From 5b2eb254bd54b818ad6073a9d6b3cdf23ce6fda8 Mon Sep 17 00:00:00 2001 From: 4NK Dev Date: Wed, 1 Oct 2025 20:58:08 +0000 Subject: [PATCH] =?UTF-8?q?ci:=20docker=5Ftag=3Ddev-test=20-=20Mise=20?= =?UTF-8?q?=C3=A0=20jour=20documentation=20et=20standardisation?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .cursorignore | 115 ++-- .dockerignore | 89 ++- .env.master.exemple | 130 ---- .gitignore | 94 ++- README-AUTONOMOUS.md | 258 -------- README.md | 28 +- bitcoin/Dockerfile | 14 - bitcoin/bitcoin.conf | 45 -- blindbit/Dockerfile | 13 - blindbit/blindbit.toml | 18 - conf/README.md | 95 --- conf/bitcoin/bitcoin.conf | 45 -- .../dashboards/bitcoin-miner-detailed.json | 399 ------------ conf/grafana/dashboards/bitcoin-miner.json | 160 ----- conf/grafana/dashboards/bitcoin-services.json | 532 ---------------- .../grafana/dashboards/frontend-services.json | 532 ---------------- .../grafana/dashboards/lecoffre-overview.json | 252 -------- conf/grafana/dashboards/sdk-services.json | 594 ------------------ .../grafana/dashboards/services-overview.json | 418 ------------ conf/grafana/grafana.ini | 57 -- .../provisioning/dashboards/dashboards.yml | 12 - .../grafana/provisioning/datasources/loki.yml | 12 - .../provisioning/datasources/loki.yml.bak | 10 - .../provisioning/datasources/loki.yml.temp | 12 - conf/ihm_client/nginx.dev.conf | 48 -- conf/logrotate/bitcoin.conf | 13 - conf/logrotate/blindbit.conf | 13 - conf/logrotate/ihm_client.conf | 13 - conf/logrotate/lecoffre-front.conf | 13 - conf/logrotate/miner.conf | 13 - conf/logrotate/nginx.conf | 13 - conf/logrotate/sdk_relay.conf | 13 - conf/logrotate/sdk_storage.conf | 13 - conf/logrotate/tor.conf | 13 - conf/loki/loki-config.yaml | 76 --- conf/monitoring.conf | 30 - conf/nginx/assets/favicon.ico | Bin 590 -> 0 bytes conf/nginx/dev4.4nkweb.com-http.conf | 15 - conf/nginx/dev4.4nkweb.com-https.conf | 263 -------- conf/nginx/dev4.4nkweb.com.conf | 258 -------- conf/nginx/grafana.conf | 49 -- conf/nginx/logging.conf | 39 -- conf/nginx/nginx.conf | 470 -------------- .../dev4.4nkweb.com-http.conf | 15 - .../dev4.4nkweb.com-https.conf | 226 ------- conf/nginx_backups_host/grafana.conf | 49 -- .../local.4nkweb.com-3000.conf | 64 -- conf/nginx_backups_host/local.4nkweb.com.conf | 9 - conf/nginx_backups_host/nginx.conf | 84 --- conf/promtail/promtail.yml | 107 ---- conf/relay/sdk_relay.conf | 11 - conf/supervisor/supervisord.conf | 52 -- conf/tor/torrc | 21 - confs/README.md | 95 --- docker-compose.certificator.yml | 77 --- docker-compose.yml | 51 +- miner/miner.env | 4 - relay/sdk_relay.conf | 11 - relay/sdk_relay.conf.exemple | 16 - 59 files changed, 266 insertions(+), 5925 deletions(-) delete mode 100644 .env.master.exemple delete mode 100644 README-AUTONOMOUS.md delete mode 100644 bitcoin/Dockerfile delete mode 100644 bitcoin/bitcoin.conf delete mode 100644 blindbit/Dockerfile delete mode 100644 blindbit/blindbit.toml delete mode 100644 conf/README.md delete mode 100644 conf/bitcoin/bitcoin.conf delete mode 100644 conf/grafana/dashboards/bitcoin-miner-detailed.json delete mode 100644 conf/grafana/dashboards/bitcoin-miner.json delete mode 100644 conf/grafana/dashboards/bitcoin-services.json delete mode 100644 conf/grafana/dashboards/frontend-services.json delete mode 100644 conf/grafana/dashboards/lecoffre-overview.json delete mode 100644 conf/grafana/dashboards/sdk-services.json delete mode 100644 conf/grafana/dashboards/services-overview.json delete mode 100644 conf/grafana/grafana.ini delete mode 100644 conf/grafana/provisioning/dashboards/dashboards.yml delete mode 100644 conf/grafana/provisioning/datasources/loki.yml delete mode 100644 conf/grafana/provisioning/datasources/loki.yml.bak delete mode 100644 conf/grafana/provisioning/datasources/loki.yml.temp delete mode 100644 conf/ihm_client/nginx.dev.conf delete mode 100644 conf/logrotate/bitcoin.conf delete mode 100644 conf/logrotate/blindbit.conf delete mode 100644 conf/logrotate/ihm_client.conf delete mode 100644 conf/logrotate/lecoffre-front.conf delete mode 100644 conf/logrotate/miner.conf delete mode 100644 conf/logrotate/nginx.conf delete mode 100644 conf/logrotate/sdk_relay.conf delete mode 100644 conf/logrotate/sdk_storage.conf delete mode 100644 conf/logrotate/tor.conf delete mode 100644 conf/loki/loki-config.yaml delete mode 100644 conf/monitoring.conf delete mode 100644 conf/nginx/assets/favicon.ico delete mode 100644 conf/nginx/dev4.4nkweb.com-http.conf delete mode 100644 conf/nginx/dev4.4nkweb.com-https.conf delete mode 100644 conf/nginx/dev4.4nkweb.com.conf delete mode 100644 conf/nginx/grafana.conf delete mode 100644 conf/nginx/logging.conf delete mode 100644 conf/nginx/nginx.conf delete mode 100755 conf/nginx_backups_host/dev4.4nkweb.com-http.conf delete mode 100644 conf/nginx_backups_host/dev4.4nkweb.com-https.conf delete mode 100755 conf/nginx_backups_host/grafana.conf delete mode 100755 conf/nginx_backups_host/local.4nkweb.com-3000.conf delete mode 100755 conf/nginx_backups_host/local.4nkweb.com.conf delete mode 100755 conf/nginx_backups_host/nginx.conf delete mode 100644 conf/promtail/promtail.yml delete mode 100644 conf/relay/sdk_relay.conf delete mode 100644 conf/supervisor/supervisord.conf delete mode 100644 conf/tor/torrc delete mode 100644 confs/README.md delete mode 100644 docker-compose.certificator.yml delete mode 100644 miner/miner.env delete mode 100644 relay/sdk_relay.conf delete mode 100644 relay/sdk_relay.conf.exemple diff --git a/.cursorignore b/.cursorignore index 71eaf87..d07058b 100644 --- a/.cursorignore +++ b/.cursorignore @@ -1,54 +1,79 @@ -# Cursor ignore file -# Exclude sensitive and generated files +# 4NK Environment - Git Ignore +# ============================ +confs/ +# Dossiers de sauvegarde des scripts +**/backup/ +**/*backup* -# Environment files -.env -.env.* -!*.env.example +**/.cargo/ -.cargo/ -Cargo.lock -*/.cargo/ -*/Cargo.lock -# Logs -log/ -logs/ -*.log +# Fichiers temporaires +**/*.tmp* +**/*.temp* +**/*.log* +**/*.pid* -# Node modules and build artifacts -node_modules/ -.next/ -dist/ -build/ -coverage/ +# Fichiers de configuration locale +**/*.env* +**/*.conf* +**/*.yaml* +**/*.yml* +**/*.ini* +**/*.json* +**/*.toml* +**/*.lock* -# OS files -.DS_Store -Thumbs.db +# Données et logs +**/*.logs* +**/*.data +*.db +*.sqlite -# IDE files -.vscode/ -.idea/ -*.swp -*.swo +# Certificats et clés +**/*.key +**/*.pem +**/*.crt +**/*.p12 +**/*.pfx +ssl/ +certs/ -# Temporary files -*.tmp -*.temp -*.bak -*.backup +# Docker +**/*.docker* -# Sensitive files -*.key -*.pem -*.p12 -*.jks -priv_key.json +# Cache et build +**/*.node_modules/ +**/*.dist/ +**/*build/ +**/*target/ +**/*.*.o +**/*.so +**/*.dylib -# Docker volumes -volumes/ +# IDE et éditeurs +**/*.vscode/ +**/*.idea/ +**/*.swp +**/*.swo +**/*~ -# Backup configurations -conf/nginx/*bak* -conf/nginx/*.tmp -conf/nginx/*.clean +# OS +**/*.DS_Store +**/*Thumbs.db +**/*tmp* + +# Git +**/*.git/ +**/*.orig* + +# Backup des projets existants +**/*backup* + + +**/*wallet* +**/*keys* + +**/*node_modules* +**/*cursor* +**/*pid* +**/*next* \ No newline at end of file diff --git a/.dockerignore b/.dockerignore index 4a494ea..d07058b 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,10 +1,79 @@ -.git -node_modules -.next -coverage -dist -.DS_Store -npm-debug.log* -yarn-debug.log* -yarn-error.log* -# .env* +# 4NK Environment - Git Ignore +# ============================ +confs/ +# Dossiers de sauvegarde des scripts +**/backup/ +**/*backup* + +**/.cargo/ + +# Fichiers temporaires +**/*.tmp* +**/*.temp* +**/*.log* +**/*.pid* + +# Fichiers de configuration locale +**/*.env* +**/*.conf* +**/*.yaml* +**/*.yml* +**/*.ini* +**/*.json* +**/*.toml* +**/*.lock* + +# Données et logs +**/*.logs* +**/*.data +*.db +*.sqlite + +# Certificats et clés +**/*.key +**/*.pem +**/*.crt +**/*.p12 +**/*.pfx +ssl/ +certs/ + +# Docker +**/*.docker* + +# Cache et build +**/*.node_modules/ +**/*.dist/ +**/*build/ +**/*target/ +**/*.*.o +**/*.so +**/*.dylib + +# IDE et éditeurs +**/*.vscode/ +**/*.idea/ +**/*.swp +**/*.swo +**/*~ + +# OS +**/*.DS_Store +**/*Thumbs.db +**/*tmp* + +# Git +**/*.git/ +**/*.orig* + +# Backup des projets existants +**/*backup* + + +**/*wallet* +**/*keys* + +**/*node_modules* +**/*cursor* +**/*pid* +**/*next* \ No newline at end of file diff --git a/.env.master.exemple b/.env.master.exemple deleted file mode 100644 index c25a4de..0000000 --- a/.env.master.exemple +++ /dev/null @@ -1,130 +0,0 @@ -# DOMAIN -DOMAIN=dev4.4nkweb.com -BOOTSTRAP_DOMAIN=dev3.4nkweb.com -LOCAL_DOMAIN=lecoffreio.4nkweb.com -LECOFFRE_BACK_DOMAIN=dev3.4nkweb.com - -# GIT -GITEA_BASE_URL=git.4nkweb.com -GIT_TOKEN=8cde80690a5ffd737536d82a1ab16a765d5105df -GITEA_OWNER="nicolas.cantu,Omar" -GITEA_RUNNER_NAME=debian-runner - -# Variables d'environnement pour l'application back-end -NODE_ENV=production -RUST_LOG=DEBUG -NODE_OPTIONS=--max-old-space-size=2048 - -# Configuration IDNOT -IDNOT_ANNUARY_BASE_URL=https://qual-api.notaires.fr/annuaire -IDNOT_REDIRECT_URI=http://${LOCAL_DOMAIN}/authorized-client -IDNOT_TOKEN_URL=https://qual-connexion.idnot.fr/user/IdPOAuth2/token/idnot_idp_v1 -IDNOT_API_BASE_URL=https://qual-api.notaires.fr - -# Configuration serveur -APP_HOST=dev4.4nkweb.com -API_BASE_URL=https://${DOMAIN}/back -DEFAULT_STORAGE=https://${DOMAIN}/storage - -# Variables d'environnement pour l'application front-end -NEXT_PUBLIC_4NK_URL=https://${DOMAIN} -NEXT_PUBLIC_FRONT_APP_HOST=https://dev4.4nkweb.com/lecoffre -NEXT_PUBLIC_IDNOT_BASE_URL=https://qual-connexion.idnot.fr -NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT=/IdPOAuth2/authorize/idnot_idp_v1 -NEXT_PUBLIC_BACK_API_PROTOCOL=https -NEXT_PUBLIC_BACK_API_HOST=${LECOFFRE_BACK_DOMAIN} -NEXT_PUBLIC_BACK_API_PORT=443 -NEXT_PUBLIC_BACK_API_ROOT_URL=/api -NEXT_PUBLIC_BACK_API_VERSION=v1 -NEXT_PUBLIC_ANK_BASE_REDIRECT_URI=https://${DOMAIN}/lecoffre/authorized-client -NEXT_PUBLIC_TARGET_ORIGIN=https://${DOMAIN}/lecoffre -NEXT_PUBLIC_4NK_IFRAME_URL=https://${DOMAIN} -NEXT_PUBLIC_IDNOT_REDIRECT_URI=https://${DOMAIN}/lecoffre/authorized-client -NEXT_PUBLIC_DOCAPOSTE_API_URL= -NEXT_PUBLIC_API_URL=https://${DOMAIN}/api -NEXT_PUBLIC_DEFAULT_VALIDATOR_ID=28c9a3a8151bef545ebf700ca5222c63d0031ad593097e95c1de202464304a99 -NEXT_PUBLIC_DEFAULT_STORAGE_URLS=https://${DOMAIN}/storage - -# WS -RELAY_URLS=wss://${DOMAIN}/ws/,wss://${BOOTSTRAP_DOMAIN}/ws/ - -# SIGNER -SIGNER_WS_URL=ws://${BOOTSTRAP_DOMAIN}:9090 -SIGNER_BASE_URL=https://${BOOTSTRAP_DOMAIN} - -# IHM URLS -VITE_BOOTSTRAPURL=wss://${BOOTSTRAP_DOMAIN}/ws/ - -# Cartes de test Stripe -SUCCES='4242 4242 4242 4242' -DECLINED='4000 0025 0000 3155' -CORS_ALLOWED_ORIGINS=https://${DOMAIN} - -core_url=http://bitcoin:38332 -ws_url=0.0.0.0:8090 -wallet_name=default -network=signet -blindbit_url=http://blindbit:8000 -zmq_url=tcp://bitcoin:29000 -storage=https://${DOMAIN}/storage -data_dir=/home/bitcoin/.4nk -bitcoin_data_dir=/home/bitcoin/.bitcoin -bootstrap_url=wss://${BOOTSTRAP_DOMAIN}/ws/ -bootstrap_faucet=true - -# ================== /!\ sensible ========================= - -# Configuration IDNOT -IDNOT_API_KEY=ba557f84-0bf6-4dbf-844f-df2767555e3e -IDNOT_CLIENT_ID=B3CE56353EDB15A9 -IDNOT_CLIENT_SECRET=3F733549E879878344B6C949B366BB5CDBB2DB5B7F7AB7EBBEBB0F0DD0776D1C -NEXT_PUBLIC_IDNOT_CLIENT_ID=B3CE56353EDB15A9 - - -SIGNER_API_KEY=your-api-key-change-this -VITE_JWT_SECRET_KEY=52b3d77617bb00982dfee15b08effd52cfe5b2e69b2f61cc4848cfe1e98c0bc9 - -# Configuration pour réduire les traces Docker -DOCKER_LOG_LEVEL=info -COMPOSE_LOG_LEVEL=WARNING - -# =========================================== -# VARIABLES SDK_SIGNER (manquantes) -# =========================================== -SIGNER_PORT=9090 -SIGNER_DATABASE_PATH=./data/server.db -SIGNER_RELAY_URLS=wss://${DOMAIN}/ws/,wss://${BOOTSTRAP_DOMAIN}/ws/ -SIGNER_AUTO_RESTART=true -SIGNER_MAX_RESTARTS=3 -SIGNER_LOG_LEVEL=info - -# =========================================== -# VARIABLES SDK_RELAY (formatées pour docker-compose) -# =========================================== -SDK_RELAY_CORE_URL=http://bitcoin:38332 -SDK_RELAY_WS_URL=0.0.0.0:8090 -SDK_RELAY_WALLET_NAME=default -SDK_RELAY_NETWORK=signet -SDK_RELAY_ZMQ_URL=tcp://bitcoin:29000 -SDK_RELAY_STORAGE=https://${DOMAIN}/storage -SDK_RELAY_DATA_DIR=/app/.4nk -SDK_RELAY_BITCOIN_DATA_DIR=/app/.bitcoin -SDK_RELAY_BOOTSTRAP_URL=wss://${BOOTSTRAP_DOMAIN}/ws/ -SDK_RELAY_BOOTSTRAP_FAUCET=true -SDK_RELAY_BLINDBIT_URL=http://blindbit-oracle:8000 - -# =========================================== -# VARIABLES IHM_CLIENT (formatées pour docker-compose) -# =========================================== -VITE_API_BASE_URL=https://${DOMAIN}/back/api/v1 -VITE_WS_URL=wss://${DOMAIN}/ws/ -VITE_STORAGE_URL=https://${DOMAIN}/storage -VITE_SIGNER_URL=https://${DOMAIN}/signer - -# =========================================== -# VARIABLES MONITORING -# =========================================== -GRAFANA_ADMIN_USER=admin -GRAFANA_ADMIN_PASSWORD=admin123 -LOKI_URL=http://loki:3100 -PROMTAIL_CONFIG_FILE=/etc/promtail/config.yml \ No newline at end of file diff --git a/.gitignore b/.gitignore index 757cc8f..d07058b 100644 --- a/.gitignore +++ b/.gitignore @@ -1,17 +1,79 @@ -.env -!.env.master -miner/.env -miner/signet/priv_key.json +# 4NK Environment - Git Ignore +# ============================ +confs/ +# Dossiers de sauvegarde des scripts +**/backup/ +**/*backup* -# Sensibles et générés -.cursor/ -log/*.log -miner/.env.signet -miner/tools/*.json -conf/nginx/*bak* -conf/nginx/*.tmp -conf/nginx/*.clean -.env.bak -backups/ -.cargo/ -Cargo.lock.cursor-server +**/.cargo/ + +# Fichiers temporaires +**/*.tmp* +**/*.temp* +**/*.log* +**/*.pid* + +# Fichiers de configuration locale +**/*.env* +**/*.conf* +**/*.yaml* +**/*.yml* +**/*.ini* +**/*.json* +**/*.toml* +**/*.lock* + +# Données et logs +**/*.logs* +**/*.data +*.db +*.sqlite + +# Certificats et clés +**/*.key +**/*.pem +**/*.crt +**/*.p12 +**/*.pfx +ssl/ +certs/ + +# Docker +**/*.docker* + +# Cache et build +**/*.node_modules/ +**/*.dist/ +**/*build/ +**/*target/ +**/*.*.o +**/*.so +**/*.dylib + +# IDE et éditeurs +**/*.vscode/ +**/*.idea/ +**/*.swp +**/*.swo +**/*~ + +# OS +**/*.DS_Store +**/*Thumbs.db +**/*tmp* + +# Git +**/*.git/ +**/*.orig* + +# Backup des projets existants +**/*backup* + + +**/*wallet* +**/*keys* + +**/*node_modules* +**/*cursor* +**/*pid* +**/*next* \ No newline at end of file diff --git a/README-AUTONOMOUS.md b/README-AUTONOMOUS.md deleted file mode 100644 index 6919ed6..0000000 --- a/README-AUTONOMOUS.md +++ /dev/null @@ -1,258 +0,0 @@ -# 🚀 Architecture Autonome LeCoffre Node - -## Vue d'ensemble - -Cette architecture autonome permet de déployer l'ensemble de l'écosystème LeCoffre dans un seul conteneur Docker, avec Nginx intégré pour une autonomie complète. - -## 🏗️ Architecture - -``` -┌─────────────────────────────────────────────────────────┐ -│ Container Master │ -│ ┌─────────────────────────────────────────────────┐ │ -│ │ Nginx (Port 80) │ │ -│ │ - Reverse Proxy │ │ -│ │ - Load Balancing │ │ -│ │ - SSL Termination │ │ -│ │ - Rate Limiting │ │ -│ └─────────────────────────────────────────────────┘ │ -│ ┌─────────────────────────────────────────────────┐ │ -│ │ Supervisor │ │ -│ │ - Process Management │ │ -│ │ - Auto-restart │ │ -│ │ - Log Management │ │ -│ └─────────────────────────────────────────────────┘ │ -│ ┌─────────────────────────────────────────────────┐ │ -│ │ Docker Compose Services │ │ -│ │ - Bitcoin Signet │ │ -│ │ - SDK Relay/Signer/Storage │ │ -│ │ - LeCoffre Front/Back │ │ -│ │ - IHM Client │ │ -│ │ - Grafana/Loki/Promtail │ │ -│ └─────────────────────────────────────────────────┘ │ -└─────────────────────────────────────────────────────────┘ -``` - -## 📁 Structure des fichiers - -``` -lecoffre_node/ -├── Dockerfile.master # Image Docker autonome -├── .env.master # Configuration avec secrets -├── env.master # Variables publiques -├── docker-compose.yml # Services internes -├── conf/ -│ ├── nginx/ -│ │ └── nginx.conf # Configuration Nginx intégrée -│ └── supervisor/ -│ └── supervisord.conf # Gestion des processus -├── scripts/ -│ ├── entrypoint.sh # Point d'entrée principal -│ ├── startup.sh # Démarrage des services -│ └── deploy-autonomous.sh # Script de déploiement -└── README-AUTONOMOUS.md # Cette documentation -``` - -## 🔐 Sécurité - -### Protection des secrets -- Tous les fichiers `.env` sont protégés par `.gitignore` -- Les secrets sont centralisés dans `.env.master` -- Variables sensibles : clés API, mots de passe, tokens - -### Variables protégées -```bash -# IdNot -IDNOT_API_KEY=ba557f84-0bf6-4dbf-844f-df2767555e3e -IDNOT_CLIENT_SECRET=3F733549E879878344B6C949B366BB5CDBB2DB5B7F7AB7EBBEBB0F0DD0776D1C - -# OVH -OVH_APP_SECRET=de1fac1779d707d263a611a557cd5766 -OVH_CONSUMER_KEY=5fe817829b8a9c780cfa2354f8312ece - -# Stripe -STRIPE_SECRET_KEY=sk_test_51OwKmMP5xh1u9BqSeFpqw0Yr15hHtFsh0pvRGaE0VERhlYtvw33ND1qiGA6Dy1DPmmV61B6BqIimlhuv7bwElhjF00PLQwD60n - -# Grafana -GF_SECURITY_ADMIN_PASSWORD=Fuy8ZfxQI2xdSdoB8wsGxNjyU -``` - -## 🚀 Déploiement - -### Prérequis -- Docker et Docker Compose installés -- Ports 80, 443, 3000 disponibles (le conteneur utilise son propre Nginx) -- Accès au socket Docker (`/var/run/docker.sock`) -- **Nginx du host supprimé** pour éviter les conflits - -### Déploiement automatique -```bash -cd /home/debian/4NK_env/lecoffre_node -./scripts/deploy-autonomous.sh -``` - -### Déploiement manuel -```bash -# 1. Construction de l'image -docker build -f Dockerfile.master -t lecoffre-node-master:ext . - -# 2. Démarrage du conteneur (utilise le port 80 du host) -docker run -d \ - --name lecoffre-node-master \ - --privileged \ - --restart unless-stopped \ - -p 80:80 \ - -v /var/run/docker.sock:/var/run/docker.sock \ - -v $(pwd)/data:/app/data \ - -v $(pwd)/logs:/app/logs \ - -v $(pwd)/.env.master:/app/.env \ - lecoffre-node-master:ext -``` - -### Désinstallation du Nginx du host (optionnel) -```bash -# Pour une indépendance complète, désinstaller Nginx du host -./scripts/uninstall-host-nginx.sh -``` - -## 🌐 Services exposés - -| Service | URL | Description | -|---------|-----|-------------| -| Status Page | http://localhost/status/ | Tableau de bord des services | -| Grafana | http://localhost/grafana/ | Monitoring et logs | -| LeCoffre Front | http://localhost/lecoffre/ | Application principale | -| IHM Client | http://localhost/ | Interface client | -| API Backend | http://localhost/api/ | API REST | -| WebSocket | ws://localhost/ws/ | Communication temps réel | -| **Redirections IdNot** | http://dev3.4nkweb.com/ | Redirections externes IdNot | -| **HTTPS** | https://localhost/ | Accès sécurisé (certificats auto-signés) | - -## 🔧 Gestion - -### Commandes utiles -```bash -# Voir les logs -docker logs lecoffre-node-master - -# Accéder au shell -docker exec -it lecoffre-node-master bash - -# Redémarrer le conteneur -docker restart lecoffre-node-master - -# Arrêter le conteneur -docker stop lecoffre-node-master - -# Voir les services internes -docker exec lecoffre-node-master docker-compose ps -``` - -### Surveillance -```bash -# Healthcheck automatique -docker inspect lecoffre-node-master | grep Health -A 10 - -# Vérification des services -curl -f http://localhost:8080/status/api/health -``` - -## 📊 Monitoring - -### Grafana Dashboards -- **Bitcoin Miner** : Surveillance du minage Signet -- **Backend Services** : Métriques des APIs -- **SDK Services** : État des services SDK -- **Frontend Services** : Performance des interfaces -- **Bitcoin Services** : État du réseau Bitcoin - -### Logs centralisés -- Tous les logs sont collectés par Promtail -- Stockage dans Loki -- Visualisation dans Grafana -- Rotation automatique des logs - -## 🔄 Maintenance - -### Sauvegarde -```bash -# Sauvegarde des données -docker exec lecoffre-node-master tar -czf /app/backup/backup-$(date +%Y%m%d).tar.gz /app/data - -# Restauration -docker exec lecoffre-node-master tar -xzf /app/backup/backup-YYYYMMDD.tar.gz -C / -``` - -### Mise à jour -```bash -# 1. Arrêter le conteneur -docker stop lecoffre-node-master - -# 2. Reconstruire l'image -docker build -f Dockerfile.master -t lecoffre-node-master:ext . - -# 3. Redémarrer -docker start lecoffre-node-master -``` - -## 🚨 Dépannage - -### Problèmes courants - -1. **Services non accessibles** - ```bash - docker logs lecoffre-node-master - docker exec lecoffre-node-master docker-compose ps - ``` - -2. **Problème de permissions Docker** - ```bash - sudo chmod 666 /var/run/docker.sock - ``` - -3. **Ports déjà utilisés** - ```bash - sudo netstat -tulpn | grep :8080 - sudo fuser -k 8080/tcp - ``` - -### Logs détaillés -```bash -# Logs du conteneur master -docker logs lecoffre-node-master -f - -# Logs des services internes -docker exec lecoffre-node-master tail -f /app/logs/docker-compose.log - -# Logs Nginx -docker exec lecoffre-node-master tail -f /var/log/nginx/error.log -``` - -## 📝 Configuration - -### Variables d'environnement principales -- `EXTERNAL_DOMAIN` : Domaine externe (dev4.4nkweb.com) -- `INTERNAL_DOMAIN` : Domaine interne (localhost) -- `DOCKER_NETWORK_SUBNET` : Sous-réseau Docker -- `GF_SECURITY_ADMIN_PASSWORD` : Mot de passe Grafana - -### Personnalisation -1. Modifier `.env.master` pour les secrets -2. Ajuster `conf/nginx/nginx.conf` pour le routage -3. Configurer `conf/supervisor/supervisord.conf` pour les processus - -## 🎯 Avantages - -✅ **Autonomie complète** : Un seul conteneur pour tout l'écosystème -✅ **Sécurité renforcée** : Secrets centralisés et protégés -✅ **Monitoring intégré** : Grafana, Loki, Promtail inclus -✅ **Facilité de déploiement** : Script automatisé -✅ **Scalabilité** : Architecture modulaire -✅ **Maintenance simplifiée** : Gestion centralisée - -## 📞 Support - -Pour toute question ou problème : -1. Vérifier les logs : `docker logs lecoffre-node-master` -2. Consulter la documentation des services individuels -3. Tester la connectivité : `curl http://localhost:8080/status/` diff --git a/README.md b/README.md index 10d89da..ab5fae1 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,8 @@ # LeCoffre Node - Plateforme de Gestion de Documents Sécurisée [![Docker](https://img.shields.io/badge/Docker-Ext-blue)](https://git.4nkweb.com/4nk/lecoffre_node) -[![Bitcoin Signet](https://img.shields.io/badge/Bitcoin-Signet-orange)](https://mempool2.4nkweb.com) -[![Status](https://img.shields.io/badge/Status-Production-green)](https://dev4.4nkweb.com/lecoffre) +[![Bitcoin Signet](https://img.shields.io/badge/Bitcoin-Signet-orange)](https://example.com) +[![Status](https://img.shields.io/badge/Status-Production-green)](https://example.com) ## 🚀 Démarrage Rapide @@ -40,15 +40,15 @@ | Service | URL | Description | |---------|-----|-------------| -| **LeCoffre Frontend** | [https://dev4.4nkweb.com/lecoffre](https://dev4.4nkweb.com/lecoffre) | Interface principale | -| **IHM Client** | [https://dev4.4nkweb.com/](https://dev4.4nkweb.com/) | Interface de gestion des clés | -| **API Backend** | [https://dev4.4nkweb.com/api/](https://dev4.4nkweb.com/api/) | API REST | -| **WebSocket** | `wss://dev4.4nkweb.com/ws/` | Relay WebSocket | +| **LeCoffre Frontend** | `/lecoffre` | Interface principale | +| **IHM Client** | `/` | Interface de gestion des clés | +| **API Backend** | `/api/` | API REST | +| **WebSocket** | `wss:///ws/` | Relay WebSocket | ## 🏗️ Architecture ``` -Internet → dev4.4nkweb.com (Nginx) → Services Locaux +Internet → Reverse proxy (public) → Services locaux ├── Frontend: LeCoffre Application ├── IHM: Interface de gestion des clés Bitcoin ├── API: Backend REST @@ -102,10 +102,10 @@ Le système utilise **Grafana + Loki + Promtail** pour le monitoring centralisé ./scripts/deploy-grafana.sh start # Accéder à Grafana -https://dev4.4nkweb.com/grafana/ +/grafana/ ``` -**Identifiants** : `admin` / `admin123` +**Identifiants** : `admin` / `` ### Dashboards Disponibles @@ -131,13 +131,13 @@ https://dev4.4nkweb.com/grafana/ Les variables d'environnement sont centralisées dans `.env` : ```bash -# URLs des services externes -VITE_BOOTSTRAPURL=wss://dev4.4nkweb.com/ws/ -SIGNER_WS_URL=ws://dev3.4nkweb.com:9090 -SIGNER_BASE_URL=https://dev3.4nkweb.com +# URLs des services externes (à définir selon l'environnement) +VITE_BOOTSTRAPURL=wss:///ws/ +SIGNER_WS_URL=ws://:9090 +SIGNER_BASE_URL=https:// # Configuration monitoring -GRAFANA_ADMIN_PASSWORD=admin123 +GRAFANA_ADMIN_PASSWORD= ``` ### Scripts Utiles diff --git a/bitcoin/Dockerfile b/bitcoin/Dockerfile deleted file mode 100644 index e3b4f2d..0000000 --- a/bitcoin/Dockerfile +++ /dev/null @@ -1,14 +0,0 @@ -# Dockerfile personnalisé pour Bitcoin avec jq -FROM git.4nkweb.com/4nk/bitcoin:latest - -# Installer jq et autres outils utiles pour les healthchecks -USER root -RUN apk update && apk add --no-cache \ - jq bc \ - net-tools iputils \ - bind-tools netcat-openbsd \ - telnet procps && \ - rm -rf /var/cache/apk/* /tmp/* /var/tmp/* - -# Revenir à l'utilisateur bitcoin -USER bitcoin diff --git a/bitcoin/bitcoin.conf b/bitcoin/bitcoin.conf deleted file mode 100644 index 8bca714..0000000 --- a/bitcoin/bitcoin.conf +++ /dev/null @@ -1,45 +0,0 @@ -# Configuration globale -signet=1 -server=1 -datadir=/home/bitcoin/.bitcoin - -[signet] -daemon=0 -txindex=1 -upnp=1 -#debug=1 -#loglevel=debug -logthreadnames=1 -onion=tor:9050 -listenonion=1 -onlynet=onion - -# Paramètres RPC -rpcauth=bitcoin:c8ea921c7357bd6a5a8a7c43a12350a7$955e25b17672987b17c5a12f12cd8b9c1d38f0f86201c8cd47fc431f2e1c7956 -rpcallowip=0.0.0.0/0 -rpcworkqueue=32 -rpcthreads=4 -rpcdoccheck=1 - -# Paramètres ZMQ -zmqpubhashblock=tcp://0.0.0.0:29000 -zmqpubrawtx=tcp://0.0.0.0:29001 - -listen=1 -bind=0.0.0.0:38333 -rpcbind=0.0.0.0:38332 -rpcport=38332 -fallbackfee=0.0001 -blockfilterindex=1 -datacarriersize=205 -acceptnonstdtxn=1 -dustrelayfee=0.00000001 -minrelaytxfee=0.00000001 -prune=0 -signetchallenge=0020341c43803863c252df326e73574a27d7e19322992061017b0dc893e2eab90821 -wallet=mining -wallet=watchonly -maxtxfee=1 -addnode=tlv2yqamflv22vfdzy2hha2nwmt6zrwrhjjzz4lx7qyq7lyc6wfhabyd.onion -addnode=6xi33lwwslsx3yi3f7c56wnqtdx4v73vj2up3prrwebpwbz6qisnqbyd.onion -addnode=id7e3r3d2epen2v65jebjhmx77aimu7oyhcg45zadafypr4crqsytfid.onion \ No newline at end of file diff --git a/blindbit/Dockerfile b/blindbit/Dockerfile deleted file mode 100644 index 67599e8..0000000 --- a/blindbit/Dockerfile +++ /dev/null @@ -1,13 +0,0 @@ -# Dockerfile personnalisé pour BlindBit avec pgrep et wget -FROM git.4nkweb.com/4nk/blindbit-oracle:dev - -# Installer pgrep, wget et autres outils utiles pour les healthchecks -USER root -RUN apt-get update && apt-get install -y procps wget curl && \ - rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* - -# Revenir à l'utilisateur par défaut -USER root - - - diff --git a/blindbit/blindbit.toml b/blindbit/blindbit.toml deleted file mode 100644 index d8091eb..0000000 --- a/blindbit/blindbit.toml +++ /dev/null @@ -1,18 +0,0 @@ -# Configuration Blindbit Oracle -host = "0.0.0.0:8000" -chain = "signet" -rpc_endpoint = "http://bitcoin:38332" -cookie_path = "/home/bitcoin/.bitcoin/signet/.cookie" -rpc_user = "" -rpc_pass = "" -sync_start_height = 1 - -# Performance -max_parallel_tweak_computations = 4 -max_parallel_requests = 4 - -# Index -tweaks_only = 0 -tweaks_full_basic = 1 -tweaks_full_with_dust_filter = 1 -tweaks_cut_through_with_dust_filter = 1 diff --git a/conf/README.md b/conf/README.md deleted file mode 100644 index fc17ee1..0000000 --- a/conf/README.md +++ /dev/null @@ -1,95 +0,0 @@ -# Configuration Centralisée - LeCoffre Node - -Ce dossier contient toutes les configurations centralisées pour les services du projet LeCoffre Node. - -## Structure - -``` -conf/ -├── bitcoin/ # Configuration Bitcoin Signet -│ └── bitcoin.conf -├── relay/ # Configuration SDK Relay -│ └── sdk_relay.conf -├── nginx/ # Configurations Nginx (déjà existantes) -│ └── ... -├── ihm_client/ # Configuration IHM Client -│ └── nginx.dev.conf -├── lecoffre-front/ # Configuration LeCoffre Frontend -└── miner/ # Configuration du mineur -``` - -## Scripts de Gestion - -Les configurations et le déploiement sont gérés via des scripts centralisés : - -- `scripts/sync-configs.sh` : Synchronise toutes les configurations -- `scripts/startup-sequence.sh` : Script principal avec déploiement complet -- `scripts/pre-build.sh` : Prépare l'environnement avant build Docker - -## Avantages - -1. **Centralisation** : Toutes les configurations au même endroit -2. **Cohérence** : Gestion uniforme des paramètres -3. **Maintenance** : Modifications centralisées -4. **Versioning** : Suivi des changements de configuration -5. **Backup** : Sauvegarde centralisée - -## Utilisation - -### Synchronisation manuelle -```bash -# Synchroniser tous les projets -./scripts/sync-configs.sh - -# Synchroniser un projet spécifique -./scripts/sync-configs.sh ihm_client -``` - -### Déploiement complet -```bash -# Déployer tous les projets -./scripts/startup-sequence.sh deploy - -# Déployer un projet spécifique -./scripts/startup-sequence.sh deploy-project ihm_client - -# Déployer avec push des images Docker -PUSH_DOCKER_IMAGES=true ./scripts/startup-sequence.sh deploy -``` - -### Préparation avant build -```bash -# Préparer l'environnement avant build Docker -./scripts/pre-build.sh -``` - -### Commandes de maintenance -```bash -# Mettre à jour toutes les dépendances -./scripts/startup-sequence.sh update-deps - -# Vérifier les fichiers ignore -./scripts/startup-sequence.sh check-ignore - -# Nettoyer les fichiers non suivis -./scripts/startup-sequence.sh clean-untracked - -# Compiler tous les projets -./scripts/startup-sequence.sh compile-all - -# Exécuter tous les tests -./scripts/startup-sequence.sh test-all -``` - -### Modification d'une configuration -1. Éditer le fichier dans `conf/[service]/` -2. Synchroniser avec `./scripts/sync-configs.sh [service]` -3. Redémarrer le service concerné - -## Services Concernés - -- **Bitcoin Signet** : Configuration du nœud Bitcoin -- **SDK Relay** : Configuration du relais WebSocket -- **IHM Client** : Configuration Nginx pour l'interface client -- **LeCoffre Front/Back** : Configurations des services web -- **Mineur** : Configuration du minage Bitcoin diff --git a/conf/bitcoin/bitcoin.conf b/conf/bitcoin/bitcoin.conf deleted file mode 100644 index 8bca714..0000000 --- a/conf/bitcoin/bitcoin.conf +++ /dev/null @@ -1,45 +0,0 @@ -# Configuration globale -signet=1 -server=1 -datadir=/home/bitcoin/.bitcoin - -[signet] -daemon=0 -txindex=1 -upnp=1 -#debug=1 -#loglevel=debug -logthreadnames=1 -onion=tor:9050 -listenonion=1 -onlynet=onion - -# Paramètres RPC -rpcauth=bitcoin:c8ea921c7357bd6a5a8a7c43a12350a7$955e25b17672987b17c5a12f12cd8b9c1d38f0f86201c8cd47fc431f2e1c7956 -rpcallowip=0.0.0.0/0 -rpcworkqueue=32 -rpcthreads=4 -rpcdoccheck=1 - -# Paramètres ZMQ -zmqpubhashblock=tcp://0.0.0.0:29000 -zmqpubrawtx=tcp://0.0.0.0:29001 - -listen=1 -bind=0.0.0.0:38333 -rpcbind=0.0.0.0:38332 -rpcport=38332 -fallbackfee=0.0001 -blockfilterindex=1 -datacarriersize=205 -acceptnonstdtxn=1 -dustrelayfee=0.00000001 -minrelaytxfee=0.00000001 -prune=0 -signetchallenge=0020341c43803863c252df326e73574a27d7e19322992061017b0dc893e2eab90821 -wallet=mining -wallet=watchonly -maxtxfee=1 -addnode=tlv2yqamflv22vfdzy2hha2nwmt6zrwrhjjzz4lx7qyq7lyc6wfhabyd.onion -addnode=6xi33lwwslsx3yi3f7c56wnqtdx4v73vj2up3prrwebpwbz6qisnqbyd.onion -addnode=id7e3r3d2epen2v65jebjhmx77aimu7oyhcg45zadafypr4crqsytfid.onion \ No newline at end of file diff --git a/conf/grafana/dashboards/bitcoin-miner-detailed.json b/conf/grafana/dashboards/bitcoin-miner-detailed.json deleted file mode 100644 index c8469f9..0000000 --- a/conf/grafana/dashboards/bitcoin-miner-detailed.json +++ /dev/null @@ -1,399 +0,0 @@ -{ - "annotations": { - "list": [] - }, - "editable": true, - "fiscalYearStartMonth": 0, - "graphTooltip": 0, - "id": null, - "links": [], - "liveNow": false, - "panels": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 0 - }, - "id": 1, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom" - }, - "tooltip": { - "mode": "single" - } - }, - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "sum(rate({container=\"signet_miner\"} |= \"Block mined\" [5m])) by (container)", - "queryType": "", - "refId": "A" - } - ], - "title": "Blocs Minés par Minute", - "type": "timeseries" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 0 - }, - "id": 2, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom" - }, - "tooltip": { - "mode": "single" - } - }, - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "sum(rate({container=\"signet_miner\"} |= \"Hashrate\" [5m])) by (container)", - "queryType": "", - "refId": "A" - } - ], - "title": "Hashrate du Mineur", - "type": "timeseries" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 8, - "x": 0, - "y": 8 - }, - "id": 3, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "10.0.0", - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "count_over_time({container=\"signet_miner\"} |= \"ERROR\" [1h])", - "queryType": "", - "refId": "A" - } - ], - "title": "Erreurs du Mineur (1h)", - "type": "stat" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - } - }, - "mappings": [] - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 16, - "x": 8, - "y": 8 - }, - "id": 4, - "options": { - "legend": { - "displayMode": "list", - "placement": "right" - }, - "pieType": "pie", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "tooltip": { - "mode": "single" - } - }, - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "sum by (level) (count_over_time({container=\"signet_miner\"} | json | level != \"\" [1h]))", - "queryType": "", - "refId": "A" - } - ], - "title": "Distribution des Niveaux de Log", - "type": "piechart" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "custom": { - "align": "auto", - "cellOptions": { - "type": "auto" - }, - "inspect": false - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 16 - }, - "id": 5, - "options": { - "cellHeight": "sm", - "footer": { - "countRows": false, - "fields": "", - "reducer": [ - "sum" - ], - "show": false - }, - "showHeader": true - }, - "pluginVersion": "10.0.0", - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "{container=\"signet_miner\"} |= \"Block mined\" | json | line_format \"{{.timestamp}} - Bloc {{.height}} miné - Hash: {{.hash}}\"", - "queryType": "", - "refId": "A" - } - ], - "title": "Historique des Blocs Minés", - "type": "table" - } - ], - "refresh": "5s", - "schemaVersion": 37, - "style": "dark", - "tags": [ - "bitcoin", - "miner", - "signet" - ], - "templating": { - "list": [] - }, - "time": { - "from": "now-1h", - "to": "now" - }, - "timepicker": {}, - "timezone": "", - "title": "Bitcoin Miner - Détails", - "uid": "bitcoin-miner-detailed", - "version": 1, - "weekStart": "" -} - diff --git a/conf/grafana/dashboards/bitcoin-miner.json b/conf/grafana/dashboards/bitcoin-miner.json deleted file mode 100644 index ed0bd13..0000000 --- a/conf/grafana/dashboards/bitcoin-miner.json +++ /dev/null @@ -1,160 +0,0 @@ -{ - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": { - "type": "grafana", - "uid": "-- Grafana --" - }, - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "target": { - "limit": 100, - "matchAny": false, - "tags": [], - "type": "dashboard" - }, - "type": "dashboard" - } - ] - }, - "editable": true, - "fiscalYearStartMonth": 0, - "graphTooltip": 0, - "id": null, - "links": [], - "liveNow": false, - "panels": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 0 - }, - "id": 1, - "options": { - "showTime": false, - "showLabels": false, - "showCommonLabels": false, - "wrapLogMessage": false, - "prettifyLogMessage": false, - "enableLogDetails": true, - "dedupStrategy": "none", - "sortOrder": "Descending" - }, - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "{job=\"bitcoin\"} |= \"block\" | logfmt", - "queryType": "", - "refId": "A" - } - ], - "title": "Bitcoin - Nouveaux Blocs", - "type": "logs" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 0 - }, - "id": 2, - "options": { - "showTime": false, - "showLabels": false, - "showCommonLabels": false, - "wrapLogMessage": false, - "prettifyLogMessage": false, - "enableLogDetails": true, - "dedupStrategy": "none", - "sortOrder": "Descending" - }, - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "{job=\"miner\"} |= \"mined\" | logfmt", - "queryType": "", - "refId": "A" - } - ], - "title": "Miner - Blocs Minés", - "type": "logs" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 8 - }, - "id": 3, - "options": { - "showTime": false, - "showLabels": false, - "showCommonLabels": false, - "wrapLogMessage": false, - "prettifyLogMessage": false, - "enableLogDetails": true, - "dedupStrategy": "none", - "sortOrder": "Descending" - }, - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "{job=~\"bitcoin|miner|blindbit\"} |= \"error\" | logfmt", - "queryType": "", - "refId": "A" - } - ], - "title": "Bitcoin/Miner/Blindbit - Erreurs", - "type": "logs" - } - ], - "refresh": "30s", - "schemaVersion": 36, - "style": "dark", - "tags": ["bitcoin", "miner", "blockchain"], - "templating": { - "list": [] - }, - "time": { - "from": "now-1h", - "to": "now" - }, - "timepicker": {}, - "timezone": "", - "title": "Bitcoin & Miner Monitoring", - "uid": "bitcoin-miner", - "version": 1, - "weekStart": "" -} diff --git a/conf/grafana/dashboards/bitcoin-services.json b/conf/grafana/dashboards/bitcoin-services.json deleted file mode 100644 index 2abf2d2..0000000 --- a/conf/grafana/dashboards/bitcoin-services.json +++ /dev/null @@ -1,532 +0,0 @@ -{ - "annotations": { - "list": [] - }, - "editable": true, - "fiscalYearStartMonth": 0, - "graphTooltip": 0, - "id": null, - "links": [], - "liveNow": false, - "panels": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 0 - }, - "id": 1, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom" - }, - "tooltip": { - "mode": "single" - } - }, - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "sum(rate({container=\"bitcoin-signet\"} |= \"UpdateTip\" [5m])) by (container)", - "queryType": "", - "refId": "A" - } - ], - "title": "Mises à Jour de la Chaîne Bitcoin", - "type": "timeseries" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 0 - }, - "id": 2, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom" - }, - "tooltip": { - "mode": "single" - } - }, - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "sum(rate({container=\"blindbit-oracle\"} |= \"tweak\" [5m])) by (container)", - "queryType": "", - "refId": "A" - } - ], - "title": "Détection de Tweak (BlindBit)", - "type": "timeseries" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 6, - "x": 0, - "y": 8 - }, - "id": 3, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "10.0.0", - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "count_over_time({container=\"bitcoin-signet\"} |= \"ERROR\" [1h])", - "queryType": "", - "refId": "A" - } - ], - "title": "Erreurs Bitcoin (1h)", - "type": "stat" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 6, - "x": 6, - "y": 8 - }, - "id": 4, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "10.0.0", - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "count_over_time({container=\"blindbit-oracle\"} |= \"ERROR\" [1h])", - "queryType": "", - "refId": "A" - } - ], - "title": "Erreurs BlindBit (1h)", - "type": "stat" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 6, - "x": 12, - "y": 8 - }, - "id": 5, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "10.0.0", - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "count_over_time({container=\"bitcoin-signet\"} |= \"New block\" [1h])", - "queryType": "", - "refId": "A" - } - ], - "title": "Nouveaux Blocs (1h)", - "type": "stat" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 6, - "x": 18, - "y": 8 - }, - "id": 6, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "10.0.0", - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "count_over_time({container=\"blindbit-oracle\"} |= \"Silent payment\" [1h])", - "queryType": "", - "refId": "A" - } - ], - "title": "Silent Payments (1h)", - "type": "stat" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "custom": { - "align": "auto", - "cellOptions": { - "type": "auto" - }, - "inspect": false - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 12 - }, - "id": 7, - "options": { - "cellHeight": "sm", - "footer": { - "countRows": false, - "fields": "", - "reducer": [ - "sum" - ], - "show": false - }, - "showHeader": true - }, - "pluginVersion": "10.0.0", - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "{container=~\"bitcoin-signet|blindbit-oracle\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.container}} - {{.message}}\"", - "queryType": "", - "refId": "A" - } - ], - "title": "Erreurs Bitcoin Services", - "type": "table" - } - ], - "refresh": "5s", - "schemaVersion": 37, - "style": "dark", - "tags": [ - "bitcoin", - "signet", - "blindbit", - "oracle" - ], - "templating": { - "list": [] - }, - "time": { - "from": "now-1h", - "to": "now" - }, - "timepicker": {}, - "timezone": "", - "title": "Bitcoin Services - Monitoring", - "uid": "bitcoin-services", - "version": 1, - "weekStart": "" -} - diff --git a/conf/grafana/dashboards/frontend-services.json b/conf/grafana/dashboards/frontend-services.json deleted file mode 100644 index 262feb0..0000000 --- a/conf/grafana/dashboards/frontend-services.json +++ /dev/null @@ -1,532 +0,0 @@ -{ - "annotations": { - "list": [] - }, - "editable": true, - "fiscalYearStartMonth": 0, - "graphTooltip": 0, - "id": null, - "links": [], - "liveNow": false, - "panels": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 0 - }, - "id": 1, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom" - }, - "tooltip": { - "mode": "single" - } - }, - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "sum(rate({container=~\"lecoffre-front|ihm_client\"} |= \"GET\" [5m])) by (container)", - "queryType": "", - "refId": "A" - } - ], - "title": "Requêtes HTTP par Frontend", - "type": "timeseries" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 0 - }, - "id": 2, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom" - }, - "tooltip": { - "mode": "single" - } - }, - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "sum(rate({container=\"ihm_client\"} |= \"vite\" [5m])) by (container)", - "queryType": "", - "refId": "A" - } - ], - "title": "Activité Vite (IHM Client)", - "type": "timeseries" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 6, - "x": 0, - "y": 8 - }, - "id": 3, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "10.0.0", - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "count_over_time({container=\"lecoffre-front\"} |= \"ERROR\" [1h])", - "queryType": "", - "refId": "A" - } - ], - "title": "Erreurs LeCoffre Front (1h)", - "type": "stat" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 6, - "x": 6, - "y": 8 - }, - "id": 4, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "10.0.0", - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "count_over_time({container=\"ihm_client\"} |= \"ERROR\" [1h])", - "queryType": "", - "refId": "A" - } - ], - "title": "Erreurs IHM Client (1h)", - "type": "stat" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 6, - "x": 12, - "y": 8 - }, - "id": 5, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "10.0.0", - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "sum(count_over_time({container=~\"lecoffre-front|ihm_client\"} [1h]))", - "queryType": "", - "refId": "A" - } - ], - "title": "Total Logs Frontend (1h)", - "type": "stat" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 6, - "x": 18, - "y": 8 - }, - "id": 6, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "10.0.0", - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "count_over_time({container=\"ihm_client\"} |= \"Pre-transform error\" [1h])", - "queryType": "", - "refId": "A" - } - ], - "title": "Erreurs Vite (1h)", - "type": "stat" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "custom": { - "align": "auto", - "cellOptions": { - "type": "auto" - }, - "inspect": false - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 12 - }, - "id": 7, - "options": { - "cellHeight": "sm", - "footer": { - "countRows": false, - "fields": "", - "reducer": [ - "sum" - ], - "show": false - }, - "showHeader": true - }, - "pluginVersion": "10.0.0", - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "{container=~\"lecoffre-front|ihm_client\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.container}} - {{.message}}\"", - "queryType": "", - "refId": "A" - } - ], - "title": "Erreurs Récentes Frontend", - "type": "table" - } - ], - "refresh": "5s", - "schemaVersion": 37, - "style": "dark", - "tags": [ - "frontend", - "lecoffre", - "ihm", - "client" - ], - "templating": { - "list": [] - }, - "time": { - "from": "now-1h", - "to": "now" - }, - "timepicker": {}, - "timezone": "", - "title": "Frontend Services - Monitoring", - "uid": "frontend-services", - "version": 1, - "weekStart": "" -} - diff --git a/conf/grafana/dashboards/lecoffre-overview.json b/conf/grafana/dashboards/lecoffre-overview.json deleted file mode 100644 index 9ecf781..0000000 --- a/conf/grafana/dashboards/lecoffre-overview.json +++ /dev/null @@ -1,252 +0,0 @@ -{ - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": { - "type": "grafana", - "uid": "-- Grafana --" - }, - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "target": { - "limit": 100, - "matchAny": false, - "tags": [], - "type": "dashboard" - }, - "type": "dashboard" - } - ] - }, - "editable": true, - "fiscalYearStartMonth": 0, - "graphTooltip": 0, - "id": null, - "links": [], - "liveNow": false, - "panels": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 0 - }, - "id": 1, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom" - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "sum by (service) (count_over_time({job=~\".*\"} |= \"error\" [5m]))", - "queryType": "", - "refId": "A" - } - ], - "title": "Erreurs par Service (5 dernières minutes)", - "type": "timeseries" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 0 - }, - "id": 2, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom" - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "sum by (service) (count_over_time({job=~\".*\"} [5m]))", - "queryType": "", - "refId": "A" - } - ], - "title": "Volume de Logs par Service (5 dernières minutes)", - "type": "timeseries" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "gridPos": { - "h": 12, - "w": 24, - "x": 0, - "y": 8 - }, - "id": 3, - "options": { - "showTime": false, - "showLabels": false, - "showCommonLabels": false, - "wrapLogMessage": false, - "prettifyLogMessage": false, - "enableLogDetails": true, - "dedupStrategy": "none", - "sortOrder": "Descending" - }, - "title": "Logs d'Erreur - Tous Services", - "type": "logs" - } - ], - "refresh": "30s", - "schemaVersion": 36, - "style": "dark", - "tags": ["lecoffre", "monitoring"], - "templating": { - "list": [] - }, - "time": { - "from": "now-1h", - "to": "now" - }, - "timepicker": {}, - "timezone": "", - "title": "LeCoffre Node - Vue d'ensemble", - "uid": "lecoffre-overview", - "version": 1, - "weekStart": "" -} diff --git a/conf/grafana/dashboards/sdk-services.json b/conf/grafana/dashboards/sdk-services.json deleted file mode 100644 index 112fa6a..0000000 --- a/conf/grafana/dashboards/sdk-services.json +++ /dev/null @@ -1,594 +0,0 @@ -{ - "annotations": { - "list": [] - }, - "editable": true, - "fiscalYearStartMonth": 0, - "graphTooltip": 0, - "id": null, - "links": [], - "liveNow": false, - "panels": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 8, - "x": 0, - "y": 0 - }, - "id": 1, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom" - }, - "tooltip": { - "mode": "single" - } - }, - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "sum(rate({container=~\"sdk_.*\"} |= \"message\" [5m])) by (container)", - "queryType": "", - "refId": "A" - } - ], - "title": "Messages par Service SDK", - "type": "timeseries" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 8, - "x": 8, - "y": 0 - }, - "id": 2, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom" - }, - "tooltip": { - "mode": "single" - } - }, - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "sum(rate({container=\"sdk_relay\"} |= \"transaction\" [5m])) by (container)", - "queryType": "", - "refId": "A" - } - ], - "title": "Transactions Relay", - "type": "timeseries" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 8, - "x": 16, - "y": 0 - }, - "id": 3, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom" - }, - "tooltip": { - "mode": "single" - } - }, - "title": "Signatures Signer", - "type": "timeseries" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 6, - "x": 0, - "y": 8 - }, - "id": 4, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "10.0.0", - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "count_over_time({container=\"sdk_relay\"} |= \"ERROR\" [1h])", - "queryType": "", - "refId": "A" - } - ], - "title": "Erreurs Relay (1h)", - "type": "stat" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 6, - "x": 6, - "y": 8 - }, - "id": 5, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "10.0.0", - "title": "Erreurs Signer (1h)", - "type": "stat" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 6, - "x": 12, - "y": 8 - }, - "id": 6, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "10.0.0", - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "count_over_time({container=\"sdk_storage\"} |= \"ERROR\" [1h])", - "queryType": "", - "refId": "A" - } - ], - "title": "Erreurs Storage (1h)", - "type": "stat" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 6, - "x": 18, - "y": 8 - }, - "id": 7, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "10.0.0", - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "sum(count_over_time({container=~\"sdk_.*\"} [1h]))", - "queryType": "", - "refId": "A" - } - ], - "title": "Total Logs SDK (1h)", - "type": "stat" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "custom": { - "align": "auto", - "cellOptions": { - "type": "auto" - }, - "inspect": false - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 12 - }, - "id": 8, - "options": { - "cellHeight": "sm", - "footer": { - "countRows": false, - "fields": "", - "reducer": [ - "sum" - ], - "show": false - }, - "showHeader": true - }, - "pluginVersion": "10.0.0", - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "{container=~\"sdk_.*\"} |= \"ERROR\" | line_format \"{{.timestamp}} - {{.container}} - {{.message}}\"", - "queryType": "", - "refId": "A" - } - ], - "title": "Erreurs Récentes SDK", - "type": "table" - } - ], - "refresh": "5s", - "schemaVersion": 37, - "style": "dark", - "tags": [ - "sdk", - "relay", - "signer", - "storage" - ], - "templating": { - "list": [] - }, - "time": { - "from": "now-1h", - "to": "now" - }, - "timepicker": {}, - "timezone": "", - "title": "SDK Services - Monitoring", - "uid": "sdk-services", - "version": 1, - "weekStart": "" -} diff --git a/conf/grafana/dashboards/services-overview.json b/conf/grafana/dashboards/services-overview.json deleted file mode 100644 index b27238f..0000000 --- a/conf/grafana/dashboards/services-overview.json +++ /dev/null @@ -1,418 +0,0 @@ -{ - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": { - "type": "grafana", - "uid": "-- Grafana --" - }, - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "target": { - "limit": 100, - "matchAny": false, - "tags": [], - "type": "dashboard" - }, - "type": "dashboard" - } - ] - }, - "editable": true, - "fiscalYearStartMonth": 0, - "graphTooltip": 0, - "id": null, - "links": [], - "liveNow": false, - "panels": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 6, - "x": 0, - "y": 0 - }, - "id": 1, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom" - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "title": "LeCoffre Backend - Volume Logs", - "type": "timeseries" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 6, - "x": 6, - "y": 0 - }, - "id": 2, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom" - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "sum by (service) (count_over_time({job=\"lecoffre-front\"} [5m]))", - "queryType": "", - "refId": "A" - } - ], - "title": "LeCoffre Frontend - Volume Logs", - "type": "timeseries" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 6, - "x": 12, - "y": 0 - }, - "id": 3, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom" - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "sum by (service) (count_over_time({job=\"ihm_client\"} [5m]))", - "queryType": "", - "refId": "A" - } - ], - "title": "IHM Client - Volume Logs", - "type": "timeseries" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 6, - "x": 18, - "y": 0 - }, - "id": 4, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom" - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "editorMode": "code", - "expr": "sum by (service) (count_over_time({job=\"sdk_relay\"} [5m]))", - "queryType": "", - "refId": "A" - } - ], - "title": "SDK Relay - Volume Logs", - "type": "timeseries" - }, - { - "datasource": { - "type": "loki", - "uid": "loki" - }, - "gridPos": { - "h": 12, - "w": 24, - "x": 0, - "y": 8 - }, - "id": 5, - "options": { - "showTime": false, - "showLabels": false, - "showCommonLabels": false, - "wrapLogMessage": false, - "prettifyLogMessage": false, - "enableLogDetails": true, - "dedupStrategy": "none", - "sortOrder": "Descending" - }, - "title": "Logs d'Erreur - Services Applications", - "type": "logs" - } - ], - "refresh": "30s", - "schemaVersion": 36, - "style": "dark", - "tags": ["services", "applications"], - "templating": { - "list": [] - }, - "time": { - "from": "now-1h", - "to": "now" - }, - "timepicker": {}, - "timezone": "", - "title": "Services Applications - Monitoring", - "uid": "services-overview", - "version": 1, - "weekStart": "" -} diff --git a/conf/grafana/grafana.ini b/conf/grafana/grafana.ini deleted file mode 100644 index cc6efcf..0000000 --- a/conf/grafana/grafana.ini +++ /dev/null @@ -1,57 +0,0 @@ -# Configuration Grafana avancée pour LeCoffre Node - -[server] -# URL publique de Grafana -root_url = https://dev4.4nkweb.com/grafana/ - -# Configuration de sécurité -enable_gzip = true -cert_file = -cert_key = -enforce_domain = false - -[security] -# Configuration de sécurité -admin_user = admin -admin_password = admin123 -secret_key = lecoffre_grafana_secret_key_2025 - -# Configuration des sessions -cookie_secure = true -cookie_samesite = strict - -[users] -# Configuration des utilisateurs -allow_sign_up = false -allow_org_create = false -auto_assign_org = true -auto_assign_org_id = 1 -auto_assign_org_role = Viewer - -[auth.anonymous] -# Accès anonyme désactivé pour la sécurité -enabled = false - -[dashboards] -# Configuration des dashboards -default_home_dashboard_path = /var/lib/grafana/dashboards/lecoffre-overview.json - -[unified_alerting] -# Configuration des alertes unifiées -enabled = true - -[log] -# Configuration des logs Grafana -mode = console -level = info -format = json - -[metrics] -# Métriques Prometheus -enabled = true -basic_auth_username = -basic_auth_password = - -[feature_toggles] -# Fonctionnalités activées -enable = traceqlEditor diff --git a/conf/grafana/provisioning/dashboards/dashboards.yml b/conf/grafana/provisioning/dashboards/dashboards.yml deleted file mode 100644 index 511c104..0000000 --- a/conf/grafana/provisioning/dashboards/dashboards.yml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: 1 - -providers: - - name: 'LeCoffre Node Dashboards' - orgId: 1 - folder: 'LeCoffre Node' - type: file - disableDeletion: false - updateIntervalSeconds: 10 - allowUiUpdates: true - options: - path: /var/lib/grafana/dashboards diff --git a/conf/grafana/provisioning/datasources/loki.yml b/conf/grafana/provisioning/datasources/loki.yml deleted file mode 100644 index e8e63e6..0000000 --- a/conf/grafana/provisioning/datasources/loki.yml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: 1 - -datasources: - - name: Loki - type: loki - access: proxy - url: http://loki:3100 - uid: loki - isDefault: true - editable: true - jsonData: - maxLines: 1000 \ No newline at end of file diff --git a/conf/grafana/provisioning/datasources/loki.yml.bak b/conf/grafana/provisioning/datasources/loki.yml.bak deleted file mode 100644 index 1bbf4d0..0000000 --- a/conf/grafana/provisioning/datasources/loki.yml.bak +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: 1 - -datasources: - - name: Loki - type: loki - access: proxy - url: http://loki:3100 - uid: loki - isDefault: true - editable: true diff --git a/conf/grafana/provisioning/datasources/loki.yml.temp b/conf/grafana/provisioning/datasources/loki.yml.temp deleted file mode 100644 index e8e63e6..0000000 --- a/conf/grafana/provisioning/datasources/loki.yml.temp +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: 1 - -datasources: - - name: Loki - type: loki - access: proxy - url: http://loki:3100 - uid: loki - isDefault: true - editable: true - jsonData: - maxLines: 1000 \ No newline at end of file diff --git a/conf/ihm_client/nginx.dev.conf b/conf/ihm_client/nginx.dev.conf deleted file mode 100644 index 802fef5..0000000 --- a/conf/ihm_client/nginx.dev.conf +++ /dev/null @@ -1,48 +0,0 @@ -server { - listen 80; - server_name localhost; - - # Redirection des requêtes HTTP vers Vite - location / { - proxy_pass http://localhost:3003; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "Upgrade"; - proxy_set_header Host $host; - } - - location /ws/ { - proxy_pass http://dev4.4nkweb.com:8090; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "Upgrade"; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header X-NginX-Proxy true; - proxy_read_timeout 86400; - } - - location /storage/ { - rewrite ^/storage(/.*)$ $1 break; - proxy_pass http://localhost:8080; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "Upgrade"; - proxy_set_header Host $host; - } - - location /api/ { - proxy_pass http://localhost:8091; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - # CORS headers - add_header Access-Control-Allow-Origin "*" always; - add_header Access-Control-Allow-Methods "GET, POST, OPTIONS, PUT, DELETE" always; - add_header Access-Control-Allow-Headers "Authorization,Content-Type,Accept,X-Requested-With" always; - } -} \ No newline at end of file diff --git a/conf/logrotate/bitcoin.conf b/conf/logrotate/bitcoin.conf deleted file mode 100644 index 6e9fa88..0000000 --- a/conf/logrotate/bitcoin.conf +++ /dev/null @@ -1,13 +0,0 @@ -logs/bitcoin/*.log { - daily - missingok - rotate 7 - compress - delaycompress - notifempty - create 644 root root - postrotate - # Redémarrer le service si nécessaire - docker restart bitcoin 2>/dev/null || true - endscript -} diff --git a/conf/logrotate/blindbit.conf b/conf/logrotate/blindbit.conf deleted file mode 100644 index 95e960c..0000000 --- a/conf/logrotate/blindbit.conf +++ /dev/null @@ -1,13 +0,0 @@ -logs/blindbit/*.log { - daily - missingok - rotate 7 - compress - delaycompress - notifempty - create 644 root root - postrotate - # Redémarrer le service si nécessaire - docker restart blindbit 2>/dev/null || true - endscript -} diff --git a/conf/logrotate/ihm_client.conf b/conf/logrotate/ihm_client.conf deleted file mode 100644 index c9409ad..0000000 --- a/conf/logrotate/ihm_client.conf +++ /dev/null @@ -1,13 +0,0 @@ -logs/ihm_client/*.log { - daily - missingok - rotate 7 - compress - delaycompress - notifempty - create 644 root root - postrotate - # Redémarrer le service si nécessaire - docker restart ihm_client 2>/dev/null || true - endscript -} diff --git a/conf/logrotate/lecoffre-front.conf b/conf/logrotate/lecoffre-front.conf deleted file mode 100644 index ea628b6..0000000 --- a/conf/logrotate/lecoffre-front.conf +++ /dev/null @@ -1,13 +0,0 @@ -logs/lecoffre-front/*.log { - daily - missingok - rotate 7 - compress - delaycompress - notifempty - create 644 root root - postrotate - # Redémarrer le service si nécessaire - docker restart lecoffre-front 2>/dev/null || true - endscript -} diff --git a/conf/logrotate/miner.conf b/conf/logrotate/miner.conf deleted file mode 100644 index ed4374f..0000000 --- a/conf/logrotate/miner.conf +++ /dev/null @@ -1,13 +0,0 @@ -logs/miner/*.log { - daily - missingok - rotate 7 - compress - delaycompress - notifempty - create 644 root root - postrotate - # Redémarrer le service si nécessaire - docker restart miner 2>/dev/null || true - endscript -} diff --git a/conf/logrotate/nginx.conf b/conf/logrotate/nginx.conf deleted file mode 100644 index d36f8a3..0000000 --- a/conf/logrotate/nginx.conf +++ /dev/null @@ -1,13 +0,0 @@ -logs/nginx/*.log { - daily - missingok - rotate 7 - compress - delaycompress - notifempty - create 644 root root - postrotate - # Redémarrer le service si nécessaire - docker restart nginx 2>/dev/null || true - endscript -} diff --git a/conf/logrotate/sdk_relay.conf b/conf/logrotate/sdk_relay.conf deleted file mode 100644 index ef677bb..0000000 --- a/conf/logrotate/sdk_relay.conf +++ /dev/null @@ -1,13 +0,0 @@ -logs/sdk_relay/*.log { - daily - missingok - rotate 7 - compress - delaycompress - notifempty - create 644 root root - postrotate - # Redémarrer le service si nécessaire - docker restart sdk_relay 2>/dev/null || true - endscript -} diff --git a/conf/logrotate/sdk_storage.conf b/conf/logrotate/sdk_storage.conf deleted file mode 100644 index 8d84d09..0000000 --- a/conf/logrotate/sdk_storage.conf +++ /dev/null @@ -1,13 +0,0 @@ -logs/sdk_storage/*.log { - daily - missingok - rotate 7 - compress - delaycompress - notifempty - create 644 root root - postrotate - # Redémarrer le service si nécessaire - docker restart sdk_storage 2>/dev/null || true - endscript -} diff --git a/conf/logrotate/tor.conf b/conf/logrotate/tor.conf deleted file mode 100644 index d821318..0000000 --- a/conf/logrotate/tor.conf +++ /dev/null @@ -1,13 +0,0 @@ -logs/tor/*.log { - daily - missingok - rotate 7 - compress - delaycompress - notifempty - create 644 root root - postrotate - # Redémarrer le service si nécessaire - docker restart tor 2>/dev/null || true - endscript -} diff --git a/conf/loki/loki-config.yaml b/conf/loki/loki-config.yaml deleted file mode 100644 index f1bf1dd..0000000 --- a/conf/loki/loki-config.yaml +++ /dev/null @@ -1,76 +0,0 @@ -auth_enabled: false - -server: - http_listen_port: 3100 - grpc_listen_port: 9096 - http_listen_address: 0.0.0.0 - grpc_listen_address: 0.0.0.0 - -common: - instance_addr: 0.0.0.0 - path_prefix: /loki - storage: - filesystem: - chunks_directory: /loki/chunks - rules_directory: /loki/rules - replication_factor: 1 - ring: - kvstore: - store: inmemory - -schema_config: - configs: - - from: 2020-10-24 - store: tsdb - object_store: filesystem - schema: v13 - index: - prefix: index_ - period: 24h - -ruler: - alertmanager_url: http://localhost:9093 - -# Configuration de l'ingester - SEULEMENT le paramètre crucial -ingester: - lifecycler: - min_ready_duration: 5s # Réduit le délai de 15s à 5s - -# Configuration des limites -limits_config: - reject_old_samples: true - reject_old_samples_max_age: 168h - max_cache_freshness_per_query: 10m - split_queries_by_interval: 15m - max_query_parallelism: 32 - max_streams_per_user: 0 - max_line_size: 256000 - ingestion_rate_mb: 16 - ingestion_burst_size_mb: 32 - per_stream_rate_limit: 3MB - per_stream_rate_limit_burst: 15MB - max_entries_limit_per_query: 5000 - max_query_series: 500 - max_query_length: 721h - cardinality_limit: 100000 - max_streams_matchers_per_query: 1000 - max_concurrent_tail_requests: 10 - -# Configuration du storage -storage_config: - tsdb_shipper: - active_index_directory: /loki/tsdb-index - cache_location: /loki/tsdb-cache - filesystem: - directory: /loki/chunks - -# Configuration du compactor -compactor: - working_directory: /loki/compactor - compaction_interval: 10m - retention_enabled: false - delete_request_store: filesystem - -# Analytics désactivés -analytics: - reporting_enabled: false \ No newline at end of file diff --git a/conf/monitoring.conf b/conf/monitoring.conf deleted file mode 100644 index b478228..0000000 --- a/conf/monitoring.conf +++ /dev/null @@ -1,30 +0,0 @@ -# Configuration centralisée du monitoring LeCoffre Node -# Généré automatiquement le $(date) - -[monitoring] -# Services de monitoring -grafana_port=3000 -loki_port=3100 -promtail_enabled=true - -[grafana] -admin_user=admin -admin_password=admin123 -root_url=https://dev4.4nkweb.com/grafana/ -dashboard_home=lecoffre-overview - -[logs] -# Configuration des logs -log_retention_days=30 -log_rotation=daily -log_compression=true - -[services] -# Services surveillés -services=bitcoin,blindbit,sdk_relay,,sdk_storagelecoffre-front,ihm_client,tor,miner - -[alerts] -# Configuration des alertes -error_threshold=10 -warning_threshold=5 -alert_email= diff --git a/conf/nginx/assets/favicon.ico b/conf/nginx/assets/favicon.ico deleted file mode 100644 index 1ddbac54665b3988e49822c3b7e993956100c69d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 590 zcmeH_y$XX+428c!hmKC2JN9K<1i4PST|25M>f-weK7fn6qk@BqKfPY@6*`r0PQpn7 zAqm`+83u}9eD3fB-U>=m%Ar3L>)`Yk+qTUCAp~ifvhTabwrw;`LtWP-NrLBj2*<&7 zU9v3W$gk_lJkKo4Lf`k4Wl2?4n5KzkSx6}ff`B~F>AH@hD0JU6O^oBnFbuS9OB~1e XzE2p2L{X&cuQ~qyyvMKhp#I_u(Nbj` diff --git a/conf/nginx/dev4.4nkweb.com-http.conf b/conf/nginx/dev4.4nkweb.com-http.conf deleted file mode 100644 index 6a7d847..0000000 --- a/conf/nginx/dev4.4nkweb.com-http.conf +++ /dev/null @@ -1,15 +0,0 @@ -# HTTP server for ACME and redirect to HTTPS -server { - listen 80 default_server; - server_name _; - - # ACME HTTP-01 challenges - location /.well-known/acme-challenge/ { - root /var/www/letsencrypt; - } - - # Redirection vers HTTPS pour toutes les autres requêtes - location / { - return 301 https://$server_name$request_uri; - } -} diff --git a/conf/nginx/dev4.4nkweb.com-https.conf b/conf/nginx/dev4.4nkweb.com-https.conf deleted file mode 100644 index 7406527..0000000 --- a/conf/nginx/dev4.4nkweb.com-https.conf +++ /dev/null @@ -1,263 +0,0 @@ -# Configuration HTTPS pour dev4.4nkweb.com -server { - listen 443 ssl; - http2 on; - server_name dev4.4nkweb.com; - - include /home/debian/4NK_env/confs/lecoffre_node/nginx/logging.conf; - - # Certificats SSL - ssl_certificate /etc/letsencrypt/live/dev4.4nkweb.com/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/dev4.4nkweb.com/privkey.pem; - - # Configuration SSL - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384; - ssl_prefer_server_ciphers off; - ssl_session_cache shared:SSL:10m; - ssl_session_timeout 10m; - - # Headers de sécurité - add_header Strict-Transport-Security "max-age=63072000" always; - add_header X-Frame-Options DENY always; - add_header X-Content-Type-Options nosniff always; - add_header X-XSS-Protection "1; mode=block" always; - - # Grafana - Interface de monitoring (DOIT être avant location /) - location /grafana/ { - proxy_pass http://localhost:3005/; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - # Configuration spécifique pour Grafana - proxy_set_header X-Grafana-Org-Id 1; - - # Support des WebSockets pour les live updates - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - - # Timeouts - proxy_connect_timeout 60s; - proxy_send_timeout 60s; - proxy_read_timeout 60s; - - # Buffer settings - proxy_buffering off; - proxy_request_buffering off; - } - - # Loki API - API de logs (DOIT être avant location /) - location /loki/ { - proxy_pass http://localhost:3100/; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - # CORS pour les requêtes depuis Grafana - add_header Access-Control-Allow-Origin *; - add_header Access-Control-Allow-Methods "GET, POST, OPTIONS"; - add_header Access-Control-Allow-Headers "Content-Type, Authorization"; - - if ($request_method = 'OPTIONS') { - return 204; - } - } - - # Page de statut des services (DOIT être avant location /) - location /status { - # Redirection vers /status/ - return 301 /status/; - } - - location /status/ { - # Serveur statique pour la page HTML - alias /var/www/lecoffre/status/; - index index.html; - try_files $uri $uri/ /status/index.html; - - # Headers de sécurité - add_header X-Frame-Options "SAMEORIGIN" always; - add_header X-Content-Type-Options "nosniff" always; - add_header X-XSS-Protection "1; mode=block" always; - - # Cache pour les assets statiques - location ~* \.(css|js|png|jpg|jpeg|gif|ico|svg)$ { - expires 1h; - add_header Cache-Control "public, immutable"; - } - } - - # API de statut des services (DOIT être avant location /) - location /status/api { - proxy_pass http://localhost:3006/api; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - # CORS pour les requêtes AJAX - add_header Access-Control-Allow-Origin *; - add_header Access-Control-Allow-Methods "GET, POST, OPTIONS"; - add_header Access-Control-Allow-Headers "Content-Type, Authorization"; - - # Timeouts - proxy_connect_timeout 10s; - proxy_send_timeout 10s; - proxy_read_timeout 10s; - - if ($request_method = 'OPTIONS') { - return 204; - } - } - - # API backend - route /back/ vers /api/ du backend - location ~* ^/back/(.*)$ { - proxy_pass http://localhost:8080/api/$1; - proxy_http_version 1.1; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header Connection ""; - proxy_buffering off; - } - - # API direct - route /api/ vers le backend - # Autorisations CORS dynamiques pour origines connues - set $cors_origin ""; - if ($http_origin ~* ^(http://local\.4nkweb\.com:3000|https://dev4\.4nkweb\.com)$) { - set $cors_origin $http_origin; - } - - location /api/ { - # CORS pour développement local Next.js - proxy_hide_header Access-Control-Allow-Origin; - proxy_hide_header Access-Control-Allow-Credentials; - proxy_hide_header Access-Control-Allow-Headers; - proxy_hide_header Access-Control-Allow-Methods; - - if ($request_method = OPTIONS) { - add_header Access-Control-Allow-Origin $cors_origin always; - add_header Access-Control-Allow-Credentials "true" always; - add_header Access-Control-Allow-Headers "Content-Type, x-session-id, Authorization" always; - add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always; - return 204; - } - - add_header Access-Control-Allow-Origin $cors_origin always; - add_header Access-Control-Allow-Credentials "true" always; - add_header Access-Control-Allow-Headers "Content-Type, x-session-id, Authorization" always; - add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always; - - proxy_set_header X-Request-ID $x_request_id; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header X-Forwarded-Host $host; - proxy_pass http://dev3.4nkweb.com:8080/api/; - include /etc/nginx/proxy_params; - proxy_read_timeout 300; - proxy_connect_timeout 300; - proxy_send_timeout 300; - } - - # WebSocket relay (sdk_relay) - location /ws/ { - proxy_pass http://localhost:8090/; - proxy_set_header Sec-WebSocket-Key $http_sec_websocket_key; - proxy_set_header Sec-WebSocket-Version $http_sec_websocket_version; - proxy_set_header Sec-WebSocket-Protocol $http_sec_websocket_protocol; - proxy_set_header Sec-WebSocket-Extensions $http_sec_websocket_extensions; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_read_timeout 86400; - } - - # API de transfert de fonds - location /api/v1/funds/ { - proxy_pass http://dev3.4nkweb.com:8080/api/v1/funds/; - include /etc/nginx/proxy_params; - proxy_read_timeout 300; - proxy_connect_timeout 300; - proxy_send_timeout 300; - } - - # favicon - location = /favicon.ico { - root /home/debian/4NK_env/confs/lecoffre_node/nginx/assets; - try_files /favicon.ico =404; - } - - # blindbit - location /blindbit/ { - proxy_pass http://localhost:8000/; - include /etc/nginx/proxy_params; - } - - # lecoffre-front - Application LeCoffre - location = /lecoffre { return 301 /lecoffre/; } - location ^~ /lecoffre/ { - # ensure no redirect here; only proxy to Next - add_header Cache-Control "no-store, no-cache, must-revalidate, max-age=0" always; - add_header Pragma "no-cache" always; - add_header Expires "-1" always; - proxy_hide_header ETag; - proxy_hide_header Last-Modified; - rewrite ^/lecoffre/(.*)$ /$1 break; - proxy_pass http://localhost:3004; - include /etc/nginx/proxy_params; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_set_header X-Request-ID $x_request_id; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header X-Forwarded-Host $host; - proxy_read_timeout 300; - proxy_send_timeout 300; - proxy_connect_timeout 300; - } - # HMR dev front - location ^~ /lecoffre-hmr/ { - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - rewrite ^/lecoffre-hmr/(.*)$ /lecoffre/$1 break; - proxy_pass http://localhost:3000; - } - - - # ihm_client (root) - DOIT être en dernier - - # Next.js assets for lecoffre-front - location ^~ /_next/ { - proxy_pass http://localhost:3004/_next/; - include /etc/nginx/proxy_params; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_read_timeout 300; - add_header Cache-Control "public, max-age=31536000, immutable"; - } - - location / { - proxy_pass http://localhost:3003; - include /etc/nginx/proxy_params; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_read_timeout 300; - } -} diff --git a/conf/nginx/dev4.4nkweb.com.conf b/conf/nginx/dev4.4nkweb.com.conf deleted file mode 100644 index d817484..0000000 --- a/conf/nginx/dev4.4nkweb.com.conf +++ /dev/null @@ -1,258 +0,0 @@ -# HTTP server for ACME and redirect to HTTPS -server { - listen 80; - server_name dev4.4nkweb.com http://dev4.4nkweb.com; - - # ACME HTTP-01 challenges - location /.well-known/acme-challenge/ { - root /var/www/letsencrypt; - } - - # Redirection vers HTTPS pour toutes les autres requêtes - location / { - return 301 https://$server_name$request_uri; - } - - # API backend - route /back/ vers /api/ du backend - location ~* ^/back/(.*)$ { - proxy_pass http://localhost:8080/api/$1; - proxy_http_version 1.1; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header Connection ""; - proxy_buffering off; - } - - # API direct - route /api/ vers le backend - # Autorisations CORS dynamiques pour origines connues - set $cors_origin ""; - if ($http_origin ~* ^(http://local\.4nkweb\.com:3000|https://dev4\.4nkweb\.com)$) { - set $cors_origin $http_origin; - } - - location /api/ { - # CORS pour développement local Next.js - proxy_hide_header Access-Control-Allow-Origin; - proxy_hide_header Access-Control-Allow-Credentials; - proxy_hide_header Access-Control-Allow-Headers; - proxy_hide_header Access-Control-Allow-Methods; - - if ($request_method = OPTIONS) { - add_header Access-Control-Allow-Origin $cors_origin always; - add_header Access-Control-Allow-Credentials "true" always; - add_header Access-Control-Allow-Headers "Content-Type, x-session-id, Authorization" always; - add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always; - return 204; - } - - add_header Access-Control-Allow-Origin $cors_origin always; - add_header Access-Control-Allow-Credentials "true" always; - add_header Access-Control-Allow-Headers "Content-Type, x-session-id, Authorization" always; - add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always; - - proxy_pass http://localhost:8080/api/; - include /etc/nginx/proxy_params; - proxy_read_timeout 300; - proxy_connect_timeout 300; - proxy_send_timeout 300; - } - - # Compat: certains clients appellent /apiv1 -> réécriture vers /api/v1 - location ~* ^/apiv1/(.*)$ { - # CORS pour compatibilité - proxy_hide_header Access-Control-Allow-Origin; - proxy_hide_header Access-Control-Allow-Credentials; - proxy_hide_header Access-Control-Allow-Headers; - proxy_hide_header Access-Control-Allow-Methods; - - if ($request_method = OPTIONS) { - add_header Access-Control-Allow-Origin $cors_origin always; - add_header Access-Control-Allow-Credentials "true" always; - add_header Access-Control-Allow-Headers "Content-Type, x-session-id, Authorization" always; - add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always; - return 204; - } - - add_header Access-Control-Allow-Origin $cors_origin always; - add_header Access-Control-Allow-Credentials "true" always; - add_header Access-Control-Allow-Headers "Content-Type, x-session-id, Authorization" always; - add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always; - - proxy_pass http://localhost:8080/api/v1/$1; - include /etc/nginx/proxy_params; - proxy_read_timeout 300; - proxy_connect_timeout 300; - proxy_send_timeout 300; - } - - # WebSocket relay (sdk_relay) - location /ws/ { - proxy_pass http://localhost:8090/; - proxy_set_header Sec-WebSocket-Key $http_sec_websocket_key; - proxy_set_header Sec-WebSocket-Version $http_sec_websocket_version; - proxy_set_header Sec-WebSocket-Protocol $http_sec_websocket_protocol; - proxy_set_header Sec-WebSocket-Extensions $http_sec_websocket_extensions; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_read_timeout 300; - } - - # API de transfert de fonds - location /api/v1/funds/ { - proxy_pass http://localhost:8080/api/v1/funds/; - include /etc/nginx/proxy_params; - proxy_read_timeout 300; - proxy_connect_timeout 300; - proxy_send_timeout 300; - } - - # Grafana - Interface de monitoring (DOIT être avant location /) - location /grafana/ { - proxy_pass http://localhost:3005/; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - # Configuration spécifique pour Grafana - proxy_set_header X-Grafana-Org-Id 1; - - # Support des WebSockets pour les live updates - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - - # Timeouts - proxy_connect_timeout 60s; - proxy_send_timeout 60s; - proxy_read_timeout 60s; - - # Buffer settings - proxy_buffering off; - proxy_request_buffering off; - } - - # Loki API - API de logs (DOIT être avant location /) - location /loki/ { - proxy_pass http://localhost:3100/; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - # CORS pour les requêtes depuis Grafana - add_header Access-Control-Allow-Origin *; - add_header Access-Control-Allow-Methods "GET, POST, OPTIONS"; - add_header Access-Control-Allow-Headers "Content-Type, Authorization"; - - if ($request_method = 'OPTIONS') { - return 204; - } - } - - # Page de statut des services (DOIT être avant location /) - location /status { - # Redirection vers /status/ - return 301 /status/; - } - - location /status/ { - # Serveur statique pour la page HTML - alias /var/www/lecoffre/status/; - index index.html; - try_files $uri $uri/ /status/index.html; - - # Headers de sécurité - add_header X-Frame-Options "SAMEORIGIN" always; - add_header X-Content-Type-Options "nosniff" always; - add_header X-XSS-Protection "1; mode=block" always; - - # Cache pour les assets statiques - location ~* \.(css|js|png|jpg|jpeg|gif|ico|svg)$ { - expires 1h; - add_header Cache-Control "public, immutable"; - } - } - - # API de statut des services (DOIT être avant location /) - location /status/api { - proxy_pass http://localhost:3006/api; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - # CORS pour les requêtes AJAX - add_header Access-Control-Allow-Origin *; - add_header Access-Control-Allow-Methods "GET, POST, OPTIONS"; - add_header Access-Control-Allow-Headers "Content-Type, Authorization"; - - # Timeouts - proxy_connect_timeout 10s; - proxy_send_timeout 10s; - proxy_read_timeout 10s; - - if ($request_method = 'OPTIONS') { - return 204; - } - } - - # ihm_client (root) - DOIT être en dernier - location / { - proxy_pass http://localhost:3003; - include /etc/nginx/proxy_params; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_read_timeout 300; - } - - # favicon - location = /favicon.ico { - root /home/debian/4NK_env/confs/lecoffre_node/nginx/assets; - try_files /favicon.ico =404; - access_log off; - expires 30d; - } - - # lecoffre frontend - location = /lecoffre { - proxy_pass http://127.0.0.2:3004/lecoffre; - include /etc/nginx/proxy_params; - proxy_set_header Host $host; - proxy_set_header X-Forwarded-Proto http; - } - - location /lecoffre/ { - proxy_pass http://127.0.0.2:3004/lecoffre/; - include /etc/nginx/proxy_params; - proxy_set_header Host $host; - proxy_set_header X-Forwarded-Proto http; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_read_timeout 300; - } - - # Next.js assets - location /_next/ { - proxy_pass http://127.0.0.2:3004/_next/; - include /etc/nginx/proxy_params; - proxy_set_header Host $host; - proxy_set_header X-Forwarded-Proto http; - } - - # blindbit - location /blindbit/ { - proxy_pass http://localhost:8000/; - include /etc/nginx/proxy_params; - } - -} diff --git a/conf/nginx/grafana.conf b/conf/nginx/grafana.conf deleted file mode 100644 index c3753bb..0000000 --- a/conf/nginx/grafana.conf +++ /dev/null @@ -1,49 +0,0 @@ -# Configuration Nginx pour Grafana -server { - listen 80; - server_name dev4.4nkweb.com; - - # Proxy pour Grafana - location /grafana/ { - proxy_pass http://127.0.0.1:3005/; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - # Configuration spécifique pour Grafana - proxy_set_header X-Grafana-Org-Id 1; - - # Support des WebSockets pour les live updates - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - - # Timeouts - proxy_connect_timeout 60s; - proxy_send_timeout 60s; - proxy_read_timeout 60s; - - # Buffer settings - proxy_buffering off; - proxy_request_buffering off; - } - - # Proxy pour Loki (API) - location /loki/ { - proxy_pass http://127.0.0.1:3100/; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - # CORS pour les requêtes depuis Grafana - add_header Access-Control-Allow-Origin *; - add_header Access-Control-Allow-Methods "GET, POST, OPTIONS"; - add_header Access-Control-Allow-Headers "Content-Type, Authorization"; - - if ($request_method = 'OPTIONS') { - return 204; - } - } -} diff --git a/conf/nginx/logging.conf b/conf/nginx/logging.conf deleted file mode 100644 index 2ccba34..0000000 --- a/conf/nginx/logging.conf +++ /dev/null @@ -1,39 +0,0 @@ -# Logging configuration for lecoffre front - -log_format lecoffre_json escape=json - '{' - '"time":"$time_iso8601",' - '"request_id":"$request_id",' - '"remote_addr":"$remote_addr",' - '"host":"$host",' - '"method":"$request_method",' - '"uri":"$uri",' - '"args":"$args",' - '"status":$status,' - '"bytes":$body_bytes_sent,' - '"referer":"$http_referer",' - '"user_agent":"$http_user_agent",' - '"request_time":$request_time,' - '"upstream_addr":"$upstream_addr",' - '"upstream_status":"$upstream_status",' - '"upstream_connect_time":"$upstream_connect_time",' - '"upstream_header_time":"$upstream_header_time",' - '"upstream_response_time":"$upstream_response_time",' - '"x_forwarded_for":"$http_x_forwarded_for"' - '}'; - -# Default access and error logs for the front site -access_log /home/debian/4NK_env/logs/nginx/lecoffre_front_access.log lecoffre_json; -error_log /home/debian/4NK_env/logs/nginx/lecoffre_front_error.log warn; - -# Map incoming X-Request-ID or generate one -map $http_x_request_id $x_request_id { - default $http_x_request_id; - "" $request_id; -} - -# These headers should be set in each proxy location of the vhost -# proxy_set_header X-Request-ID $x_request_id; -# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; -# proxy_set_header X-Forwarded-Proto $scheme; -# proxy_set_header X-Forwarded-Host $host; diff --git a/conf/nginx/nginx.conf b/conf/nginx/nginx.conf deleted file mode 100644 index 726a64b..0000000 --- a/conf/nginx/nginx.conf +++ /dev/null @@ -1,470 +0,0 @@ -user www-data; -worker_processes auto; -pid /app/nginx.pid; -include /etc/nginx/modules-enabled/*.conf; - -events { - worker_connections 1024; - use epoll; - multi_accept on; -} - -http { - # Configuration de base - sendfile on; - tcp_nopush on; - tcp_nodelay on; - keepalive_timeout 65; - types_hash_max_size 2048; - server_tokens off; - - # MIME types - include /etc/nginx/mime.types; - default_type application/octet-stream; - - # Logging - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /app/logs/nginx/access.log main; - error_log /app/logs/nginx/error.log warn; - - # Gzip compression - gzip on; - gzip_vary on; - gzip_proxied any; - gzip_comp_level 6; - gzip_types - text/plain - text/css - text/xml - text/javascript - application/json - application/javascript - application/xml+rss - application/atom+xml - image/svg+xml; - - # Rate limiting - limit_req_zone $binary_remote_addr zone=api:10m rate=10r/s; - limit_req_zone $binary_remote_addr zone=login:10m rate=1r/s; - - # Upstream servers - - upstream lecoffre_frontend { - server localhost:3004; - keepalive 32; - } - - upstream ihm_client { - server localhost:3003; - keepalive 32; - } - - upstream grafana { - server localhost:3005; - keepalive 32; - } - - upstream loki { - server localhost:3100; - keepalive 32; - } - - upstream status_api { - server localhost:3006; - keepalive 32; - } - - upstream sdk_relay { - server localhost:8090; - keepalive 32; - } - - upstream blindbit { - server localhost:8000; - keepalive 32; - } - - # Serveur principal HTTP (port 80) - server { - listen 80 default_server; - listen [::]:80 default_server; - server_name _; - - # Redirection automatique vers HTTPS si disponible - return 301 https://$host$request_uri; - } - - # Serveur HTTPS (port 443) - server { - listen 443 ssl http2 default_server; - listen [::]:443 ssl http2 default_server; - server_name _; - - # Certificats SSL (auto-signés pour le développement) - ssl_certificate /app/ssl/nginx-selfsigned.crt; - ssl_certificate_key /app/ssl/nginx-selfsigned.key; - - # Configuration SSL - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384; - ssl_prefer_server_ciphers off; - ssl_session_cache shared:SSL:10m; - ssl_session_timeout 10m; - - # Headers de sécurité - add_header X-Frame-Options "SAMEORIGIN" always; - add_header X-Content-Type-Options "nosniff" always; - add_header X-XSS-Protection "1; mode=block" always; - add_header Referrer-Policy "strict-origin-when-cross-origin" always; - - # Page de statut des services - location /status/ { - alias /var/www/lecoffre/status/; - index index.html; - try_files $uri $uri/ /status/index.html; - - location ~* \.(css|js|png|jpg|jpeg|gif|ico|svg)$ { - expires 1h; - add_header Cache-Control "public, immutable"; - } - } - - # API de statut des services - location /status/api { - limit_req zone=api burst=20 nodelay; - proxy_pass http://status_api/api; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - # CORS - add_header Access-Control-Allow-Origin *; - add_header Access-Control-Allow-Methods "GET, POST, OPTIONS"; - add_header Access-Control-Allow-Headers "Content-Type, Authorization"; - - if ($request_method = 'OPTIONS') { - return 204; - } - } - - # Grafana - Interface de monitoring - location /grafana/ { - proxy_pass http://grafana/; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header X-Grafana-Org-Id 1; - - # WebSocket support - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - - proxy_connect_timeout 60s; - proxy_send_timeout 60s; - proxy_read_timeout 60s; - proxy_buffering off; - proxy_request_buffering off; - } - - # Loki API - API de logs - location /loki/ { - limit_req zone=api burst=10 nodelay; - proxy_pass http://loki/; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - # CORS pour Grafana - add_header Access-Control-Allow-Origin *; - add_header Access-Control-Allow-Methods "GET, POST, OPTIONS"; - add_header Access-Control-Allow-Headers "Content-Type, Authorization"; - - if ($request_method = 'OPTIONS') { - return 204; - } - } - - # API backend - routes /back/ vers /api/ - location ~* ^/back/(.*)$ { - limit_req zone=api burst=20 nodelay; - proxy_pass http://lecoffre_backend/api/$1; - proxy_http_version 1.1; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header Connection ""; - proxy_buffering off; - } - - # API direct - routes /api/ - location /api/ { - limit_req zone=api burst=20 nodelay; - - # CORS dynamique - set $cors_origin ""; - if ($http_origin ~* ^(http://localhost:3000|http://local\.4nkweb\.com:3000|https://dev4\.4nkweb\.com)$) { - set $cors_origin $http_origin; - } - - proxy_hide_header Access-Control-Allow-Origin; - proxy_hide_header Access-Control-Allow-Credentials; - proxy_hide_header Access-Control-Allow-Headers; - proxy_hide_header Access-Control-Allow-Methods; - - if ($request_method = OPTIONS) { - add_header Access-Control-Allow-Origin $cors_origin always; - add_header Access-Control-Allow-Credentials "true" always; - add_header Access-Control-Allow-Headers "Content-Type, x-session-id, Authorization" always; - add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always; - return 204; - } - - add_header Access-Control-Allow-Origin $cors_origin always; - add_header Access-Control-Allow-Credentials "true" always; - add_header Access-Control-Allow-Headers "Content-Type, x-session-id, Authorization" always; - add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always; - - proxy_pass http://lecoffre_backend/api/; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_read_timeout 300; - proxy_connect_timeout 300; - proxy_send_timeout 300; - } - - # WebSocket relay (sdk_relay) - location /ws/ { - proxy_pass http://sdk_relay/; - proxy_set_header Sec-WebSocket-Key $http_sec_websocket_key; - proxy_set_header Sec-WebSocket-Version $http_sec_websocket_version; - proxy_set_header Sec-WebSocket-Protocol $http_sec_websocket_protocol; - proxy_set_header Sec-WebSocket-Extensions $http_sec_websocket_extensions; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_read_timeout 86400; - } - - # API de transfert de fonds - location /api/v1/funds/ { - limit_req zone=api burst=5 nodelay; - proxy_pass http://lecoffre_backend/api/v1/funds/; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_read_timeout 300; - proxy_connect_timeout 300; - proxy_send_timeout 300; - } - - # favicon - location = /favicon.ico { - root /var/www/lecoffre/assets; - try_files /favicon.ico =404; - } - - # blindbit - location /blindbit/ { - proxy_pass http://blindbit/; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - } - - # LeCoffre Front - Application principale - # Redirige /lecoffre -> /lecoffre/ - location = /lecoffre { - return 301 /lecoffre/; - } - location /lecoffre/ { - proxy_pass http://lecoffre_frontend/; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_read_timeout 300; - - # Configuration spécifique pour Next.js - proxy_buffering off; - proxy_request_buffering off; - proxy_set_header X-Forwarded-Host $host; - proxy_set_header X-Forwarded-Server $host; - } - - # ihm_client (root) - DOIT être en dernier - location / { - proxy_pass http://ihm_client; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_read_timeout 300; - } - } - # API de statut des services - location /status/api { - limit_req zone=api burst=20 nodelay; - proxy_pass http://status_api/api; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - # CORS - add_header Access-Control-Allow-Origin *; - add_header Access-Control-Allow-Methods "GET, POST, OPTIONS"; - add_header Access-Control-Allow-Headers "Content-Type, Authorization"; - - if ($request_method = 'OPTIONS') { - return 204; - } - } - - # Grafana - Interface de monitoring - location /grafana/ { - proxy_pass http://grafana/; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header X-Grafana-Org-Id 1; - - # WebSocket support - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - - proxy_connect_timeout 60s; - proxy_send_timeout 60s; - proxy_read_timeout 60s; - proxy_buffering off; - proxy_request_buffering off; - } - - # API backend - routes /back/ vers /api/ - location ~* ^/back/(.*)$ { - limit_req zone=api burst=20 nodelay; - proxy_pass http://lecoffre_backend/api/$1; - proxy_http_version 1.1; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header Connection ""; - proxy_buffering off; - } - - # API direct - routes /api/ - location /api/ { - limit_req zone=api burst=20 nodelay; - - # CORS dynamique pour développement local - set $cors_origin ""; - if ($http_origin ~* ^(http://local\.4nkweb\.com:3000|http://localhost:3000|https://dev4\.4nkweb\.com)$) { - set $cors_origin $http_origin; - } - - proxy_hide_header Access-Control-Allow-Origin; - proxy_hide_header Access-Control-Allow-Credentials; - proxy_hide_header Access-Control-Allow-Headers; - proxy_hide_header Access-Control-Allow-Methods; - - if ($request_method = OPTIONS) { - add_header Access-Control-Allow-Origin $cors_origin always; - add_header Access-Control-Allow-Credentials "true" always; - add_header Access-Control-Allow-Headers "Content-Type, x-session-id, Authorization" always; - add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always; - return 204; - } - - add_header Access-Control-Allow-Origin $cors_origin always; - add_header Access-Control-Allow-Credentials "true" always; - add_header Access-Control-Allow-Headers "Content-Type, x-session-id, Authorization" always; - add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always; - - proxy_pass http://lecoffre_backend/api/; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_read_timeout 300; - proxy_connect_timeout 300; - proxy_send_timeout 300; - } - - # WebSocket relay (sdk_relay) - location /ws/ { - proxy_pass http://sdk_relay/; - proxy_set_header Sec-WebSocket-Key $http_sec_websocket_key; - proxy_set_header Sec-WebSocket-Version $http_sec_websocket_version; - proxy_set_header Sec-WebSocket-Protocol $http_sec_websocket_protocol; - proxy_set_header Sec-WebSocket-Extensions $http_sec_websocket_extensions; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_read_timeout 86400; - } - - # LeCoffre Front - Application principale - # Redirige /lecoffre -> /lecoffre/ - location = /lecoffre { - return 301 /lecoffre/; - } - location /lecoffre/ { - proxy_pass http://lecoffre_frontend/; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_read_timeout 300; - - # Configuration spécifique pour Next.js - proxy_buffering off; - proxy_request_buffering off; - proxy_set_header X-Forwarded-Host $host; - proxy_set_header X-Forwarded-Server $host; - } - - # ihm_client (root) - DOIT être en dernier - location / { - proxy_pass http://ihm_client; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_read_timeout 300; - } - } -} diff --git a/conf/nginx_backups_host/dev4.4nkweb.com-http.conf b/conf/nginx_backups_host/dev4.4nkweb.com-http.conf deleted file mode 100755 index 804d8a0..0000000 --- a/conf/nginx_backups_host/dev4.4nkweb.com-http.conf +++ /dev/null @@ -1,15 +0,0 @@ -# HTTP server for ACME and redirect to HTTPS -server { - listen 80; - server_name dev4.4nkweb.com; - - # ACME HTTP-01 challenges - location /.well-known/acme-challenge/ { - root /var/www/letsencrypt; - } - - # Redirection vers HTTPS pour toutes les autres requêtes - location / { - return 301 https://$server_name$request_uri; - } -} diff --git a/conf/nginx_backups_host/dev4.4nkweb.com-https.conf b/conf/nginx_backups_host/dev4.4nkweb.com-https.conf deleted file mode 100644 index 3f86a5d..0000000 --- a/conf/nginx_backups_host/dev4.4nkweb.com-https.conf +++ /dev/null @@ -1,226 +0,0 @@ -# Configuration HTTPS pour dev4.4nkweb.com -server { - listen 443 ssl http2; - server_name dev4.4nkweb.com; - - # Certificats SSL - ssl_certificate /etc/letsencrypt/live/dev4.4nkweb.com/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/dev4.4nkweb.com/privkey.pem; - - # Configuration SSL - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384; - ssl_prefer_server_ciphers off; - ssl_session_cache shared:SSL:10m; - ssl_session_timeout 10m; - - # Headers de sécurité - add_header Strict-Transport-Security "max-age=63072000" always; - add_header X-Frame-Options DENY always; - add_header X-Content-Type-Options nosniff always; - add_header X-XSS-Protection "1; mode=block" always; - - # Grafana - Interface de monitoring (DOIT être avant location /) - location /grafana/ { - proxy_pass http://localhost:3005/; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - # Configuration spécifique pour Grafana - proxy_set_header X-Grafana-Org-Id 1; - - # Support des WebSockets pour les live updates - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - - # Timeouts - proxy_connect_timeout 60s; - proxy_send_timeout 60s; - proxy_read_timeout 60s; - - # Buffer settings - proxy_buffering off; - proxy_request_buffering off; - } - - # Loki API - API de logs (DOIT être avant location /) - location /loki/ { - proxy_pass http://localhost:3100/; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - # CORS pour les requêtes depuis Grafana - add_header Access-Control-Allow-Origin *; - add_header Access-Control-Allow-Methods "GET, POST, OPTIONS"; - add_header Access-Control-Allow-Headers "Content-Type, Authorization"; - - if ($request_method = 'OPTIONS') { - return 204; - } - } - - # Page de statut des services (DOIT être avant location /) - location /status { - # Redirection vers /status/ - return 301 /status/; - } - - location /status/ { - # Serveur statique pour la page HTML - alias /var/www/lecoffre/status/; - index index.html; - try_files $uri $uri/ /status/index.html; - - # Headers de sécurité - add_header X-Frame-Options "SAMEORIGIN" always; - add_header X-Content-Type-Options "nosniff" always; - add_header X-XSS-Protection "1; mode=block" always; - - # Cache pour les assets statiques - location ~* \.(css|js|png|jpg|jpeg|gif|ico|svg)$ { - expires 1h; - add_header Cache-Control "public, immutable"; - } - } - - # API de statut des services (DOIT être avant location /) - location /status/api { - proxy_pass http://localhost:3006/api; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - # CORS pour les requêtes AJAX - add_header Access-Control-Allow-Origin *; - add_header Access-Control-Allow-Methods "GET, POST, OPTIONS"; - add_header Access-Control-Allow-Headers "Content-Type, Authorization"; - - # Timeouts - proxy_connect_timeout 10s; - proxy_send_timeout 10s; - proxy_read_timeout 10s; - - if ($request_method = 'OPTIONS') { - return 204; - } - } - - # API backend - route /back/ vers /api/ du backend - location ~* ^/back/(.*)$ { - proxy_pass http://localhost:8080/api/$1; - proxy_http_version 1.1; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header Connection ""; - proxy_buffering off; - } - - # API direct - route /api/ vers le backend - # Autorisations CORS dynamiques pour origines connues - set $cors_origin ""; - if ($http_origin ~* ^(http://local\.4nkweb\.com:3000|https://dev4\.4nkweb\.com)$) { - set $cors_origin $http_origin; - } - - location /api/ { - # CORS pour développement local Next.js - proxy_hide_header Access-Control-Allow-Origin; - proxy_hide_header Access-Control-Allow-Credentials; - proxy_hide_header Access-Control-Allow-Headers; - proxy_hide_header Access-Control-Allow-Methods; - - if ($request_method = OPTIONS) { - add_header Access-Control-Allow-Origin $cors_origin always; - add_header Access-Control-Allow-Credentials "true" always; - add_header Access-Control-Allow-Headers "Content-Type, x-session-id, Authorization" always; - add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always; - return 204; - } - - add_header Access-Control-Allow-Origin $cors_origin always; - add_header Access-Control-Allow-Credentials "true" always; - add_header Access-Control-Allow-Headers "Content-Type, x-session-id, Authorization" always; - add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always; - - proxy_pass http://dev3.4nkweb.com:8080/api/; - include /etc/nginx/proxy_params; - proxy_read_timeout 300; - proxy_connect_timeout 300; - proxy_send_timeout 300; - } - - # WebSocket relay (sdk_relay) - location /ws/ { - proxy_pass http://localhost:8090/; - proxy_set_header Sec-WebSocket-Key $http_sec_websocket_key; - proxy_set_header Sec-WebSocket-Version $http_sec_websocket_version; - proxy_set_header Sec-WebSocket-Protocol $http_sec_websocket_protocol; - proxy_set_header Sec-WebSocket-Extensions $http_sec_websocket_extensions; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_read_timeout 86400; - } - - # API de transfert de fonds - location /api/v1/funds/ { - proxy_pass http://dev3.4nkweb.com:8080/api/v1/funds/; - include /etc/nginx/proxy_params; - proxy_read_timeout 300; - proxy_connect_timeout 300; - proxy_send_timeout 300; - } - - # favicon - location = /favicon.ico { - root /home/debian/4NK_env/confs/lecoffre_node/nginx/assets; - try_files /favicon.ico =404; - } - - # blindbit - location /blindbit/ { - proxy_pass http://localhost:8000/; - include /etc/nginx/proxy_params; - } - - # lecoffre-front - Application LeCoffre - location = /lecoffre { return 301 /lecoffre/; } - location ^~ /lecoffre/ { - # ensure no redirect here; only proxy to Next - add_header Cache-Control "no-store, no-cache, must-revalidate, max-age=0" always; - add_header Pragma "no-cache" always; - add_header Expires "-1" always; - proxy_hide_header ETag; - proxy_hide_header Last-Modified; - proxy_pass http://localhost:3004; - include /etc/nginx/proxy_params; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_read_timeout 300; - proxy_send_timeout 300; - proxy_connect_timeout 300; - } - - # ihm_client (root) - DOIT être en dernier - location / { - proxy_pass http://localhost:3003; - include /etc/nginx/proxy_params; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_read_timeout 300; - } -} diff --git a/conf/nginx_backups_host/grafana.conf b/conf/nginx_backups_host/grafana.conf deleted file mode 100755 index c3753bb..0000000 --- a/conf/nginx_backups_host/grafana.conf +++ /dev/null @@ -1,49 +0,0 @@ -# Configuration Nginx pour Grafana -server { - listen 80; - server_name dev4.4nkweb.com; - - # Proxy pour Grafana - location /grafana/ { - proxy_pass http://127.0.0.1:3005/; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - # Configuration spécifique pour Grafana - proxy_set_header X-Grafana-Org-Id 1; - - # Support des WebSockets pour les live updates - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - - # Timeouts - proxy_connect_timeout 60s; - proxy_send_timeout 60s; - proxy_read_timeout 60s; - - # Buffer settings - proxy_buffering off; - proxy_request_buffering off; - } - - # Proxy pour Loki (API) - location /loki/ { - proxy_pass http://127.0.0.1:3100/; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - # CORS pour les requêtes depuis Grafana - add_header Access-Control-Allow-Origin *; - add_header Access-Control-Allow-Methods "GET, POST, OPTIONS"; - add_header Access-Control-Allow-Headers "Content-Type, Authorization"; - - if ($request_method = 'OPTIONS') { - return 204; - } - } -} diff --git a/conf/nginx_backups_host/local.4nkweb.com-3000.conf b/conf/nginx_backups_host/local.4nkweb.com-3000.conf deleted file mode 100755 index a4ea511..0000000 --- a/conf/nginx_backups_host/local.4nkweb.com-3000.conf +++ /dev/null @@ -1,64 +0,0 @@ -server { - listen 0.0.0.0:3000; - listen [::]:3000; - server_name local.4nkweb.com; - - # HTTP pur: pas de HTTPS ni HSTS - - # Favicon - location = /favicon.ico { - root /home/debian/lecoffre_node/conf/nginx/assets; - } - - # Compat: callback ID.not sans basePath (toutes variantes et querystring) - location /authorized-client { - proxy_pass http://127.0.0.2:3004/lecoffre/authorized-client; - include /etc/nginx/proxy_params; - proxy_set_header Host $host; - proxy_set_header X-Forwarded-Proto http; - proxy_set_header X-Forwarded-Prefix /lecoffre; - proxy_read_timeout 300; - } - - # Entrée sans slash - location = /lecoffre { - proxy_pass http://127.0.0.2:3004; - include /etc/nginx/proxy_params; - proxy_set_header Host $host; - proxy_set_header X-Forwarded-Proto http; - proxy_set_header X-Forwarded-Prefix /lecoffre; - proxy_read_timeout 300; - } - - # BasePath /lecoffre - location /lecoffre/ { - proxy_pass http://127.0.0.2:3004; - include /etc/nginx/proxy_params; - proxy_set_header Host $host; - proxy_set_header X-Forwarded-Proto http; - proxy_set_header X-Forwarded-Prefix /lecoffre; - proxy_read_timeout 300; - } - - # HMR (si utilisé en local) - location /lecoffre/_next/webpack-hmr { - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_set_header Host $host; - proxy_set_header X-Forwarded-Proto http; - proxy_buffering off; - proxy_pass http://127.0.0.2:3004/lecoffre/_next/webpack-hmr; - proxy_read_timeout 600s; - } - - # Assets Next.js - location ~* ^(/_next/static/|/lecoffre/_next/static/|/.+\.(?:css|js|png|jpg|jpeg|gif|svg|ico|webp|woff2?))$ { - expires 7d; - add_header Cache-Control "public, max-age=604800, immutable" always; - proxy_pass http://127.0.0.2:3004$request_uri; - proxy_set_header Host $host; - proxy_set_header X-Forwarded-Proto http; - proxy_read_timeout 300; - } -} diff --git a/conf/nginx_backups_host/local.4nkweb.com.conf b/conf/nginx_backups_host/local.4nkweb.com.conf deleted file mode 100755 index fb6b90b..0000000 --- a/conf/nginx_backups_host/local.4nkweb.com.conf +++ /dev/null @@ -1,9 +0,0 @@ -server { - listen 80; - server_name local.4nkweb.com; - - # HTTP only: pas de redirection HTTPS, pas d'HSTS - location / { - return 302 http://local.4nkweb.com:3000$request_uri; - } -} diff --git a/conf/nginx_backups_host/nginx.conf b/conf/nginx_backups_host/nginx.conf deleted file mode 100755 index 68a8fd4..0000000 --- a/conf/nginx_backups_host/nginx.conf +++ /dev/null @@ -1,84 +0,0 @@ -user www-data; -worker_processes auto; -worker_cpu_affinity auto; -pid /run/nginx.pid; -error_log /var/log/nginx/error.log; -include /etc/nginx/modules-enabled/*.conf; - -events { - worker_connections 768; - # multi_accept on; -} - -http { - - ## - # Basic Settings - ## - - sendfile on; - tcp_nopush on; - types_hash_max_size 2048; - server_tokens off; # Recommended practice is to turn this off - - # server_names_hash_bucket_size 64; - # server_name_in_redirect off; - - include /etc/nginx/mime.types; - default_type application/octet-stream; - - ## - # SSL Settings - ## - - ssl_protocols TLSv1.2 TLSv1.3; # Dropping SSLv3 (POODLE), TLS 1.0, 1.1 - ssl_prefer_server_ciphers off; # Don't force server cipher order. - - ## - # Logging Settings - ## - - access_log /var/log/nginx/access.log; - - ## - # Gzip Settings - ## - - gzip on; - - # gzip_vary on; - # gzip_proxied any; - # gzip_comp_level 6; - # gzip_buffers 16 8k; - # gzip_http_version 1.1; - # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; - - ## - # Virtual Host Configs - ## - - include /etc/nginx/conf.d/*.conf; - include /etc/nginx/sites-enabled/*; -} - - -#mail { -# # See sample authentication script at: -# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript -# -# # auth_http localhost/auth.php; -# # pop3_capabilities "TOP" "USER"; -# # imap_capabilities "IMAP4rev1" "UIDPLUS"; -# -# server { -# listen localhost:110; -# protocol pop3; -# proxy on; -# } -# -# server { -# listen localhost:143; -# protocol imap; -# proxy on; -# } -#} diff --git a/conf/promtail/promtail.yml b/conf/promtail/promtail.yml deleted file mode 100644 index 05d943f..0000000 --- a/conf/promtail/promtail.yml +++ /dev/null @@ -1,107 +0,0 @@ -server: - http_listen_port: 9080 - grpc_listen_port: 0 - -positions: - filename: /tmp/positions.yaml - -clients: - - url: http://loki:3100/loki/api/v1/push - -scrape_configs: - # Bitcoin Signet Logs - - job_name: bitcoin - static_configs: - - targets: - - localhost - labels: - job: bitcoin - service: bitcoin-signet - __path__: /home/debian/4NK_env/logs/bitcoin/*.log - - # Blindbit Oracle Logs - - job_name: blindbit - static_configs: - - targets: - - localhost - labels: - job: blindbit - service: blindbit-oracle - __path__: /home/debian/4NK_env/logs/blindbit/*.log - - # SDK Relay Logs - - job_name: sdk_relay - static_configs: - - targets: - - localhost - labels: - job: sdk_relay - service: sdk_relay - __path__: /home/debian/4NK_env/logs/sdk_relay/*.log - - # SDK Storage Logs - - job_name: sdk_storage - static_configs: - - targets: - - localhost - labels: - job: sdk_storage - service: sdk_storage - __path__: /home/debian/4NK_env/logs/sdk_storage/*.log - - # LeCoffre Frontend Logs - - job_name: lecoffre-front - static_configs: - - targets: - - localhost - labels: - job: lecoffre-front - service: lecoffre-front - __path__: /home/debian/4NK_env/logs/lecoffre-front/*.log - - # IHM Client Logs - - job_name: ihm_client - static_configs: - - targets: - - localhost - labels: - job: ihm_client - service: ihm_client - __path__: /home/debian/4NK_env/logs/ihm_client/*.log - - # Miner Logs - - job_name: miner - static_configs: - - targets: - - localhost - labels: - job: miner - service: signet_miner - __path__: /home/debian/4NK_env/logs/miner/*.log - - # Tor Logs - - job_name: tor - static_configs: - - targets: - - localhost - labels: - job: tor - service: tor-proxy - __path__: /home/debian/4NK_env/logs/tor/*.log - - # Docker Container Logs - - job_name: docker - docker_sd_configs: - - host: unix:///var/run/docker.sock - refresh_interval: 5s - filters: - - name: label - values: ["com.centurylinklabs.watchtower.enable=true"] - relabel_configs: - - source_labels: ['__meta_docker_container_name'] - regex: '/?(.*)' - target_label: 'container_name' - - source_labels: ['__meta_docker_container_log_stream'] - target_label: 'logstream' - - source_labels: ['__meta_docker_container_label_logging_job_name'] - target_label: 'job' diff --git a/conf/relay/sdk_relay.conf b/conf/relay/sdk_relay.conf deleted file mode 100644 index 7b0c1bd..0000000 --- a/conf/relay/sdk_relay.conf +++ /dev/null @@ -1,11 +0,0 @@ -core_url=http://bitcoin:38332 -ws_url=0.0.0.0:8090 -wallet_name=default -network=signet -blindbit_url=http://blindbit-oracle:8000 -zmq_url=tcp://bitcoin:29000 -storage=https://dev4.4nkweb.com/storage -data_dir=/app/.4nk -bitcoin_data_dir=/app/.bitcoin -bootstrap_url= -bootstrap_faucet=false diff --git a/conf/supervisor/supervisord.conf b/conf/supervisor/supervisord.conf deleted file mode 100644 index 7e36bd8..0000000 --- a/conf/supervisor/supervisord.conf +++ /dev/null @@ -1,52 +0,0 @@ -[supervisord] -nodaemon=true -user=root -logfile=/var/log/supervisor/supervisord.log -pidfile=/var/run/supervisord.pid -childlogdir=/var/log/supervisor - -[unix_http_server] -file=/var/run/supervisor.sock -chmod=0700 - -[supervisorctl] -serverurl=unix:///var/run/supervisor.sock - -[rpcinterface:supervisor] -supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface - -[program:nginx] -command=/usr/sbin/nginx -g "daemon off;" -autostart=true -autorestart=true -stderr_logfile=/var/log/supervisor/nginx.err.log -stdout_logfile=/var/log/supervisor/nginx.out.log -user=root - -[program:docker-compose] -command=/app/scripts/startup.sh -directory=/app -autostart=true -autorestart=true -stderr_logfile=/var/log/supervisor/docker-compose.err.log -stdout_logfile=/var/log/supervisor/docker-compose.out.log -user=appuser -environment=HOME="/app" - -[program:cron] -command=/usr/sbin/cron -f -autostart=true -autorestart=true -stderr_logfile=/var/log/supervisor/cron.err.log -stdout_logfile=/var/log/supervisor/cron.out.log -user=root - -[program:logrotate] -command=/usr/sbin/logrotate /etc/logrotate.d/lecoffre -autostart=true -autorestart=false -startsecs=0 -exitcodes=0 -user=root - - diff --git a/conf/tor/torrc b/conf/tor/torrc deleted file mode 100644 index 79d7018..0000000 --- a/conf/tor/torrc +++ /dev/null @@ -1,21 +0,0 @@ -# Configuration Tor pour LeCoffre Node -# Écoute sur 127.0.0.1 pour la sécurité - -# Port SOCKS pour les connexions sortantes -SOCKSPort 127.0.0.1:9050 - -# Port de contrôle (désactivé pour la sécurité) -# ControlPort 127.0.0.1:9051 - -# Configuration de base -Log notice file /var/log/tor/tor.log -DataDirectory /var/lib/tor - -# Configuration réseau -ClientOnly 1 -SafeLogging 1 -WarnUnsafeSocks 1 - -# Désactiver les services cachés -HiddenServiceDir /var/lib/tor/hidden_service/ -HiddenServicePort 80 127.0.0.1:80 diff --git a/confs/README.md b/confs/README.md deleted file mode 100644 index fc17ee1..0000000 --- a/confs/README.md +++ /dev/null @@ -1,95 +0,0 @@ -# Configuration Centralisée - LeCoffre Node - -Ce dossier contient toutes les configurations centralisées pour les services du projet LeCoffre Node. - -## Structure - -``` -conf/ -├── bitcoin/ # Configuration Bitcoin Signet -│ └── bitcoin.conf -├── relay/ # Configuration SDK Relay -│ └── sdk_relay.conf -├── nginx/ # Configurations Nginx (déjà existantes) -│ └── ... -├── ihm_client/ # Configuration IHM Client -│ └── nginx.dev.conf -├── lecoffre-front/ # Configuration LeCoffre Frontend -└── miner/ # Configuration du mineur -``` - -## Scripts de Gestion - -Les configurations et le déploiement sont gérés via des scripts centralisés : - -- `scripts/sync-configs.sh` : Synchronise toutes les configurations -- `scripts/startup-sequence.sh` : Script principal avec déploiement complet -- `scripts/pre-build.sh` : Prépare l'environnement avant build Docker - -## Avantages - -1. **Centralisation** : Toutes les configurations au même endroit -2. **Cohérence** : Gestion uniforme des paramètres -3. **Maintenance** : Modifications centralisées -4. **Versioning** : Suivi des changements de configuration -5. **Backup** : Sauvegarde centralisée - -## Utilisation - -### Synchronisation manuelle -```bash -# Synchroniser tous les projets -./scripts/sync-configs.sh - -# Synchroniser un projet spécifique -./scripts/sync-configs.sh ihm_client -``` - -### Déploiement complet -```bash -# Déployer tous les projets -./scripts/startup-sequence.sh deploy - -# Déployer un projet spécifique -./scripts/startup-sequence.sh deploy-project ihm_client - -# Déployer avec push des images Docker -PUSH_DOCKER_IMAGES=true ./scripts/startup-sequence.sh deploy -``` - -### Préparation avant build -```bash -# Préparer l'environnement avant build Docker -./scripts/pre-build.sh -``` - -### Commandes de maintenance -```bash -# Mettre à jour toutes les dépendances -./scripts/startup-sequence.sh update-deps - -# Vérifier les fichiers ignore -./scripts/startup-sequence.sh check-ignore - -# Nettoyer les fichiers non suivis -./scripts/startup-sequence.sh clean-untracked - -# Compiler tous les projets -./scripts/startup-sequence.sh compile-all - -# Exécuter tous les tests -./scripts/startup-sequence.sh test-all -``` - -### Modification d'une configuration -1. Éditer le fichier dans `conf/[service]/` -2. Synchroniser avec `./scripts/sync-configs.sh [service]` -3. Redémarrer le service concerné - -## Services Concernés - -- **Bitcoin Signet** : Configuration du nœud Bitcoin -- **SDK Relay** : Configuration du relais WebSocket -- **IHM Client** : Configuration Nginx pour l'interface client -- **LeCoffre Front/Back** : Configurations des services web -- **Mineur** : Configuration du minage Bitcoin diff --git a/docker-compose.certificator.yml b/docker-compose.certificator.yml deleted file mode 100644 index 0e4089e..0000000 --- a/docker-compose.certificator.yml +++ /dev/null @@ -1,77 +0,0 @@ -version: '3.8' - -services: - certificator: - build: - context: ../4NK_certificator - dockerfile: Dockerfile - container_name: 4nk_certificator - environment: - - RUST_LOG=info - ports: - - "0.0.0.0:8082:8082" - volumes: - - /home/debian/4NK_env/lecoffre_node/confs/4nk_certificator/certificator.toml:/app/config.toml:ro - - certificator_data:/app/data - - /home/debian/4NK_env/lecoffre_node/logs/4nk_certificator:/var/log/4nk_certificator - networks: - - btcnet - depends_on: - - certificator_db - - certificator_redis - - sdk_relay - healthcheck: - test: ["CMD", "curl", "-f", "http://localhost:8082/health"] - interval: 30s - timeout: 10s - retries: 3 - start_period: 30s - restart: unless-stopped - labels: - - "com.centurylinklabs.watchtower.enable=true" - - certificator_db: - image: postgres:15-alpine - container_name: 4nk_certificator_db - environment: - POSTGRES_DB: certificator_db - POSTGRES_USER: certificator - POSTGRES_PASSWORD: ${CERTIFICATOR_DB_PASSWORD:-secure_password_change_me} - volumes: - - certificator_pgdata:/var/lib/postgresql/data - networks: - - btcnet - healthcheck: - test: ["CMD-SHELL", "pg_isready -U certificator"] - interval: 10s - timeout: 5s - retries: 5 - restart: unless-stopped - - certificator_redis: - image: redis:7-alpine - container_name: 4nk_certificator_redis - command: redis-server --appendonly yes - volumes: - - certificator_redis:/data - networks: - - btcnet - healthcheck: - test: ["CMD", "redis-cli", "ping"] - interval: 10s - timeout: 5s - retries: 5 - restart: unless-stopped - -volumes: - certificator_data: - name: certificator_data - certificator_pgdata: - name: certificator_pgdata - certificator_redis: - name: certificator_redis - -networks: - btcnet: - external: true - name: 4nk_node_btcnet diff --git a/docker-compose.yml b/docker-compose.yml index 66ce4d5..c02ac82 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -3,7 +3,7 @@ services: image: btcpayserver/tor:0.4.8.10 container_name: tor-proxy volumes: - - /home/debian/4NK_env/lecoffre_node/logs/tor:/var/log/tor + - /home/debian/4NK_env/projects/lecoffre/lecoffre_node/logs/tor:/var/log/tor - /home/debian/4NK_env/scripts/lecoffre_node/healthchecks:/scripts/healthchecks:ro networks: btcnet: @@ -24,8 +24,8 @@ services: condition: service_healthy volumes: - bitcoin_data:/home/bitcoin/.bitcoin - - /home/debian/4NK_env/lecoffre_node/confs/bitcoin/bitcoin.conf:/etc/bitcoin/bitcoin.conf:ro - - /home/debian/4NK_env/lecoffre_node/logs/bitcoin:/var/log/bitcoin + - /home/debian/4NK_env/projects/lecoffre/lecoffre_node/confs/bitcoin/bitcoin.conf:/etc/bitcoin/bitcoin.conf:ro + - /home/debian/4NK_env/projects/lecoffre/lecoffre_node/logs/bitcoin:/var/log/bitcoin - /home/debian/4NK_env/scripts/lecoffre_node/healthchecks:/scripts/healthchecks:ro networks: btcnet: @@ -51,9 +51,9 @@ services: condition: service_healthy volumes: - blindbit_data:/root/.blindbit-oracle - - /home/debian/4NK_env/lecoffre_node/confs/blindbit-oracle/blindbit.toml:/tmp/blindbit.toml:ro + - /home/debian/4NK_env/projects/lecoffre/lecoffre_node/confs/blindbit-oracle/blindbit.toml:/tmp/blindbit.toml:ro - bitcoin_data:/home/bitcoin/.bitcoin - - /home/debian/4NK_env/lecoffre_node/logs/blindbit:/var/log/blindbit + - /home/debian/4NK_env/projects/lecoffre/lecoffre_node/logs/blindbit:/var/log/blindbit - /home/debian/4NK_env/scripts/lecoffre_node/healthchecks:/scripts/healthchecks:ro entrypoint: > sh -c "mkdir -p /root/.blindbit-oracle && @@ -80,16 +80,16 @@ services: image: git.4nkweb.com/4nk/sdk_relay:ext container_name: sdk_relay env_file: - - /home/debian/4NK_env/lecoffre_node/confs/sdk_relay/.env + - /home/debian/4NK_env/projects/lecoffre/lecoffre_node/confs/sdk_relay/.env depends_on: blindbit: condition: service_healthy volumes: - - /home/debian/4NK_env/lecoffre_node/confs/relay/sdk_relay.conf:/app/.conf:ro + - /home/debian/4NK_env/projects/lecoffre/lecoffre_node/confs/relay/sdk_relay.conf:/app/.conf:ro - sdk_data:/app/.4nk - bitcoin_data:/app/.bitcoin - /home/debian/4NK_env/scripts/lecoffre_node/funds:/scripts/funds:ro - - /home/debian/4NK_env/lecoffre_node/logs/sdk_relay:/var/log/sdk_relay + - /home/debian/4NK_env/projects/lecoffre/lecoffre_node/logs/sdk_relay:/var/log/sdk_relay - /home/debian/4NK_env/scripts/lecoffre_node/healthchecks:/scripts/healthchecks:ro ports: - "0.0.0.0:8090:8090" @@ -118,11 +118,11 @@ services: container_name: lecoffre-front working_dir: /leCoffre-front env_file: - - /home/debian/4NK_env/lecoffre_node/confs/lecoffre-front/.env + - /home/debian/4NK_env/projects/lecoffre/lecoffre_node/confs/lecoffre-front/.env ports: - "0.0.0.0:3004:8080" volumes: - - /home/debian/4NK_env/lecoffre_node/logs/lecoffre-front:/var/log/lecoffre-front + - /home/debian/4NK_env/projects/lecoffre/lecoffre_node/logs/lecoffre-front:/var/log/lecoffre-front networks: btcnet: aliases: @@ -148,7 +148,7 @@ services: image: git.4nkweb.com/4nk/ihm_client:ext container_name: ihm_client env_file: - - /home/debian/4NK_env/lecoffre_node/confs/ihm_client/.env + - /home/debian/4NK_env/projects/lecoffre/lecoffre_node/confs/ihm_client/.env environment: - VITE_JWT_SECRET_KEY - VITE_API_BASE_URL @@ -159,7 +159,7 @@ services: ports: - "0.0.0.0:3003:3003" volumes: - - /home/debian/4NK_env/lecoffre_node/logs/ihm_client:/var/log/ihm_client + - /home/debian/4NK_env/projects/lecoffre/lecoffre_node/logs/ihm_client:/var/log/ihm_client networks: btcnet: aliases: @@ -188,7 +188,7 @@ services: - "0.0.0.0:8081:8080" volumes: - sdk_storage_data:/app/data - - /home/debian/4NK_env/lecoffre_node/logs/sdk_storage:/var/log/sdk_storage + - /home/debian/4NK_env/projects/lecoffre/lecoffre_node/logs/sdk_storage:/var/log/sdk_storage healthcheck: test: ["CMD", "sh", "-c", "if curl -f http://localhost:8080/health >/dev/null 2>&1; then echo 'SDK Storage ready: API responding'; exit 0; else echo 'SDK Storage starting: API not yet ready'; exit 1; fi"] interval: 30s @@ -215,16 +215,16 @@ services: signet_miner: build: - context: ./miner + context: ../../../4NK_modules/4NK_miner container_name: signet_miner depends_on: bitcoin: condition: service_healthy env_file: - - /home/debian/4NK_env/lecoffre_node/confs/lecoffre_node/.env + - /home/debian/4NK_env/projects/lecoffre/lecoffre_node/confs/lecoffre_node/.env volumes: - bitcoin_data:/bitcoin:ro - - /home/debian/4NK_env/lecoffre_node/logs/miner:/var/log/miner + - /home/debian/4NK_env/projects/lecoffre/lecoffre_node/logs/miner:/var/log/miner networks: btcnet: aliases: @@ -239,10 +239,10 @@ services: - "0.0.0.0:3005:3000" volumes: - grafana_data:/var/lib/grafana - - /home/debian/4NK_env/lecoffre_node/confs/grafana/provisioning:/etc/grafana/provisioning - - /home/debian/4NK_env/lecoffre_node/confs/grafana/dashboards:/var/lib/grafana/dashboards - - /home/debian/4NK_env/lecoffre_node/confs/grafana/grafana.ini:/etc/grafana/grafana.ini:ro - - /home/debian/4NK_env/lecoffre_node/logs:/var/log/lecoffre:ro + - /home/debian/4NK_env/projects/lecoffre/lecoffre_node/confs/grafana/provisioning:/etc/grafana/provisioning + - /home/debian/4NK_env/projects/lecoffre/lecoffre_node/confs/grafana/dashboards:/var/lib/grafana/dashboards + - /home/debian/4NK_env/projects/lecoffre/lecoffre_node/confs/grafana/grafana.ini:/etc/grafana/grafana.ini:ro + - /home/debian/4NK_env/projects/lecoffre/lecoffre_node/logs:/var/log/lecoffre:ro environment: - GF_SECURITY_ADMIN_PASSWORD=Fuy8ZfxQI2xdSdoB8wsGxNjyU - GF_USERS_ALLOW_SIGN_UP=false @@ -274,7 +274,7 @@ services: - "0.0.0.0:3100:3100" volumes: - loki_data:/loki - - /home/debian/4NK_env/lecoffre_node/confs/loki/loki-config.yaml:/etc/loki/loki-config.yaml:ro + - /home/debian/4NK_env/projects/lecoffre/lecoffre_node/confs/loki/loki-config.yaml:/etc/loki/loki-config.yaml:ro command: -config.file=/etc/loki/loki-config.yaml networks: btcnet: @@ -292,8 +292,8 @@ services: image: grafana/promtail:latest container_name: promtail volumes: - - /home/debian/4NK_env/lecoffre_node/logs:/home/debian/4NK_env/lecoffre_node/logs:ro - - /home/debian/4NK_env/lecoffre_node/confs/promtail/promtail.yml:/etc/promtail/config.yml:ro + - /home/debian/4NK_env/projects/lecoffre/lecoffre_node/logs:/home/debian/4NK_env/projects/lecoffre/lecoffre_node/logs:ro + - /home/debian/4NK_env/projects/lecoffre/lecoffre_node/confs/promtail/promtail.yml:/etc/promtail/config.yml:ro - /var/run/docker.sock:/var/run/docker.sock command: -config.file=/etc/promtail/config.yml networks: @@ -314,7 +314,7 @@ services: # Service de statut des services status-api: build: - context: ./web/status + context: ../../../4NK_modules/4NK_web_status dockerfile: Dockerfile.python container_name: status-api env_file: @@ -322,9 +322,8 @@ services: ports: - "0.0.0.0:3006:3006" volumes: - - ./web/status/api.py:/app/api.py:ro - /var/run/docker.sock:/var/run/docker.sock:ro - - /home/debian/4NK_env/lecoffre_node/logs:/var/log/lecoffre:ro + - /home/debian/4NK_env/projects/lecoffre/lecoffre_node/logs:/var/log/lecoffre:ro - /home/debian/4NK_env/scripts/lecoffre_node/healthchecks:/scripts/healthchecks:ro networks: btcnet: diff --git a/miner/miner.env b/miner/miner.env deleted file mode 100644 index 46c2073..0000000 --- a/miner/miner.env +++ /dev/null @@ -1,4 +0,0 @@ -# Configuration du miner signet -# COINBASE_ADDRESS= # Générer automatiquement -RELAY_ADDRESS=tsp1qqd8k3twmuq3awxjmfukhma36j4la8gzsa8t0dgfms3cfglt2gkz6wqsqpd3d2q4quq59agtyfsr7gj9t07qt0nlrlrzgmhvpn5enfm76fud6sm0y -REWARD_SPLIT_RATIO=0.5 diff --git a/relay/sdk_relay.conf b/relay/sdk_relay.conf deleted file mode 100644 index 7b0c1bd..0000000 --- a/relay/sdk_relay.conf +++ /dev/null @@ -1,11 +0,0 @@ -core_url=http://bitcoin:38332 -ws_url=0.0.0.0:8090 -wallet_name=default -network=signet -blindbit_url=http://blindbit-oracle:8000 -zmq_url=tcp://bitcoin:29000 -storage=https://dev4.4nkweb.com/storage -data_dir=/app/.4nk -bitcoin_data_dir=/app/.bitcoin -bootstrap_url= -bootstrap_faucet=false diff --git a/relay/sdk_relay.conf.exemple b/relay/sdk_relay.conf.exemple deleted file mode 100644 index 707d54c..0000000 --- a/relay/sdk_relay.conf.exemple +++ /dev/null @@ -1,16 +0,0 @@ -core_url="http://bitcoin:38332" -ws_url="0.0.0.0:8090" -wallet_name="default" -network="signet" -blindbit_url="http://localhost:8000" -zmq_url="tcp://bitcoin:29000" -storage="https://dev4.4nkweb.com/storage" -data_dir="/home/bitcoin/.4nk" -bitcoin_data_dir="/home/bitcoin/.bitcoin" -bootstrap_url="ws://dev3.4nkweb.com:8090" -bootstrap_faucet=true -RUST_LOG="DEBUG,reqwest=DEBUG,tokio_tungstenite=DEBUG" -NODE_OPTIONS="--max-old-space-size=2048" - -SIGNER_API_KEY="your-api-key-change-this" -VITE_JWT_SECRET_KEY="52b3d77617bb00982dfee15b08effd52cfe5b2e69b2f61cc4848cfe1e98c0bc9"