Upstra
diff --git a/‎scripts/docker.sh‎
Lines changed: 82 additions & 26 deletions b/‎scripts/docker.sh‎
Lines changed: 82 additions & 26 deletions
diff --git a/‎scripts/setup-env-back.sh‎
Lines changed: 141 additions & 0 deletions b/‎scripts/setup-env-back.sh‎
Lines changed: 141 additions & 0 deletions
diff --git a/‎scripts/setup-env-front.sh‎
Lines changed: 49 additions & 0 deletions b/‎scripts/setup-env-front.sh‎
Lines changed: 49 additions & 0 deletions
@@ -6,52 +6,108 @@ source "$(dirname "${BASH_SOURCE[0]}")/config.sh"
 deploy() {
   mkdir -p "$SCRIPT_DIR/backups" "$SCRIPT_DIR/logs"
 
-  if use_local_db; then
-    echo -e "${YELLOW}DB/Redis en local → Docker ne lancera que backend/monitoring${NC}"
-  else
-    echo -e "${GREEN}Lancement de Postgres+Redis via Docker…${NC}"
-    docker-compose -f docker-compose.prod.yml --env-file "$ENV_FILE" build
-    docker-compose -f docker-compose.prod.yml --env-file "$ENV_FILE" up -d postgres redis
-  fi
+  echo -n "➡️  Déployer le backend ? [Y/n] : "
+  read ans_back
+  ans_back=${ans_back:-Y}
 
-  if use_local_db; then
-    start_backend_local
+  if [[ "$ans_back" =~ ^[Yy]$ ]]; then
+    if use_local_db; then
+      echo -e "${YELLOW}DB/Redis en local → Docker ne lancera que backend/monitoring${NC}"
+      start_backend_local
+    else
+      echo -e "${GREEN}Lancement de Postgres+Redis via Docker…${NC}"
+      docker-compose -f docker-compose.prod.yml --env-file "$ENV_FILE" build
+      docker-compose -f docker-compose.prod.yml --env-file "$ENV_FILE" up -d postgres redis
+      docker-compose -f docker-compose.prod.yml --env-file "$ENV_FILE" up -d backend
+    fi
+
+    if use_monitoring; then
+      docker-compose -f docker-compose.monitoring.yml --env-file "$ENV_FILE" up -d
+      echo -e "${GREEN}Monitoring lancé${NC}"
+    else
+      echo -e "${YELLOW}Monitoring non lancé${NC}"
+    fi
+    echo -e "${GREEN}✅ Backend déployé${NC}"
   else
-    docker-compose -f docker-compose.prod.yml --env-file "$ENV_FILE" up -d backend
+    echo -e "${YELLOW}Backend ignoré${NC}"
   fi
 
-  if use_monitoring; then
-    docker-compose -f docker-compose.monitoring.yml --env-file "$ENV_FILE" up -d
-    echo -e "${GREEN}Monitoring lancé${NC}"
+  echo -n "➡️  Déployer le frontend ? [Y/n] : "
+  read ans_front
+  ans_front=${ans_front:-Y}
+
+  if [[ "$ans_front" =~ ^[Yy]$ ]]; then
+    "$SCRIPT_DIR/scripts/start-front.sh" start
+    echo -e "${GREEN}✅ Frontend déployé${NC}"
   else
-    echo -e "${YELLOW}Monitoring non lancé${NC}"
+    echo -e "${YELLOW}Frontend ignoré${NC}"
   fi
 
   echo -e "${GREEN}✨ Déploiement terminé${NC}"
 }
 
 start() {
-  if use_local_db; then
-    start_backend_local
+  echo -n "➡️  Lancer le backend ? [Y/n] : "
+  read ans_back
+  ans_back=${ans_back:-Y}
+
+  if [[ "$ans_back" =~ ^[Yy]$ ]]; then
+    if use_local_db; then
+      start_backend_local
+    else
+      docker-compose -f docker-compose.prod.yml --env-file "$ENV_FILE" up -d postgres redis backend
+    fi
+    if use_monitoring; then
+      docker-compose -f docker-compose.monitoring.yml --env-file "$ENV_FILE" up -d
+    fi
+    echo -e "${GREEN}🚦 Backend démarré${NC}"
   else
-    docker-compose -f docker-compose.prod.yml --env-file "$ENV_FILE" up -d postgres redis backend
+    echo -e "${YELLOW}Backend ignoré${NC}"
   fi
-  if use_monitoring; then
-    docker-compose -f docker-compose.monitoring.yml --env-file "$ENV_FILE" up -d
+
+  echo -n "➡️  Lancer le frontend ? [Y/n] : "
+  read ans_front
+  ans_front=${ans_front:-Y}
+
+  if [[ "$ans_front" =~ ^[Yy]$ ]]; then
+    "$SCRIPT_DIR/scripts/start-front.sh" start
+    echo -e "${GREEN}🚦 Frontend démarré${NC}"
+  else
+    echo -e "${YELLOW}Frontend ignoré${NC}"
   fi
-  echo -e "${GREEN}🚦 Services démarrés${NC}"
 }
 
+
+
 stop() {
-  if use_local_db; then
-    stop_backend_local
+  echo -n "➡️  Arrêter le backend ? [Y/n] : "
+  read ans_back
+  ans_back=${ans_back:-Y}
+
+  if [[ "$ans_back" =~ ^[Yy]$ ]]; then
+    if use_local_db; then
+      stop_backend_local
+    else
+      docker-compose -f docker-compose.prod.yml --env-file "$ENV_FILE" down --remove-orphans
+    fi
+    if use_monitoring; then
+      docker-compose -f docker-compose.monitoring.yml --env-file "$ENV_FILE" down --remove-orphans
+    fi
+    echo -e "${GREEN}🛑 Backend arrêté${NC}"
   else
-    docker-compose -f docker-compose.prod.yml --env-file "$ENV_FILE" down --remove-orphans
+    echo -e "${YELLOW}Backend non arrêté${NC}"
   fi
-  if use_monitoring; then
-    docker-compose -f docker-compose.monitoring.yml --env-file "$ENV_FILE" down --remove-orphans
+
+  echo -n "➡️  Arrêter le frontend ? [Y/n] : "
+  read ans_front
+  ans_front=${ans_front:-Y}
+
+  if [[ "$ans_front" =~ ^[Yy]$ ]]; then
+    "$SCRIPT_DIR/scripts/start-front.sh" stop
+    echo -e "${GREEN}🛑 Frontend arrêté${NC}"
+  else
+    echo -e "${YELLOW}Frontend non arrêté${NC}"
   fi
-  echo -e "${GREEN}🛑 Services arrêtés${NC}"
 }
 
 status() {
 
@@ -0,0 +1,141 @@
+#!/bin/bash
+set -e
+
+source "$(dirname "${BASH_SOURCE[0]}")/config.sh"
+
+echo -e "${BLUE}🔧 Initialisation de l'environnement${NC}"
+
+if [ ! -f "$ENV_FILE" ]; then
+  cat > "$ENV_FILE" <<EOF
+DB_HOST=localhost
+DB_PORT=5432
+DB_NAME=upstradb
+DB_USERNAME=upstra
+DB_PASSWORD=
+
+REDIS_HOST=localhost
+REDIS_PORT=6379
+REDIS_PASSWORD=
+REDIS_USERNAME=default
+REDIS_TLS=
+
+JWT_SECRET=
+JWT_REFRESH_SECRET=
+SESSION_SECRET=
+JWT_EXPIRATION=1h
+JWT_2FA_TOKEN_EXPIRATION=5m
+JWT_ACCESS_TOKEN_EXPIRATION=15m
+JWT_REFRESH_TOKEN_EXPIRATION=7d
+
+FRONTEND_URL=http://localhost:5173
+BACKEND_URL=http://localhost:8080
+
+RATE_LIMIT_GLOBAL_WINDOW_MS=900000
+RATE_LIMIT_GLOBAL_MAX=1000
+
+RATE_LIMIT_AUTH_WINDOW_MS=900000
+RATE_LIMIT_AUTH_STRICT_MAX=5
+RATE_LIMIT_AUTH_MODERATE_MAX=10
+
+RATE_LIMIT_SENSITIVE_WINDOW_MS=3600000
+RATE_LIMIT_SENSITIVE_MAX=3
+
+RATE_LIMIT_API_WINDOW_MS=300000
+RATE_LIMIT_API_MAX=100
+
+GITHUB_TOKEN=
+
+FRONT_REPO=Upstra/infra-control_front
+BACK_REPO=Upstra/infra-control
+
+USE_LOCAL_DB=true
+USE_MONITORING=false
+EOF
+  echo -e "${GREEN}Fichier $ENV_FILE créé (template)${NC}"
+fi
+
+set -a
+source "$ENV_FILE"
+set +a
+
+read -p "Mot de passe PostgreSQL (vide→générer) : " dbpass
+if [ -z "$dbpass" ]; then
+  dbpass=$(openssl rand -base64 20)
+  echo -e "${YELLOW}Généré : $dbpass${NC}"
+fi
+sed -i "s|^DB_PASSWORD=.*|DB_PASSWORD=$dbpass|" "$ENV_FILE"
+
+read -p "Mot de passe Redis (vide→générer) : " redispass
+if [ -z "$redispass" ]; then
+  redispass=$(openssl rand -base64 20)
+  echo -e "${YELLOW}Généré : $redispass${NC}"
+fi
+sed -i "s|^REDIS_PASSWORD=.*|REDIS_PASSWORD=$redispass|" "$ENV_FILE"
+
+read -p "GitHub Token (pat_xxx…) : " tok && sed -i "s|^GITHUB_TOKEN=.*|GITHUB_TOKEN=$tok|" "$ENV_FILE"
+read -p "Frontend URL [http://localhost:5173] : " fu && [ -n "$fu" ] && sed -i "s|^FRONTEND_URL=.*|FRONTEND_URL=$fu|" "$ENV_FILE"
+read -p "Backend URL  [http://localhost:8080] : " bu && [ -n "$bu" ] && sed -i "s|^BACKEND_URL=.*|BACKEND_URL=$bu|" "$ENV_FILE"
+  
+grep -q '^JWT_SECRET=' "$ENV_FILE" && grep -q '^JWT_SECRET=$' "$ENV_FILE" \
+  && sed -i "s|^JWT_SECRET=.*|JWT_SECRET=$(rand_hex)|" "$ENV_FILE"
+grep -q '^JWT_REFRESH_SECRET=' "$ENV_FILE" && grep -q '^JWT_REFRESH_SECRET=$' "$ENV_FILE" \
+  && sed -i "s|^JWT_REFRESH_SECRET=.*|JWT_REFRESH_SECRET=$(rand_hex)|" "$ENV_FILE"
+grep -q '^SESSION_SECRET=' "$ENV_FILE" && grep -q '^SESSION_SECRET=$' "$ENV_FILE" \
+  && sed -i "s|^SESSION_SECRET=.*|SESSION_SECRET=$(rand_hex)|" "$ENV_FILE"
+
+read -p "Utiliser Postgres/Redis EN LOCAL ? (y/n) : " ans
+if [[ "$ans" =~ ^[Yy]$ ]]; then
+  sed -i 's/^USE_LOCAL_DB=.*/USE_LOCAL_DB=true/' "$ENV_FILE"
+
+  read -p "→ Installer PostgreSQL + uuid-ossp localement ? (y/n) : " ipg
+  if [[ "$ipg" =~ ^[Yy]$ ]]; then
+    echo -e "${YELLOW}Installation PostgreSQL…${NC}"
+
+    sudo dnf install -y postgresql-server postgresql-contrib
+    sudo postgresql-setup --initdb
+    sudo systemctl enable --now postgresql
+
+    PGDATA=$(sudo -u postgres psql -tAc "show data_directory;" | xargs)
+
+    if ! grep -q '^local *all *postgres *peer' "$PGDATA/pg_hba.conf"; then
+      sudo sed -i '1ilocal   all             postgres                                peer' "$PGDATA/pg_hba.conf"
+    fi
+
+    sudo sed -i "s/^\(local.*all.*all.*\)peer/\1md5/" "$PGDATA/pg_hba.conf"
+    sudo sed -i "s/^\(host.*all.*all.*127.0.0.1\/32.*\)ident/\1md5/" "$PGDATA/pg_hba.conf"
+    sudo sed -i "s/^\(host.*all.*all.*::1\/128.*\)ident/\1md5/" "$PGDATA/pg_hba.conf"
+    
+    if ! grep -q "$DB_USERNAME" "$PGDATA/pg_hba.conf"; then
+      echo "host    all    $DB_USERNAME    127.0.0.1/32    md5" | sudo tee -a "$PGDATA/pg_hba.conf"
+    fi
+    sudo systemctl restart postgresql
+    sudo -u postgres psql -c "CREATE EXTENSION IF NOT EXISTS \"uuid-ossp\";"
+    sudo -u postgres psql -tc "SELECT 1 FROM pg_roles WHERE rolname='$DB_USERNAME'" | grep -q 1 || \
+      sudo -u postgres psql -c "CREATE USER $DB_USERNAME WITH PASSWORD '$DB_PASSWORD';"
+    sudo -u postgres psql -tc "SELECT 1 FROM pg_database WHERE datname='$DB_NAME'" | grep -q 1 || \
+      sudo -u postgres psql -c "CREATE DATABASE $DB_NAME OWNER $DB_USERNAME ENCODING 'UTF8' LC_COLLATE='en_US.UTF-8' LC_CTYPE='en_US.UTF-8' TEMPLATE=template0;"
+    sudo -u postgres psql -c "ALTER USER $DB_USERNAME WITH SUPERUSER;"
+    sudo -u postgres psql -c "ALTER USER $DB_USERNAME WITH PASSWORD '$DB_PASSWORD';"
+
+    echo -e "${GREEN}✅ PostgreSQL + uuid-ossp OK${NC}"
+  fi
+  read -p "→ Installer Redis localement ? (y/n) : " ir
+  if [[ "$ir" =~ ^[Yy]$ ]]; then
+    echo -e "${YELLOW}Installation Redis…${NC}"
+    sudo dnf install -y redis
+    sudo systemctl enable --now redis
+    echo -e "${GREEN}✅ Redis OK${NC}"
+  fi
+
+else
+  sed -i 's/^USE_LOCAL_DB=.*/USE_LOCAL_DB=false/' "$ENV_FILE"
+fi
+
+read -p "Démarrer Monitoring (Prometheus + Grafana) ? (y/n) : " mon
+if [[ "$mon" =~ ^[Yy]$ ]]; then
+  sed -i 's/^USE_MONITORING=.*/USE_MONITORING=true/' "$ENV_FILE"
+else
+  sed -i 's/^USE_MONITORING=.*/USE_MONITORING=false/' "$ENV_FILE"
+fi
+
+echo -e "${GREEN}✔ setup-env terminé — vérifiez $ENV_FILE${NC}"
@@ -0,0 +1,49 @@
+#!/bin/bash
+set -e
+
+# Pour les couleurs (optionnel)
+RED='\033[0;31m'; GREEN='\033[0;32m'; YELLOW='\033[1;33m'; BLUE='\033[0;34m'; NC='\033[0m'
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+BACK_ENV="$SCRIPT_DIR/../.env" 
+
+if grep -q "^FRONT_DIR=" "$BACK_ENV"; then
+  FRONT_DIR=$(grep "^FRONT_DIR=" "$BACK_ENV" | cut -d= -f2-)
+  read -p "Chemin du dossier FRONT [actuel: $FRONT_DIR]: " path
+  FRONT_DIR=${path:-$FRONT_DIR}
+else
+  read -p "Chemin du dossier FRONT [par défaut: /home/upstra/infra-control_front]: " path
+  FRONT_DIR=${path:-/home/upstra/infra-control_front}
+fi
+
+if grep -q "^FRONT_DIR=" "$BACK_ENV"; then
+  sed -i "s|^FRONT_DIR=.*|FRONT_DIR=$FRONT_DIR|" "$BACK_ENV"
+else
+  echo "FRONT_DIR=$FRONT_DIR" >> "$BACK_ENV"
+fi
+
+FRONT_ENV="$FRONT_DIR/.env"
+
+echo -e "${BLUE}📝 Configuration de l'environnement FRONT${NC}"
+
+read -p "VITE_API_URL [http://localhost:3000]: " VITE_API_URL
+VITE_API_URL=${VITE_API_URL:-http://localhost:3000}
+
+read -p "VITE_WS_URL [http://localhost:3000]: " VITE_WS_URL
+VITE_WS_URL=${VITE_WS_URL:-http://localhost:3000}
+
+read -p "VITE_FRONT_PORT [4173]: " VITE_FRONT_PORT
+VITE_FRONT_PORT=${VITE_FRONT_PORT:-4173}
+
+if [ ! -d "$FRONT_DIR" ]; then
+  echo -e "${RED}❌ Le dossier front '$FRONT_DIR' n'existe pas.${NC}"
+  exit 1
+fi
+
+cat > "$FRONT_ENV" <<EOF
+VITE_API_URL=$VITE_API_URL
+VITE_WS_URL=$VITE_WS_URL
+VITE_FRONT_PORT=$VITE_FRONT_PORT
+EOF
+
+echo -e "${GREEN}✅ Fichier $FRONT_ENV généré !${NC}"