Mise en place d'ArgoCD : début du transfert des docker compose vers kubern8 ==> suppression du docker compose pour nginx (remplacer par nginx-proxy.yaml

config/alert_rules.yml

@@ -0,0 +1,10 @@
+groups:
+  - name: example
+    rules:
+      - alert: InstanceDown
+        expr: up == 0
+        for: 1m
+        labels:
+          severity: warning
+        annotations:
+          summary: "Instance {{ $labels.instance }} est down"   

config/certs/localhost.crt

@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDhTCCAm2gAwIBAgIUKk7EqWaBULDSrIddvgA/dHeKf4MwDQYJKoZIhvcNAQEL
+BQAwUjELMAkGA1UEBhMCRlIxDjAMBgNVBAgMBUxvY2FsMQ4wDAYDVQQHDAVMb2Nh
+bDEPMA0GA1UECgwGRGV2T3BzMRIwEAYDVQQDDAlsb2NhbGhvc3QwHhcNMjYwMTMx
+MTY0MzAwWhcNMjcwMTMxMTY0MzAwWjBSMQswCQYDVQQGEwJGUjEOMAwGA1UECAwF
+TG9jYWwxDjAMBgNVBAcMBUxvY2FsMQ8wDQYDVQQKDAZEZXZPcHMxEjAQBgNVBAMM
+CWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANyNd6vK
+AkTTjQ4pAnaYS5NG6wknWYGPooaY8s9iUuZNmbY/OBgTizzyH+epnw2zXSLYNI0C
+KCzhSG4uVGGndciFTDJJenI2hHUD0WAgXcSAqMYE+RT5it4QWYA/XiFUVm8FdI8n
+RTjWqH7K0FFDSdjTWyeVL2bzG+W2cROcAvSX6FSA2SkL1eyXlfSash5AMr5FJqWA
+2T+2D6CUW6j/GMPbOR9nhUC8IVDLyB2mUxEoT3AkrEzWs7ImDK0wivziePnv4QO0
+d3cMWgFEy6FVEleh9koG5JdvjAmQPs731ZpUFCYfxRCTwDnPoJpwtUA9+oSoUfQs
+uw17VO3FX+RtcxUCAwEAAaNTMFEwHQYDVR0OBBYEFLrD7TLNialEE0MOS9sdj4+U
+SURsMB8GA1UdIwQYMBaAFLrD7TLNialEE0MOS9sdj4+USURsMA8GA1UdEwEB/wQF
+MAMBAf8wDQYJKoZIhvcNAQELBQADggEBAFCZbZigG9CJ7Ku3QWkcOo0K8WAXP707
+v+D6ls4PjK+wz4F6Vy+GqwD0OTZv3M+qzBjq0xnflHaZ+NItFsYsvjvHVdxlqJOf
+y3+Zq7+GeUlPA0o6LjKYqjQzFxUfvL4f2YK9erD7Aw4A+eOcTNwVM765DmPxtmA6
+AT4KqGY6XmkNFfYM/kGOiijAgKMXb1NdJ2PgCsq1H4ioJ8luJZP0oUmwe3ZvSrvg
+qajXGyzYV+eL4FAJdTeLnsw5k2t6EzsnhPSOyMrFETrrwy83dPA31g4AugAqceCr
+g0/8Z95wxqWJZ9CQl/3hPu/da+mfvc0tppFDmkXuSYGE379Ut8orH74=
+-----END CERTIFICATE-----

config/certs/localhost.key

@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDcjXerygJE040O
+KQJ2mEuTRusJJ1mBj6KGmPLPYlLmTZm2PzgYE4s88h/nqZ8Ns10i2DSNAigs4Uhu
+LlRhp3XIhUwySXpyNoR1A9FgIF3EgKjGBPkU+YreEFmAP14hVFZvBXSPJ0U41qh+
+ytBRQ0nY01snlS9m8xvltnETnAL0l+hUgNkpC9Xsl5X0mrIeQDK+RSalgNk/tg+g
+lFuo/xjD2zkfZ4VAvCFQy8gdplMRKE9wJKxM1rOyJgytMIr84nj57+EDtHd3DFoB
+RMuhVRJXofZKBuSXb4wJkD7O99WaVBQmH8UQk8A5z6CacLVAPfqEqFH0LLsNe1Tt
+xV/kbXMVAgMBAAECggEAGuekDWAVgkVnW+6bRxHhiEwasHFtLQ2zVyWR20QklkUp
+pu6T3nYF4o+r3jQWO9LhXfaPhJMaiQ0La6t5rjcCOo2uQ6Usi4HEi0zFrisMnUPP
+suZY51rguqG2dVtllX3HFICPHUZ+XoZrJBqEKqGhgNKZuFyt3WpzQQTOSwTZZHJo
+ktiwVvv7enfXr3VwG1AMh9xsdpAc6okcxe/deHM5kVL2Vxjc2FSzL7EFmP4aX+Wo
+wRMXIKS50CDiUK3XKSvaml6yU8V2RgUnhOUo6enqYNwisIQwgftpjm2xVPVNN1it
+LpXzF2IJoZTfXxVTb80LJmxr4PzezAxyoDs1kFbxIQKBgQDvE02cnlTvXt0Cdygq
+nlYxOvc80HSELXl482/Q0XVjadXCOTMjxvBiIVadSpjmXdBxPQTXWxlCs7RQmSOY
+ohFwp+6TGxYxkE7TdkKNmXsCsnc7Kev8SDnKEeuto5dYqQcqi7o47vNZOQMV2p87
+Ccv12jqC/qK86PH3ru3TzxXQtQKBgQDsKnsX+/yKHEzTwzebyPLz6jSQ/5PgwAmu
+aQuuVcxscjx8v8n19YH0LwK/N6PY+sfx1kznJhVCqgfTtTMIZp2lYFEgXBvZm1li
+91BpZpl1FkG2Y7KEp477pnpEWKBXIxSeYJo/kQP6sC+bxyMCoEqeMQj04ge/BBFD
+ivorIVN04QKBgC7X4Ggkmc3BD5rREByxo3/H5vOSgJH5ewiY4jrPH6oX7Zs9q+iB
+rU387ESrfiP9E79sTkuH/P4VyenU56Wbc8FYFiXas9GITfme/VFTVkfkAfqkryli
+WXhfZIdEO35SuCW89QL8xs+fnRwmFvbxZ3ZHiRlrnSVYmziFnPHYbJTVAoGAYxY7
+yUdfoO7YySyqI0G/tdk5LvEcsXrBVR0b2oyDFakkec7aRMk6OiKTS3lj1ID77RrV
+71HKL8s5N3laLRco458yypn60WVdrqlHYsG6dybccVMJLqFC25Dw0cZBl+3PE9hC
+P5NvkPnlL73wkYSBajf2oxBG4b0qJSWlav0zj+ECgYBwlnDlew3KHrinAwxC+8g/
+5BhluRTCBOH0pgZGGDL3EQKzoi6g+qohlIoTKihPjeo+PE5LjfzaENjL5RsoA45u
+YPflHsZdAVxvUarjt0GzxobcSGChWmxeQHID7rbY7F9E5bNGu/8tcOBdWD07T0sx
+34EXe/Hq5M88t+13+xvyDg==
+-----END PRIVATE KEY-----

config/nginx.conf

@@ -0,0 +1,61 @@
+# Nombre de processus worker (1 suffit pour un usage local)
+worker_processes 1;
+
+events {
+    worker_connections 1024;
+}
+
+http {
+    include /etc/nginx/mime.types;
+    default_type application/octet-stream;
+
+    sendfile on;
+    keepalive_timeout 65;
+
+    # === Résolution DNS dynamique (clé pour Kubernetes) ===
+    resolver 10.96.0.10 valid=5s ipv6=off;  # IP de CoreDNS
+    resolver_timeout 10s;
+
+    # === Backend : service Kubernetes (port 80, pas 8000) ===
+    upstream backend {
+        zone backend 64k;
+        server devops-app-service.devops-demo.svc.cluster.local:80 resolve;
+    }
+
+    # === REDIRECTION HTTP → HTTPS ===
+    server {
+        listen 80;
+        listen [::]:80;
+        server_name localhost;
+
+        location / {
+            return 301 https://$host$request_uri;
+        }
+    }
+
+    # === SERVEUR HTTPS ===
+    server {
+        listen 443 ssl;
+        server_name localhost;
+
+        ssl_certificate     /etc/nginx/certs/tls.crt;
+        ssl_certificate_key /etc/nginx/certs/tls.key;
+
+        add_header Strict-Transport-Security "max-age=31536000" always;
+        add_header X-Frame-Options SAMEORIGIN;
+        add_header X-Content-Type-Options nosniff;
+
+        location / {
+            proxy_pass http://backend;
+
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+
+            # Support WebSocket
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Connection "upgrade";
+        }
+    }
+}   

config/prometheus.yml

@@ -7,7 +7,7 @@ global:
 
 # Règles d'alerte
 rule_files:
-  # - "alerts.yml"
+  - '/etc/prometheus/alert_rules.yml'   
 
 # Configuration de scraping
 scrape_configs:
@@ -34,8 +34,7 @@ scrape_configs:
     metrics_path: /metrics
     scheme: http
 
-# Alerting (exemple)
-# alerting:
-#   alertmanagers:
-#     - static_configs:
-#         - targets: []
+alerting:
+  alertmanagers:
+    - static_configs:
+        - targets: ['localhost:9093']

docker/docker-compose-db.yml

@@ -15,7 +15,7 @@ services:
       POSTGRES_PASSWORD: devopspass
     volumes:
       - db-data:/var/lib/postgresql/data
-      - ./postgresql:/docker-entrypoint-initdb.d
+      - /c/DevOpsProject/postgresql:/docker-entrypoint-initdb.d   #anciennement "./postgresql:/docker-entrypoint-initdb.d" mais créait un dossier C:\DevOpsProject\docker\
     ports:
       - "5432:5432"
     healthcheck:

docker/docker-compose-nginx.yml

@@ -1,25 +0,0 @@
-x-logging: &default-logging
-  driver: json-file
-  options:
-    max-size: "10m"
-    max-file: "5"
-
-services:
-  nginx:
-    image: nginx:latest
-    restart: unless-stopped
-    ports:
-      - "80:80"
-      - "443:443"
-    volumes:
-      - C:\DevOpsProject\kubernetes\manifests\nginx\nginx.conf:/etc/nginx/nginx.conf:ro
-      - C:\DevOpsProject\kubernetes\manifests\nginx\certs:/etc/nginx/certs:ro
-    
-    networks:
-      - devops-network
-    command: nginx -g "daemon off;"
-    logging: *default-logging
-
-networks:
-  devops-network:
-    external: true   

docker/docker-compose.yml

@@ -41,6 +41,7 @@ services:
       - "9090:9090"
     volumes:
       - ../config/prometheus.yml:/etc/prometheus/prometheus.yml:ro
+      - ../config/alert_rules.yml:/etc/prometheus/alert_rules.yml
       - prometheus-data:/prometheus
     command:
       - '--config.file=/etc/prometheus/prometheus.yml'

docs/DocK8.md

@@ -0,0 +1,64 @@
+# Fonctionnement de docker
+
+exemple : - ../config/prometheus.yml:/etc/prometheus/prometheus.yml:ro VS - '/etc/prometheus/alert_rules.yml'  
+
+Dans Docker, les chemins comme ../config/prometheus.yml:/etc/prometheus/prometheus.yml:ro fonctionnent ainsi :
+
+- À gauche (../config/...) : chemin sur l’hôte (ton PC), relatif au fichier docker-compose.yml
+- À droite (/etc/prometheus/...) : chemin dans le conteneur Linux, où le fichier est accessible 
+Même si le dossier /etc/prometheus n’existe pas à l’origine dans le conteneur, Docker le crée automatiquement lors du montage. 
+
+✅ Le fichier alert_rules.yml est monté dans le même dossier (/etc/prometheus/) → donc accessible via /etc/prometheus/alert_rules.yml
+
+C’est Docker qui gère ce pont entre ton système (Windows) et le conteneur (Linux), sans que tu aies besoin d’un dossier physique prometheus dans le conteneur
+
+✅ Le nom prometheus dans le chemin cible n’a pas besoin d’exister : c’est juste un répertoire Linux standard pour les configs.
+
+
+# fonctionnement de kubern8s
+
+Les espaces de noms argocd et devops-demo ont été supprimés après le reset du cluster.
+
+✅ Cet ordre suit les bonnes pratiques : Namespace → ConfigMap/Secret → Service → Deployment. 
+
+les commandes à exécuter dans l'ordre après un reset de cluster pour éviter les erreurs :
+
+1 - Créer les espaces de noms :
+- kubectl create namespace devops-demo
+- kubectl create namespace argocd
+
+2 - Créer les ConfigMap et Secrets :
+
+- kubectl create configmap app-config -n devops-demo --from-literal=APP_NAME=devops-app
+- kubectl create secret tls nginx-tls -n devops-demo --cert="C:\DevOpsProject\config\certs\localhost.crt" --key="C:\DevOpsProject\config\certs\localhost.key" 
+
+3 - Appliquer les Services (dépendances des Deployments) :
+
+- kubectl apply -f C:\DevOpsProject\kubernetes\manifests\service.yaml -n devops-demo   (sauf si les services sont inclus dans le fichier deployment)
+
+4 - Appliquer les Deployments :
+
+- kubectl apply -f C:\DevOpsProject\kubernetes\manifests\deployment.yaml -n devops-demo   
+
+5 - Installer ArgoCD :
+
+- kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml   
+
+6 - Tester (par défaut OBLIGATOIRE après chaque redemarage) :
+
+- kubectl port-forward svc/argocd-server -n argocd 8080:443 (et laisser cette fenetre active OBLIGATOIRE sinon ça marche pas)
+
+- kubectl get secret argocd-initial-admin-secret -n argocd -o jsonpath="{.data.password}" | base64 --decode   (dans un nouveau terminal et wsl)
+
+# erreur courantes sur windows :
+
+- les chemins
+
+exemple : - kubectl create secret tls nginx-tls -n devops-demo --cert=./certs/tls.crt --key=./certs/tls.key" ==> ❌ erreur  
+
+Pourquoi l’erreur se produit :
+./certs/tls.crt est un chemin relatif depuis votre répertoire actuel (C:\Users\W). 
+
+Après un reset de cluster, les fichiers locaux ne sont pas restaurés automatiquement — seul l’état du cluster Kubernetes est effacé, pas vos fichiers sur disque.
+
+Les certificats que vous avez trouvés (localhost.crt et localhost.key) sont dans C:\DevOpsProject\config\certs, pas dans ./certs. 

docs/ProcédureGit.md

@@ -27,6 +27,7 @@
     - cliq droit "git bash here"
     - "git add ."
     - "git commit -m "détail des modifs"
+    - se connecter pour ouvrir l'accès ==> "url = https://git..." (url ==> C:\DevOpsProject\.git\config)
     - "git push origin main"
 
 

gitea/gitea-data/gitea/queues/common/CURRENT

@@ -1 +1 @@
-MANIFEST-000048
+MANIFEST-000078

gitea/gitea-data/gitea/queues/common/CURRENT.bak

@@ -1 +1 @@
-MANIFEST-000046
+MANIFEST-000076

gitea/gitea-data/gitea/queues/common/LOG

@@ -208,3 +208,129 @@
 16:51:56.927562 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00]
 16:51:56.988766 db@janitor F·3 G·0
 16:51:56.988996 db@open done T·73.514866ms
+=============== Jan 31, 2026 (UTC) ===============
+08:22:38.426767 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed
+08:22:38.453374 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00]
+08:22:38.453856 db@open opening
+08:22:38.455490 journal@recovery F·1
+08:22:38.455921 journal@recovery recovering @47
+08:22:38.465996 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00]
+08:22:38.521682 db@janitor F·3 G·0
+08:22:38.521872 db@open done T·67.859929ms
+=============== Jan 31, 2026 (UTC) ===============
+11:55:35.792163 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed
+11:55:35.803093 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00]
+11:55:35.806251 db@open opening
+11:55:35.809773 journal@recovery F·1
+11:55:35.810029 journal@recovery recovering @49
+11:55:35.812759 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00]
+11:55:35.858997 db@janitor F·3 G·0
+11:55:35.859250 db@open done T·51.950786ms
+=============== Jan 31, 2026 (UTC) ===============
+11:58:02.828545 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed
+11:58:02.834225 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00]
+11:58:02.834665 db@open opening
+11:58:02.836247 journal@recovery F·1
+11:58:02.836582 journal@recovery recovering @51
+11:58:02.839882 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00]
+11:58:02.883691 db@janitor F·3 G·0
+11:58:02.883975 db@open done T·49.127548ms
+=============== Feb 1, 2026 (UTC) ===============
+16:30:00.194319 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed
+16:30:00.225083 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00]
+16:30:00.225693 db@open opening
+16:30:00.235941 journal@recovery F·1
+16:30:00.236266 journal@recovery recovering @53
+16:30:00.239932 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00]
+16:30:00.318623 db@janitor F·3 G·0
+16:30:00.318860 db@open done T·92.7905ms
+=============== Feb 1, 2026 (UTC) ===============
+16:33:43.622116 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed
+16:33:43.629759 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00]
+16:33:43.630332 db@open opening
+16:33:43.634016 journal@recovery F·1
+16:33:43.634301 journal@recovery recovering @55
+16:33:43.637619 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00]
+16:33:43.674783 db@janitor F·3 G·0
+16:33:43.675221 db@open done T·44.600536ms
+=============== Feb 1, 2026 (UTC) ===============
+16:35:40.109849 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed
+16:35:40.115287 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00]
+16:35:40.115809 db@open opening
+16:35:40.120351 journal@recovery F·1
+16:35:40.120751 journal@recovery recovering @57
+16:35:40.122944 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00]
+16:35:40.156973 db@janitor F·3 G·0
+16:35:40.157135 db@open done T·40.797545ms
+=============== Feb 1, 2026 (UTC) ===============
+16:37:35.447083 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed
+16:37:35.456162 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00]
+16:37:35.456821 db@open opening
+16:37:35.459883 journal@recovery F·1
+16:37:35.460123 journal@recovery recovering @59
+16:37:35.463768 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00]
+16:37:35.489102 db@janitor F·3 G·0
+16:37:35.489396 db@open done T·32.354845ms
+=============== Feb 1, 2026 (UTC) ===============
+21:04:28.945168 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed
+21:04:28.969407 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00]
+21:04:28.970167 db@open opening
+21:04:28.971866 journal@recovery F·1
+21:04:28.972547 journal@recovery recovering @61
+21:04:28.981826 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00]
+21:04:29.026841 db@janitor F·3 G·0
+21:04:29.027092 db@open done T·56.680083ms
+=============== Feb 2, 2026 (UTC) ===============
+07:00:31.990137 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed
+07:00:31.996157 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00]
+07:00:31.996607 db@open opening
+07:00:31.998208 journal@recovery F·1
+07:00:31.998508 journal@recovery recovering @63
+07:00:32.004753 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00]
+07:00:32.071963 db@janitor F·3 G·0
+07:00:32.073692 db@open done T·76.9226ms
+=============== Feb 2, 2026 (UTC) ===============
+09:01:42.488932 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed
+09:01:42.510110 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00]
+09:01:42.510429 db@open opening
+09:01:42.513372 journal@recovery F·1
+09:01:42.513822 journal@recovery recovering @65
+09:01:42.517910 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00]
+09:01:42.577390 db@janitor F·3 G·0
+09:01:42.578051 db@open done T·67.50537ms
+=============== Feb 2, 2026 (UTC) ===============
+09:11:19.302281 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed
+09:11:19.316674 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00]
+09:11:19.317028 db@open opening
+09:11:19.320989 journal@recovery F·1
+09:11:19.321901 journal@recovery recovering @67
+09:11:19.327356 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00]
+09:11:19.365505 db@janitor F·3 G·0
+09:11:19.365718 db@open done T·48.050741ms
+=============== Feb 2, 2026 (UTC) ===============
+09:30:15.873707 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed
+09:30:15.892438 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00]
+09:30:15.893098 db@open opening
+09:30:15.905607 journal@recovery F·1
+09:30:15.905903 journal@recovery recovering @69
+09:30:15.913251 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00]
+09:30:15.991850 db@janitor F·3 G·0
+09:30:15.992562 db@open done T·99.341869ms
+=============== Feb 2, 2026 (UTC) ===============
+09:32:24.666264 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed
+09:32:24.677511 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00]
+09:32:24.677892 db@open opening
+09:32:24.681867 journal@recovery F·1
+09:32:24.682198 journal@recovery recovering @71
+09:32:24.686711 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00]
+09:32:24.729919 db@janitor F·3 G·0
+09:32:24.730153 db@open done T·52.126013ms
+=============== Feb 2, 2026 (UTC) ===============
+09:36:15.856900 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed
+09:36:15.866307 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00]
+09:36:15.866819 db@open opening
+09:36:15.877560 journal@recovery F·1
+09:36:15.877972 journal@recovery recovering @73
+09:36:15.880495 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00]
+09:36:15.938267 db@janitor F·3 G·0
+09:36:15.938461 db@open done T·71.478044ms

kubernetes/manifests/deployment.yaml

@@ -22,8 +22,8 @@ spec:
     spec:
       containers:
       - name: app
-        image: devops-app:local  # IMPORTANT : Utiliser l'image locale
-        imagePullPolicy: IfNotPresent  # Ne pas pull depuis Docker Hub
+        image: devops-app:local
+        imagePullPolicy: IfNotPresent
         ports:
         - containerPort: 8000
           name: http
@@ -68,4 +68,61 @@ spec:
     targetPort: 8000
     protocol: TCP
     name: http
-  type: NodePort  # CORRIGÉ : NodePort au lieu de LoadBalancer pour Windows
+  type: NodePort
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nginx-proxy
+  namespace: devops-demo
+  labels:
+    app: nginx-proxy
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: nginx-proxy
+  template:
+    metadata:
+      labels:
+        app: nginx-proxy
+    spec:
+      containers:
+      - name: nginx
+        image: nginx:latest
+        ports:
+        - containerPort: 80
+        - containerPort: 443
+        volumeMounts:
+        - name: nginx-config
+          mountPath: /etc/nginx/nginx.conf
+          subPath: nginx.conf
+        - name: certs
+          mountPath: /etc/nginx/certs
+      volumes:
+      - name: nginx-config
+        configMap:
+          name: nginx-config
+      - name: certs
+        secret:
+          secretName: nginx-tls
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: nginx-service
+  namespace: devops-demo
+spec:
+  selector:
+    app: nginx-proxy
+  ports:
+    - port: 80
+      targetPort: 80
+      protocol: TCP
+      name: http
+    - port: 443
+      targetPort: 443
+      protocol: TCP
+      name: https
+  type: NodePort   

kubernetes/manifests/nginx-proxy.yaml

@@ -23,17 +23,17 @@ spec:
         - containerPort: 443
         volumeMounts:
         - name: config
-          mountPath: /etc/nginx/nginx.conf
+          mountPath: /mnt/c/DevOpsProject/config/nginx.conf
           subPath: nginx.conf
         - name: certs
-          mountPath: /etc/nginx/certs
+          mountPath: /mnt/c/DevOpsProject/config/certs
       volumes:
         - name: config
-        hostPath:
-          path: /run/desktop/mnt/host/c/DevOpsProject/kubernetes/manifests/nginx/nginx.conf
+          configMap:
+            name: nginx-config
         - name: certs
-        hostPath:
-          path: /run/desktop/mnt/host/c/DevOpsProject/kubernetes/manifests/nginx/certs
+          secret:
+            secretName: nginx-tls   
 ---
 apiVersion: v1
 kind: Service
@@ -44,10 +44,12 @@ spec:
   selector:
     app: nginx-proxy
   ports:
-    - protocol: TCP
+    - name: http
+      protocol: TCP
       port: 80
       targetPort: 80
-    - protocol: TCP
+    - name: https
+      protocol: TCP
       port: 443
       targetPort: 443   
   type: NodePort   

kubernetes/manifests/nginx/certs/localhost.crt

@@ -1,22 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDlTCCAn2gAwIBAgIUcEVmwTioAADhqYNcHQ+xvEKsQwswDQYJKoZIhvcNAQEL
-BQAwWjELMAkGA1UEBhMCRlIxFjAUBgNVBAgMDUlsZS1kZS1GcmFuY2UxDjAMBgNV
-BAcMBVBhcmlzMQ8wDQYDVQQKDAZEZXZPcHMxEjAQBgNVBAMMCWxvY2FsaG9zdDAe
-Fw0yNjAxMTkxNTM5MTlaFw0yNzAxMTkxNTM5MTlaMFoxCzAJBgNVBAYTAkZSMRYw
-FAYDVQQIDA1JbGUtZGUtRnJhbmNlMQ4wDAYDVQQHDAVQYXJpczEPMA0GA1UECgwG
-RGV2T3BzMRIwEAYDVQQDDAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDeWVC4CPMt2DE0aI26erPvRGk2Rytmd8kpbLAGu68vkIxDu4Oj
-h4IS1CD8R9IjsaJGz5SaKQHhvYJLxVFQtEcHB9A9Rk+6TNNqodHVgKFngytbAPJ0
-mSPRYjYCnPgVKmm9/g9O1Tza8Adnx2zZjq4wilxymxwIASh98RJxTa6DcehRUP82
-ejT4KRKSAxW4+L1XUwHtw2zSain2dLODe0bu7CPYxCjrvr2KNMa2aPnP2Owo6djx
-qoHedaxZ/zpPInXq6DiofEvM1TQrB9CjHR7OjOE65IzDh2OC2KTpVKgmcDqR/hcK
-KUS7/+PCNlH1tidfwJ2b33GEisLNIWx/5RmtAgMBAAGjUzBRMB0GA1UdDgQWBBTK
-eOgJg8lzv6oS+0mV2bqQ96QJQTAfBgNVHSMEGDAWgBTKeOgJg8lzv6oS+0mV2bqQ
-96QJQTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBabnUoKZ1e
-8fe7uXiHxKnhIsH/C6RoGecETwJZPLE7gVU0J7mA5Bxqk/ssQB6/ykSRqSnjsEM7
-gHGeRgaE93/J99xewTBmmzHJqzr+ETl4vsyUtP4O9ggu1JjijTgB0WpUuBnC+SUp
-4W14nwonTEKY0Qua7U8Lz4PMqWOC1URzQYaQwR3Lw9OFSxPcLHlmGoWYbKrdOMYP
-vBq18DE2JQoCrcC73vee2ABC3DUtqwjWYuOkuEoCbBE33u8EO5tLA84OLsb61zhe
-UuBoAWnNhr+GixzMmetiZoiT3265lZnriXDqor74lEDfuoJkXs/XqBN0x8v6GmkM
-ycLs7NXJOe0L
------END CERTIFICATE-----

kubernetes/manifests/nginx/certs/localhost.key

@@ -1,28 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDeWVC4CPMt2DE0
-aI26erPvRGk2Rytmd8kpbLAGu68vkIxDu4Ojh4IS1CD8R9IjsaJGz5SaKQHhvYJL
-xVFQtEcHB9A9Rk+6TNNqodHVgKFngytbAPJ0mSPRYjYCnPgVKmm9/g9O1Tza8Adn
-x2zZjq4wilxymxwIASh98RJxTa6DcehRUP82ejT4KRKSAxW4+L1XUwHtw2zSain2
-dLODe0bu7CPYxCjrvr2KNMa2aPnP2Owo6djxqoHedaxZ/zpPInXq6DiofEvM1TQr
-B9CjHR7OjOE65IzDh2OC2KTpVKgmcDqR/hcKKUS7/+PCNlH1tidfwJ2b33GEisLN
-IWx/5RmtAgMBAAECggEAF5IpU/Ei8mu2P6OLzsZ+N7GtY6Mkzy6IpTsP6A7Scfzl
-WbLRsC7H074oJwZoGP+WP+J2kucg+3DPFMA8sA0EcJLb+PrwrcPCL84qw/LoaWRG
-3tVZXpHzcZlzN1Czne7KmekKb2V8l4sVheNmvyN4hM3OIhoeXRzeUYeSWG+PPgDN
-KV2s1vvcBtIay7aMs6XUdnKuxea/7j/vNr1NUyc9BYFAAVxbNxmdwus5w80kc0PV
-BXJOvf7SiFoOOP+V+IjrDhnJyeg6qjmzohV/ju6jhOmX9d9raotrPFESIF0CWiHB
-HZHEuXibLU8RqDjjwqVD95KEJdqQpNa6dyFftLMe8QKBgQD5T/zEjkO77X4AzYZD
-Sxbt/hpd+Zgg8KlJdQg636TKWAyfD3Wuq/1ExJNaBOR21nfts6wfXUGV4XfSPWgf
-znfADRBej8mZIyyPxkTnHfL+NMqZo03ZjI8aQB8AZByStNYrNoZ0YIxr94HkGJ+g
-y6IiX4bxkqABMD+LATMDE9m4SQKBgQDkUCu+h4o1gu9Af0sLNFMc4msrRjEDliWQ
-nPeDld7FX4lB9XSOknw4sUEUS2pzcjquHpmPosJ6tjQps28IXnnm9y6KWcVEO0k/
-mrhZnRu9dbL+FQEpPVBS2c7n6tvT0Anrtqt84n5U0ZnWo+AhXVUgG8BOQ2d5V5P2
-c8dlYm7+RQKBgDn5p8Xtb0LcT1jQclBjvclKNcd0qzO9wyAZ3vgR2bhUEVtLtQoR
-ZKwBKmLckGQyK2FTTstcXEwGSl7ReM0srhwy7YOP3EmILGyippM4G7GRhSuFFi1o
-yj5Ieu0UWrCi7MrPuySE7yKMQ+BO+Y/iyqlDnZW/iwW7uosQlFQ64X5BAoGACWYr
-htp5nB5ZzyPuaPWsfkHr+4oWNnmV7lAn+GjRFPsL4YVDWSM6rfLOJRG9vibzt3tX
-AwzGSNr7ZsQWTBfnmNSQO+3aKybtqwqpkDbhj3kq9z7SH2qAxghldjK6/gtQfT21
-7Zw9ayx90tJIRddby8iYsCAiQGKUms7FZK0auKkCgYA+cU0Ju7of0QQ0Mc5qkR/H
-hg09o+0rpiMzDkGUP/4qhKIA0XJ2I+gCS09irwWmYabq4zySbO7gzUh4ItdTl5XL
-qYkE1HghsTiLsWSG/Brm4qH/TeMiZGQP/1O7+r/+9YKyD49jqXu3u4vzF8EiKOVo
-Fh6Y4/3E2Bk0wgbWGynPMg==
------END PRIVATE KEY-----

kubernetes/manifests/nginx/nginx.conf

@@ -1,27 +0,0 @@
-events {
-    worker_connections 1024;
-}
-
-http {
-    server {
-        listen 80;
-        server_name localhost;
-        return 301 https://$host$request_uri;
-    }
-
-    server {
-        listen 443 ssl;
-        server_name localhost;
-
-        ssl_certificate /etc/nginx/certs/localhost.crt;
-        ssl_certificate_key /etc/nginx/certs/localhost.key;
-
-        location / {
-            proxy_pass http://app:8000;
-            proxy_set_header Host $host;
-            proxy_set_header X-Real-IP $remote_addr;
-            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-            proxy_set_header X-Forwarded-Proto $scheme;
-        }
-    }
-}   

monitoring/alertmanager/alertmanager-0.27.0.windows-amd64/LICENSE

@@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

monitoring/alertmanager/alertmanager-0.27.0.windows-amd64/NOTICE

@@ -0,0 +1,18 @@
+Prometheus Alertmanager
+Copyright 2013-2015 The Prometheus Authors
+
+This product includes software developed at
+SoundCloud Ltd. (http://soundcloud.com/).
+
+
+The following components are included in this product:
+
+Bootstrap
+http://getbootstrap.com
+Copyright 2011-2014 Twitter, Inc.
+Licensed under the MIT License
+
+bootstrap-datetimepicker.js
+http://www.eyecon.ro/bootstrap-datepicker
+Copyright 2012 Stefan Petre
+Licensed under the Apache License, Version 2.0

monitoring/alertmanager/alertmanager-0.27.0.windows-amd64/alertmanager.yml

@@ -0,0 +1,16 @@
+route:
+  group_by: ['alertname']
+  group_wait: 30s
+  group_interval: 5m
+  repeat_interval: 1h
+  receiver: 'web.hook'
+receivers:
+  - name: 'web.hook'
+    webhook_configs:
+      - url: 'http://127.0.0.1:5001/'
+inhibit_rules:
+  - source_match:
+      severity: 'critical'
+    target_match:
+      severity: 'warning'
+    equal: ['alertname', 'dev', 'instance']

monitoring/alertmanager/alertmanager.yml

@@ -0,0 +1,10 @@
+route:
+  receiver: 'local-debug'
+  group_by: ['alertname', 'job']
+  group_wait: 30s
+  group_interval: 5m
+  repeat_interval: 1h
+
+receivers:
+  - name: 'local-debug'
+    # Aucune notification active — juste pour le TP local   

scripts/start_other_ctnrs.ps1

@@ -2,8 +2,8 @@ $projectPath = "C:\DevOpsProject\docker"
 $composeFiles = @(
     "docker-compose-db.yml",
     "docker-compose-elk.yml",
-    "docker-compose-gitea.yml",
-    "docker-compose-nginx.yml"
+    "docker-compose-gitea.yml"
+    
 )
 
 foreach ($file in $composeFiles) {

src/app/Dockerfile

@@ -58,7 +58,7 @@ ENV PYTHONDONTWRITEBYTECODE=1
 ENV PYTHONUNBUFFERED=1
 ENV ENV=production
 ENV HOSTNAME=devops-container
-ENV PYTHONPATH="${PYTHONPATH}:/app"
+ENV PYTHONPATH="/app"    
 
 EXPOSE 8000