Téléchargement de la stack complete

.env.exemple

@@ -1,36 +0,0 @@
-# Configuration OVH
-OVH_APP_KEY=
-OVH_APP_SECRET=
-OVH_CONSUMER_KEY=
-OVH_SMS_SERVICE_NAME=
-
-# Configuration SMS Factor
-SMS_FACTOR_TOKEN=
-
-#Configuration Mailchimp
-MAILCHIMP_API_KEY=
-MAILCHIMP_KEY=
-MAILCHIMP_LIST_ID=
-
-#Configuration Stripe
-STRIPE_SECRET_KEY=
-STRIPE_WEBHOOK_SECRET=
-STRIPE_STANDARD_SUBSCRIPTION_PRICE_ID=
-STRIPE_STANDARD_ANNUAL_SUBSCRIPTION_PRICE_ID=
-STRIPE_UNLIMITED_SUBSCRIPTION_PRICE_ID=
-STRIPE_UNLIMITED_ANNUAL_SUBSCRIPTION_PRICE_ID=
-
-# Configuration serveur
-APP_HOST=
-
-# Configuration front-end
-NEXT_PUBLIC_4NK_URL=
-NEXT_PUBLIC_FRONT_APP_HOST=
-NEXT_PUBLIC_IDNOT_BASE_URL=
-NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT=
-NEXT_PUBLIC_IDNOT_CLIENT_ID=
-NEXT_PUBLIC_BACK_API_PROTOCOL=
-NEXT_PUBLIC_BACK_API_HOST=
-BACK_API_PORT=
-BACK_API_ROOT_URL=
-BACK_API_VERSION=

.gitignore

@@ -1 +0,0 @@
-.env

bitcoin/Dockerfile

@@ -0,0 +1,55 @@
+# bitcoin/Dockerfile
+FROM debian:bullseye-slim as builder
+
+# Installation des dépendances
+RUN apt-get update && apt-get install -y \
+    curl \
+    gnupg \
+    && rm -rf /var/lib/apt/lists/*
+
+# Version de Bitcoin Core
+ENV VERSION=24.1
+
+# Téléchargement et vérification de Bitcoin Core
+WORKDIR /tmp
+RUN curl -O https://bitcoincore.org/bin/bitcoin-core-${VERSION}/bitcoin-${VERSION}-x86_64-linux-gnu.tar.gz && \
+    curl -O https://bitcoincore.org/bin/bitcoin-core-${VERSION}/SHA256SUMS.asc && \
+    curl -O https://bitcoincore.org/bin/bitcoin-core-${VERSION}/SHA256SUMS
+
+# Extraction de Bitcoin Core
+RUN tar -xzf bitcoin-${VERSION}-x86_64-linux-gnu.tar.gz
+
+# Image finale
+FROM debian:bullseye-slim
+
+# On redéfinit la version dans l'image finale
+ENV VERSION=24.1
+
+# Installation des dépendances nécessaires
+RUN apt-get update && apt-get install -y \
+    libatomic1 \
+    && rm -rf /var/lib/apt/lists/*
+
+# Créer l'utilisateur et le groupe bitcoin
+RUN groupadd -g 1000 bitcoin && \
+    useradd -m -d /home/bitcoin -g bitcoin bitcoin
+
+# Copie des binaires depuis le builder
+COPY --from=builder /tmp/bitcoin-${VERSION}/bin/bitcoind /usr/local/bin/
+COPY --from=builder /tmp/bitcoin-${VERSION}/bin/bitcoin-cli /usr/local/bin/
+
+# Configuration
+RUN mkdir -p /home/bitcoin/.bitcoin/wallets /home/bitcoin/.bitcoin/signet && \
+    chown -R bitcoin:bitcoin /home/bitcoin/.bitcoin
+COPY bitcoin.conf /home/bitcoin/.bitcoin/bitcoin.conf
+RUN chown bitcoin:bitcoin /home/bitcoin/.bitcoin/bitcoin.conf
+
+VOLUME ["/home/bitcoin/.bitcoin"]
+
+# Exposition des ports (signet)
+EXPOSE 38332 38333 29000 18443
+
+USER bitcoin
+WORKDIR /home/bitcoin
+ENTRYPOINT ["bitcoind", "-conf=/home/bitcoin/.bitcoin/bitcoin.conf", "-signet", "-printtoconsole"]
+

bitcoin/bitcoin.conf

@@ -2,8 +2,8 @@
 datadir=/home/bitcoin/.bitcoin
 server=1
 txindex=1
-#debug=1
+debug=1
-#loglevel=debug
+loglevel=debug
 logthreadnames=1
 signet=1
 onion=tor:9050
@@ -23,8 +23,8 @@ zmqpubrawtx=tcp://0.0.0.0:29000
 [signet]
 listen=1
 bind=0.0.0.0:38333
-rpcbind=0.0.0.0:38332
+rpcbind=0.0.0.0:18443
-rpcport=38332
+rpcport=18443
 fallbackfee=0.0001
 blockfilterindex=1
 datacarriersize=205
@@ -33,9 +33,8 @@ dustrelayfee=0.00000001
 minrelaytxfee=0.00000001
 prune=0
 signetchallenge=0020341c43803863c252df326e73574a27d7e19322992061017b0dc893e2eab90821
+walletdir=/home/bitcoin/.bitcoin/wallets
 wallet=mining
 wallet=watchonly
 maxtxfee=1
 addnode=tlv2yqamflv22vfdzy2hha2nwmt6zrwrhjjzz4lx7qyq7lyc6wfhabyd.onion
-addnode=6xi33lwwslsx3yi3f7c56wnqtdx4v73vj2up3prrwebpwbz6qisnqbyd.onion
-addnode=id7e3r3d2epen2v65jebjhmx77aimu7oyhcg45zadafypr4crqsytfid.onion

blindbit/Dockerfile

@@ -0,0 +1,31 @@
+# blindbit-oracle/Dockerfile
+FROM golang:1.22 as builder
+
+WORKDIR /app
+
+# Cloner le repo blindbit-oracle
+RUN git clone --branch dev --depth 1 https://github.com/setavenger/blindbit-oracle.git .
+
+# Compiler le binaire
+RUN go build -o /go/bin/blindbit-oracle ./src
+
+# Utiliser debian:bookworm-slim qui contient GLIBC 2.34
+FROM debian:bookworm-slim
+
+# Installation des dépendances nécessaires
+RUN apt-get update && apt-get install -y ca-certificates curl && rm -rf /var/lib/apt/lists/*
+
+# Copier le binaire depuis le builder
+COPY --from=builder /go/bin/blindbit-oracle /usr/local/bin/blindbit-oracle
+
+# Créer le répertoire de données
+RUN mkdir -p /data
+
+# Créer le volume pour les données
+VOLUME ["/data"]
+
+# Exposer le port par défaut
+EXPOSE 8000
+
+# Démarrer blindbit-oracle avec le répertoire de données spécifié
+ENTRYPOINT ["blindbit-oracle", "-datadir", "/data"] 

blindbit/blindbit.toml

@@ -5,7 +5,7 @@ host = "0.0.0.0:8000"
 chain = "signet"
 
 # Point d'accès RPC Bitcoin
-rpc_endpoint = "http://bitcoin:38332"
+rpc_endpoint = "http://bitcoin:18443"
 
 # Chemin vers le fichier cookie RPC Bitcoin
 cookie_path = "/home/bitcoin/.bitcoin/signet/.cookie"

docker-compose.yml

@@ -1,3 +1,5 @@
+version: "3.8"
+
 services:
   tor:
     image: dperson/torproxy
@@ -6,62 +8,67 @@ services:
       btcnet:
         aliases:
           - tor
+    ports:
+      - "9052:9050"  # Port SOCKS (9052 sur l'hôte, 9050 dans le conteneur)
     restart: unless-stopped
 
   bitcoin:
-    image: git.4nkweb.com/4nk/bitcoin:latest 
+    build: ./bitcoin
     container_name: bitcoin-signet
     depends_on:
       - tor
     volumes:
       - bitcoin_data:/home/bitcoin/.bitcoin
-      - ./bitcoin/bitcoin.conf:/etc/bitcoin/bitcoin.conf:ro
+      - ./bitcoin/bitcoin.conf:/home/bitcoin/.bitcoin/bitcoin.conf
+    ports:
+      - "38333:38333"  # signet p2p
+      - "18443:18443"  # signet rpc
+      - "29000:29000"  # zmq
     networks:
       btcnet:
         aliases:
           - bitcoin
-    user: root
     entrypoint: >
       /bin/sh -c "
-        chown -R bitcoin:bitcoin /home/bitcoin/.bitcoin || echo 'warn: chown partiel (fichiers bind-mount Windows)';
+      mkdir -p /home/bitcoin/.bitcoin/wallets &&
-        exec su-exec bitcoin bitcoind -conf=/etc/bitcoin/bitcoin.conf -signet"
+      bitcoind -conf=/home/bitcoin/.bitcoin/bitcoin.conf -signet -printtoconsole"
     healthcheck:
-      test: ["CMD", "bitcoin-cli", "-conf=/etc/bitcoin/bitcoin.conf", "getblockchaininfo"]
+      test: ["CMD", "bitcoin-cli", "-conf=/home/bitcoin/.bitcoin/bitcoin.conf", "getblockchaininfo"]
       interval: 30s
       timeout: 10s
       retries: 3
-    restart: unless-stopped
 
   blindbit:
-    image: git.4nkweb.com/4nk/blindbit-oracle:dev
+    build: ./blindbit
     container_name: blindbit-oracle
     depends_on:
       bitcoin:
         condition: service_healthy
     volumes:
-      - blindbit_data:/root/.blindbit-oracle
+      - blindbit_data:/data
-      - ./blindbit/blindbit.toml:/tmp/blindbit.toml:ro
+      - ./blindbit/blindbit.toml:/data/blindbit.toml
       - bitcoin_data:/home/bitcoin/.bitcoin
-    entrypoint: >
+    ports:
-      sh -c "cp /tmp/blindbit.toml /root/.blindbit-oracle/blindbit.toml &&
+      - "8000:8000"
-             ./main"
     networks:
       btcnet:
         aliases:
           - blindbit
-    restart: unless-stopped
 
   sdk_relay:
-    image: git.4nkweb.com/4nk/sdk_relay:dev
+    build:
+      context: .
+      dockerfile: sdk_relay/Dockerfile
     container_name: sdk_relay
     depends_on:
       - blindbit
     volumes:
-      - ./relay/sdk_relay.conf:/home/bitcoin/.conf:ro
-      - sdk_data:/home/bitcoin/.4nk
       - bitcoin_data:/home/bitcoin/.bitcoin
+      - ./bitcoin/bitcoin.conf:/home/bitcoin/.bitcoin/bitcoin.conf
+      - sdk_relay_data:/home/bitcoin/.4nk
     ports:
       - "8090:8090"
+      - "8091:8091"
     networks:
       btcnet:
         aliases:
@@ -72,95 +79,29 @@ services:
         max-size: "10m"
         max-file: "3"
     environment:
+      - RUST_LOG=debug,bitcoincore_rpc=trace
       - HOME=/home/bitcoin
-      - RUST_LOG=DEBUG
+      - BITCOIN_COOKIE_PATH=/home/bitcoin/.bitcoin/signet/.cookie
+    restart: on-failure:3
     entrypoint: >
-      /bin/sh -lc "mkdir -p /home/bitcoin/.4nk/logs && exec /usr/local/bin/sdk_relay --config /home/bitcoin/.conf 2>&1 | tee -a /home/bitcoin/.4nk/logs/sdk_relay.log"
+      /bin/sh -c "
+      mkdir -p /home/bitcoin/.4nk &&
+      strace -f -e trace=file /usr/local/bin/sdk_relay --config .conf"
     healthcheck:
-      test: ["CMD", "curl", "-f", "http://localhost:8090/health"]
+      test: ["CMD", "curl", "-f", "http://localhost:8091/health"]
       interval: 30s
       timeout: 10s
       retries: 3
-    restart: unless-stopped
 
   lecoffre-back:
-    image: git.4nkweb.com/4nk/lecoffre-back-mini:dev
+    image: git.4nkweb.com/4nk/lecoffre-back-mini:latest
     container_name: lecoffre-back
-    env_file:
-      - .env
-    ports:
-      - "8080:8080"
     networks:
       btcnet:
         aliases:
           - lecoffre-back
     labels:
       - "com.centurylinklabs.watchtower.enable=true"
-    restart: unless-stopped
-
-  lecoffre-front:
-    image: git.4nkweb.com/4nk/lecoffre-front:dev
-    container_name: lecoffre-front
-    env_file:
-      - .env
-    ports:
-      - "3000:3000"
-    networks:
-      btcnet:
-        aliases:
-          - lecoffre-front
-    labels:
-      - "com.centurylinklabs.watchtower.enable=true"
-    restart: unless-stopped
-
-  ihm_client:
-    image: git.4nkweb.com/4nk/ihm_client:dev
-    container_name: ihm_client
-    ports:
-      - "3003:3003"
-    networks:
-      btcnet:
-        aliases:
-          - ihm_client
-    labels:
-      - "com.centurylinklabs.watchtower.enable=true"
-    restart: unless-stopped
-
-  sdk_signer:
-    image: git.4nkweb.com/4nk/sdk_signer:dev
-    container_name: sdk_signer
-    env_file:
-      - .env
-    ports:
-      - "9090:9090"
-    networks:
-      btcnet:
-        aliases:
-          - sdk_signer
-    labels:
-      - "com.centurylinklabs.watchtower.enable=true"
-    restart: unless-stopped
-
-  sdk_storage:
-    image: git.4nkweb.com/4nk/sdk_storage:dev
-    container_name: sdk_storage
-    networks:
-      btcnet:
-        aliases:
-          - sdk_storage
-    labels:
-      - "com.centurylinklabs.watchtower.enable=true"
-    restart: unless-stopped
-
-  IA:
-    image: alpine:latest
-    container_name: IA
-    command: tail -f /dev/null
-    networks:
-      btcnet:
-        aliases:
-          - ia
-    restart: unless-stopped
 
   watchtower:
     image: containrrr/watchtower
@@ -170,14 +111,12 @@ services:
     command: --interval 30 --label-enable
     networks:
       - btcnet
-    restart: unless-stopped
 
 volumes:
   bitcoin_data:
     name: 4nk_node_bitcoin_data
   blindbit_data:
-  sdk_data:
+  sdk_relay_data:
-  db_data:
 
 networks:
   btcnet:

installer.nsi

@@ -1,127 +0,0 @@
-;--------------------------------
-; Fichier : installer.nsi
-;--------------------------------
-
-!define MUI_ICON        "kogusico.ico"
-!define MUI_UNICON      "kogusico.ico"
-!define MUI_UNINST_ICON "kogusico.ico"
-!define MUI_UNINSTALLER
-!include "MUI2.nsh"
-!include "LogicLib.nsh"
-
-;--------------------------------
-; Métadonnées produit
-;--------------------------------
-!define PRODUCT_NAME    "Kogus"
-!define PRODUCT_VERSION "1.0.0"
-!define INSTALL_DIR     "$PROGRAMFILES\${PRODUCT_NAME}"
-
-Name "${PRODUCT_NAME} ${PRODUCT_VERSION}"
-!define MUI_PRODUCT "${PRODUCT_NAME}"
-
-; Pages de l’installateur
-!insertmacro MUI_PAGE_WELCOME
-!insertmacro MUI_PAGE_LICENSE "license.txt"
-!insertmacro MUI_PAGE_DIRECTORY
-!insertmacro MUI_PAGE_INSTFILES
-!insertmacro MUI_PAGE_FINISH
-
-; Pages de l’uninstaller
-!insertmacro MUI_UNPAGE_CONFIRM
-!insertmacro MUI_UNPAGE_INSTFILES
-!insertmacro MUI_UNPAGE_FINISH
-
-!insertmacro MUI_LANGUAGE "French"
-
-OutFile "Kogus-${PRODUCT_VERSION}.exe"
-InstallDir "${INSTALL_DIR}"
-RequestExecutionLevel admin
-ShowInstDetails show
-
-Var ExecCode
-
-;--------------------------------
-; Section : Installation
-;--------------------------------
-Section "Install"
-
-  ; 1. Créer le dossier d’installation et copier l’icône
-  SetOutPath "$INSTDIR"
-  File "kogusico.ico"
-
-  ; 2. Copier docker-compose, config et script
-  File ".env"
-  File "docker-compose.yml"
-  File "run.ps1"
-
-  ; 3. Copier relay
-  CreateDirectory "$INSTDIR\relay"
-  SetOutPath    "$INSTDIR\relay"
-  File /r       "relay\*.*"
-
-  ; 4. Copier bitcoin
-  CreateDirectory "$INSTDIR\bitcoin"
-  SetOutPath    "$INSTDIR\bitcoin"
-  File /r       "bitcoin\*.*"
-
-  ; 5. Copier blindbit
-  CreateDirectory "$INSTDIR\blindbit"
-  SetOutPath    "$INSTDIR\blindbit"
-  File /r       "blindbit\*.*"
-
-  ; 6. Créer dossier de logs
-  CreateDirectory "$INSTDIR\logs"
-
-  ; 7. Raccourci Menu Démarrer pour lancer run.ps1
-  CreateDirectory "$SMPROGRAMS\${PRODUCT_NAME}"
-  CreateShortCut "$SMPROGRAMS\${PRODUCT_NAME}\Lancer Kogus.lnk" \
-                 "$INSTDIR\run.ps1" "" \
-                 "$INSTDIR\kogusico.ico" 0
-
-  ; 8. Lancement initial (installe/configure Docker si besoin) + capture code retour
-  ExecWait '"$SYSDIR\WindowsPowerShell\v1.0\powershell.exe" -WindowStyle Hidden -NoProfile -ExecutionPolicy Bypass -File "$INSTDIR\run.ps1"' $ExecCode
-  
-  ; 8bis. Si le script signale 3010 => reboot requis (WSL2/VM Platform, etc.)
-  ${If} $ExecCode = 3010
-    MessageBox MB_ICONQUESTION|MB_YESNO "Un redémarrage est requis pour terminer l'installation de Kogus. Redémarrer maintenant ?" IDYES +2 IDNO +4
-    SetRebootFlag true
-    Reboot
-  ${EndIf}
-
-  ; 9. Auto-démarrage Docker Desktop au login utilisateur
-  WriteRegStr HKCU "Software\Microsoft\Windows\CurrentVersion\Run" \
-               "DockerDesktop" \
-               '"$PROGRAMFILES\Docker\Docker\Docker Desktop.exe" --autostart'
-
-  ; 10. Raccourci dans le dossier Démarrage pour relancer la stack Kogus
-  CreateDirectory "$SMSTARTUP"
-  CreateShortCut "$SMSTARTUP\Relancer Kogus Stack.lnk" \
-                 "$SYSDIR\WindowsPowerShell\v1.0\powershell.exe" \
-                 '-NoProfile -ExecutionPolicy Bypass -File "$INSTDIR\run.ps1"' \
-                 "$INSTDIR\kogusico.ico" 0
-
-  ; 11. Générer l’uninstaller
-  WriteUninstaller "$INSTDIR\Uninstall.exe"
-
-SectionEnd
-
-;--------------------------------
-; Section : Désinstallation
-;--------------------------------
-Section "Uninstall"
-
-  ; Arrêter la stack Docker
-  nsExec::ExecToLog '"$SYSDIR\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -Command "docker compose -f `"$INSTDIR\docker-compose.yml`" down"'
-
-  ; Supprimer tous les fichiers et dossiers
-  RMDir /r "$INSTDIR"
-
-  ; Supprimer le raccourci Menu Démarrer
-  Delete "$SMPROGRAMS\${PRODUCT_NAME}\Lancer Kogus.lnk"
-  RMDir  "$SMPROGRAMS\${PRODUCT_NAME}"
-
-  ; Supprimer le raccourci de démarrage et l’entrée registre
-  Delete "$SMSTARTUP\Relancer Kogus Stack.lnk"
-  DeleteRegValue HKCU "Software\Microsoft\Windows\CurrentVersion\Run" "DockerDesktop"
-
-SectionEnd

license.txt

@@ -1 +0,0 @@
-License Kogus

relay/sdk_relay.conf

@@ -1,9 +0,0 @@
-core_url="http://bitcoin:38332"
-ws_url="0.0.0.0:8090"
-wallet_name="default"
-network="signet"
-blindbit_url="http://blindbit:8000"
-zmq_url="tcp://bitcoin:29000"
-storage="https://demo.4nkweb.com/storage"
-data_dir="/home/bitcoin/.4nk"
-bitcoin_data_dir="/home/bitcoin/.bitcoin"

run.ps1

@@ -1,189 +0,0 @@
-# run.ps1 — installation & démarrage automatiques (Windows)
-# - Installe Docker Desktop si absent
-# - Active WSL2/VirtualMachinePlatform si nécessaire
-# - Démarre Docker Desktop (headless) et attend le daemon
-# - Lance `docker compose up -d`
-# - Enregistre une reprise RunOnce + retourne 3010 si un reboot est requis
-
-Param(
-    [switch]$PostReboot
-)
-
-# --- Sécurité / contexte ---
-$IsAdmin = ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()
-).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
-if (-not $IsAdmin) {
-    Write-Host "Relance en administrateur..."
-    Start-Process -Verb RunAs -FilePath "powershell.exe" -ArgumentList "-NoProfile", "-ExecutionPolicy", "Bypass", "-File", "`"$PSCommandPath`""
-    exit
-}
-[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
-
-# --- Dossiers / chemins ---
-$installRoot = Split-Path -Path $MyInvocation.MyCommand.Path -Parent
-$logDir = Join-Path -Path $installRoot -ChildPath 'logs'
-if (-not (Test-Path $logDir)) { New-Item -ItemType Directory -Path $logDir | Out-Null }
-$PsLog = Join-Path $logDir 'install-ps.log'   # <— log distinct pour éviter le verrou NSIS
-
-Push-Location $installRoot
-
-$ProgramFilesDocker = Join-Path $Env:ProgramFiles 'Docker\Docker'
-$DockerExe = Join-Path $ProgramFilesDocker 'resources\bin\docker.exe'
-$DockerDesktopExe = Join-Path $ProgramFilesDocker 'Docker Desktop.exe'
-$DockerCliExe = Join-Path $ProgramFilesDocker 'DockerCli.exe'
-
-function Write-Log($msg) {
-    $stamp = (Get-Date).ToString("yyyy-MM-dd HH:mm:ss")
-    try { Add-Content -Path $PsLog -Value "$stamp  $msg" -Encoding utf8 -ErrorAction SilentlyContinue } catch { }
-    Write-Host $msg
-}
-
-function Test-PendingReboot {
-    $paths = @(
-        'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\RebootPending',
-        'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\RebootRequired',
-        'HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager'
-    )
-    foreach ($p in $paths) {
-        if (Test-Path $p) {
-            if ($p -like '*Session Manager*') {
-                $val = (Get-ItemProperty -Path $p -Name 'PendingFileRenameOperations' -ErrorAction SilentlyContinue)
-                if ($val) { return $true }
-            }
-            else { return $true }
-        }
-    }
-    return $false
-}
-
-function Register-RunOnce {
-    $runOnceKey = 'HKCU:\Software\Microsoft\Windows\CurrentVersion\RunOnce'
-    New-Item -Path $runOnceKey -Force | Out-Null
-    $cmd = "powershell.exe -NoProfile -ExecutionPolicy Bypass -File `"$PSCommandPath`" -PostReboot"
-    Set-ItemProperty -Path $runOnceKey -Name 'KogusPostInstall' -Value $cmd
-    Write-Log "RunOnce enregistré : $cmd"
-}
-
-function Enable-WSLPrereqs {
-    Write-Log "Activation des fonctionnalités Windows (WSL2 / VirtualMachinePlatform) si nécessaire..."
-    $rebootNeeded = $false
-    & dism.exe /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux /all /norestart | Out-Null
-    if ($LASTEXITCODE -eq 3010) { $rebootNeeded = $true }
-    & dism.exe /online /enable-feature /featurename:VirtualMachinePlatform /all /norestart | Out-Null
-    if ($LASTEXITCODE -eq 3010) { $rebootNeeded = $true }
-    try { wsl.exe --set-default-version 2 > $null 2>&1 } catch { }
-    return $rebootNeeded
-}
-
-function Install-DockerDesktop {
-    if (Test-Path $DockerExe) { return $false }
-    Write-Log "Docker Desktop absent : installation silencieuse…"
-    $installerUrl = 'https://desktop.docker.com/win/main/amd64/Docker%20Desktop%20Installer.exe'
-    $installerPath = Join-Path -Path $installRoot -ChildPath 'docker-installer.exe'
-    try {
-        Invoke-WebRequest -UseBasicParsing -Uri $installerUrl -OutFile $installerPath
-    }
-    catch {
-        Write-Log "Téléchargement direct échoué, tentative via winget…"
-        try {
-            winget --version > $null 2>&1
-            winget install --id Docker.DockerDesktop -e --accept-source-agreements --accept-package-agreements
-            return $true
-        }
-        catch { throw "Impossible de télécharger Docker Desktop ($($_.Exception.Message))." }
-    }
-    $InstallerArguments = @('install', '--quiet', '--accept-license', '--backend=wsl-2', '--always-run-service')  # flags officiels
-    Start-Process -FilePath $installerPath -ArgumentList $InstallerArguments -Wait
-    Remove-Item -Path $installerPath -Force -ErrorAction SilentlyContinue
-    Write-Log "Installation de Docker Desktop terminée."
-    return $true
-}
-
-function Ensure-UserInDockerUsers {
-    try { & net localgroup docker-users $env:USERNAME /add > $null 2>&1 } catch { }
-}
-
-function Start-DockerDesktop-And-Wait {
-    # 1) s'assurer que le service est en auto + démarré
-    try { Set-Service -Name 'com.docker.service' -StartupType Automatic -ErrorAction SilentlyContinue } catch { }
-    try { Start-Service -Name 'com.docker.service' -ErrorAction SilentlyContinue } catch { }
-
-    # 2) démarrage headless via Docker Desktop CLI (4.37+)  → docker desktop start/status/engine use
-    try { & $DockerExe desktop start > $null 2>&1 } catch { }
-    try { & $DockerExe desktop engine use linux > $null 2>&1 } catch { }   # force le moteur Linux
-
-    # 3) boucle d’attente (statut Desktop + daemon Engine)
-    $deadline = (Get-Date).AddMinutes(10)
-    while ((Get-Date) -lt $deadline) {
-        try {
-            $status = (& $DockerExe desktop status 2>$null).Trim()
-            if ($status -match 'running') {
-                & $DockerExe version --format '{{.Server.Version}}' > $null 2>&1
-                if ($LASTEXITCODE -eq 0) {
-                    Write-Log "Docker Desktop: $status (daemon OK)"
-                    return $true
-                }
-            }
-        }
-        catch { }
-        Start-Sleep -Seconds 3
-    }
-
-    # 4) fallback : lancer l’UI si nécessaire (premier démarrage/initialisation WSL)
-    try { Start-Process -FilePath $DockerDesktopExe -ErrorAction SilentlyContinue } catch { }
-    $deadline2 = (Get-Date).AddMinutes(10)
-    while ((Get-Date) -lt $deadline2) {
-        try {
-            & $DockerExe version --format '{{.Server.Version}}' > $null 2>&1
-            if ($LASTEXITCODE -eq 0) { Write-Log "Docker daemon prêt (après lancement UI)."; return $true }
-        }
-        catch { }
-        Start-Sleep -Seconds 3
-    }
-
-    Write-Log "Le daemon Docker ne répond pas (timeout)."
-    return $false
-}
-
-# --- Orchestration ---
-$rebootNeeded = $false
-
-if (-not $PostReboot) {
-    if (Enable-WSLPrereqs) { $rebootNeeded = $true }
-}
-
-$installedNow = $false
-if (-not (Get-Command $DockerExe -ErrorAction SilentlyContinue)) {
-    $installedNow = Install-DockerDesktop
-}
-
-if ($rebootNeeded -or (Test-PendingReboot)) {
-    Write-Log "Un redémarrage Windows est requis. Enregistrement d'une reprise automatique…"
-    Register-RunOnce
-    Pop-Location
-    exit 3010
-}
-
-Ensure-UserInDockerUsers
-if (-not (Start-DockerDesktop-And-Wait)) {
-    Write-Log "Docker n'est pas prêt. Un redémarrage peut être requis."
-    Pop-Location
-    exit 1
-}
-
-# Lancer la stack
-$composeCmd = "`"$DockerExe`" compose"
-Write-Log "Lancement de '$composeCmd up -d'…"
-$runLog = Join-Path -Path $logDir -ChildPath 'run.log'
-& cmd.exe /c "$composeCmd up -d > `"$runLog`" 2>&1"
-if ($LASTEXITCODE -ne 0) {
-    Write-Log "Erreur lors du démarrage. Voir le log : $runLog"
-    Pop-Location
-    exit 1
-}
-else {
-    Write-Log "Stack démarrée. Logs : $runLog"
-}
-
-Pop-Location
-exit 0