body: {
+      next_url: 'https://dev4.4nkweb.com/authorized-client'
+    },
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36'
+  },
+  requestId: 'req_1758712147999_qawqb01l3'
+}
+❌ [ERROR] 2025-09-24T11:09:08.001Z HTTP POST /api/v1/idnot/state - 500
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 1,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36'
+  },
+  requestId: 'req_1758712147999_qawqb01l3',
+  response: {
+    statusCode: 500
+  }
+}
+❌ [ERROR] 2025-09-24T11:09:55.041Z HTTP GET / - 404
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 1,
+  request: {
+    ip: '::ffff:204.76.203.219',
+    method: 'GET',
+    url: '/',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46'
+  },
+  requestId: 'req_1758712195039_lvmz6uq2a',
+  response: {
+    statusCode: 404
+  }
+}
+❌ [ERROR] 2025-09-24T11:15:39.886Z HTTP GET / - 404
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 1,
+  request: {
+    ip: '::ffff:45.135.193.100',
+    method: 'GET',
+    url: '/',
+    userAgent: undefined
+  },
+  requestId: 'req_1758712539885_sn4n0i98z',
+  response: {
+    statusCode: 404
+  }
+}
+❌ [ERROR] 2025-09-24T11:20:13.564Z HTTP GET /https://'+location.hostname+': - 404
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 1,
+  request: {
+    ip: '::ffff:89.248.168.227',
+    method: 'GET',
+    url: "/https://'+location.hostname+':",
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36'
+  },
+  requestId: 'req_1758712813562_xltodt85j',
+  response: {
+    statusCode: 404
+  }
+}
+❌ [ERROR] 2025-09-24T12:17:08.177Z Unhandled error
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: {
+    message: 'next_url host not allowed',
+    name: 'Error',
+    stack: 'Error: next_url host not allowed\n' +
+      '    at validateNextUrl (/home/ank/dev/lecoffre-back-mini/dist/services/state.service.js:39:19)\n' +
+      '    at Object.signState (/home/ank/dev/lecoffre-back-mini/dist/services/'... 1422 more characters
+  },
+  request: {
+    body: {
+      next_url: 'https://dev4.4nkweb.com/authorized-client'
+    },
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36'
+  },
+  requestId: 'req_1758716228176_gfdvb3lcc'
+}
+❌ [ERROR] 2025-09-24T12:17:08.178Z HTTP POST /api/v1/idnot/state - 500
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 1,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36'
+  },
+  requestId: 'req_1758716228176_gfdvb3lcc',
+  response: {
+    statusCode: 500
+  }
+}
+❌ [ERROR] 2025-09-24T12:17:08.996Z Unhandled error
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: {
+    message: 'next_url host not allowed',
+    name: 'Error',
+    stack: 'Error: next_url host not allowed\n' +
+      '    at validateNextUrl (/home/ank/dev/lecoffre-back-mini/dist/services/state.service.js:39:19)\n' +
+      '    at Object.signState (/home/ank/dev/lecoffre-back-mini/dist/services/'... 1422 more characters
+  },
+  request: {
+    body: {
+      next_url: 'https://dev4.4nkweb.com/authorized-client'
+    },
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36'
+  },
+  requestId: 'req_1758716228996_kiheo6j0v'
+}
+❌ [ERROR] 2025-09-24T12:17:08.997Z HTTP POST /api/v1/idnot/state - 500
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 1,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36'
+  },
+  requestId: 'req_1758716228996_kiheo6j0v',
+  response: {
+    statusCode: 500
+  }
+}
+❌ [ERROR] 2025-09-24T12:18:01.137Z Unhandled error
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: {
+    message: 'next_url host not allowed',
+    name: 'Error',
+    stack: 'Error: next_url host not allowed\n' +
+      '    at validateNextUrl (/home/ank/dev/lecoffre-back-mini/dist/services/state.service.js:39:19)\n' +
+      '    at Object.signState (/home/ank/dev/lecoffre-back-mini/dist/services/'... 1422 more characters
+  },
+  request: {
+    body: {
+      next_url: 'https://dev4.4nkweb.com/authorized-client'
+    },
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36'
+  },
+  requestId: 'req_1758716281136_8tkgkj46g'
+}
+❌ [ERROR] 2025-09-24T12:18:01.137Z HTTP POST /api/v1/idnot/state - 500
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 1,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36'
+  },
+  requestId: 'req_1758716281136_8tkgkj46g',
+  response: {
+    statusCode: 500
+  }
+}
+❌ [ERROR] 2025-09-24T12:22:16.688Z Unhandled error
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: {
+    message: 'next_url host not allowed',
+    name: 'Error',
+    stack: 'Error: next_url host not allowed\n' +
+      '    at validateNextUrl (/home/ank/dev/lecoffre-back-mini/dist/services/state.service.js:39:19)\n' +
+      '    at Object.signState (/home/ank/dev/lecoffre-back-mini/dist/services/'... 1422 more characters
+  },
+  request: {
+    body: {
+      next_url: 'https://dev4.4nkweb.com/authorized-client'
+    },
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'curl/7.74.0'
+  },
+  requestId: 'req_1758716536666_mh3vj7or9'
+}
+❌ [ERROR] 2025-09-24T12:22:16.697Z HTTP POST /api/v1/idnot/state - 500
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 23,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'curl/7.74.0'
+  },
+  requestId: 'req_1758716536666_mh3vj7or9',
+  response: {
+    statusCode: 500
+  }
+}
+[IdNotCallback] incoming request {
+  originalUrl: '/idnot/callback',
+  method: 'GET',
+  query: {
+    code_present: false,
+    code_length: undefined,
+    state_present: false,
+    state_length: undefined
+  },
+  headers: {
+    host: 'dev3.4nkweb.com',
+    'x-forwarded-for': '46.101.140.177',
+    'x-forwarded-proto': 'https'
+  }
+}
+❌ [ERROR] 2025-09-24T12:24:04.384Z Application error occurred
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: {
+    code: 'VALIDATION_ERROR',
+    details: [
+      {
+        constraints: [
+          'required'
+        ],
+        field: 'code',
+        value: undefined
+      },
+      {
+        constraints: [
+          'required'
+        ],
+        field: 'state',
+        value: undefined
+      }
+    ],
+    message: 'Missing code or state',
+    stack: 'Error: Missing code or state\n' +
+      '    at new ValidationError (/home/ank/dev/lecoffre-back-mini/dist/types/errors.js:64:9)\n' +
+      '    at /home/ank/dev/lecoffre-back-mini/dist/handlers/idnot-callback.handlers.js:39'... 1445 more characters,
+    statusCode: 400
+  },
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'GET',
+    url: '/idnot/callback',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36'
+  },
+  requestId: 'req_1758716644366_bnu82xuil'
+}
+❌ [ERROR] 2025-09-24T12:24:04.399Z HTTP GET /idnot/callback - 400
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 28,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'GET',
+    url: '/idnot/callback',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36'
+  },
+  requestId: 'req_1758716644366_bnu82xuil',
+  response: {
+    statusCode: 400
+  }
+}
+❌ [ERROR] 2025-09-24T12:27:06.661Z HTTP GET / - 404
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 1,
+  request: {
+    ip: '::ffff:204.76.203.219',
+    method: 'GET',
+    url: '/',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46'
+  },
+  requestId: 'req_1758716826659_t41xdd94h',
+  response: {
+    statusCode: 404
+  }
+}
--- a/logs/restart.out
+++ b/logs/restart.out
@ -0,0 +1,710 @@
+[dotenv@17.2.2] injecting env (42) from .env -- tip: 📡 version env with Radar: https://dotenvx.com/radar
+ℹ️  [INFO] 2025-09-24T12:40:14.984Z Initializing Signer service
+Server started on port 8080
+✅ Connected to SDK Signer server
+ℹ️  [INFO] 2025-09-24T12:40:14.996Z Signer connected
+ℹ️  [INFO] 2025-09-24T12:40:14.996Z Signer connected
+ℹ️  [INFO] 2025-09-24T12:40:14.996Z Signer service initialized
+ℹ️  [INFO] 2025-09-24T12:40:32.351Z HTTP POST /api/v1/idnot/state - 200
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 7,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'curl/8.14.1'
+  },
+  requestId: 'req_1758717632331_m56ovwnbw',
+  response: {
+    statusCode: 200
+  }
+}
+ℹ️  [INFO] 2025-09-24T12:40:44.337Z HTTP POST /api/v1/idnot/state - 200
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 3,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'curl/8.14.1'
+  },
+  requestId: 'req_1758717644332_7lqfodlxg',
+  response: {
+    statusCode: 200
+  }
+}
+Server error: Device not paired
+Full error response: {
+  "type": "ERROR",
+  "error": "Device not paired",
+  "messageId": "msg_1758717644986_lc08nxhrp"
+}
+❌ [ERROR] 2025-09-24T12:40:44.990Z Signer WebSocket error
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: 'Device not paired'
+}
+❌ [ERROR] 2025-09-24T12:40:44.990Z Signer connection error
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: 'Device not paired'
+}
+⚠️  [WARN] 2025-09-24T12:40:44.991Z Signer disconnected - reconnecting...
+⚠️  [WARN] 2025-09-24T12:40:44.991Z Signer disconnected
+⚠️  [WARN] 2025-09-24T12:40:44.992Z Signer health check failed - connection may be stale
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: 'Server error for GET_PAIRING_ID: Device not paired'
+}
+ℹ️  [INFO] 2025-09-24T12:41:46.498Z HTTP POST /api/v1/idnot/state - 200
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 1,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36'
+  },
+  requestId: 'req_1758717706496_iytoj8vj2',
+  response: {
+    statusCode: 200
+  }
+}
+❌ [ERROR] 2025-09-24T12:41:59.371Z HTTP GET / - 404
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 3,
+  request: {
+    ip: '::ffff:45.135.193.100',
+    method: 'GET',
+    url: '/',
+    userAgent: undefined
+  },
+  requestId: 'req_1758717719368_cdz2jta4r',
+  response: {
+    statusCode: 404
+  }
+}
+ℹ️  [INFO] 2025-09-24T12:48:30.338Z HTTP POST /api/v1/idnot/state - 200
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 1,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36'
+  },
+  requestId: 'req_1758718110336_724huh3n8',
+  response: {
+    statusCode: 200
+  }
+}
+[IdNotCallback] incoming request {
+  originalUrl: '/idnot/callback',
+  method: 'GET',
+  query: {
+    code_present: false,
+    code_length: undefined,
+    state_present: false,
+    state_length: undefined
+  },
+  headers: {
+    host: 'dev3.4nkweb.com',
+    'x-forwarded-for': '64.62.197.21',
+    'x-forwarded-proto': 'https'
+  }
+}
+❌ [ERROR] 2025-09-24T12:59:56.286Z Application error occurred
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: {
+    code: 'VALIDATION_ERROR',
+    details: [
+      {
+        constraints: [
+          'required'
+        ],
+        field: 'code',
+        value: undefined
+      },
+      {
+        constraints: [
+          'required'
+        ],
+        field: 'state',
+        value: undefined
+      }
+    ],
+    message: 'Missing code or state',
+    stack: 'Error: Missing code or state\n' +
+      '    at new ValidationError (/home/ank/dev/lecoffre-back-mini/dist/types/errors.js:64:9)\n' +
+      '    at /home/ank/dev/lecoffre-back-mini/dist/handlers/idnot-callback.handlers.js:39'... 1445 more characters,
+    statusCode: 400
+  },
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'GET',
+    url: '/idnot/callback',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:128.0) Gecko/20100101 Firefox/128.0'
+  },
+  requestId: 'req_1758718796283_86d8qxvoa'
+}
+❌ [ERROR] 2025-09-24T12:59:56.289Z HTTP GET /idnot/callback - 400
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 6,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'GET',
+    url: '/idnot/callback',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:128.0) Gecko/20100101 Firefox/128.0'
+  },
+  requestId: 'req_1758718796283_86d8qxvoa',
+  response: {
+    statusCode: 400
+  }
+}
+[IdNotCallback] incoming request {
+  originalUrl: '/idnot/callback',
+  method: 'GET',
+  query: {
+    code_present: false,
+    code_length: undefined,
+    state_present: false,
+    state_length: undefined
+  },
+  headers: {
+    host: 'dev3.4nkweb.com',
+    'x-forwarded-for': '104.196.67.21',
+    'x-forwarded-proto': 'https'
+  }
+}
+❌ [ERROR] 2025-09-24T13:12:57.356Z Application error occurred
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: {
+    code: 'VALIDATION_ERROR',
+    details: [
+      {
+        constraints: [
+          'required'
+        ],
+        field: 'code',
+        value: undefined
+      },
+      {
+        constraints: [
+          'required'
+        ],
+        field: 'state',
+        value: undefined
+      }
+    ],
+    message: 'Missing code or state',
+    stack: 'Error: Missing code or state\n' +
+      '    at new ValidationError (/home/ank/dev/lecoffre-back-mini/dist/types/errors.js:64:9)\n' +
+      '    at /home/ank/dev/lecoffre-back-mini/dist/handlers/idnot-callback.handlers.js:39'... 1445 more characters,
+    statusCode: 400
+  },
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'GET',
+    url: '/idnot/callback',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36'
+  },
+  requestId: 'req_1758719577354_dxh2avzbs'
+}
+❌ [ERROR] 2025-09-24T13:12:57.357Z HTTP GET /idnot/callback - 400
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 3,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'GET',
+    url: '/idnot/callback',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36'
+  },
+  requestId: 'req_1758719577354_dxh2avzbs',
+  response: {
+    statusCode: 400
+  }
+}
+❌ [ERROR] 2025-09-24T13:13:48.192Z HTTP GET /pdown - 404
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 0,
+  request: {
+    ip: '::ffff:35.189.127.80',
+    method: 'GET',
+    url: '/pdown',
+    userAgent: undefined
+  },
+  requestId: 'req_1758719628192_52uwsckck',
+  response: {
+    statusCode: 404
+  }
+}
+ℹ️  [INFO] 2025-09-24T13:21:24.370Z HTTP POST /api/v1/idnot/state - 200
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 1,
+  request: {
+    ip: '::ffff:92.243.24.12',
+    method: 'POST',
+    url: '/api/v1/idnot/state',
+    userAgent: 'curl/8.14.1'
+  },
+  requestId: 'req_1758720084368_jcx4o3v7p',
+  response: {
+    statusCode: 200
+  }
+}
+[IdNotCallback] incoming request {
+  originalUrl: '/idnot/callback',
+  method: 'GET',
+  query: {
+    code_present: false,
+    code_length: undefined,
+    state_present: false,
+    state_length: undefined
+  },
+  headers: {
+    host: 'dev3.4nkweb.com',
+    'x-forwarded-for': '37.167.14.251',
+    'x-forwarded-proto': 'https'
+  }
+}
+❌ [ERROR] 2025-09-24T13:25:40.935Z Application error occurred
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: {
+    code: 'VALIDATION_ERROR',
+    details: [
+      {
+        constraints: [
+          'required'
+        ],
+        field: 'code',
+        value: undefined
+      },
+      {
+        constraints: [
+          'required'
+        ],
+        field: 'state',
+        value: undefined
+      }
+    ],
+    message: 'Missing code or state',
+    stack: 'Error: Missing code or state\n' +
+      '    at new ValidationError (/home/ank/dev/lecoffre-back-mini/dist/types/errors.js:64:9)\n' +
+      '    at /home/ank/dev/lecoffre-back-mini/dist/handlers/idnot-callback.handlers.js:39'... 1445 more characters,
+    statusCode: 400
+  },
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'GET',
+    url: '/idnot/callback',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36'
+  },
+  requestId: 'req_1758720340934_3feqxlsoa'
+}
+❌ [ERROR] 2025-09-24T13:25:40.936Z HTTP GET /idnot/callback - 400
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 2,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'GET',
+    url: '/idnot/callback',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36'
+  },
+  requestId: 'req_1758720340934_3feqxlsoa',
+  response: {
+    statusCode: 400
+  }
+}
+[IdNotCallback] incoming request {
+  originalUrl: '/idnot/callback',
+  method: 'GET',
+  query: {
+    code_present: false,
+    code_length: undefined,
+    state_present: false,
+    state_length: undefined
+  },
+  headers: {
+    host: 'dev3.4nkweb.com',
+    'x-forwarded-for': '37.167.14.251',
+    'x-forwarded-proto': 'https'
+  }
+}
+❌ [ERROR] 2025-09-24T13:25:49.512Z Application error occurred
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: {
+    code: 'VALIDATION_ERROR',
+    details: [
+      {
+        constraints: [
+          'required'
+        ],
+        field: 'code',
+        value: undefined
+      },
+      {
+        constraints: [
+          'required'
+        ],
+        field: 'state',
+        value: undefined
+      }
+    ],
+    message: 'Missing code or state',
+    stack: 'Error: Missing code or state\n' +
+      '    at new ValidationError (/home/ank/dev/lecoffre-back-mini/dist/types/errors.js:64:9)\n' +
+      '    at /home/ank/dev/lecoffre-back-mini/dist/handlers/idnot-callback.handlers.js:39'... 1445 more characters,
+    statusCode: 400
+  },
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'GET',
+    url: '/idnot/callback',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36'
+  },
+  requestId: 'req_1758720349511_ee91c31g9'
+}
+❌ [ERROR] 2025-09-24T13:25:49.513Z HTTP GET /idnot/callback - 400
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 2,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'GET',
+    url: '/idnot/callback',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36'
+  },
+  requestId: 'req_1758720349511_ee91c31g9',
+  response: {
+    statusCode: 400
+  }
+}
+❌ [ERROR] 2025-09-24T13:47:38.130Z HTTP GET / - 404
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 1,
+  request: {
+    ip: '::ffff:204.76.203.219',
+    method: 'GET',
+    url: '/',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46'
+  },
+  requestId: 'req_1758721658129_mxrsfdggw',
+  response: {
+    statusCode: 404
+  }
+}
+❌ [ERROR] 2025-09-24T14:16:22.980Z HTTP GET / - 404
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 0,
+  request: {
+    ip: '::ffff:124.198.132.121',
+    method: 'GET',
+    url: '/',
+    userAgent: undefined
+  },
+  requestId: 'req_1758723382979_3c09kzm1u',
+  response: {
+    statusCode: 404
+  }
+}
+❌ [ERROR] 2025-09-24T14:33:43.694Z HTTP GET /manager/text/list - 404
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 1,
+  request: {
+    ip: '::ffff:20.84.119.5',
+    method: 'GET',
+    url: '/manager/text/list',
+    userAgent: 'Mozilla/5.0 zgrab/0.x'
+  },
+  requestId: 'req_1758724423693_pf9l2jzlh',
+  response: {
+    statusCode: 404
+  }
+}
+❌ [ERROR] 2025-09-24T14:34:41.473Z HTTP GET / - 404
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 1,
+  request: {
+    ip: '::ffff:45.135.193.100',
+    method: 'GET',
+    url: '/',
+    userAgent: undefined
+  },
+  requestId: 'req_1758724481472_d0ls68l03',
+  response: {
+    statusCode: 404
+  }
+}
+❌ [ERROR] 2025-09-24T14:54:19.384Z HTTP GET / - 404
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 1,
+  request: {
+    ip: '::ffff:207.90.244.28',
+    method: 'GET',
+    url: '/',
+    userAgent: 'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36'
+  },
+  requestId: 'req_1758725659382_gfr3wyne5',
+  response: {
+    statusCode: 404
+  }
+}
+❌ [ERROR] 2025-09-24T14:54:21.949Z HTTP GET /favicon.ico - 404
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 2,
+  request: {
+    ip: '::ffff:207.90.244.28',
+    method: 'GET',
+    url: '/favicon.ico',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.63 Safari/537.36'
+  },
+  requestId: 'req_1758725661947_u4drp4l5u',
+  response: {
+    statusCode: 404
+  }
+}
+❌ [ERROR] 2025-09-24T15:07:58.358Z HTTP GET / - 404
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 1,
+  request: {
+    ip: '::ffff:204.76.203.219',
+    method: 'GET',
+    url: '/',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46'
+  },
+  requestId: 'req_1758726478357_gqtjxe05y',
+  response: {
+    statusCode: 404
+  }
+}
+[IdNotCallback] incoming request {
+  originalUrl: '/idnot/callback',
+  method: 'GET',
+  query: {
+    code_present: false,
+    code_length: undefined,
+    state_present: false,
+    state_length: undefined
+  },
+  headers: {
+    host: 'dev3.4nkweb.com',
+    'x-forwarded-for': '37.167.14.251',
+    'x-forwarded-proto': 'https'
+  }
+}
+❌ [ERROR] 2025-09-24T15:10:59.413Z Application error occurred
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: {
+    code: 'VALIDATION_ERROR',
+    details: [
+      {
+        constraints: [
+          'required'
+        ],
+        field: 'code',
+        value: undefined
+      },
+      {
+        constraints: [
+          'required'
+        ],
+        field: 'state',
+        value: undefined
+      }
+    ],
+    message: 'Missing code or state',
+    stack: 'Error: Missing code or state\n' +
+      '    at new ValidationError (/home/ank/dev/lecoffre-back-mini/dist/types/errors.js:64:9)\n' +
+      '    at /home/ank/dev/lecoffre-back-mini/dist/handlers/idnot-callback.handlers.js:39'... 1445 more characters,
+    statusCode: 400
+  },
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'GET',
+    url: '/idnot/callback',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36'
+  },
+  requestId: 'req_1758726659411_fmxttqdrs'
+}
+❌ [ERROR] 2025-09-24T15:10:59.413Z HTTP GET /idnot/callback - 400
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 2,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'GET',
+    url: '/idnot/callback',
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36'
+  },
+  requestId: 'req_1758726659411_fmxttqdrs',
+  response: {
+    statusCode: 400
+  }
+}
+[IdNotCallback] incoming request {
+  originalUrl: '/idnot/callback?code=eyzP3g1U9rR_eU8posVgD-XrJHNyhgcf7Act7o2BLu3NDffTMYHDf8PnhBa87X1DpVlZiFfpAUZ5sDe0O1wwsLYYJqZG03XR6iy-FUvVRBq4_TBxteN6QlMNBrGZa8PIPLDduSgvTNd9co_9PG2NhvYk5ZDSZcaFVzSWC2IRYZNzKPnOfWd1NMr9aFK62xfpYnzMSER879r-IVOVR92hjXF63MA-TuuxQOO9WQgQ9gRrauQlJTrYIvnnjtoTd3hUjXiaK4wvlRyNNqYSkQXjdF2k4fanB9H4k8ioeQ3i6WcfPYiAoS4bP_DGhDOX4ed_Oso7XTk8RjymKAHVf-mR-of2n-WWQW0jAJFMlaJSFvSgm0KGZvsJcJX_oVQEiZ38dpiEJyVPiGV7WYzOH9Y35gzIl3CcFhAaIz9bqkpHLmZvNKQD_Q5NyaVa-WBoijrIltXfssA016g4qi6q4owykra7hOhH5URlk8_wfpR-jwe80NKZ55vPB0vhso-PWZ07aqc1oHVNpnN2dJGZSQJLm8nTTgEcDlFA7PewIXIg6eWHwUkZmJVLeU6hpAnlfgtUARoCczFcpktRLGzfY2XW-NHec1aIL0VC-7I0giWZtxY',
+  method: 'GET',
+  query: {
+    code_present: true,
+    code_length: 619,
+    state_present: false,
+    state_length: undefined
+  },
+  headers: {
+    host: 'dev3.4nkweb.com',
+    'x-forwarded-for': '37.167.14.251',
+    'x-forwarded-proto': 'https'
+  }
+}
+❌ [ERROR] 2025-09-24T15:11:05.919Z Application error occurred
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: {
+    code: 'VALIDATION_ERROR',
+    details: [
+      {
+        constraints: [
+          'required'
+        ],
+        field: 'code',
+        value: 'eyzP3g1U9rR_eU8posVgD-XrJHNyhgcf7Act7o2BLu3NDffTMYHDf8PnhBa87X1DpVlZiFfpAUZ5sDe0O1wwsLYYJqZG03XR6iy-FUvVRBq4_TBxteN6QlMNBrGZa8PIPLDduSgvTNd9co_9PG2NhvYk5ZDSZcaFVzSWC2IRYZNzKPnOfWd1NMr9aFK62xfpYnzMSER8'... 419 more characters
+      },
+      {
+        constraints: [
+          'required'
+        ],
+        field: 'state',
+        value: undefined
+      }
+    ],
+    message: 'Missing code or state',
+    stack: 'Error: Missing code or state\n' +
+      '    at new ValidationError (/home/ank/dev/lecoffre-back-mini/dist/types/errors.js:64:9)\n' +
+      '    at /home/ank/dev/lecoffre-back-mini/dist/handlers/idnot-callback.handlers.js:39'... 1445 more characters,
+    statusCode: 400
+  },
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'GET',
+    url: '/idnot/callback?code=eyzP3g1U9rR_eU8posVgD-XrJHNyhgcf7Act7o2BLu3NDffTMYHDf8PnhBa87X1DpVlZiFfpAUZ5sDe0O1wwsLYYJqZG03XR6iy-FUvVRBq4_TBxteN6QlMNBrGZa8PIPLDduSgvTNd9co_9PG2NhvYk5ZDSZcaFVzSWC2IRYZNzKPnOfWd'... 440 more characters,
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36'
+  },
+  requestId: 'req_1758726665918_rd7x3f06b'
+}
+❌ [ERROR] 2025-09-24T15:11:05.920Z HTTP GET /idnot/callback?code=eyzP3g1U9rR_eU8posVgD-XrJHNyhgcf7Act7o2BLu3NDffTMYHDf8PnhBa87X1DpVlZiFfpAUZ5sDe0O1wwsLYYJqZG03XR6iy-FUvVRBq4_TBxteN6QlMNBrGZa8PIPLDduSgvTNd9co_9PG2NhvYk5ZDSZcaFVzSWC2IRYZNzKPnOfWd1NMr9aFK62xfpYnzMSER879r-IVOVR92hjXF63MA-TuuxQOO9WQgQ9gRrauQlJTrYIvnnjtoTd3hUjXiaK4wvlRyNNqYSkQXjdF2k4fanB9H4k8ioeQ3i6WcfPYiAoS4bP_DGhDOX4ed_Oso7XTk8RjymKAHVf-mR-of2n-WWQW0jAJFMlaJSFvSgm0KGZvsJcJX_oVQEiZ38dpiEJyVPiGV7WYzOH9Y35gzIl3CcFhAaIz9bqkpHLmZvNKQD_Q5NyaVa-WBoijrIltXfssA016g4qi6q4owykra7hOhH5URlk8_wfpR-jwe80NKZ55vPB0vhso-PWZ07aqc1oHVNpnN2dJGZSQJLm8nTTgEcDlFA7PewIXIg6eWHwUkZmJVLeU6hpAnlfgtUARoCczFcpktRLGzfY2XW-NHec1aIL0VC-7I0giWZtxY - 400
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 2,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'GET',
+    url: '/idnot/callback?code=eyzP3g1U9rR_eU8posVgD-XrJHNyhgcf7Act7o2BLu3NDffTMYHDf8PnhBa87X1DpVlZiFfpAUZ5sDe0O1wwsLYYJqZG03XR6iy-FUvVRBq4_TBxteN6QlMNBrGZa8PIPLDduSgvTNd9co_9PG2NhvYk5ZDSZcaFVzSWC2IRYZNzKPnOfWd'... 440 more characters,
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36'
+  },
+  requestId: 'req_1758726665918_rd7x3f06b',
+  response: {
+    statusCode: 400
+  }
+}
+[IdNotCallback] incoming request {
+  originalUrl: '/idnot/callback?code=eyzP3g1U9rR_eU8posVgD-XrJHNyhgcf7Act7o2BLu3NDffTMYHDf8PnhBa87X1DpVlZiFfpAUZ5sDe0O1wwsLYYJqZG03XR6iy-FUvVRBq4_TBxteN6QlMNBrGZa8PIPLDduSgvTNd9co_9PG2NhvYk5ZDSZcaFVzSWC2IRYZNzKPnOfWd1NMr9aFK62xfpYnzMSER879r-IVOVR92hjXF63MA-TuuxQOO9WQgQ9gRrauQlJTrYIvnnjtoTd3hUjXiaK4wvlRyNNqYSkQXjdF2k4fanB9H4k8ioeQ3i6WcfPYiAoS4bP_DGhDOX4ed_Oso7XTk8RjymKAHVf-mR-of2n-WWQW0jAJFMlaJSFvSgm0KGZvsJcJX_oVQEiZ38dpiEJyVPiGV7WYzOH9Y35gzIl3CcFhAaIz9bqkpHLmZvNKQD_Q5NyaVa-WBoijrIltXfssA016g4qi6q4owykra7hOhH5URlk8_wfpR-jwe80NKZ55vPB0vhso-PWZ07aqc1oHVNpnN2dJGZSQJLm8nTTgEcDlFA7PewIXIg6eWHwUkZmJVLeU6hpAnlfgtUARoCczFcpktRLGzfY2XW-NHec1aIL0VC-7I0giWZtxY',
+  method: 'GET',
+  query: {
+    code_present: true,
+    code_length: 619,
+    state_present: false,
+    state_length: undefined
+  },
+  headers: {
+    host: 'dev3.4nkweb.com',
+    'x-forwarded-for': '37.167.14.251',
+    'x-forwarded-proto': 'https'
+  }
+}
+❌ [ERROR] 2025-09-24T15:12:58.163Z Application error occurred
+────────────────────────────────────────────────────────────────────────────────
+{
+  error: {
+    code: 'VALIDATION_ERROR',
+    details: [
+      {
+        constraints: [
+          'required'
+        ],
+        field: 'code',
+        value: 'eyzP3g1U9rR_eU8posVgD-XrJHNyhgcf7Act7o2BLu3NDffTMYHDf8PnhBa87X1DpVlZiFfpAUZ5sDe0O1wwsLYYJqZG03XR6iy-FUvVRBq4_TBxteN6QlMNBrGZa8PIPLDduSgvTNd9co_9PG2NhvYk5ZDSZcaFVzSWC2IRYZNzKPnOfWd1NMr9aFK62xfpYnzMSER8'... 419 more characters
+      },
+      {
+        constraints: [
+          'required'
+        ],
+        field: 'state',
+        value: undefined
+      }
+    ],
+    message: 'Missing code or state',
+    stack: 'Error: Missing code or state\n' +
+      '    at new ValidationError (/home/ank/dev/lecoffre-back-mini/dist/types/errors.js:64:9)\n' +
+      '    at /home/ank/dev/lecoffre-back-mini/dist/handlers/idnot-callback.handlers.js:39'... 1445 more characters,
+    statusCode: 400
+  },
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'GET',
+    url: '/idnot/callback?code=eyzP3g1U9rR_eU8posVgD-XrJHNyhgcf7Act7o2BLu3NDffTMYHDf8PnhBa87X1DpVlZiFfpAUZ5sDe0O1wwsLYYJqZG03XR6iy-FUvVRBq4_TBxteN6QlMNBrGZa8PIPLDduSgvTNd9co_9PG2NhvYk5ZDSZcaFVzSWC2IRYZNzKPnOfWd'... 440 more characters,
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36'
+  },
+  requestId: 'req_1758726778163_otp5d843z'
+}
+❌ [ERROR] 2025-09-24T15:12:58.164Z HTTP GET /idnot/callback?code=eyzP3g1U9rR_eU8posVgD-XrJHNyhgcf7Act7o2BLu3NDffTMYHDf8PnhBa87X1DpVlZiFfpAUZ5sDe0O1wwsLYYJqZG03XR6iy-FUvVRBq4_TBxteN6QlMNBrGZa8PIPLDduSgvTNd9co_9PG2NhvYk5ZDSZcaFVzSWC2IRYZNzKPnOfWd1NMr9aFK62xfpYnzMSER879r-IVOVR92hjXF63MA-TuuxQOO9WQgQ9gRrauQlJTrYIvnnjtoTd3hUjXiaK4wvlRyNNqYSkQXjdF2k4fanB9H4k8ioeQ3i6WcfPYiAoS4bP_DGhDOX4ed_Oso7XTk8RjymKAHVf-mR-of2n-WWQW0jAJFMlaJSFvSgm0KGZvsJcJX_oVQEiZ38dpiEJyVPiGV7WYzOH9Y35gzIl3CcFhAaIz9bqkpHLmZvNKQD_Q5NyaVa-WBoijrIltXfssA016g4qi6q4owykra7hOhH5URlk8_wfpR-jwe80NKZ55vPB0vhso-PWZ07aqc1oHVNpnN2dJGZSQJLm8nTTgEcDlFA7PewIXIg6eWHwUkZmJVLeU6hpAnlfgtUARoCczFcpktRLGzfY2XW-NHec1aIL0VC-7I0giWZtxY - 400
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 1,
+  request: {
+    ip: '::ffff:127.0.0.1',
+    method: 'GET',
+    url: '/idnot/callback?code=eyzP3g1U9rR_eU8posVgD-XrJHNyhgcf7Act7o2BLu3NDffTMYHDf8PnhBa87X1DpVlZiFfpAUZ5sDe0O1wwsLYYJqZG03XR6iy-FUvVRBq4_TBxteN6QlMNBrGZa8PIPLDduSgvTNd9co_9PG2NhvYk5ZDSZcaFVzSWC2IRYZNzKPnOfWd'... 440 more characters,
+    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36'
+  },
+  requestId: 'req_1758726778163_otp5d843z',
+  response: {
+    statusCode: 400
+  }
+}
+❌ [ERROR] 2025-09-24T15:54:56.232Z HTTP GET /login - 404
+────────────────────────────────────────────────────────────────────────────────
+{
+  duration: 1,
+  request: {
+    ip: '::ffff:196.251.86.125',
+    method: 'GET',
+    url: '/login',
+    userAgent: 'Go-http-client/1.1'
+  },
+  requestId: 'req_1758729296230_u2cxuha92',
+  response: {
+    statusCode: 404
+  }
+}
--- a/logs/server.pid
+++ b/logs/server.pid
@ -0,0 +1 @@
+3962703
--- a/scripts/backup_nginx_confs.sh
+++ b/scripts/backup_nginx_confs.sh
@ -0,0 +1,26 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+timestamp="$(date +%Y%m%d-%H%M%S)"
+dest_dir="backups/nginx/${timestamp}"
+mkdir -p "${dest_dir}"
+
+# Project nginx confs
+proj_src="confs/nginx"
+if [ -d "$proj_src" ]; then
+  rsync -a --delete "$proj_src/" "${dest_dir}/project/"
+fi
+
+# Local nginx common paths
+declare -a local_paths=(/etc/nginx /usr/local/etc/nginx "$HOME/.config/nginx" ./conf/ngnix)
+for p in "${local_paths[@]}"; do
+  if [ -d "$p" ]; then
+    safe_name="$(echo "$p" | sed "s|/|_|g;s|^_||")"
+    rsync -a "$p/" "${dest_dir}/local_${safe_name}/" || true
+  fi
+done
+
+# Create compressed archives for convenience
+tar -C "${dest_dir}" -czf "${dest_dir}.tar.gz" .
+
+echo "Saved nginx backups to ${dest_dir} and ${dest_dir}.tar.gz"
				`@ -0,0 +1 @@`
				`/usr/share/nginx/modules-available/mod-http-geoip.conf`
				`@ -0,0 +1 @@`
				`/etc/nginx/sites-available/lecoffreio-dev2.4nkweb.com`
				`@ -0,0 +1 @@`
				`/etc/nginx/sites-available/lecoffreio.4nkweb.com`
				`@ -0,0 +1 @@`
				`/etc/nginx/sites-available/local.4nkweb.com-3000`
				`@ -0,0 +1 @@`
				`/etc/nginx/sites-available/relay235.4nkweb.com`