diff --git a/.env.master b/.env.master index fe7f5ff..24732db 100644 --- a/.env.master +++ b/.env.master @@ -1,7 +1,7 @@ # DOMAIN DOMAIN=dev4.4nkweb.com BOOTSTRAP_DOMAIN=dev3.4nkweb.com -LOCAL_DOMAIN=local.4nkweb.com +LOCAL_DOMAIN=lecoffreio.4nkweb.com LECOFFRE_BACK_DOMAIN=dev3.4nkweb.com # GIT @@ -17,7 +17,7 @@ NODE_OPTIONS=--max-old-space-size=2048 # Configuration IDNOT IDNOT_ANNUARY_BASE_URL=https://qual-api.notaires.fr/annuaire -IDNOT_REDIRECT_URI=http://${LOCAL_DOMAIN}:3000/authorized-client +IDNOT_REDIRECT_URI=http://${LOCAL_DOMAIN}/authorized-client IDNOT_TOKEN_URL=https://qual-connexion.idnot.fr/user/IdPOAuth2/token/idnot_idp_v1 IDNOT_API_BASE_URL=https://qual-api.notaires.fr @@ -58,7 +58,7 @@ VITE_BOOTSTRAPURL=wss://${BOOTSTRAP_DOMAIN}/ws/ # Cartes de test Stripe SUCCES='4242 4242 4242 4242' DECLINED='4000 0025 0000 3155' -CORS_ALLOWED_ORIGINS=http://${LOCAL_DOMAIN}:3000,https://${DOMAIN} +CORS_ALLOWED_ORIGINS=https://${DOMAIN} core_url=http://bitcoin:38332 ws_url=0.0.0.0:8090 diff --git a/.env.master.exemple b/.env.master.exemple index f634a75..e1f0529 100644 --- a/.env.master.exemple +++ b/.env.master.exemple @@ -1,7 +1,7 @@ # DOMAIN DOMAIN=dev4.4nkweb.com BOOTSTRAP_DOMAIN=dev3.4nkweb.com -LOCAL_DOMAIN=local.4nkweb.com +LOCAL_DOMAIN=lecoffreio.4nkweb.com LECOFFRE_BACK_DOMAIN=dev3.4nkweb.com # GIT @@ -17,7 +17,7 @@ NODE_OPTIONS=--max-old-space-size=2048 # Configuration IDNOT IDNOT_ANNUARY_BASE_URL=https://qual-api.notaires.fr/annuaire -IDNOT_REDIRECT_URI=http://${LOCAL_DOMAIN}:3000/authorized-client +IDNOT_REDIRECT_URI=http://${LOCAL_DOMAIN}/authorized-client IDNOT_TOKEN_URL=https://qual-connexion.idnot.fr/user/IdPOAuth2/token/idnot_idp_v1 IDNOT_API_BASE_URL=https://qual-api.notaires.fr @@ -58,7 +58,7 @@ VITE_BOOTSTRAPURL=wss://${BOOTSTRAP_DOMAIN}/ws/ # Cartes de test Stripe SUCCES='4242 4242 4242 4242' DECLINED='4000 0025 0000 3155' -CORS_ALLOWED_ORIGINS=http://${LOCAL_DOMAIN}:3000,https://${DOMAIN} +CORS_ALLOWED_ORIGINS=https://${DOMAIN} core_url=http://bitcoin:38332 ws_url=0.0.0.0:8090 diff --git a/README-AUTONOMOUS.md b/README-AUTONOMOUS.md index d9cf416..6919ed6 100644 --- a/README-AUTONOMOUS.md +++ b/README-AUTONOMOUS.md @@ -125,7 +125,7 @@ docker run -d \ | IHM Client | http://localhost/ | Interface client | | API Backend | http://localhost/api/ | API REST | | WebSocket | ws://localhost/ws/ | Communication temps réel | -| **Redirections IdNot** | http://local.4nkweb.com:3000/ | Redirections externes IdNot | +| **Redirections IdNot** | http://dev3.4nkweb.com/ | Redirections externes IdNot | | **HTTPS** | https://localhost/ | Accès sécurisé (certificats auto-signés) | ## 🔧 Gestion diff --git a/conf/nginx/local.4nkweb.com-3000.conf b/conf/nginx/local.4nkweb.com-3000.conf index a4ea511..ec8196f 100644 --- a/conf/nginx/local.4nkweb.com-3000.conf +++ b/conf/nginx/local.4nkweb.com-3000.conf @@ -1,7 +1,7 @@ server { listen 0.0.0.0:3000; listen [::]:3000; - server_name local.4nkweb.com; + server_name dev3.4nkweb.com; # HTTP pur: pas de HTTPS ni HSTS diff --git a/conf/nginx/nginx.conf b/conf/nginx/nginx.conf index c5e3da6..3663467 100644 --- a/conf/nginx/nginx.conf +++ b/conf/nginx/nginx.conf @@ -346,7 +346,7 @@ http { server { listen 3000 default_server; listen [::]:3000 default_server; - server_name local.4nkweb.com; + server_name dev3.4nkweb.com; # Headers de sécurité add_header X-Frame-Options "SAMEORIGIN" always; diff --git a/scripts/deploy-autonomous.sh b/scripts/deploy-autonomous.sh index 10c7e25..f3698ed 100755 --- a/scripts/deploy-autonomous.sh +++ b/scripts/deploy-autonomous.sh @@ -49,7 +49,7 @@ mkdir -p /home/debian/4NK_env/lecoffre_node/{data,logs,backup} log "🚀 Démarrage du conteneur master autonome..." log "ℹ️ Le conteneur utilise son propre Nginx (ports 80, 443, 3000) - indépendant du host" -log "ℹ️ Port 3000 pour redirections externes IdNot (local.4nkweb.com:3000)" +log "ℹ️ Port 3000 pour redirections externes IdNot (dev3.4nkweb.com)" docker run -d \ --name ${CONTAINER_NAME} \ --privileged \ diff --git a/scripts/generate-ssl-certs.sh b/scripts/generate-ssl-certs.sh index 8c9509f..c4b13bc 100755 --- a/scripts/generate-ssl-certs.sh +++ b/scripts/generate-ssl-certs.sh @@ -22,7 +22,7 @@ log "Génération du certificat auto-signé..." openssl req -new -x509 -key /app/ssl/nginx-selfsigned.key \ -out /app/ssl/nginx-selfsigned.crt \ -days 365 \ - -subj "/C=FR/ST=France/L=Paris/O=LeCoffre/OU=Development/CN=local.4nkweb.com/emailAddress=admin@lecoffre.io" + -subj "/C=FR/ST=France/L=Paris/O=LeCoffre/OU=Development/CN=dev3.4nkweb.com/emailAddress=admin@lecoffre.io" # Configuration des permissions log "Configuration des permissions..." @@ -32,4 +32,4 @@ chmod 644 /app/ssl/nginx-selfsigned.crt log "✅ Certificats SSL générés avec succès" log " Certificat: /app/ssl/nginx-selfsigned.crt" log " Clé privée: /app/ssl/nginx-selfsigned.key" -log " Valide pour: local.4nkweb.com" +log " Valide pour: dev3.4nkweb.com" diff --git a/tests/analyse.md b/tests/analyse.md index 1ce87bb..8ec8b34 100644 --- a/tests/analyse.md +++ b/tests/analyse.md @@ -15,21 +15,13 @@ - `/signer/` WebSocket (101), `/blindbit/` (200) ### CORS -- Origines autorisées: `http://local.4nkweb.com:3000`, `https://dev4.4nkweb.com` +- Origines autorisées: `http://dev3.4nkweb.com`, `https://dev4.4nkweb.com` - Prévols `OPTIONS` (204) et en-têtes `Access-Control-*` ### Non-régression - Absence de `localhost:8080` dans les bundles front servis via `/lecoffre/` -- Redirections locales `local.4nkweb.com:3000` → `https://dev4.4nkweb.com/lecoffre/` +- Redirections locales `dev3.4nkweb.com` → `https://dev4.4nkweb.com/lecoffre/` ### Observabilité - Journaux Nginx (`error.log`) sans erreurs après reload - Logs `sdk_relay` présents dans `/home/bitcoin/.4nk/logs/sdk_relay.log` - - - - - - - - diff --git a/tests/api_routing.md b/tests/api_routing.md index 14e5669..3c0c487 100644 --- a/tests/api_routing.md +++ b/tests/api_routing.md @@ -59,8 +59,8 @@ Attendu: `HTTP/2 200` et pas de 301/302 en boucle. #### Redirections locales -- `curl -I http://local.4nkweb.com:3000/` → 301 Location `https://dev4.4nkweb.com/lecoffre/` -- `curl -I http://local.4nkweb.com:3000/authorized-client?code=ABC` → 301 Location `https://dev4.4nkweb.com/lecoffre/authorized-client?code=ABC` +- `curl -I http://dev3.4nkweb.com/` → 301 Location `https://dev4.4nkweb.com/lecoffre/` +- `curl -I http://dev3.4nkweb.com/authorized-client?code=ABC` → 301 Location `https://dev4.4nkweb.com/lecoffre/authorized-client?code=ABC` #### WebSocket diff --git a/tests/smoke_dev4.md b/tests/smoke_dev4.md index fd2f765..79f69e6 100644 --- a/tests/smoke_dev4.md +++ b/tests/smoke_dev4.md @@ -9,12 +9,12 @@ WebSocket - wss://dev4.4nkweb.com/ws handshake OK → À vérifier (outil ws requis côté serveur) Redirections -- GET http://local.4nkweb.com:3000/ attend 301 → Location: https://dev4.4nkweb.com/lecoffre/ -- GET http://local.4nkweb.com:3000/authorized-client?code=... attend 301 → Location: https://dev4.4nkweb.com/lecoffre/authorized-client?code=... +- GET http://dev3.4nkweb.com/ attend 301 → Location: https://dev4.4nkweb.com/lecoffre/ +- GET http://dev3.4nkweb.com/authorized-client?code=... attend 301 → Location: https://dev4.4nkweb.com/lecoffre/authorized-client?code=... DNS côté client -- local.4nkweb.com doit résoudre vers 92.243.24.12 (pas 127.0.0.1) -- Test: nslookup local.4nkweb.com sur machine cliente +- dev3.4nkweb.com doit résoudre vers 92.243.24.12 (pas 127.0.0.1) +- Test: nslookup dev3.4nkweb.com sur machine cliente Nginx - Certificats valides - Pas derreurs critiques dans error.log