Install Pod Cesiumplus971

Bonjour et belle an née :slight_smile:

j avais installé un C+ 1.8.0 depuis plusieurs semaines
un peu laissé de coté car pas trop de temps
ca serait bien de finaliser la chose mais je rame un peu la maintenant
quand je regarde césium dessus mais ca affiche photos profils notifs messages ect

dans les logs
[WARN ][duniter.security ] [Cplus_971] Refused GET request to [/ws/_changes] from {192.168.1.1} - Not an authorized path
[WARN ][duniter.security ] [Cplus_971] Refused GET request to [/ws/event/user/8fYS16KxGNaMy

config apache a revoir j ai testé des choses mais toujours ce message

et
[2023-01-01 09:34:58,646][WARN ][org.duniter.core.client.model.bma.Endpoints] Unable to parse Endpoint: WS2P 2fe8a7ee g1.autissier.net 443 ws2p/
[2023-01-01 09:34:58,646][WARN ][org.duniter.core.client.model.bma.Endpoints] Unable to parse Endpoint: BMAS namarie.nohost.me/ 127.0.0.1 443
[2023-01-01 09:34:58,647][WARN ][org.duniter.core.client.model.bma.Endpoints] Unable to parse Endpoint: BMAS monnaie-libre.ortie.org/bma/ 192.168.1.35
[WARN ][org.duniter.core.client.model.bma.Endpoints] Unable to parse Endpoint: BMAS g1.citoyen.eu 443

endpoints injoignables
je sais pas ou il va récuperer ces hosts mais ce n’est pas les bons

sinon il se synchro sur les 2 autres pods que j ai entré dans la config elastic mais ce n’est pas réciproque
si je modifie un profil depuis ce pod cela n est pas synchronisé sur les 2 autres

et pour le service mail
esce qu il faut installer un serveur mail ou le module fait le job?
pas trouvé d infos j ai testé un peu mais pas concluant

la fiche de pairs
https://cesiumplus971.dns1.us/network/peering

les configs:

# ======================== Elasticsearch Configuration =========================


# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
cluster.name: cesium_plus.971
#
# Host + port, to join your cluster, from external network
#
cluster.remote.host: cesiumplus971.dns1.us
#
# Port for remote access to the cluster (Default: 80)
#
cluster.remote.port: 443
#
# Does remote access need SSL ? (default: 'true' if port=443, 'false' otherwise)
#
cluster.remote.useSsl: true
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node: (default: will be generated)
#
node.name: Cplus_971
#
# Add custom attributes to the node: (Default: none)
#
# node.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
path.data: /home/admindeb/datacesium/data
#
# Path to log files:
#
path.logs: /home/admindeb/datacesium/logs
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
# bootstrap.mlockall: true
#
# Make sure that the `ES_HEAP_SIZE` environment variable is set to about half the memory
# available on the system and that the owner of the process is allowed to use this limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# Set the bind address to a specific IP (IPv4 or IPv6):
#
network.host: 192.168.1.70
#
# Set a custom port for HTTP:
#
http.port: 9711
http.cors.allow-origin: "/.*/"
http.cors.enabled: true
#
# Internal transport layer
#
# transport.tcp.port: 9210-9220
#
# For more information, see the documentation at:
# <http://www.elastic.co/guide/en/elasticsearch/reference/current/modules-network.html>
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when new node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
# discovery.zen.ping.unicast.hosts: ["host1", "host2"]
discovery.zen.ping.unicast.hosts: ["g1.data.le-sou.org", "g1.data.e-is.pro"]
# discovery.seed.hosts:
#      -g1.data.le-sou.org
#
# Prevent the "split brain" by configuring the majority of nodes (total number of nodes / 2 + 1):
#
# discovery.zen.minimum_master_nodes: 1
#
# For more information, see the documentation at:
# <http://www.elastic.co/guide/en/elasticsearch/reference/current/modules-discovery.html>
#
# ---------------------------------- Gateway -----------------------------------
#
# Block initial recovery after a full cluster restart until N nodes are started:
#
# gateway.recover_after_nodes: 3
#
# For more information, see the documentation at:
# <http://www.elastic.co/guide/en/elasticsearch/reference/current/modules-gateway.html>
#
# ---------------------------------- Various -----------------------------------
#
# Disable starting multiple nodes on a single system:
#
# node.max_local_storage_nodes: 1
#
# Require explicit names when deleting indices:
#
# action.destructive_requires_name: true
#
# Security to isolate plugin classpath - /!\ WARNING: should always be DISABLE
#
security.manager.enabled: false
#
# ---------------------------------- Cesium+ Pod ---------------------------------
#
# Enable Cesium+ pod core plugin (default: true)
#
# duniter.enable: false
#
# Endpoint API for core module (indices on blockchain, peers, etc) (default: ES_CORE_API)
#
# duniter.core.api: MY_CUSTOM_API
#
# Delete then create all indices at startup - /!\ WARNING: DO NOT set to true in production
#
# duniter.indices.reload: true
#
# Default string analyzer
#
duniter.string.analyzer: french
#
# Enabling blockchain synchronization (default: true)
#
# duniter.blockchain.enable: true
#
# Enabling blockchain movement indexation ? (default: ${duniter.blockchain.enable})
#
# duniter.blockchain.movement.enable: false
#
# Include/exclude blockchain movement, using regexp on `TX.comment` (default: <empty>)
#
# duniter.blockchain.movement.includes.comment: ["REMU:*", "GANNONCE:*", "GCHANGE:*"]
#
# duniter.blockchain.movement.excludes.comment: ["GANNONCE:CROWDF:*"]
#
# Enabling blockchain peers indexation ? (default: ${duniter.blockchain.enable})
#
# duniter.blockchain.peer.enable: false
#
# Enabling pending memberships indexation ? (default: ${duniter.blockchain.enable})
#
# duniter.blockchain.membership.pending.enable: false
#
# Enable user event on blockchain ? (default: true)
#
# duniter.blockchain.event.user.enable: false
#
# Enable events for the node admin (e.g. node start/stop) (default: true)
#
# duniter.blockchain.event.admin.enable: false
#
# Force blockchain full synchronization - /!\ WARNING: all user events will be reset to 'unread'
#
# duniter.blockchain.reload: true
# duniter.blockchain.reload.from: 18900
# duniter.blockchain.reload.to: 19000
#
# Duniter node address
#
duniter.host: 192.168.1.70
duniter.port: 9710
# duniter.useSsl: true
#
# Network timeout, in millisecond (default: 20000 = 20s)
#
# duniter.network.timeout: 5000
#
# Compute statistics on indices (each hour) ? (default: true)
#
# duniter.stats.enable: false
#
# Software name (used when calling GET request on /node/summary) (default: 'cesium-plus-pod')
#
# duniter.software.name: cesium-plus-pod
#
# ---------------------------------- Cesium+ Pod > security module -------------------
#
# Keyring, use to sign emitted documents (user events, subscription, etc.).
# If not set, random keys will be generated.
#
duniter.keyring.salt: remplacezparvotre*
duniter.keyring.password: motdepasse*
#
# Enable security - will restrict HTTP access to only ES known indices
# /!\ WARNING: should be enable for production use
#
duniter.security.enable: true
#
# Enable quota by IP
# /!\ WARNING: should be enable for production use
#
# duniter.security.quota.enable: false
#
#
# IP address white list (no quota will be applied). Defaults: ["127.0.0.1", "::1"]
#
# duniter.security.whitelist: ["127.0.0.1", "::1"]
#
# IP address black list (never allow access). Defaults: []
#
# duniter.security.blacklist: []
#
# ---------------------------------- Cesium+ Pod > P2P module -------------------------
#
# Enable P2P synchronize between ES peers ? (default: true)
#
# duniter.p2p.enable: false
#
# Enable P2P synchronisation using websocket ? (default: true)
#
# duniter.p2p.ws.enable: false
#
# Time delay (in seconds) to request last documents to peer (e.g. if peer's clock is late). (default: 3600s = 1h)
#
# duniter.p2p.peerTimeOffset: 3600
#
# Enable discovery on network peers, to automatically synchronize this peers (default: true)
#
# duniter.p2p.discovery.enable: false
#
# Pass a list of hosts to always synchronize (default: <empty>)
#
duniter.p2p.includes.endpoints: [   
   "ES_CORE_API g1.data.le-sou.org 443",
   "ES_USER_API g1.data.le-sou.org 443",
   "ES_SUBSCRIPTION_API g1.data.le-sou.org 443",
   "ES_CORE_API g1.data.e-is.pro 443",
   "ES_USER_API g1.data.e-is.pro 443",
   "ES_SUBSCRIPTION_API g1.data.e-is.pro 443"
]
#
# Pass a list of pubkeys to always synchronize (default: <empty>)
#
# duniter.p2p.includes.pubkeys: [
#  "38MEAZN68Pz1DTvT3tqgxx4yQP6snJCQhPqEFxbDk4aE"
# ]
#
# Enable a full synchro. This will compare each documents from other peers.
#
# duniter.p2p.fullResyncAtStartup: true
#
# Peer API to index (default : ["BASIC_MERKLE_API", "BMAS", "WS2P" ] UNION ${duniter.p2p.peering.targetedApis} UNION ${duniter.p2p.peering.publishedApis})
#
# duniter.p2p.peer.indexedApis: ["BASIC_MERKLE_API", "BMAS", "WS2P", "ES_CORE_API", "ES_USER_API", "ES_SUBSCRIPTION_API"]
#
# Enable publishing of pod endpoints to the network (see the peer document in Duniter protocol). (Default: '${duniter.p2p.enable}')
#
duniter.p2p.peering.enable: true
#
# Define targeted API (for peers selection) where to send the peer document (if peering is enable). (Default: ["BASIC_MERKLED_API", "BMAS"])
# This API should accept a POST request to '/network/peering' (will send a peer document - see the Duniter protocol)
#
duniter.p2p.peering.targetedApis: [
  "ES_CORE_API"
 ]
#
# Define cluster API to publish (if peering is enable). By default, all compatible API
#
# duniter.p2p.peering.publishedApis: [
#  "ES_CORE_API", "ES_USER_API", "ES_SUBSCRIPTION_API"
# ]
#
# Interval for publishing peer document to the network, in seconds. (Default: 7200 =2h)
#
# duniter.p2p.peering.interval: 7200
#
# ---------------------------------- Cesium+ Pod > document moderation ---------------
#
# Filter too old document, if time older that 'maxPastDelta' (in seconds). (default: 7200 =2h)
#
# duniter.document.time.maxPastDelta: 7200
#
# Filter document in the future, if time greater that 'maxFutureDelta' (in seconds). (default: 600 =10min)
#
# duniter.document.time.maxFutureDelta: 600
#
# Allow admin (define in duniter.keyring) to delete documents ? (default: true)
#
# duniter.document.moderators.admin: false
#
# Public keys of moderators. Moderators can delete any user documents (profile, page comment, etc.) (default: <empty>)
#
duniter.document.moderators.pubkeys: [
  '38MEAZN68Pz1DTvT3tqgxx4yQP6snJCQhPqEFxbDk4aE', # Benoit Lavenier
  '47JpfrGkoHJWtumeu7f67fbAxkvaHYVQBNo5GszNs61Z', # Bertrand Presles
  'HmH5beJqKGMeotcQUrSW7Wo5tKvAksHmfYXfiSQ9EbWz'  # Le Sou Mayennais
]
#
# ---------------------------------- Cesium+ Pod > Mail module -----------------------
#
# Enable mail module ?
#
duniter.mail.enable: true
#
# Mail: SMTP server configuration (host and port)
#
duniter.mail.smtp.host: localhost
duniter.mail.smtp.port: 25
#
# Mail: SMTP server SSL security
#
# duniter.mail.smtp.ssl: true
# duniter.mail.smtp.starttls: true
#
# Mail: SMTP server authentication
#
# duniter.mail.smtp.username:
# duniter.mail.smtp.password:
#
Mail: 'cesiumplus971'
#
# duniter.mail.from: cesium@plus
#
# Mail: admin address
#
# duniter.mail.admin: user@domain.com
#
# Mail: subject prefix (default: '[Cesium+]')
#
# duniter.mail.subject.prefix: '[Cesium+]'
#
# ---------------------------------- Cesium+ Pod > User module ---------------------------
#
# Enable user module (Allow to store User profile, private message, page, group...) (default: true)
#
# duniter.user.enable: false
#
# Endpoint API for user data (use by P2P synchronization) (default: 'ES_USER_API')
#
# duniter.user.api: MY_CUSTOM_API
#
# Requirements to send abuse report on document (profile, page, etc.)  (default: ['member'])
#
# duniter.user.document.abuse.issuer.requirements: ['wasMember', 'member', 'profile']
#
# Requirements to send likes on document (profile, page, etc.)  (default: empty)
#
# duniter.user.document.like.issuer.requirements: ['wasMember', 'member', 'profile']
#
# ---------------------------------- Cesium+ Pod > Subscription module -------------------
#
# Enable subscription module (Need to enable mail features) (default: true)
#
duniter.subscription.enable: true
#
# Endpoint API for subscription data (use by P2P synchronization) (default: ES_SUBSCRIPTION_API)
#
# duniter.subscription.api: MY_CUSTOM_API
#
# Options to debug this features (DEV only)
#
# duniter.subscription.email.atStartup: false
# duniter.subscription.email.debug: false
#
# Email subscription: Day of the week to trigger weekly (default: 2 = monday)
#
# duniter.subscription.email.dayOfWeek: 2
#
# Email subscription: Hour in day to trigger daily email subscription (default: 3 AM)
#
duniter.subscription.email.hourOfDay: 2
#
# Email subscription: URL to a web site, for links in the email content (default: https://demo.cesium.app)
#
# duniter.subscription.email.link.url: 'https://domain.com/cesium'
#
# Name of the button in the email, to access to notifications (default: 'Cesium')
#
# duniter.subscription.email.link.name: 'My site name'
#
# Email logo (Should be PNG 128x128px)  (default: '${duniter.subscription.email.link.url}/img/logo_128px.png')
#
# duniter.subscription.email.logo.url: https://path/to/logo
#
# Email header background color (default: '${duniter.subscription.email.link.url}/img/logo_128px.png')
#
# duniter.subscription.email.header.background.color: '#1a237e'
#
# ---------------------------------- Cesium+ Pod > Share module -------------------
#
# Share title: `og:site_name` (default: 'Cesium')
#
# duniter.share.site.name: 'Cesium - Ğ1'
#
# URL to a page (default: https://demo.cesium.app/#/app/page/view/{id}/{title} )
# Note: available variables are {id} and {title}
#
# duniter.share.page.link.url: 'https://domain.com/cesium/#/app/page/view/{id}/{title}'
#
# URL to a user profile (default: https://demo.cesium.app/#/app/wot/{pubkey}/{title} )
# Note: available variables are {pubkey} and {title}
#
# duniter.share.user.link.url: 'https://domain.com/cesium/#/app/wot/{pubkey}/{title}'
#
# Default image to share (min size of 200x200px) for `og:image` (default: https://demo.cesium.app/img/logo_200px.png)
#
# duniter.share.image.default.url: 'https://domain.com/cesium/img/logo_200px.png'
#


apache

saisis<VirtualHost *:443>
#ServerAdmin webmaster@my-domain.com
ServerName cesiumplus971.dns1.us


ErrorLog /var/log/apache2/cplus-error.log
LogLevel info
CustomLog /var/log/apache2/cplus-access.log combined

# SSL
#
SSLEngine On

SSLCertificateFile /etc/ssl/certs/cesiumplus971.dns1.us.crt
SSLCertificateKeyFile /etc/ssl/private/cesiumplus971.dns1.us.key

#SSLCertificateFile /etc/ssl/certs/cesiumplus971.dns1.us.pem    
# Theses lines only apply of the rewrite module is enabled.
# This is a security enhancement recommanded by the nessus tool.
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
</IfModule>
<IfModule mod_rewrite.c>
<IfModule mod_proxy.c>

ProxyRequests Off

ProxyPreserveHost On

ProxyPassReverse / http://192.168.1.70:9711/
RewriteRule ^/(.*) http://192.168.1.70:9711/$1 [P,L]

</IfModule>
</IfModule>

<Location />
Order deny,allow
Allow from all
</Location>
</VirtualHost>

#<VirtualHost *:80>

#ServerName cesiumplus971.dns1.us


#Redirect permanent / https://cesiumplus971.dns1.us/

#</VirtualHost>
sez ou collez du code ici

sur debian11 serveur
4core 8go de ram portable de recup sans ecran ni clavier
noeud duniter971 sur la mm machine

voila donc des retours mon coté si ca peut faire avancer nos schmiblik C+
salutations

1 Like

@ENO @christophefender @yann @kimamila

1 Like