nicolas.cantu/4NK_project_template
Template
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
4NK_project_template/docs/CONFIGURATION.md
Nicolas Cantu 6f16f16353 init
2025-08-25 17:27:12 +02:00

213 lines
4.2 KiB
Markdown
Raw Blame History

# ⚙️ Guide de Configuration - 4NK Node
Guide complet pour configurer l'infrastructure 4NK Node selon vos besoins.
## 📋 Configuration Générale
### 1. Variables d'Environnement
Créer un fichier `.env` à la racine du projet :
### 2. Configuration Réseau
#### Réseau Docker Personnalisé
#### Configuration de Pare-feu
## 🔧 Configuration Bitcoin Core
### 1. Configuration de Base
### 2. Configuration Avancée
#### Sécurité
## 🔧 Configuration SSL/TLS
### 1. Certificat Auto-Signé
```bash
# Générer un certificat auto-signé
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes
# Configurer nginx comme proxy SSL
cat > nginx.conf << EOF
server {
listen 443 ssl;
server_name your-domain.com;
ssl_certificate cert.pem;
ssl_certificate_key key.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
location / {
proxy_pass http://localhost:8090;
proxy_http_version 1.1;
proxy_set_header Upgrade \$http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host \$host;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$scheme;
}
}
EOF
```
### 2. Certificat Let's Encrypt
```bash
# Installer certbot
sudo apt install certbot python3-certbot-nginx
# Obtenir un certificat
sudo certbot --nginx -d your-domain.com
# Configuration automatique
sudo certbot renew --dry-run
```
## 🔧 Configuration de Monitoring
### 1. Prometheus
```yaml
# docker-compose.yml addition
services:
prometheus:
image: prom/prometheus:latest
container_name: prometheus
ports:
- "9090:9090"
volumes:
- ./prometheus.yml:/etc/prometheus/prometheus.yml
- prometheus_data:/prometheus
command:
- '--config.file=/etc/prometheus/prometheus.yml'
- '--storage.tsdb.path=/prometheus'
- '--web.console.libraries=/etc/prometheus/console_libraries'
- '--web.console.templates=/etc/prometheus/consoles'
- '--storage.tsdb.retention.time=200h'
- '--web.enable-lifecycle'
grafana:
image: grafana/grafana:latest
container_name: grafana
ports:
- "3000:3000"
volumes:
- grafana_data:/var/lib/grafana
environment:
- GF_SECURITY_ADMIN_PASSWORD=admin
volumes:
prometheus_data:
grafana_data:
```
### 2. Configuration Prometheus
Fichier : `prometheus.yml`
```yaml
global:
scrape_interval: 15s
evaluation_interval: 15s
rule_files:
# - "first_rules.yml"
# - "second_rules.yml"
scrape_configs:
- job_name: 'bitcoin'
static_configs:
- targets: ['bitcoin:18443']
- job_name: 'blindbit'
static_configs:
- targets: ['blindbit:8000']
- job_name: 'sdk_relay'
static_configs:
- targets: ['sdk_relay_1:8091']
```
## 🔧 Configuration de Sauvegarde
### 1. Script de Sauvegarde
```bash
#!/bin/bash
# backup_4nk.sh
DATE=$(date +%Y%m%d_%H%M%S)
BACKUP_DIR="/backup/4nk_node_$DATE"
mkdir -p $BACKUP_DIR
```
### 2. Configuration Cron
```bash
# Ajouter au cron pour sauvegarde automatique
```
## 🔧 Configuration de Logs
### 1. Rotation des Logs
```bash
# Configuration logrotate
```
### 2. Centralisation des Logs
```yaml
# docker-compose.yml addition
services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.17.0
container_name: elasticsearch
environment:
- discovery.type=single-node
ports:
- "9200:9200"
volumes:
- elasticsearch_data:/usr/share/elasticsearch/data
kibana:
image: docker.elastic.co/kibana/kibana:7.17.0
container_name: kibana
ports:
- "5601:5601"
depends_on:
- elasticsearch
filebeat:
image: docker.elastic.co/beats/filebeat:7.17.0
container_name: filebeat
volumes:
- /var/lib/docker/containers:/var/lib/docker/containers:ro
- ./filebeat.yml:/usr/share/filebeat/filebeat.yml:ro
depends_on:
- elasticsearch
volumes:
elasticsearch_data:
```
## 📝 Checklist de Configuration
## 🎯 Commandes de Configuration
---
Reference in New Issue View Git Blame Copy Permalink