4.2 KiB
4.2 KiB
⚙️ Guide de Configuration - 4NK Node
Guide complet pour configurer l'infrastructure 4NK Node selon vos besoins.
📋 Configuration Générale
1. Variables d'Environnement
Créer un fichier .env à la racine du projet :
2. Configuration Réseau
Réseau Docker Personnalisé
Configuration de Pare-feu
🔧 Configuration Bitcoin Core
1. Configuration de Base
2. Configuration Avancée
Sécurité
🔧 Configuration SSL/TLS
1. Certificat Auto-Signé
# Générer un certificat auto-signé
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes
# Configurer nginx comme proxy SSL
cat > nginx.conf << EOF
server {
listen 443 ssl;
server_name your-domain.com;
ssl_certificate cert.pem;
ssl_certificate_key key.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
location / {
proxy_pass http://localhost:8090;
proxy_http_version 1.1;
proxy_set_header Upgrade \$http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host \$host;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$scheme;
}
}
EOF
2. Certificat Let's Encrypt
# Installer certbot
sudo apt install certbot python3-certbot-nginx
# Obtenir un certificat
sudo certbot --nginx -d your-domain.com
# Configuration automatique
sudo certbot renew --dry-run
🔧 Configuration de Monitoring
1. Prometheus
# docker-compose.yml addition
services:
prometheus:
image: prom/prometheus:latest
container_name: prometheus
ports:
- "9090:9090"
volumes:
- ./prometheus.yml:/etc/prometheus/prometheus.yml
- prometheus_data:/prometheus
command:
- '--config.file=/etc/prometheus/prometheus.yml'
- '--storage.tsdb.path=/prometheus'
- '--web.console.libraries=/etc/prometheus/console_libraries'
- '--web.console.templates=/etc/prometheus/consoles'
- '--storage.tsdb.retention.time=200h'
- '--web.enable-lifecycle'
grafana:
image: grafana/grafana:latest
container_name: grafana
ports:
- "3000:3000"
volumes:
- grafana_data:/var/lib/grafana
environment:
- GF_SECURITY_ADMIN_PASSWORD=admin
volumes:
prometheus_data:
grafana_data:
2. Configuration Prometheus
Fichier : prometheus.yml
global:
scrape_interval: 15s
evaluation_interval: 15s
rule_files:
# - "first_rules.yml"
# - "second_rules.yml"
scrape_configs:
- job_name: 'bitcoin'
static_configs:
- targets: ['bitcoin:18443']
- job_name: 'blindbit'
static_configs:
- targets: ['blindbit:8000']
- job_name: 'sdk_relay'
static_configs:
- targets: ['sdk_relay_1:8091']
🔧 Configuration de Sauvegarde
1. Script de Sauvegarde
#!/bin/bash
# backup_4nk.sh
DATE=$(date +%Y%m%d_%H%M%S)
BACKUP_DIR="/backup/4nk_node_$DATE"
mkdir -p $BACKUP_DIR
2. Configuration Cron
# Ajouter au cron pour sauvegarde automatique
🔧 Configuration de Logs
1. Rotation des Logs
# Configuration logrotate
2. Centralisation des Logs
# docker-compose.yml addition
services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.17.0
container_name: elasticsearch
environment:
- discovery.type=single-node
ports:
- "9200:9200"
volumes:
- elasticsearch_data:/usr/share/elasticsearch/data
kibana:
image: docker.elastic.co/kibana/kibana:7.17.0
container_name: kibana
ports:
- "5601:5601"
depends_on:
- elasticsearch
filebeat:
image: docker.elastic.co/beats/filebeat:7.17.0
container_name: filebeat
volumes:
- /var/lib/docker/containers:/var/lib/docker/containers:ro
- ./filebeat.yml:/usr/share/filebeat/filebeat.yml:ro
depends_on:
- elasticsearch
volumes:
elasticsearch_data: