svg

2025-07-27 15:45:31 +00:00 · 2025-07-27 15:05:10 +00:00 · 2025-07-27 16:25:41 +02:00 · 2025-07-26 18:22:49 +00:00 · 2025-07-26 17:20:03 +02:00 · 2025-04-09 22:10:05 +02:00
362 changed files with 2385 additions and 478 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,53 +1,35 @@
 **/.env.local
 **/.env.merge
-docker-compose.yml
+/docker-compose.yml
-/services/10-nineapache/volume/apache
+/services/10-nineapache/volume
 /services/15-mariadb/volume/mysql
 /services/30-minio/volume/data
 /services/30-openldap/volume/data
 /services/30-openldap/volume/nine/ldif/nine.ldif
 /services/30-redis/volume
 /services/40-keycloak/volume/realm/realm-export.json
 /services/50-keeweb/volume
 /services/50-komga/volume
 /services/50-nextcloud/volume/data
 /services/50-nextcloud/volume/html
 /services/50-nextcloud/volume/app
-/services/50-nineboard/volume/data/private/*
+/services/50-nineboard/volume/data
-!/services/50-nineboard/volume/data/private/.gitkeep
+/services/50-ninecompta/volume/data
-/services/50-nineboard/volume/data/public/*
+/services/50-ninefolio/volume/data
-!/services/50-nineboard/volume/data/public/avatar
+/services/50-ninefolio/volume/apache
-/services/50-nineboard/volume/data/public/avatar/*
+/services/50-ninegate/volume/data
-!/services/50-nineboard/volume/data/public/avatar/admin.jpg
+/services/50-nineschool/volume/data
 !/services/50-nineboard/volume/data/public/avatar/noavatar.png
 !/services/50-nineboard/volume/data/public/avatar/system.jpg
 !/services/50-nineboard/volume/data/public/logo
 /services/50-nineboard/volume/data/public/logo/*
 !/services/50-nineboard/volume/data/public/logo/logo.png
 /services/50-ninegate/volume/data/private/*
 !/services/50-ninegate/volume/data/private/.gitkeep
 /services/50-ninegate/volume/data/public/*
 !/services/50-ninegate/volume/data/public/avatar
 /services/50-ninegate/volume/data/public/avatar/*
 !/services/50-ninegate/volume/data/public/avatar/admin.jpg
 !/services/50-ninegate/volume/data/public/avatar/noavatar.png
 !/services/50-ninegate/volume/data/public/avatar/system.jpg
 !/services/50-ninegate/volume/data/public/logo
 /services/50-ninegate/volume/data/public/logo/*
 !/services/50-ninegate/volume/data/public/logo/logo.png
 !/services/50-ninegate/volume/data/public/header
 /services/50-ninegate/volume/data/public/header/*
 !/services/50-ninegate/volume/data/public/header/header.png
 !/services/50-ninegate/volume/data/public/icon
 /services/50-ninegate/volume/data/public/icon/*
 !/services/50-ninegate/volume/data/public/icon/icon_*.png
 /services/50-nineskeletor/volume/data/private/*
 !/services/50-nineskeletor/volume/data/private/.gitkeep
--- a/env/.env
+++ b/env/.env
@ -14,6 +14,7 @@ RELEASE_SYSTEM=linux
 APP_ENV=PROD
 WEB_URL=nine.local
 PROTOCOLE=https
 REDIRECT_PATH=/ninegate
 # ADMIN USER
 ADMIN_USER=admin
@ -21,40 +22,45 @@ ADMIN_PASSWORD=changeme
 ADMIN_EMAIL=admin@noreply.fr
 # MASTERIDENTITY
-# SQL or SSO or (to do LDAP)
+# SQL or SSO or LDAP
 MASTERIDENTITY=SQL
 # AUTHENTIFICATION
 # SQL or CAS (todo LDAP or OPENID)
 MODE_AUTH=CAS
 # REGISTRATION
 # none or byadmin or byuser
 MODEREGISTRATION=byadmin
 # SERVER SMTP
 MAILER_DSN=sendmail://default
 # NINEAPACHE
 # Il sert de reverse proxy
 NINEAPACHE_SERVICE_NAME=nineapache
 NINEAPACHE_ACTIVATE=1
 NINEAPACHE_LOCAL=1
 NINEAPACHE_LETSENCRYPT=0
 # FAKESMTP
 # fake-smtp server
 FAKESMTP_SERVICE_NAME=fakesmtp
 FAKESMTP_ACTIVATE=0
 FAKESMTP_LOCAL=0
 FAKESMTP_URL=${PROTOCOLE}://${WEB_URL}/fakesmtp
 # MTA
 # passerelle courriel
 MTA_SERVICE_NAME=mta
-MTA_ACTIVATE=1
+MTA_ACTIVATE=0
 MTA_LOCAL=1
 MTA_RELAY_HOST=
 MTA_RELAY_PORT=
 MTA_RELAY_USER="user"
 MTA_RELAY_HOST="$FAKESMTP_SERVICE_NAME"
 MTA_RELAY_PORT=2525
 # DEBUGING MTA
 # fake-smtp server
 FAKE_SMTP_NAME=fakesmtp
 FAKE_SMTP_LOCAL=1
 FAKE_SMTP_ACTIVATE=1
 # si actif, il faut sans doute l’utiliser
 # comme passerelle pour le service MTA
 if [ "$FAKE_SMTP_ACTIVATE" -eq 1 ]
 then
    MTA_RELAY_HOST="$FAKE_SMTP_NAME"
    MTA_RELAY_PORT=2525
 fi
 # MARIADB
 MARIADB_SERVICE_NAME=mariadb
@ -73,9 +79,16 @@ REDIS_LOCAL=1
 REDIS_HOST=${REDIS_SERVICE_NAME}
 REDIS_PORT=6379
 # SENTINEL
 SENTINEL_SERVICE_NAME=sentinel
 SENTINEL_ACTIVATE=0
 SENTINEL_LOCAL=1
 SENTINEL_HOST=${SENTINEL_SERVICE_NAME}
 SENTINEL_PORT=26379
 # MINIO
 MINIO_SERVICE_NAME=minio
-MINIO_ACTIVATE=1
+MINIO_ACTIVATE=0
 MINIO_LOCAL=1
 MINIO_HOST=${MINIO_SERVICE_NAME}
 MINIO_PORT=9000
@ -97,41 +110,61 @@ LDAP_BASEDN=dc=nine,dc=org
 LDAP_ADMIN_USERNAME=${ADMIN_USER}
 LDAP_USER=cn=${LDAP_ADMIN_USERNAME},${LDAP_BASEDN}
 LDAP_PASSWORD=${ADMIN_PASSWORD}
-LDAP_BASEORGANISATION=ou=ninegate,${LDAP_BASEDN}
+LDAP_OUORGANISATION=nine
 LDAP_OUNIVEAU01=niveau01
 LDAP_OUNIVEAU02=niveau02
 LDAP_OUNIVEAU03=niveau03
 LDAP_OUNIVEAU04=niveau04
 LDAP_OUGROUP=groups
 LDAP_BASEORGANISATION=ou=${LDAP_OUORGANISATION},${LDAP_BASEDN}
 LDAP_BASENIVEAU01=ou=${LDAP_OUNIVEAU01},${LDAP_BASEORGANISATION}
 LDAP_BASENIVEAU02=ou=${LDAP_OUNIVEAU02},${LDAP_BASEORGANISATION}
 LDAP_BASENIVEAU03=ou=${LDAP_OUNIVEAU03},${LDAP_BASEORGANISATION}
 LDAP_BASENIVEAU04=ou=${LDAP_OUNIVEAU04},${LDAP_BASEORGANISATION}
 LDAP_BASEUSER=ou=users,${LDAP_BASEORGANISATION}
-LDAP_BASENIVEAU01=ou=niveau01,${LDAP_BASEORGANISATION}
+LDAP_BASEGROUP=ou=${LDAP_OUGROUP},${LDAP_BASEORGANISATION}
-LDAP_BASENIVEAU02=ou=niveau02,${LDAP_BASEORGANISATION}
+
 LDAP_BASEGROUP=ou=groups,${LDAP_BASEORGANISATION}
 LDAP_SYNC=1 
 LDAP_TEMPLATE=open
 LDAP_USERNAME=uid
-LDAP_FIRSTNAME=givenname
+LDAP_FIRSTNAME=givenName
 LDAP_LASTNAME=sn
 LDAP_DISPLAYNAME=displayName
 LDAP_EMAIL=mail
-LDAP_MEMBER=memberUid
+LDAP_MEMBEROF=memberOf
 LDAP_GROUP_GID=gidnumber
 LDAP_GROUP_NAME=cn
 LDAP_GROUP_MEMBER=memberUid
 LDAP_GROUP_MEMBERISDN=0
 LDAP_LOGIN_FILTER="(&(${LDAP_USERNAME}=%uid)(objectClass=person)(!(description=Computer)))"
 LDAP_USER_FILTER="(&(${LDAP_USERNAME}=*)(objectClass=person)(!(description=Computer)))"
 LDAP_LOGIN_FILTER="(&(${LDAP_USERNAME}=%uid%)(objectClass=person)(!(description=Computer)))"
 LDAP_GROUP_FILTER="(&(objectClass=posixGroup))"
 SCRIBE_GROUP=1
 SCRIBE_MASTER=1
 OPENLDAPREQNIVEAU01="(&(uid=*)(objectclass=inetOrgPerson)(!(description=Computer)))"
 OPENLDAPSYNCHROGROUP=0
-OPENLDAPREQGROUP=
+OPENLDAPREQGROUP="(&(objectClass=posixGroup))"
 # KEYCLOAK
 KEYCLOAK_SERVICE_NAME=keycloak
 KEYCLOAK_ACTIVATE=1
 KEYCLOAK_LOCAL=1
 KEYCLOAK_USER=${ADMIN_USER}-keycloak
 KEYCLOAK_PASSWORD=${ADMIN_PASSWORD}-keycloak
 # CAS
 CAS_ACTIVATE=${KEYCLOAK_ACTIVATE}
 CAS_USER=${ADMIN_USER}-keycloak
 CAS_PASSWORD=${ADMIN_PASSWORD}-keycloak
 CAS_HOST=${WEB_URL}
 CAS_PORT=443
 CAS_PATH=/auth/realms/nine/protocol/cas
 CAS_URL=${PROTOCOLE}://${CAS_HOST}:${CAS_PORT}
 CAS_USERNAME=${LDAP_USERNAME}
 CAS_MAIL=${LDAP_EMAIL}
 CAS_LASTNAME=${LDAP_LASTNAME}
 CAS_FIRSTNAME=${LDAP_FIRSTNAME}
 # DOKUWIKI
 DOKUWIKI_SERVICE_NAME=dokuwiki
@ -139,6 +172,18 @@ DOKUWIKI_ACTIVATE=0
 DOKUWIKI_LOCAL=1
 DOKUWIKI_URL=${PROTOCOLE}://${WEB_URL}/dokuwiki
 # KEEWEB
 KEEWEB_SERVICE_NAME=keeweb
 KEEWEB_ACTIVATE=0
 KEEWEB_LOCAL=1
 KEEWEB_URL=${PROTOCOLE}://${WEB_URL}/keeweb
 # KOMGA
 KOMGA_SERVICE_NAME=komga
 KOMGA_ACTIVATE=0
 KOMGA_LOCAL=1
 KOMGA_URL=${PROTOCOLE}://${WEB_URL}/komga
 # NEXTCLOUD
 NEXTCLOUD_SERVICE_NAME=nextcloud
 NEXTCLOUD_ACTIVATE=1
@ -152,17 +197,35 @@ NINEBOARD_ACTIVATE=1
 NINEBOARD_LOCAL=1
 NINEBOARD_URL=${PROTOCOLE}://${WEB_URL}/nineboard
 # NINECOMPTA
 NINECOMPTA_SERVICE_NAME=ninecompta
 NINECOMPTA_ACTIVATE=0
 NINECOMPTA_LOCAL=1
 NINECOMPTA_URL=${PROTOCOLE}://${WEB_URL}/ninecompta
 # NINEFOLIO
 NINEFOLIO_SERVICE_NAME=ninefolio
 NINEFOLIO_ACTIVATE=0
 NINEFOLIO_LOCAL=1
 NINEFOLIO_URL=${PROTOCOLE}://${WEB_URL}/ninefolio
 # NINEGATE
 NINEGATE_SERVICE_NAME=ninegate
 NINEGATE_ACTIVATE=1
 NINEGATE_LOCAL=1
 NINEGATE_URL=${PROTOCOLE}://${WEB_URL}/ninegate
-# NINESKELETOR
+# NINESCHOOL
-NINESKELETOR_SERVICE_NAME=nineskeletor
+NINESCHOOL_SERVICE_NAME=nineschool
-NINESKELETOR_ACTIVATE=1
+NINESCHOOL_ACTIVATE=1
-NINESKELETOR_LOCAL=1
+NINESCHOOL_LOCAL=1
-NINESKELETOR_URL=${PROTOCOLE}://${WEB_URL}/nineskeletor
+NINESCHOOL_URL=${PROTOCOLE}://${WEB_URL}/nineschool
 # PIWIGO
 PIWIGO_SERVICE_NAME=piwigo
 PIWIGO_ACTIVATE=0
 PIWIGO_LOCAL=1
 PIWIGO_URL=${PROTOCOLE}://${WEB_URL}/piwigo
 # WORDPRESS
 WORDPRESS_SERVICE_NAME=wordpress
@ -170,11 +233,17 @@ WORDPRESS_ACTIVATE=1
 WORDPRESS_LOCAL=1
 WORDPRESS_URL=${PROTOCOLE}://${WEB_URL}/wordpress
 # NINECONFIG
 NINECONFIG_SERVICE_NAME=nineconfig
 NINECONFIG_ACTIVATE=1
 NINECONFIG_LOCAL=1
 NINECONFIG_URL="${PROTOCOLE}://${WEB_URL}/nineconfig"
 # ADMINER
 ADMINER_SERVICE_NAME=adminer
 ADMINER_ACTIVATE=1
 ADMINER_LOCAL=1
-ADMINER_URL=${PROTOCOLE}://${WEB_URL}/adminer/?server=${MARIADB_SERVICE_NAME}&username=${MARIADB_USER}
+ADMINER_URL="${PROTOCOLE}://${WEB_URL}/adminer/?server=${MARIADB_SERVICE_NAME}&username=${MARIADB_USER}"
 # PHPLDAPADMIN
 PHPLDAPADMIN_SERVICE_NAME=phpldapadmin
--- a/misc/images/apache/nine.conf
+++ b/misc/images/apache/nine.conf
@ -1,22 +0,0 @@
 ProxyPass /auth http://nine.local:8080/auth retry=0 keepalive=On
 ProxyPassReverse /auth http://nine.local:8080/auth retry=0
 ProxyPass /ninegate http://nine.local:9000/ninegate retry=0 keepalive=On
 ProxyPassReverse /ninegate http://nine.local:9000/ninegate retry=0
 ProxyPass /wssninegate ws://nine.local:9000/wssninegate retry=0 keepalive=On
 ProxyPassReverse /wssninegate ws://nine.local:9000/wssninegate retry=0
 ProxyPass /nextcloud http://nine.local:9001 retry=0 keepalive=On
 ProxyPassReverse /nextcloud http://nine.local:9001 retry=0
 ProxyPass /adminer http://nine.local:9100 retry=0 keepalive=On
 ProxyPassReverse /adminer http://nine.local:9100 retry=0
 ProxyPass /phpldapadmin http://nine.local:9101/phpldapadmin retry=0 keepalive=On
 ProxyPassReverse /phpldapadmin http://nine.local:9101/phpldapadmin retry=0
 ProxyPass /nineapache http://nine.local:9102 retry=0 keepalive=On
 ProxyPassReverse /nineapache http://nine.local:9102 retry=0
--- a/misc/images/keeweb/containers/Dockerfile
+++ b/misc/images/keeweb/containers/Dockerfile
@ -0,0 +1,32 @@
 FROM reg.cadoles.com/envole/nineapache:8.2
 USER root
 # Installe Node.js + npm
 RUN apk add --no-cache nodejs npm
 # Crée le dossier de l'app
 WORKDIR /app
 # Installe webdav-server localement (dans /app/node_modules)
 RUN npm install webdav-server@2
 # Copie ton script WebDAV dans /app
 COPY webdav.js /app/webdav.js
 # Installe KeeWeb
 RUN curl -L https://github.com/keeweb/keeweb/releases/download/v1.18.7/KeeWeb-1.18.7.html.zip -o /tmp/keeweb.zip \
    && unzip /tmp/keeweb.zip -d /app/public \
    && sed -i 's|<base href="/"|<base href="/keeweb/"|' /app/public/index.html \
    && mv /app/public/index.html /app/public/index.php
 # Crée le dossier de stockage
 RUN mkdir -p /data && chown apache:apache /data
 # Copie la conf Apache
 COPY apache.conf /etc/apache2/conf.d/zapp.conf
 # Démarre Apache + WebDAV
 USER apache
 ENV NODE_PATH=/app/node_modules
 CMD sh -c "node /app/webdav.js & httpd -D FOREGROUND"
--- a/misc/images/keeweb/containers/apache.conf
+++ b/misc/images/keeweb/containers/apache.conf
@ -0,0 +1,16 @@
 ServerName nineapache.local
 DocumentRoot "/app/public"
 Alias /keeweb /app/public
 <Location "/keeweb/webdav">
    ProxyPass http://127.0.0.1:9999/
    ProxyPassReverse http://127.0.0.1:9999/
 </Location>
 <Directory "/app/public">
    Options FollowSymLinks
    AllowOverride Limit Options FileInfo
    DirectoryIndex index.php
    Require all granted
 </Directory>
--- a/misc/images/keeweb/containers/webdav.js
+++ b/misc/images/keeweb/containers/webdav.js
@ -0,0 +1,78 @@
 const webdav = require('webdav-server').v2;
 const fs = require('fs');
 const path = require('path');
 const adminUser = process.env.WEBDAV_USER || 'admin';
 const adminPass = process.env.WEBDAV_PASS || 'password';
 const WEB_URL = process.env.WEB_URL || 'localhost';
 const PROTOCOLE = process.env.PROTOCOLE || 'http';
 const ALLOWED_ORIGIN = `${PROTOCOLE}://${WEB_URL}`;
 const ROOT_DIR = '/data';
 // Auth
 const userManager = new webdav.SimpleUserManager();
 const user = userManager.addUser(adminUser, adminPass, false);
 const privilegeManager = new webdav.SimplePathPrivilegeManager();
 privilegeManager.setRights(user, '/', ['all']);
 // ✅ LoggingFileSystem étend PhysicalFileSystem
 class LoggingFileSystem extends webdav.PhysicalFileSystem {
    move(ctx, source, destination, callback) {
        console.log(`🟡 MOVE requested from ${source.toString()} to ${destination.toString()}`);
        const srcPath = path.join(ROOT_DIR, source.toString());
        const destPath = path.join(ROOT_DIR, destination.toString());
        fs.promises.mkdir(path.dirname(destPath), { recursive: true })
            .then(() => fs.promises.rename(srcPath, destPath))
            .then(() => {
                console.log(`✅ MOVE succeeded: ${srcPath} -> ${destPath}`);
                if (typeof callback === 'function') callback(null);
            })
            .catch(err => {
                console.error(`❌ MOVE failed: ${err.message}`);
                if (typeof callback === 'function') callback(err);
            });
    }
 }
 // Serveur WebDAV
 const server = new webdav.WebDAVServer({
    port: 9999,
    hostname: '0.0.0.0',
    httpAuthentication: new webdav.HTTPBasicAuthentication(userManager, 'default realm'),
    privilegeManager,
    rootFileSystem: new LoggingFileSystem(ROOT_DIR),
    responseHeaders: {
        'Access-Control-Allow-Origin': ALLOWED_ORIGIN,
        'Access-Control-Allow-Credentials': 'true',
        'Access-Control-Allow-Headers': 'Authorization, Depth, Content-Type',
        'Access-Control-Allow-Methods': 'GET, PUT, OPTIONS, MKCOL, PROPFIND, DELETE, COPY, MOVE, LOCK, UNLOCK'
    }
 });
 // Ajout header Last-Modified
 server.beforeRequest((arg, next) => {
    const { request, response, requested } = arg;
    if (request.method === 'GET' || request.method === 'HEAD') {
        const filePath = path.join(ROOT_DIR, decodeURIComponent(requested.path.toString()));
        fs.stat(filePath, (err, stats) => {
            if (!err && stats.isFile()) {
                response.setHeader('Last-Modified', stats.mtime.toUTCString());
                console.log(`[INFO] Added Last-Modified: ${stats.mtime.toUTCString()} for ${filePath}`);
            }
            next();
        });
    } else {
        next();
    }
 });
 // Start
 server.start(() => {
    console.log(`✅ WebDAV server ready at http://0.0.0.0:9999`);
    console.log(`🔐 Auth: user="${adminUser}", pass="***"`);
    console.log(`🌐 CORS: Allow-Origin = ${ALLOWED_ORIGIN}`);
 });
--- a/misc/images/keeweb/docker-compose.yml
+++ b/misc/images/keeweb/docker-compose.yml
@ -0,0 +1,14 @@
 version: '3'
 services:
  keeweb:
    build:
      context: ./containers
    image: reg.cadoles.com/envole/keeweb
    container_name: keeweb
    ports:
      - "80:80"  
      - "443:443"
    environment:
      WEBDAV_USER: tonuser
      WEBDAV_PASS: tonpassword      
--- a/misc/images/nineapache74/containers/nineapache/Dockerfile
+++ b/misc/images/nineapache74/containers/nineapache/Dockerfile
@ -13,7 +13,8 @@ RUN apk add --no-cache \
    unzip \
    zip \
    openssl \
-    mariadb-client
+    mariadb-client \
    supervisor
 RUN apk add --no-cache \ 
    apache2 \
@ -58,6 +59,8 @@ RUN curl -sS https://getcomposer.org/installer | php -- --1 --install-dir=/usr/l
 RUN npm install -g n
 RUN npm install -g yarn
 RUN mkdir /etc/supervisor.d
 COPY apache2.sh /etc/apache2/apache2.sh
 RUN chmod +x /etc/apache2/apache2.sh    
 COPY php.local.ini /etc/php7/conf.d/
--- a/misc/images/nineapache74/containers/nineapache/apache2.sh
+++ b/misc/images/nineapache74/containers/nineapache/apache2.sh
--- a/misc/images/nineapache74/containers/nineapache/httpd.conf
+++ b/misc/images/nineapache74/containers/nineapache/httpd.conf
--- a/misc/images/nineapache74/containers/nineapache/index.php
+++ b/misc/images/nineapache74/containers/nineapache/index.php
@ -1,8 +1,6 @@
 <?php
 echo "<html><head><title>Nineapache 7</title></head><body>";
 echo "<h1><center>NINEAPACHE 7</center></h1>";
 echo phpinfo();
 echo "</body></html>";
 ?>
--- a/misc/images/nineapache74/containers/nineapache/php.local.ini
+++ b/misc/images/nineapache74/containers/nineapache/php.local.ini
--- a/misc/images/nineapache74/containers/nineapache/site.conf
+++ b/misc/images/nineapache74/containers/nineapache/site.conf
--- a/misc/images/nineapache74/containers/nineapache/ssl.conf
+++ b/misc/images/nineapache74/containers/nineapache/ssl.conf
--- a/misc/images/nineapache74/docker-compose.yml
+++ b/misc/images/nineapache74/docker-compose.yml
@ -1,11 +1,11 @@
 version: '3'
 services:
-  nineapache:
+  nineapache74:
    build:
      context: ./containers/nineapache
    image: reg.cadoles.com/envole/nineapache:7.4
-    container_name: nineapache7
+    container_name: nineapache74  
    ports:
-      - 8080:80    
+      - "8080:80"  
-      
+      - "8443:443"      
--- a/misc/images/nineapache81/containers/nineapache/Dockerfile
+++ b/misc/images/nineapache81/containers/nineapache/Dockerfile
@ -13,7 +13,10 @@ RUN apk add --no-cache \
    unzip \
    zip \
    openssl \
-    mariadb-client
+    mariadb-client \
    certbot \
    gettext \
    supervisor
 RUN apk add --no-cache \ 
    apache2 \
@ -59,12 +62,21 @@ RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local
 RUN npm install -g n
 RUN npm install -g yarn
 RUN mkdir /etc/supervisor.d
 COPY apache2.sh /etc/apache2/apache2.sh
 RUN chmod +x /etc/apache2/apache2.sh  
 COPY php.local.ini /etc/php81/conf.d/
 COPY httpd.conf /etc/apache2/httpd.conf
 COPY site.conf /etc/apache2/conf.d/nine/site.conf
-COPY ssl.conf /etc/apache2/conf.d/ssl.conf
+COPY sslself.conf /etc/apache2/conf.d/ssl.conf
 COPY index.php /app/public/index.php
 RUN mkdir /nine
 COPY sslletsencrypt.conf /nine/ssl.conf
 RUN mkdir -p /usr/local/apache2/htdocs/.well-known/acme-challenge
 COPY addcertif.sh /nine/addcertif.sh
 RUN chmod +x /nine/addcertif.sh
 RUN echo "0 1 * * * /etc/apache2/addcertif.sh >> /var/log/addcertif.log 2>&1" >> /var/spool/cron/crontabs/root
 CMD /etc/apache2/apache2.sh
--- a/misc/images/nineapache81/containers/nineapache/addcertif.sh
+++ b/misc/images/nineapache81/containers/nineapache/addcertif.sh
@ -0,0 +1,15 @@
 #!/bin/bash
 if [[ $NINEAPACHE_LETSENCRYPT == 1 ]]
 then
    # On génère ou renouvel le certificat
    echo "CERTIFICAT LETSENCRYPT"
    certbot certonly --webroot -w /usr/local/apache2/htdocs -d ${WEB_URL} --non-interactive --agree-tos --email ${ADMIN_EMAIL}
    # On supprime la conf ssl pour placer celle de letsencrypt en y placant la web_url
    rm -f /etc/apache2/conf.d/ssl.conf
    envsubst < "/nine/ssl.conf" > "/etc/apache2/conf.d/ssl.conf"    
    # On redemarre apache
    httpd -k graceful
 fi
--- a/misc/images/nineapache81/containers/nineapache/apache2.sh
+++ b/misc/images/nineapache81/containers/nineapache/apache2.sh
--- a/misc/images/nineapache81/containers/nineapache/httpd.conf
+++ b/misc/images/nineapache81/containers/nineapache/httpd.conf
--- a/misc/images/nineapache81/containers/nineapache/index.php
+++ b/misc/images/nineapache81/containers/nineapache/index.php
@ -0,0 +1,7 @@
 <?php
 echo "<html><head><title>Nineapache 8</title></head><body>";
 echo "<h1><center>NINEAPACHE 8</center></h1>";
 echo "</body></html>";
 ?>
--- a/misc/images/nineapache81/containers/nineapache/php.local.ini
+++ b/misc/images/nineapache81/containers/nineapache/php.local.ini
--- a/misc/images/nineapache81/containers/nineapache/site.conf
+++ b/misc/images/nineapache81/containers/nineapache/site.conf
@ -0,0 +1,34 @@
 LoadModule rewrite_module modules/mod_rewrite.so
 ServerName nineapache.local
 DocumentRoot "/app/public"
 # Alias pour le répertoire de validation de Certbot
 Alias /.well-known/acme-challenge /usr/local/apache2/htdocs/.well-known/acme-challenge
 # Exclure les requêtes pour .well-known/acme-challenge de la redirection vers index.php
 <Location "/.well-known/acme-challenge">
    Options None
    AllowOverride None
    Require all granted
 </Location>
 <Directory "/app/public">
    Options Indexes FollowSymLinks
    AllowOverride All
    Require all granted
    RewriteEngine On
    # Exclure les requêtes vers .well-known/acme-challenge de la redirection
    RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge
    # Règles de réécriture existantes
    RewriteCond %{REQUEST_URI}::$0 ^(/.+)/(.*)::\2$
    RewriteRule .* - [E=BASE:%1]
    RewriteCond %{HTTP:Authorization} .+
    RewriteRule ^ - [E=HTTP_AUTHORIZATION:%0]
    RewriteCond %{ENV:REDIRECT_STATUS} =""
    RewriteRule ^index\.php(?:/(.*)|$) %{ENV:BASE}/$1 [R=301,L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ %{ENV:BASE}/index.php [L]
 </Directory>
--- a/misc/images/nineapache81/containers/nineapache/sslletsencrypt.conf
+++ b/misc/images/nineapache81/containers/nineapache/sslletsencrypt.conf
@ -0,0 +1,43 @@
 LoadModule ssl_module modules/mod_ssl.so
 LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
 SSLRandomSeed startup file:/dev/urandom 512
 SSLRandomSeed connect builtin
 Listen 443
 SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES:!ADH
 SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES:!ADH
 SSLHonorCipherOrder on 
 SSLProtocol all -SSLv3
 SSLProxyProtocol all -SSLv3
 SSLPassPhraseDialog  builtin
 SSLSessionCache        "shmcb:/var/cache/mod_ssl/scache(512000)"
 SSLSessionCacheTimeout  300
 <VirtualHost _default_:443>
    DocumentRoot "/app/public"
    ServerName www.example.com:443
    ServerAdmin you@example.com
    ErrorLog logs/ssl_error.log
    TransferLog logs/ssl_access.log
    SSLEngine on
    SSLCertificateFile /etc/letsencrypt/live/${WEB_URL}/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/${WEB_URL}/privkey.pem
    <FilesMatch "\.(cgi|shtml|phtml|php)$">
        SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory "/app/public/cgi-bin">
        SSLOptions +StdEnvVars
    </Directory>
    BrowserMatch "MSIE [2-5]" \
            nokeepalive ssl-unclean-shutdown \
            downgrade-1.0 force-response-1.0
    CustomLog logs/ssl_request.log \
            "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
 </VirtualHost>   
--- a/misc/images/nineapache81/containers/nineapache/sslself.conf
+++ b/misc/images/nineapache81/containers/nineapache/sslself.conf
--- a/misc/images/nineapache81/docker-compose.yml
+++ b/misc/images/nineapache81/docker-compose.yml
@ -1,10 +1,11 @@
 version: '3'
 services:
-  nineapache:
+  nineapache81:
    build:
      context: ./containers/nineapache
    image: reg.cadoles.com/envole/nineapache:8.1
-    container_name: nineapache8
+    container_name: nineapache81
    ports:
-      - 8080:443    
+      - "8080:80"  
      - "8443:443"      
--- a/misc/images/nineapache82/containers/nineapache/Dockerfile
+++ b/misc/images/nineapache82/containers/nineapache/Dockerfile
@ -0,0 +1,90 @@
 FROM alpine:3.18
 RUN apk update && apk upgrade
 RUN apk add --no-cache \
    bash \
    sed \
    vim \
    ca-certificates \
    openldap-clients \
    wget \
    npm \   
    git \
    curl \
    unzip \
    zip \
    openssl \
    mariadb-client \
    supervisor
 RUN apk add --no-cache \ 
    apache2 \
    apache2-proxy \
    apache2-ssl
 RUN apk add --no-cache \ 
    php82 \
    php82-cli \
    php82-apache2 \
    php82-gd \
    php82-zip \
    php82-xml \
    php82-ctype \
    php82-simplexml \
    php82-tokenizer \
    php82-sodium \
    php82-dom \
    php82-pdo \
    php82-pdo_pgsql \
    php82-pdo_mysql \
    php82-curl \
    php82-ldap \
    php82-pecl-igbinary \
    php82-session \
    php82-pecl-redis \
    php82-fileinfo \
    php82-xmlwriter \
    php82-openssl \
    php82-phar \
    php82-iconv \
    php82-mbstring \
    php82-fpm \
    php82-sockets \
    php82-opcache \
    php82-intl \
    php82-bcmath \
    php82-pecl-ssh2
 RUN ln -s /usr/bin/php82 /usr/bin/php
 RUN curl -k https://forge.cadoles.com/Cadoles/Jenkins/raw/branch/master/resources/com/cadoles/common/add-letsencrypt-ca.sh | bash
 RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
 RUN npm install -g n
 RUN npm install -g yarn
 # Configurer les permissions pour Apache et PHP
 RUN mkdir -p /etc/supervisor.d && \
    mkdir -p /app/public && \
    mkdir -p /etc/apache2/conf.d/nine && \
    mkdir -p /var/log/apache2 && \
    mkdir -p /run/apache2 && \
    chown -R apache:apache /var/log/apache2 /etc/apache2 /app /etc/ssl/apache2 /run/apache2
 # Copier les fichiers de configuration
 COPY apache2.sh /etc/apache2/apache2.sh
 COPY php.local.ini /etc/php82/conf.d/
 COPY httpd.conf /etc/apache2/httpd.conf
 COPY site.conf /etc/apache2/conf.d/nine/site.conf
 COPY ssl.conf /etc/apache2/conf.d/ssl.conf
 COPY index.php /app/public/index.php
 # Donner les droits d'exécution au script
 RUN chmod +x /etc/apache2/apache2.sh  
 # Commande de démarrage
 USER apache
 CMD ["/etc/apache2/apache2.sh"]
--- a/misc/images/nineapache82/containers/nineapache/apache2.sh
+++ b/misc/images/nineapache82/containers/nineapache/apache2.sh
@ -0,0 +1,31 @@
 #!/bin/bash
 envfile=/etc/apache2/conf.d/env.conf
 haveenv=/etc/apache2/haveenv.txt
 # Vérification de la permission d'écriture
 if touch "$envfile" &>/dev/null; then
    echo "GENERATION DES VARIABLES D'ENVIRONNEMENT"
    rm -rf $envfile
    rm -rf $haveenv
    printf "\n# Expose environment variables to scripts.\nPassEnv" >> $envfile
    compgen -e | while read name ; do
        if [[ "$name" != "TERM" && "$name" != "HOME" && "$name" != "HOSTNAME" && "$name" != "PATH" && "$name" != "PWD" && "$name" != "SHLVL" ]]
        then
            touch $haveenv
            printf " $name" >> $envfile
        fi
    done
    printf "\n" >> $envfile
    if [[ ! -f $haveenv ]]
    then
        rm -rf $envfile
    fi
    rm -rf $haveenv
 fi
 echo "START HTTPD"
 httpd -DFOREGROUND
--- a/misc/images/nineapache82/containers/nineapache/httpd.conf
+++ b/misc/images/nineapache82/containers/nineapache/httpd.conf
@ -0,0 +1,483 @@
 #
 # This is the main Apache HTTP server configuration file.  It contains the
 # configuration directives that give the server its instructions.
 # See <URL:http://httpd.apache.org/docs/2.4/> for detailed information.
 # In particular, see 
 # <URL:http://httpd.apache.org/docs/2.4/mod/directives.html>
 # for a discussion of each configuration directive.
 #
 # Do NOT simply read the instructions in here without understanding
 # what they do.  They're here only as hints or reminders.  If you are unsure
 # consult the online docs. You have been warned.  
 #
 # Configuration and logfile names: If the filenames you specify for many
 # of the server's control files begin with "/" (or "drive:/" for Win32), the
 # server will use that explicit path.  If the filenames do *not* begin
 # with "/", the value of ServerRoot is prepended -- so "logs/access_log"
 # with ServerRoot set to "/usr/local/apache2" will be interpreted by the
 # server as "/usr/local/apache2/logs/access_log", whereas "/logs/access_log" 
 # will be interpreted as '/logs/access_log'.
 #
 # ServerTokens
 # This directive configures what you return as the Server HTTP response
 # Header. The default is 'Full' which sends information about the OS-Type
 # and compiled in modules.
 # Set to one of:  Full | OS | Minor | Minimal | Major | Prod
 # where Full conveys the most information, and Prod the least.
 #
 ServerTokens OS
 #
 # ServerRoot: The top of the directory tree under which the server's
 # configuration, error, and log files are kept.
 #
 # Do not add a slash at the end of the directory path.  If you point
 # ServerRoot at a non-local disk, be sure to specify a local disk on the
 # Mutex directive, if file-based mutexes are used.  If you wish to share the
 # same ServerRoot for multiple httpd daemons, you will need to change at
 # least PidFile.
 #
 ServerRoot /var/www
 #
 # Mutex: Allows you to set the mutex mechanism and mutex file directory
 # for individual mutexes, or change the global defaults
 #
 # Uncomment and change the directory if mutexes are file-based and the default
 # mutex file directory is not on a local disk or is not appropriate for some
 # other reason.
 #
 # Mutex default:/run/apache2
 #
 # Listen: Allows you to bind Apache to specific IP addresses and/or
 # ports, instead of the default. See also the <VirtualHost>
 # directive.
 #
 # Change this to Listen on specific IP addresses as shown below to 
 # prevent Apache from glomming onto all bound IP addresses.
 #                            
 #Listen 12.34.56.78:80
 Listen 80
 #
 # Dynamic Shared Object (DSO) Support
 #
 # To be able to use the functionality of a module which was built as a DSO you
 # have to place corresponding `LoadModule' lines at this location so the
 # directives contained in it are actually available _before_ they are used.
 # Statically compiled modules (those listed by `httpd -l') do not need
 # to be loaded here.
 #
 # Example:
 # LoadModule foo_module modules/mod_foo.so
 #
 #LoadModule mpm_event_module modules/mod_mpm_event.so
 LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
 #LoadModule mpm_worker_module modules/mod_mpm_worker.so
 LoadModule authn_file_module modules/mod_authn_file.so
 #LoadModule authn_dbm_module modules/mod_authn_dbm.so
 #LoadModule authn_anon_module modules/mod_authn_anon.so
 #LoadModule authn_dbd_module modules/mod_authn_dbd.so
 #LoadModule authn_socache_module modules/mod_authn_socache.so
 LoadModule authn_core_module modules/mod_authn_core.so
 LoadModule authz_host_module modules/mod_authz_host.so
 LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
 LoadModule authz_user_module modules/mod_authz_user.so
 #LoadModule authz_dbm_module modules/mod_authz_dbm.so
 #LoadModule authz_owner_module modules/mod_authz_owner.so
 #LoadModule authz_dbd_module modules/mod_authz_dbd.so
 LoadModule authz_core_module modules/mod_authz_core.so
 LoadModule access_compat_module modules/mod_access_compat.so
 LoadModule auth_basic_module modules/mod_auth_basic.so
 #LoadModule auth_form_module modules/mod_auth_form.so
 #LoadModule auth_digest_module modules/mod_auth_digest.so
 #LoadModule allowmethods_module modules/mod_allowmethods.so
 #LoadModule file_cache_module modules/mod_file_cache.so
 #LoadModule cache_module modules/mod_cache.so
 #LoadModule cache_disk_module modules/mod_cache_disk.so
 #LoadModule cache_socache_module modules/mod_cache_socache.so
 #LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
 #LoadModule socache_dbm_module modules/mod_socache_dbm.so
 #LoadModule socache_memcache_module modules/mod_socache_memcache.so
 #LoadModule socache_redis_module modules/mod_socache_redis.so
 #LoadModule watchdog_module modules/mod_watchdog.so
 #LoadModule macro_module modules/mod_macro.so
 #LoadModule dbd_module modules/mod_dbd.so
 #LoadModule dumpio_module modules/mod_dumpio.so
 #LoadModule echo_module modules/mod_echo.so
 #LoadModule buffer_module modules/mod_buffer.so
 #LoadModule data_module modules/mod_data.so
 #LoadModule ratelimit_module modules/mod_ratelimit.so
 LoadModule reqtimeout_module modules/mod_reqtimeout.so
 #LoadModule ext_filter_module modules/mod_ext_filter.so
 #LoadModule request_module modules/mod_request.so
 #LoadModule include_module modules/mod_include.so
 LoadModule filter_module modules/mod_filter.so
 #LoadModule reflector_module modules/mod_reflector.so
 #LoadModule substitute_module modules/mod_substitute.so
 #LoadModule sed_module modules/mod_sed.so
 #LoadModule charset_lite_module modules/mod_charset_lite.so
 #LoadModule deflate_module modules/mod_deflate.so
 #LoadModule brotli_module modules/mod_brotli.so
 LoadModule mime_module modules/mod_mime.so
 LoadModule log_config_module modules/mod_log_config.so
 #LoadModule log_debug_module modules/mod_log_debug.so
 #LoadModule log_forensic_module modules/mod_log_forensic.so
 #LoadModule logio_module modules/mod_logio.so
 LoadModule env_module modules/mod_env.so
 #LoadModule mime_magic_module modules/mod_mime_magic.so
 #LoadModule expires_module modules/mod_expires.so
 LoadModule headers_module modules/mod_headers.so
 #LoadModule usertrack_module modules/mod_usertrack.so
 #LoadModule unique_id_module modules/mod_unique_id.so
 LoadModule setenvif_module modules/mod_setenvif.so
 LoadModule version_module modules/mod_version.so
 #LoadModule remoteip_module modules/mod_remoteip.so
 #LoadModule session_module modules/mod_session.so
 #LoadModule session_cookie_module modules/mod_session_cookie.so
 #LoadModule session_crypto_module modules/mod_session_crypto.so
 #LoadModule session_dbd_module modules/mod_session_dbd.so
 #LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
 #LoadModule slotmem_plain_module modules/mod_slotmem_plain.so
 #LoadModule dialup_module modules/mod_dialup.so
 #LoadModule http2_module modules/mod_http2.so
 LoadModule unixd_module modules/mod_unixd.so
 #LoadModule heartbeat_module modules/mod_heartbeat.so
 #LoadModule heartmonitor_module modules/mod_heartmonitor.so
 LoadModule status_module modules/mod_status.so
 LoadModule autoindex_module modules/mod_autoindex.so
 #LoadModule asis_module modules/mod_asis.so
 #LoadModule info_module modules/mod_info.so
 #LoadModule suexec_module modules/mod_suexec.so
 <IfModule !mpm_prefork_module>
        #LoadModule cgid_module modules/mod_cgid.so
 </IfModule>
 <IfModule mpm_prefork_module>
        #LoadModule cgi_module modules/mod_cgi.so
 </IfModule>
 #LoadModule vhost_alias_module modules/mod_vhost_alias.so
 #LoadModule negotiation_module modules/mod_negotiation.so
 LoadModule dir_module modules/mod_dir.so
 #LoadModule actions_module modules/mod_actions.so
 #LoadModule speling_module modules/mod_speling.so
 #LoadModule userdir_module modules/mod_userdir.so
 LoadModule alias_module modules/mod_alias.so
 #LoadModule rewrite_module modules/mod_rewrite.so
 LoadModule negotiation_module modules/mod_negotiation.so
 <IfModule unixd_module>
 #
 # If you wish httpd to run as a different user or group, you must run
 # httpd as root initially and it will switch.  
 #
 # User/Group: The name (or #number) of the user/group to run httpd as.
 # It is usually good practice to create a dedicated user and group for
 # running httpd, as with most system services.
 #
 User apache
 Group apache
 </IfModule>
 # 'Main' server configuration
 #
 # The directives in this section set up the values used by the 'main'
 # server, which responds to any requests that aren't handled by a
 # <VirtualHost> definition.  These values also provide defaults for
 # any <VirtualHost> containers you may define later in the file.
 #
 # All of these directives may appear inside <VirtualHost> containers,
 # in which case these default settings will be overridden for the
 # virtual host being defined.
 #
 #
 # ServerAdmin: Your address, where problems with the server should be
 # e-mailed.  This address appears on some server-generated pages, such
 # as error documents.  e.g. admin@your-domain.com
 #
 ServerAdmin you@example.com
 #
 # Optionally add a line containing the server version and virtual host
 # name to server-generated pages (internal error documents, FTP directory
 # listings, mod_status and mod_info output etc., but not CGI generated
 # documents or custom error documents).
 # Set to "EMail" to also include a mailto: link to the ServerAdmin.
 # Set to one of:  On | Off | EMail
 #
 ServerSignature On
 #
 # ServerName gives the name and port that the server uses to identify itself.
 # This can often be determined automatically, but we recommend you specify
 # it explicitly to prevent problems during startup.
 #
 # If your host doesn't have a registered DNS name, enter its IP address here.
 #
 #ServerName www.example.com:80
 #
 # Deny access to the entirety of your server's filesystem. You must
 # explicitly permit access to web content directories in other 
 # <Directory> blocks below.
 #
 <Directory />
    AllowOverride none
    Require all denied
 </Directory>
 #
 # Note that from this point forward you must specifically allow
 # particular features to be enabled - so if something's not working as
 # you might expect, make sure that you have specifically enabled it
 # below.                     
 #
 #
 # DocumentRoot: The directory out of which you will serve your
 # documents. By default, all requests are taken from this directory, but
 # symbolic links and aliases may be used to point to other locations.
 #
 DocumentRoot "/var/www/localhost/htdocs"
 <Directory "/var/www/localhost/htdocs">
    #
    # Possible values for the Options directive are "None", "All",
    # or any combination of:
    #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
    #
    # Note that "MultiViews" must be named *explicitly* --- "Options All"
    # doesn't give it to you.
    #
    # The Options directive is both complicated and important.  Please see
    # http://httpd.apache.org/docs/2.4/mod/core.html#options
    # for more information.
    #
    Options Indexes FollowSymLinks
    #
    # AllowOverride controls what directives may be placed in .htaccess files.
    # It can be "All", "None", or any combination of the keywords:
    #   AllowOverride FileInfo AuthConfig Limit
    #
    AllowOverride None
    #
    # Controls who can get stuff from this server.
    #
    Require all granted
 </Directory>
 #
 # DirectoryIndex: sets the file that Apache will serve if a directory
 # is requested.
 #
 <IfModule dir_module>
    DirectoryIndex index.html
 </IfModule>
 #
 # The following lines prevent .htaccess and .htpasswd files from being 
 # viewed by Web clients. 
 #
 <Files ".ht*">
    Require all denied
 </Files>
 #
 # ErrorLog: The location of the error log file.
 # If you do not specify an ErrorLog directive within a <VirtualHost>
 # container, error messages relating to that virtual host will be
 # logged here.  If you *do* define an error logfile for a <VirtualHost>
 # container, that host's errors will be logged there and not here.
 #                            
 ErrorLog logs/error.log
 #
 # LogLevel: Control the number of messages logged to the error_log.
 # Possible values include: debug, info, notice, warn, error, crit,
 # alert, emerg.
 #
 LogLevel warn
 <IfModule log_config_module>
    #
    # The following directives define some format nicknames for use with
    # a CustomLog directive (see below).
    #
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common
    <IfModule logio_module>
      # You need to enable mod_logio.c to use %I and %O
      LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    </IfModule>
    #
    # The location and format of the access logfile (Common Logfile Format).
    # If you do not define any access logfiles within a <VirtualHost>
    # container, they will be logged here.  Contrariwise, if you *do*
    # define per-<VirtualHost> access logfiles, transactions will be
    # logged therein and *not* in this file.
    #
    #CustomLog logs/access.log common
    #
    # If you prefer a logfile with access, agent, and referer information
    # (Combined Logfile Format) you can use the following directive.
    #
    CustomLog logs/access.log combined
 </IfModule>
 <IfModule alias_module>
    #
    # Redirect: Allows you to tell clients about documents that used to 
    # exist in your server's namespace, but do not anymore. The client 
    # will make a new request for the document at its new location.
    # Example:
    # Redirect permanent /foo http://www.example.com/bar
    #
    # Alias: Maps web paths into filesystem paths and is used to
    # access content that does not live under the DocumentRoot.
    # Example:
    # Alias /webpath /full/filesystem/path
    #
    # If you include a trailing / on /webpath then the server will
    # require it to be present in the URL.  You will also likely
    # need to provide a <Directory> section to allow access to
    # the filesystem path.
    #
    # ScriptAlias: This controls which directories contain server scripts. 
    # ScriptAliases are essentially the same as Aliases, except that
    # documents in the target directory are treated as applications and
    # run by the server when requested rather than as documents sent to the
    # client.  The same rules about trailing "/" apply to ScriptAlias
    # directives as to Alias.
    #
    ScriptAlias /cgi-bin/ "/var/www/localhost/cgi-bin/"
 </IfModule>
 <IfModule cgid_module>
    #
    # ScriptSock: On threaded servers, designate the path to the UNIX
    # socket used to communicate with the CGI daemon of mod_cgid.
    #
    #Scriptsock cgisock
 </IfModule>
 #
 # "/var/www/localhost/cgi-bin" should be changed to whatever your ScriptAliased
 # CGI directory exists, if you have that configured.
 #
 <Directory "/var/www/localhost/cgi-bin">
    AllowOverride None
    Options None
    Require all granted
 </Directory>
 <IfModule headers_module>
    #
    # Avoid passing HTTP_PROXY environment to CGI's on this or any proxied
    # backend servers which have lingering "httpoxy" defects.
    # 'Proxy' request header is undefined by the IETF, not listed by IANA
    #
    RequestHeader unset Proxy early
 </IfModule>
 <IfModule mime_module>
    #
    # TypesConfig points to the file containing the list of mappings from
    # filename extension to MIME-type.
    #
    TypesConfig /etc/apache2/mime.types
    #
    # AddType allows you to add to or override the MIME configuration
    # file specified in TypesConfig for specific file types.
    #
    #AddType application/x-gzip .tgz
    #
    # AddEncoding allows you to have certain browsers uncompress
    # information on the fly. Note: Not all browsers support this.
    #
    #AddEncoding x-compress .Z
    #AddEncoding x-gzip .gz .tgz
    #
    # If the AddEncoding directives above are commented-out, then you
    # probably should define those extensions to indicate media types:
    #                        
    AddType application/x-compress .Z
    AddType application/x-gzip .gz .tgz
    #
    # AddHandler allows you to map certain file extensions to "handlers":
    # actions unrelated to filetype. These can be either built into the server
    # or added with the Action directive (see below)
    #
    # To use CGI scripts outside of ScriptAliased directories:
    # (You will also need to add "ExecCGI" to the "Options" directive.)
    #
    #AddHandler cgi-script .cgi
    # For type maps (negotiated resources):
    #AddHandler type-map var
    #
    # Filters allow you to process content before it is sent to the client.
    #
    # To parse .shtml files for server-side includes (SSI):
    # (You will also need to add "Includes" to the "Options" directive.)
    #
    #AddType text/html .shtml
    #AddOutputFilter INCLUDES .shtml
 </IfModule>
 #
 # The mod_mime_magic module allows the server to use various hints from the
 # contents of the file itself to determine its type.  The MIMEMagicFile
 # directive tells the module where the hint definitions are located.
 #
 <IfModule mime_magic_module>
    MIMEMagicFile /etc/apache2/magic
 </IfModule>
 #
 # Customizable error responses come in three flavors:
 # 1) plain text 2) local redirects 3) external redirects
 #
 # Some examples:
 #ErrorDocument 500 "The server made a boo boo."
 #ErrorDocument 404 /missing.html
 #ErrorDocument 404 "/cgi-bin/missing_handler.pl"
 #ErrorDocument 402 http://www.example.com/subscription_info.html
 #
 #
 # MaxRanges: Maximum number of Ranges in a request before
 # returning the entire resource, or one of the special
 # values 'default', 'none' or 'unlimited'.
 # Default setting is to accept 200 Ranges.
 #MaxRanges unlimited
 #
 # EnableMMAP and EnableSendfile: On systems that support it, 
 # memory-mapping or the sendfile syscall may be used to deliver
 # files.  This usually improves server performance, but must
 # be turned off when serving from networked-mounted 
 # filesystems or if support for these functions is otherwise
 # broken on your system.
 # Defaults: EnableMMAP On, EnableSendfile Off
 #
 #EnableMMAP off
 #EnableSendfile on
 # Load config files from the config directory "/etc/apache2/conf.d".
 #
 IncludeOptional /etc/apache2/conf.d/*.conf
 IncludeOptional /etc/apache2/conf.d/nine/*.conf
--- a/misc/images/nineapache82/containers/nineapache/index.php
+++ b/misc/images/nineapache82/containers/nineapache/index.php
@ -2,7 +2,6 @@
 echo "<html><head><title>Nineapache 8</title></head><body>";
 echo "<h1><center>NINEAPACHE 8</center></h1>";
 echo phpinfo();
 echo "</body></html>";
 ?>
--- a/misc/images/nineapache82/containers/nineapache/php.local.ini
+++ b/misc/images/nineapache82/containers/nineapache/php.local.ini
@ -0,0 +1,3 @@
 memory_limit = 512M
 upload_max_filesize = 512M
 post_max_size = 512M
--- a/misc/images/nineapache82/containers/nineapache/site.conf
+++ b/misc/images/nineapache82/containers/nineapache/site.conf
--- a/misc/images/nineapache82/containers/nineapache/ssl.conf
+++ b/misc/images/nineapache82/containers/nineapache/ssl.conf
@ -0,0 +1,43 @@
 LoadModule ssl_module modules/mod_ssl.so
 LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
 SSLRandomSeed startup file:/dev/urandom 512
 SSLRandomSeed connect builtin
 Listen 443
 SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES:!ADH
 SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES:!ADH
 SSLHonorCipherOrder on 
 SSLProtocol all -SSLv3
 SSLProxyProtocol all -SSLv3
 SSLPassPhraseDialog  builtin
 SSLSessionCache        "shmcb:/var/cache/mod_ssl/scache(512000)"
 SSLSessionCacheTimeout  300
 <VirtualHost _default_:443>
    DocumentRoot "/app/public"
    ServerName www.example.com:443
    ServerAdmin you@example.com
    ErrorLog logs/ssl_error.log
    TransferLog logs/ssl_access.log
    SSLEngine on
    SSLCertificateFile /etc/ssl/apache2/server.pem
    SSLCertificateKeyFile /etc/ssl/apache2/server.key
    <FilesMatch "\.(cgi|shtml|phtml|php)$">
        SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory "/app/public/cgi-bin">
        SSLOptions +StdEnvVars
    </Directory>
    BrowserMatch "MSIE [2-5]" \
            nokeepalive ssl-unclean-shutdown \
            downgrade-1.0 force-response-1.0
    CustomLog logs/ssl_request.log \
            "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
 </VirtualHost>   
--- a/misc/images/nineapache82/docker-compose.yml
+++ b/misc/images/nineapache82/docker-compose.yml
@ -0,0 +1,11 @@
 version: '3'
 services:
  nineapache82:
    build:
      context: ./containers/nineapache
    image: reg.cadoles.com/envole/nineapache:8.2
    container_name: nineapache82
    ports:
      - "8081:80"  
      - "8443:443"      
--- a/misc/images/piwigo/.gitignore
+++ b/misc/images/piwigo/.gitignore
@ -0,0 +1 @@
 ./volumes
--- a/misc/images/piwigo/containers/piwigo/Dockerfile
+++ b/misc/images/piwigo/containers/piwigo/Dockerfile
@ -0,0 +1,10 @@
 FROM reg.cadoles.com/envole/nineapache:8.1
 RUN apk add php81-mysqli
 RUN cd /app/public
 RUN wget https://fr.piwigo.org/download/dlcounter.php?code=latest --output-document=/app/piwigo.zip
 RUN rm -rf /app/public
 RUN unzip /app/piwigo.zip -d /app
 RUN mv /app/piwigo /app/public
 COPY install-silent.php /app/public/
 RUN rm -rf /app/piwigo.zip
--- a/misc/images/piwigo/containers/piwigo/install-silent.php
+++ b/misc/images/piwigo/containers/piwigo/install-silent.php
@ -0,0 +1,399 @@
 <?php
 // +-----------------------------------------------------------------------+
 // | This file is part of Piwigo.                                          |
 // |                                                                       |
 // | For copyright and license information, please view the COPYING.txt    |
 // | file that was distributed with this source code.                      |
 // +-----------------------------------------------------------------------+
 //----------------------------------------------------------- include
 define('PHPWG_ROOT_PATH','./');
 define('DEFAULT_PREFIX_TABLE', 'piwigo_');
 include(PHPWG_ROOT_PATH . 'include/config_default.inc.php');
@include(PHPWG_ROOT_PATH. 'local/config/config.inc.php');
 defined('PWG_LOCAL_DIR') or define('PWG_LOCAL_DIR', 'local/');
 include(PHPWG_ROOT_PATH . 'include/functions.inc.php');
 include(PHPWG_ROOT_PATH . 'include/template.class.php');
 // download database config file if exists
 check_input_parameter('dl', $_GET, false, '/^[a-f0-9]{32}$/');
 if (!empty($_GET['dl']) && file_exists(PHPWG_ROOT_PATH.$conf['data_location'].'pwg_'.$_GET['dl']))
 {
  $filename = PHPWG_ROOT_PATH.$conf['data_location'].'pwg_'.$_GET['dl'];
  header('Cache-Control: no-cache, must-revalidate');
  header('Pragma: no-cache');
  header('Content-Disposition: attachment; filename="database.inc.php"');
  header('Content-Transfer-Encoding: binary');
  header('Content-Length: '.filesize($filename));
  echo file_get_contents($filename);
  unlink($filename);
  exit();
 } 
 // Obtain various vars
 echo "INSTALLATION PIWIGO\n";
 echo "MYSQL_HOST = ".getenv('MYSQL_HOST')."\n";
 echo "MYSQL_USER = ".getenv('MYSQL_USER')."\n";
 echo "MYSQL_PASSWORD = ".getenv('MYSQL_PASSWORD')."\n";
 echo "MYSQL_PREFIXE = ".getenv('MYSQL_PREFIXE')."\n";
 echo "PIWIGO_LANGUAGE = ".getenv('PIWIGO_LANGUAGE')."\n";
 echo "\n\n";
 $dbhost = getenv('MYSQL_HOST');
 $dbuser = getenv('MYSQL_USER');
 $dbpasswd = getenv('MYSQL_PASSWORD');
 $dbname = getenv('MYSQL_DATABASE');
 $prefixeTable = (!empty(getenv('MYSQL_PREFIXE')) ? getenv('MYSQL_PREFIXE') : "piwigo_");
 $dblayer = 'mysqli';
 $admin_name = 'admin';
 $admin_pass1 = 'changeme';
 $admin_pass2 = 'changeme';
 $admin_mail = 'admin@noreply.fr';
 $is_newsletter_subscribe = false;
 $infos = array();
 $errors = array();
 $_POST['dbhost'] = $dbhost;
 $_POST['dbname'] = $dbname;
 $_POST['dbuser'] = $dbuser;
 $_POST['dbpasswd'] = $dbpasswd;
 $config_file = PHPWG_ROOT_PATH.PWG_LOCAL_DIR .'config/database.inc.php';
 if (@file_exists($config_file))
 {
  include($config_file);
  // Is Piwigo already installed ?
  if (defined("PHPWG_INSTALLED"))
  {
    //die('Piwigo is already installed');
  }
 }
 include(PHPWG_ROOT_PATH . 'include/constants.php');
 include(PHPWG_ROOT_PATH . 'admin/include/functions.php');
 include(PHPWG_ROOT_PATH . 'admin/include/languages.class.php');
 $languages = new languages('utf-8');
 $language=getenv('PIWIGO_LANGUAGE');
 if ('fr_FR' == $language) {
  define('PHPWG_DOMAIN', 'fr.piwigo.org');
 }
 else if ('it_IT' == $language) {
  define('PHPWG_DOMAIN', 'it.piwigo.org');
 }
 else if ('de_DE' == $language) {
  define('PHPWG_DOMAIN', 'de.piwigo.org');
 }
 else if ('es_ES' == $language) {
  define('PHPWG_DOMAIN', 'es.piwigo.org');
 }
 else if ('pl_PL' == $language) {
  define('PHPWG_DOMAIN', 'pl.piwigo.org');
 }
 else if ('zh_CN' == $language) {
  define('PHPWG_DOMAIN', 'cn.piwigo.org');
 }
 else if ('ru_RU' == $language) {
  define('PHPWG_DOMAIN', 'ru.piwigo.org');
 }
 else if ('nl_NL' == $language) {
  define('PHPWG_DOMAIN', 'nl.piwigo.org');
 }
 else if ('tr_TR' == $language) {
  define('PHPWG_DOMAIN', 'tr.piwigo.org');
 }
 else if ('da_DK' == $language) {
  define('PHPWG_DOMAIN', 'da.piwigo.org');
 }
 else if ('pt_BR' == $language) {
  define('PHPWG_DOMAIN', 'br.piwigo.org');
 }
 else {
  define('PHPWG_DOMAIN', 'piwigo.org');
 }
 define('PHPWG_URL', 'https://'.PHPWG_DOMAIN);
 //----------------------------------------------------- template initialization
 $template = new Template(PHPWG_ROOT_PATH.'admin/themes', 'clear');
 $template->set_filenames( array('install' => 'install.tpl') );
 if (!isset($step))
 {
  $step = 1;
 }
 //---------------------------------------------------------------- form analyze
  include(PHPWG_ROOT_PATH .'include/dblayer/functions_'.$dblayer.'.inc.php');
  include(PHPWG_ROOT_PATH . 'admin/include/functions_install.inc.php');
  include(PHPWG_ROOT_PATH . 'admin/include/functions_upgrade.php');
  echo "install_db_connect\n";
  install_db_connect($infos, $errors);
  if (count($errors) > 0)
  {
    print_r($errors);
  }
  echo "pwg_db_check_charset\n";
  pwg_db_check_charset();
    $file_content = '<?php
      $conf[\'dblayer\'] = \''.$dblayer.'\';
      $conf[\'db_base\'] = \''.$dbname.'\';
      $conf[\'db_user\'] = \''.$dbuser.'\';
      $conf[\'db_password\'] = \''.$dbpasswd.'\';
      $conf[\'db_host\'] = \''.$dbhost.'\';
      $prefixeTable = \''.$prefixeTable.'\';
      define(\'PHPWG_INSTALLED\', true);
      define(\'PWG_CHARSET\', \'utf-8\');
      define(\'DB_CHARSET\', \'utf8\');
      define(\'DB_COLLATE\', \'\');
      ?'.'>';
    @umask(0111);
    // writing the configuration file
    if ( !($fp = @fopen( $config_file, 'w' )))
    {
      // make sure nobody can list files of _data directory
      secure_directory(PHPWG_ROOT_PATH.$conf['data_location']);
      $tmp_filename = md5(uniqid(time()));
      $fh = @fopen( PHPWG_ROOT_PATH.$conf['data_location'] . 'pwg_' . $tmp_filename, 'w' );
      @fputs($fh, $file_content, strlen($file_content));
      @fclose($fh);
      $template->assign(
        array(
          'config_creation_failed' => true,
          'config_url' => 'install.php?dl='.$tmp_filename,
          'config_file_content' => $file_content,
          )
        );
    }
    @fputs($fp, $file_content, strlen($file_content));
    @fclose($fp);
    // tables creation, based on piwigo_structure.sql
    echo "************************here";
    execute_sqlfile(
      PHPWG_ROOT_PATH.'install/piwigo_structure-mysql.sql',
      DEFAULT_PREFIX_TABLE,
      $prefixeTable,
      'mysql'
      );
    // We fill the tables with basic informations
    execute_sqlfile(
      PHPWG_ROOT_PATH.'install/config.sql',
      DEFAULT_PREFIX_TABLE,
      $prefixeTable,
      'mysql'
      );
    $query = '
 INSERT INTO '.$prefixeTable.'config (param,value,comment) 
   VALUES (\'secret_key\',\''.sha1(random_bytes(1000)).'\',
   \'a secret key specific to the gallery for internal use\');';
    pwg_query($query);
    conf_update_param('piwigo_db_version', get_branch_from_version(PHPWG_VERSION));
    conf_update_param('gallery_title', pwg_db_real_escape_string(l10n('Just another Piwigo gallery')));
    conf_update_param(
      'page_banner',
      '<h1>%gallery_title%</h1>'."\n\n<p>".pwg_db_real_escape_string(l10n('Welcome to my photo gallery')).'</p>'
      );
    // fill languages table, only activate the current language
    $languages->perform_action('activate', $language);
    // fill $conf global array
    load_conf_from_db();
    // PWG_CHARSET is required for building the fs_themes array in the
    // themes class
    if (!defined('PWG_CHARSET'))
    {
      define('PWG_CHARSET', 'utf-8');
    }
    activate_core_themes();
    activate_core_plugins();
    $insert = array(
      'id' => 1,
      'galleries_url' => PHPWG_ROOT_PATH.'galleries/',
      );
    mass_inserts(SITES_TABLE, array_keys($insert), array($insert));
    // webmaster admin user
    $inserts = array(
      array(
        'id'           => 1, // must be the same value as webmaster_id in config.sql
        'username'     => $admin_name,
        'password'     => md5($admin_pass1),
        'mail_address' => $admin_mail,
        ),
      array(
        'id'           => 2,
        'username'     => 'guest',
        ),
      );
    mass_inserts(USERS_TABLE, array_keys($inserts[0]), $inserts);
    create_user_infos(array(1,2), array('language' => $language));
    // Available upgrades must be ignored after a fresh installation. To
    // make PWG avoid upgrading, we must tell it upgrades have already been
    // made.
    list($dbnow) = pwg_db_fetch_row(pwg_query('SELECT NOW();'));
    define('CURRENT_DATE', $dbnow);
    $datas = array();
    foreach (get_available_upgrade_ids() as $upgrade_id)
    {
      $datas[] = array(
        'id'          => $upgrade_id,
        'applied'     => CURRENT_DATE,
        'description' => 'upgrade included in installation',
        );
    }
    mass_inserts(
      UPGRADE_TABLE,
      array_keys($datas[0]),
      $datas
      );
 //------------------------------------------------------ start template output
 foreach ($languages->fs_languages as $language_code => $fs_language)
 {
  if ($language == $language_code)
  {
    $template->assign('language_selection', $language_code);
  }
  $languages_options[$language_code] = $fs_language['name'];
 }
 $template->assign('language_options', $languages_options);
 $template->assign(
  array(
    'T_CONTENT_ENCODING' => 'utf-8',
    'RELEASE' => PHPWG_VERSION,
    'F_ACTION' => 'install.php?language=' . $language,
    'F_DB_HOST' => $dbhost,
    'F_DB_USER' => $dbuser,
    'F_DB_NAME' => $dbname,
    'F_DB_PREFIX' => $prefixeTable,
    'F_ADMIN' => $admin_name,
    'F_ADMIN_EMAIL' => $admin_mail,
    'EMAIL' => '<span class="adminEmail">'.$admin_mail.'</span>',
    'F_NEWSLETTER_SUBSCRIBE' => $is_newsletter_subscribe,
    'L_INSTALL_HELP' => l10n('Need help ? Ask your question on <a href="%s">Piwigo message board</a>.', PHPWG_URL.'/forum'),
    ));
 //------------------------------------------------------ errors & infos display
 if ($step == 1)
 {
  $template->assign('install', true);
 }
 else
 {
  pwg_activity('system', ACTIVITY_SYSTEM_CORE, 'install', array('version'=>PHPWG_VERSION));
  $infos[] = l10n('Congratulations, Piwigo installation is completed');
  if (isset($error_copy))
  {
    $errors[] = $error_copy;
  }
  else
  {
    session_set_save_handler('pwg_session_open',
      'pwg_session_close',
      'pwg_session_read',
      'pwg_session_write',
      'pwg_session_destroy',
      'pwg_session_gc'
    );
    if ( function_exists('ini_set') )
    {
      ini_set('session.use_cookies', $conf['session_use_cookies']);
      ini_set('session.use_only_cookies', $conf['session_use_only_cookies']);
      ini_set('session.use_trans_sid', intval($conf['session_use_trans_sid']));
      ini_set('session.cookie_httponly', 1);
    }
    session_name($conf['session_name']);
    session_set_cookie_params(0, cookie_path());
    register_shutdown_function('session_write_close');
    $user = build_user(1, true);
    log_user($user['id'], false);
    // newsletter subscription
    if ($is_newsletter_subscribe)
    {
      fetchRemote(
        get_newsletter_subscribe_base_url($language).$admin_mail,
        $result,
        array(),
        array('origin' => 'installation')
        );
      userprefs_update_param('show_newsletter_subscription', false);
    }
    // email notification
    if (isset($_POST['send_credentials_by_mail']))
    {
      include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');
      $keyargs_content = array(
        get_l10n_args('Hello %s,', $admin_name),
        get_l10n_args('Welcome to your new installation of Piwigo!', ''),
        get_l10n_args('', ''),
        get_l10n_args('Here are your connection settings', ''),
        get_l10n_args('', ''),
        get_l10n_args('Link: %s', get_absolute_root_url()),
        get_l10n_args('Username: %s', $admin_name),
        get_l10n_args('Password: ********** (no copy by email)', ''),
        get_l10n_args('Email: %s', $admin_mail),
        get_l10n_args('', ''),
        get_l10n_args('Don\'t hesitate to consult our forums for any help: %s', PHPWG_URL),
        );
      pwg_mail(
        $admin_mail,
        array(
          'subject' => l10n('Just another Piwigo gallery'),
          'content' => l10n_args($keyargs_content),
          'content_format' => 'text/plain',
          )
        );
    }
  }
 }
 if (count($errors) != 0)
 {
  $template->assign('errors', $errors);
 }
 if (count($infos) != 0 )
 {
  $template->assign('infos', $infos);
 }
 //----------------------------------------------------------- html code display
 ?>
--- a/misc/images/sentinel/containers/Dockerfile
+++ b/misc/images/sentinel/containers/Dockerfile
@ -0,0 +1,19 @@
 FROM redis:6-alpine
 ENV SENTINEL_QUORUM 2
 ENV SENTINEL_DOWN_AFTER 1000
 ENV SENTINEL_FAILOVER 1000
 RUN mkdir -p /redis
 WORKDIR /redis
 COPY sentinel.conf .
 COPY sentinel-entrypoint.sh /usr/local/bin/
 RUN chown redis:redis /redis/* && \
    chmod +x /usr/local/bin/sentinel-entrypoint.sh
 EXPOSE 26379
 ENTRYPOINT ["sentinel-entrypoint.sh"]
--- a/misc/images/sentinel/containers/sentinel-entrypoint.sh
+++ b/misc/images/sentinel/containers/sentinel-entrypoint.sh
@ -0,0 +1,7 @@
 #!/bin/sh
 sed -i "s/\$SENTINEL_QUORUM/$SENTINEL_QUORUM/g" /redis/sentinel.conf
 sed -i "s/\$SENTINEL_DOWN_AFTER/$SENTINEL_DOWN_AFTER/g" /redis/sentinel.conf
 sed -i "s/\$SENTINEL_FAILOVER/$SENTINEL_FAILOVER/g" /redis/sentinel.conf
 redis-server /redis/sentinel.conf --sentinel
--- a/misc/images/sentinel/containers/sentinel.conf
+++ b/misc/images/sentinel/containers/sentinel.conf
@ -0,0 +1,9 @@
 port 26379
 dir /tmp
 sentinel resolve-hostnames yes
 sentinel monitor redismaster redis 6379 $SENTINEL_QUORUM
 sentinel down-after-milliseconds redismaster $SENTINEL_DOWN_AFTER
 sentinel parallel-syncs redismaster 1
 sentinel failover-timeout redismaster $SENTINEL_FAILOVER
--- a/misc/images/wordpress/containers/wordpress/Dockerfile
+++ b/misc/images/wordpress/containers/wordpress/Dockerfile
@ -9,13 +9,14 @@ RUN chmod +x /usr/local/bin/wp
 # Configuration apache
 RUN cd /app/public
-COPY apache.conf /etc/apache2/conf.d/zapp.conf
+COPY apache.conf /etc/apache2/conf.d/nine/site.conf
 # Installation des sources wordpress
 RUN wp core download --path=/app/public --locale=fr_FR
 RUN chown -R apache:apache /app/public
-RUN find /app/public -type d -exec chmod 755 {} +
+RUN chmod -R u=rwX,g=rX,o=rX /app/public
-RUN find /app/public -type f -exec chmod 644 {} +
+#RUN find /app/public -type d -exec chmod 755 {} +
 #RUN find /app/public -type f -exec chmod 644 {} +
 RUN mkdir /docker
 COPY entrypoint.sh /docker/entrypoint.sh
--- a/misc/images/wordpress/containers/wordpress/apache.conf
+++ b/misc/images/wordpress/containers/wordpress/apache.conf
@ -2,6 +2,7 @@ LoadModule rewrite_module modules/mod_rewrite.so
 ServerName nineapache.local
 DocumentRoot "/app/public"
 Alias /wordpress /app/public
 LogLevel alert rewrite:trace3
 <Directory "/app/public">
    Options FollowSymLinks
    AllowOverride Limit Options FileInfo
@ -13,7 +14,7 @@ Alias /wordpress /app/public
    RewriteEngine On
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
-    RewriteBase /wordpress/
+    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    # add a trailing slash to /wp-admin
--- a/misc/images/wordpress/containers/wordpress/entrypoint.sh
+++ b/misc/images/wordpress/containers/wordpress/entrypoint.sh
@ -79,8 +79,17 @@ wp site switch-language fr_FR
 # Mise à jour theme / plugin / network
 wp theme install twentytwentyfour --allow-root
 wp theme enable twentytwentyfour --network
 wp theme install lowfi --allow-root
 wp theme enable lowfi --network
 wp theme install astra --allow-root
 wp theme enable astra --network
 wp plugin install advanced-posts-listing --allow-root
 wp plugin activate advanced-posts-listing --network
 wp plugin install ultimate-addons-for-gutenberg --allow-root
 wp plugin activate ultimate-addons-for-gutenberg --network
 wp plugin install wordpress-importer --allow-root
 wp plugin install envira-gallery-lite --allow-root
 wp theme update --allow-root --all
 wp plugin update --allow-root --all
--- a/misc/images/wordpress/containers/wordpress/wp-cli.phar
+++ b/misc/images/wordpress/containers/wordpress/wp-cli.phar
--- a/misc/tools/dicos.sh
+++ b/misc/tools/dicos.sh
@ -1,12 +1,11 @@
    dir=$1
    if [ -f "$dir/dicos/.env.dicos" ]; then
        dicos="$dir/dicos/.env.dicos"
        # Exporter la variable
-        while IFS='=' read -r key value; do
+        set -o allexport; source <(grep -v '^#' $dir/env/.env.merge | sed 's/^/export /'); set +o allexport
            export "$key"="$value"
        done < $dir/env/.env.merge
        # Initialisation des tableaux
        templates=()
--- a/misc/tools/eole.sh
+++ b/misc/tools/eole.sh
@ -0,0 +1,15 @@
 #!/bin/bash
 # Include bibliotheque de fonction
 . e-ihm.sh
 Title "NETWORK"
 EchoRouge "ATTENTION SOLUTION DE CONTOURNEMENT POUR LE POC"
 EchoRouge "A résoudre si l'on souhaite mettre en production"
 # On réinstall docker-ce car le reconf détruit le reseau docker, la reinstall de docker-ce rétablit le reseau
 apt-get install docker-ce --reinstall
 # ATTENTION A REVOIR car ouvre complétement le firewall
 iptables -P INPUT ACCEPT
--- a/misc/tools/eolenine.sh
+++ b/misc/tools/eolenine.sh
@ -0,0 +1,4 @@
 #!/bin/bash
 cd /usr/share/envole/ninedocker
 ./nine.sh $1 $2
--- a/nine.sh
+++ b/nine.sh
@ -28,9 +28,7 @@ stop() {
    if [[ "$1" != "" ]]; then 
        docker-compose rm -s -v -f "${1}"
    else
-        for key in $(for k in "${!services[@]}"; do echo "$k:${services[$k]}"; done | sort -t: -k2,2 | cut -d: -f1); do
+        docker-compose down
            docker-compose rm -s -v -f "${key}"
        done;    
    fi
    if [[ "$2" != 1 ]]; then echo; fi
@ -106,6 +104,26 @@ destroyall(){
    fi
 }
 #===========================================================================================================================================
 #== PULL ===================================================================================================================================
 #===========================================================================================================================================
 pull(){
    if [[ "$1" == "" ]]
    then
        Question_ouinon "Souhaitez-vous mettre à jour les images  ?"
    else
        Question_ouinon "Souhaitez-vous mettre à jour l'images du service $1  ?"
    fi
    if [[ "$?" = 0 ]]
    then
        stop $1
        docker-compose pull $1
    fi
 }
 #===========================================================================================================================================
 #== ENV ====================================================================================================================================
 #===========================================================================================================================================
@ -113,8 +131,8 @@ destroyall(){
 env(){
    for dir in $(ls -d "services"/[0-9][0-9]-* | sort); do
-        #mergeenv $dir/env/.env.merge env/.env.merge $dir/env/.env $dir/env/.env.local
+        mergeenv $dir/env/.env.merge env/.env.merge $dir/env/.env $dir/env/.env.local
-        misc/tools/mergeenv.sh $dir
+        #misc/tools/mergeenv.sh $dir
    done    
 }
@ -155,6 +173,7 @@ dockercompose() {
        done < "$dir/dockercompose/dockercompose.yml"
        fi  
    done
    cat services.yml secrets.yml networks.yml > docker-compose.yml
    rm -f services.yml secrets.yml networks.yml
@ -209,8 +228,8 @@ services() {
 #===========================================================================================================================================
 # Include variable d'environnement global
-#mergeenv env/.env.merge env/.env env/.env.local
+mergeenv env/.env.merge env/.env env/.env.local
-misc/tools/mergeenv.sh
+#misc/tools/mergeenv.sh
 . env/.env.merge
 # Include service
 declare -A services
@ -281,6 +300,14 @@ then
    else
        destroy$2
    fi
 elif [[ $1 == "pull" ]]
 then
    pull $2
 elif [[ $1 == "pulluplogs" ]]
 then
    pull $2
    up $2    
    docker-compose logs -f $2
 elif [[ $1 == "services" ]]
 then
    services
@ -319,6 +346,15 @@ then
        up$2
    fi
    docker-compose logs -f $2
 elif [[ $1 == "letsencrypt" ]]
 then
    Title ${NINEAPACHE_SERVICE_NAME^^} LETSENCRYPT
    if [[ $NINEAPACHE_ACTIVATE == 1 && $NINEAPACHE_LOCAL == 1 ]]
    then
        docker-compose exec ${NINEAPACHE_SERVICE_NAME} /nine/addcertif.sh
    else
        EchoRouge "Service ${NINEAPACHE_SERVICE_NAME} non actif"
    fi
 else
    EchoRouge "Action possible ="
    EchoRouge "nine.sh > UP de l'ensemble des services actifs"
@ -327,16 +363,21 @@ else
    EchoRouge "nine.sh uplogs > UP puis logs de l'ensemble des services actifs"
    EchoRouge "nine.sh uplogs monservice> UP puis logs de monservice"    
    EchoRouge "nine.sh stop > STOP de l'ensemble des services"
-    EchoRouge "nine.sh stop monservice> STOP de monservice"
+    EchoRouge "nine.sh stop monservice > STOP de monservice"
-    EchoRouge "nine.sh bash monservice> lance un terminel dans le conteneur de monservice"
+    EchoRouge "nine.sh bash monservice > lance un terminel dans le conteneur de monservice"
-    EchoRouge "nine.sh destroyall> détruit l'ensemble des services avec l'ensemble des BDD et des volumes persistant"
+    EchoRouge "nine.sh destroyall > détruit l'ensemble des services avec l'ensemble des BDD et des volumes persistant"
-    EchoRouge "nine.sh destroy monservice> détruit monservices et si souhaitez sa BDD et ses volumes persistant"
+    EchoRouge "nine.sh destroy monservice > détruit monservices et si souhaitez sa BDD et ses volumes persistant"
    EchoRouge "nine.sh pull > Mettre à jour l'ensemble des images"
    EchoRouge "nine.sh pull monservice > Mettre à jour l'image de monservice"
    EchoRouge "nine.sh pulluplogs > Mettre à jour l'ensemble des images et uplogs de l'ensemble des services"
    EchoRouge "nine.sh pulluplogs monservice > Mettre à jour l'image de monservice et uplogs de mon service"
    EchoRouge "nine.sh services > Liste des Services"
    EchoRouge "nine.sh logs > LOGS de l'ensemble des services"
    EchoRouge "nine.sh logs monservice > LOGS de monservice"
    EchoRouge "nine.sh iswait monservice > monservice est-il en cours de construction"
    EchoRouge "nine.sh regen > lance destroyall puis up sur l'ensemble des service"
    EchoRouge "nine.sh regen monservice > lance destroy monservice puis up monservice"
    EchoRouge "nine.sh letsencrypt > genere ou renouvelle le certificat letsencrypt"
 fi
 echo
 echo
--- a/services/10-nineapache/apache/apache.conf
+++ b/services/10-nineapache/apache/apache.conf
@ -2,6 +2,16 @@ LoadModule rewrite_module modules/mod_rewrite.so
 ServerName nineapache.local
 # Log des rewrite
 # LogLevel alert rewrite:trace3
 # Forcer https
 RewriteEngine On
 RewriteCond %{HTTPS} !=on
 RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
 # Options Proxy
 ProxyRequests Off
 ProxyPreserveHost On
@ -10,20 +20,38 @@ ProxyPreserveHost On
    Require all granted
 </Proxy>
-RequestHeader set X-Forwarded-Host "%{HTTP_HOST}s"
+#RequestHeader unset X-Forwarded-Host
-RequestHeader set X-Forwarded-Server "%{HTTP_HOST}s"
+#RequestHeader set X-Forwarded-Host "%{HTTP_HOST}s"
-RequestHeader set X-Forwarded-For "%{REMOTE_ADDR}s"
+#RequestHeader set X-Forwarded-Server "%{HTTP_HOST}s"
 #RequestHeader set X-Forwarded-For "%{REMOTE_ADDR}s"
 RequestHeader set Host "%{HTTP_HOST}s"
-RequestHeader set X-Forwarded-Proto "http"
+RequestHeader set X-Forwarded-Proto "https"
 # Alias pour le répertoire de validation de Certbot
 Alias /.well-known/acme-challenge /usr/local/apache2/htdocs/.well-known/acme-challenge
 # Exclure les requêtes pour .well-known/acme-challenge de la redirection vers index.php
 <Location "/.well-known/acme-challenge">
    Options None
    Require all granted
 </Location>
 # Page interne au proxy
 DocumentRoot "/app/public"
 <Directory "/app/public">
    # Rediriger la racine vers le chemin défini dans la variable REDIRECT_PATH
    # en 302 pour que les navigateurs ne garde pas en cache la redirection
    RewriteCond %{ENV:REDIRECT_PATH} !=""
    RewriteRule ^/?$ %{ENV:REDIRECT_PATH} [R=302,L]
    Options Indexes FollowSymLinks
    AllowOverride All
    Require all granted
    RewriteEngine On
    # Exclure les requêtes vers .well-known/acme-challenge de la redirection
    RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge
    RewriteCond %{REQUEST_URI}::$0 ^(/.+)/(.*)::\2$
    RewriteRule .* - [E=BASE:%1]
    RewriteCond %{HTTP:Authorization} .+
--- a/services/10-nineapache/dockercompose/dockercompose.yml
+++ b/services/10-nineapache/dockercompose/dockercompose.yml
@ -14,4 +14,4 @@ services:
      - "443:443"
    volumes:
      - ./services/10-nineapache/volume/apache:/etc/apache2/conf.d/nine
-      - ./services/10-nineapache/volume/ssl:/etc/apache2/ssl
+      - ./services/10-nineapache/volume/letsencrypt:/etc/letsencrypt
--- a/services/10-nineapache/volume/ssl/selfsigned.crt
+++ b/services/10-nineapache/volume/ssl/selfsigned.crt
@ -1,21 +0,0 @@
 -----BEGIN CERTIFICATE-----
 MIIDYTCCAkmgAwIBAgIUQ+F6GtJo7VWyn1uemlBWSqYDGyYwDQYJKoZIhvcNAQEL
 BQAwQDELMAkGA1UEBhMCRlIxDzANBgNVBAgMBkZyYW5jZTEOMAwGA1UEBwwFRGlq
 b24xEDAOBgNVBAoMB0NhZG9sZXMwHhcNMjQwNzI4MTU1NjM0WhcNMjUwNzI4MTU1
 NjM0WjBAMQswCQYDVQQGEwJGUjEPMA0GA1UECAwGRnJhbmNlMQ4wDAYDVQQHDAVE
 aWpvbjEQMA4GA1UECgwHQ2Fkb2xlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
 AQoCggEBAKLfE1bjieaMAKV7e9blEPGSQtp2gFfrsYwjLaFnT+JyUtNbAKtAUxsB
 SOLMC+cBMluQyv1E69xeL+8v9QgkmpvUw/nJy32/hU1AVSxzfU67wZHWusjx4089
 tHLmJymDQkjvKnshLoPSXQTD3bA1HScMyuymqdXlUTIHm3xoOmi+9T+58UgCsTaj
 7j8TavNdbU5PXSWyk8WHoYZJMEefLypvARa8g0xDYq3S7MomTIIulS/p/pD2RVA6
 th8SrjBiIvI7OrNP2TyYbZbVGit64+03+YIiCr8UUqA+a4FZlOzvWo9pHsErb/9a
 uQeQ2ICS6ZnrLNHcNY/mppUW4TfEn6kCAwEAAaNTMFEwHQYDVR0OBBYEFGZEJEsY
 Y4TL3Q2UMm1CfJNywqJuMB8GA1UdIwQYMBaAFGZEJEsYY4TL3Q2UMm1CfJNywqJu
 MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAITdEJjIwNhzPomS
 ybcf1MES4zHSzQNmE6eRgKrB3V7qKANyjaav8vuDaH5drs5cEs+r/uheuVEQFrSV
 Jk4zLllo3XTdOE2Hydjzxy7Ztqel11hA8dD5tgdJBDxLj4lMbgAbMBWTfH2VjGYC
 xPtr8dV9kH2/91sJixRgKBVZ5ywzbqPIZU3iraXe8VOd9Uj+hDrNomAXJFrI/QV4
 81bEvHwTmBHWU+plTu0YyhlBkW5byScFZNek5eOxI721phnog/t9UDbsi20mrH0e
 iLfJ169LZ3yAWGy4NRq3oQnJUalu3HwlZr0fp0Eih0t7CD5O8Lt4ymN7EywrrI7J
 VnR5yZU=
 -----END CERTIFICATE-----
--- a/services/10-nineapache/volume/ssl/selfsigned.key
+++ b/services/10-nineapache/volume/ssl/selfsigned.key
@ -1,28 +0,0 @@
 -----BEGIN PRIVATE KEY-----
 MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCi3xNW44nmjACl
 e3vW5RDxkkLadoBX67GMIy2hZ0/iclLTWwCrQFMbAUjizAvnATJbkMr9ROvcXi/v
 L/UIJJqb1MP5yct9v4VNQFUsc31Ou8GR1rrI8eNPPbRy5icpg0JI7yp7IS6D0l0E
 w92wNR0nDMrspqnV5VEyB5t8aDpovvU/ufFIArE2o+4/E2rzXW1OT10lspPFh6GG
 STBHny8qbwEWvINMQ2Kt0uzKJkyCLpUv6f6Q9kVQOrYfEq4wYiLyOzqzT9k8mG2W
 1RoreuPtN/mCIgq/FFKgPmuBWZTs71qPaR7BK2//WrkHkNiAkumZ6yzR3DWP5qaV
 FuE3xJ+pAgMBAAECggEAONndCktKa2sbHqhHxe8XRvti0pbinc3rn5r35osFW2nE
 d3ogdaZyW87K/j9zOCM2zLdx444XNki6OqdmxHziatqNvbcujKo5gYmfMXDuoHjx
 TFLDyDiGu7YyMpkbumXS0VqKXYhrkB/x0CP+Ue94SZUxkAFs7vioqun04CwRl1Xh
 8Z0fU8IFSP1gEOmJMk1nLfCcYPdgsVDWNauhe1NAPCoZQGGYGfuGI6aBERy7vkAD
 S5kt7SAnhznXbo2K1hNHuj2exOLUpjWUeA7k/pyiIuK+PBoizB0nOgGClvOY9TCu
 il8jljLyH2lHeNhO1q6e+mu2oggjfozbMD5NcwduMQKBgQDGgj7+5fzhYtziFJOC
 DtCDgOEx8F7WxluxwuniG+WasnrpvF3mERQfj+Lx1X4gSSiZBu/ygq+e+NVuw6oL
 XNYyArvzsH+Ti9xzXhdJA0ujPXwoQ9km7GrM16x/OJGmA8Ruj7Xi5FSaP1mQeZze
 6JttYTVLw2vOe+4OQpxRSSe/FwKBgQDSCp4TRh7HJ3/cx/VMt1r8YvD8O/RrS+Df
 zKmTp57zaua8aVVXw34LN5RXnpom/zE1dg2uV0Lh4hneNEZgcm6OcJQrofkfrMUr
 LJKyym635VmYOmLdZYfHU3YpyJmPSb9+VwObPN9WGqgMMhoG8b7AeTqLihait5OA
 I0gj2+/PPwKBgGGeAySOLMEZQM3cmH1Ik7lXU2afccPkX4sW8rTCSzK7uj3e574P
 f/nVZCDQf+mYkGJQSwbSxVJDw5FonuJfkOWe+pZnoRUJnisNhh3dhQCNZ9TVKKA/
 enWpSaZ2RwmAqMRF34foCMKhjIXDiCUF9gjf2LmdLBKqVvKkRwKiGu2ZAoGBAMbo
 VSBthBIXnueG2Q8IiHqAfDRx1pqRpehqmaCB2W4tK0r7+Vz+fevDe5CqWtNZUdGN
 9ZDHhEgDZXnfSVJmq7nqdPcJEbHkXGfxcw8r00QFRx55FE0TrEygBkO1e26NaXIM
 lxa4w8t3vPKns6wl3P3LEB067Qq1DFMJlnSXAHfjAoGAAPbkr4ETFLswU/qdWAag
 mp5l2q7lAr9WUW+grJsY7PAc+RWvYiqs8zSyqIP39FyiwCdvJbQ7yhmUUI4Xsap+
 sseQwQ77KvZbAmbaht/8CCEpEvIunlmDPPvdmC2aBjjiXPCdfuI9oZW1vHg+DMR0
 EJyRdCAFQ4+712mehLzSSFQ=
 -----END PRIVATE KEY-----
--- a/services/30-mta/dockercompose/dockercompose.yml
+++ b/services/30-mta/dockercompose/dockercompose.yml
@ -4,11 +4,11 @@ services:
    image: postfix
    container_name: mta
    restart: unless-stopped 
-    env_file: ./services/01-mta/env/.env.merge
+    env_file: ./services/30-mta/env/.env.merge
    networks:
      - nine-network
    secrets:
      - postfix_password
 secrets:
  postfix_password:
-    file: ./services/01-mta/secrets/postfix_password.txt
+    file: ./services/30-mta/secrets/postfix_password.txt
--- a/services/30-mta/env/.env
+++ b/services/30-mta/env/.env
--- a/services/30-mta/misc/nine.sh
+++ b/services/30-mta/misc/nine.sh
--- a/services/30-mta/secrets/postfix_password.txt
+++ b/services/30-mta/secrets/postfix_password.txt
--- a/services/30-openldap/dicos/.env.dicos
+++ b/services/30-openldap/dicos/.env.dicos
@ -0,0 +1,2 @@
 templates=services/30-openldap/tmpl/nine.ldif
 destinations=services/30-openldap/volume/nine/ldif/nine.ldif
--- a/services/30-openldap/tmpl/nine.ldif
+++ b/services/30-openldap/tmpl/nine.ldif
@ -0,0 +1,66 @@
 # Entrée 3: ${LDAP_BASEORGANISATION}
 dn: ${LDAP_BASEORGANISATION}
 objectclass: organizationalUnit
 objectclass: top
 ou: ${LDAP_OUORGANISATION}
 # Entrée 4: ${LDAP_BASENIVEAU01}
 dn: ${LDAP_BASENIVEAU01}
 objectclass: organizationalUnit
 objectclass: top
 ou: ${LDAP_OUNIVEAU01}
 # Entrée 5: cn=${LDAP_OUORGANISATION},${LDAP_BASENIVEAU01}
 dn: cn=${LDAP_OUORGANISATION},${LDAP_BASENIVEAU01}
 objectclass: posixGroup
 objectclass: top
 objectclass: sambaGroupMapping
 objectclass: cadolesGroup
 objectclass: cadolesSiren
 cn: ${LDAP_OUORGANISATION}
 gidnumber: 1
 memberuid: ${ADMIN_USER}
 cadolesMember: ${LDAP_USERNAME}=${ADMIN_USER},${LDAP_BASEUSER}
 sambagrouptype: 2
 sambasid: 1
 siren: ${LDAP_OUORGANISATION}
 # Entrée 6: ${LDAP_BASENIVEAU02}
 dn: ${LDAP_BASENIVEAU02}
 objectclass: organizationalUnit
 objectclass: top
 ou: ${LDAP_OUNIVEAU02}
 # Entrée 7: ${LDAP_BASEGROUP}
 dn: ${LDAP_BASEGROUP}
 objectclass: organizationalUnit
 objectclass: top
 ou: ${LDAP_OUNIVEAU02}
 # Entrée 8: ${LDAP_BASEUSER}
 dn: ${LDAP_BASEUSER}
 objectclass: organizationalUnit
 objectclass: top
 ou: users
 # Entrée 9: ${LDAP_USERNAME}=${ADMIN_USER},${LDAP_BASEUSER}
 dn: ${LDAP_USERNAME}=${ADMIN_USER},${LDAP_BASEUSER}
 objectclass: top
 objectclass: person
 objectclass: organizationalPerson
 objectclass: inetOrgPerson
 objectclass: cadolesPerson
 objectclass: cadolesSiren
 objectclass: cadolesSiret
 authlevel: simple
 ${LDAP_USERNAME}: ${ADMIN_USER}
 cn: ${ADMIN_USER}
 ${LDAP_LASTNAME}: ${ADMIN_USER}
 ${LDAP_DISPLAYNAME}: ${ADMIN_USER}
 ${LDAP_FIRSTNAME}: ${ADMIN_USER}
 ${LDAP_EMAIL}: ${ADMIN_EMAIL}
 siren: ${LDAP_OUORGANISATION}
 ${LDAP_OUNIVEAU01}: ${LDAP_OUNIVEAU01}
 userpassword: {SSHA}JYfvUM9Hf/v/NbWR5zgUkt4E5lBRGuR2
--- a/services/30-openldap/volume/nine/changepassword.sh
+++ b/services/30-openldap/volume/nine/changepassword.sh
@ -1 +1 @@
-ldappasswd -x -H ldap://${LDAP_HOST}:${LDAP_PORT} -D ${LDAP_USER} -w ${LDAP_PASSWORD} -s $2 "uid=$1,ou=users,ou=ninegate,dc=nine,dc=org"
+ldappasswd -x -H ldap://${LDAP_HOST}:${LDAP_PORT} -D ${LDAP_USER} -w ${LDAP_PASSWORD} -s $2 "${LDAP_USERNAME}=$1,${LDAP_BASEUSER}"
--- a/services/30-openldap/volume/nine/init.sh
+++ b/services/30-openldap/volume/nine/init.sh
@ -10,7 +10,7 @@ then
    ldapdelete ou=users,${LDAP_BASEDN} -r -H ldap://${LDAP_HOST}:${LDAP_PORT} -D ${LDAP_USER} -w ${LDAP_PASSWORD} 2>/dev/null
    # Integration du ldif de base
-    ldapadd -H ldap://${LDAP_HOST}:${LDAP_PORT} -D ${LDAP_USER} -w ${LDAP_PASSWORD} -f '/nine/ldif/cadoles.ldif' 2>/dev/null
+    ldapadd -H ldap://${LDAP_HOST}:${LDAP_PORT} -D ${LDAP_USER} -w ${LDAP_PASSWORD} -f '/nine/ldif/nine.ldif' 2>/dev/null
    /nine/changepassword.sh admin ${ADMIN_PASSWORD}
--- a/services/50-ninegate/volume/data/private/.gitkeep
+++ b/services/50-ninegate/volume/data/private/.gitkeep
--- a/services/30-openldap/volume/nine/ldif/cadoles.ldif
+++ b/services/30-openldap/volume/nine/ldif/cadoles.ldif
@ -1,66 +0,0 @@
 # Entrée 3: ou=ninegate,dc=nine,dc=org
 dn: ou=ninegate,dc=nine,dc=org
 objectclass: organizationalUnit
 objectclass: top
 ou: ninegate
 # Entrée 4: ou=niveau01,ou=ninegate,dc=nine,dc=org
 dn: ou=niveau01,ou=ninegate,dc=nine,dc=org
 objectclass: organizationalUnit
 objectclass: top
 ou: niveau01
 # Entrée 5: cn=nine,ou=niveau01,ou=ninegate,dc=nine,dc=org
 dn: cn=nine,ou=niveau01,ou=ninegate,dc=nine,dc=org
 objectclass: posixGroup
 objectclass: top
 objectclass: sambaGroupMapping
 objectclass: cadolesGroup
 objectclass: cadolesSiren
 cn: nine
 gidnumber: 1
 memberuid: admin
 cadolesMember: uid=admin,ou=users,ou=ninegate,dc=nine,dc=org
 sambagrouptype: 2
 sambasid: 1
 siren: Ninegate
 # Entrée 6: ou=niveau02,ou=ninegate,dc=nine,dc=org
 dn: ou=niveau02,ou=ninegate,dc=nine,dc=org
 objectclass: organizationalUnit
 objectclass: top
 ou: niveau02
 # Entrée 7: ou=groups,ou=ninegate,dc=nine,dc=org
 dn: ou=groups,ou=ninegate,dc=nine,dc=org
 objectclass: organizationalUnit
 objectclass: top
 ou: groups
 # Entrée 8: ou=users,ou=ninegate,dc=nine,dc=org
 dn: ou=users,ou=ninegate,dc=nine,dc=org
 objectclass: organizationalUnit
 objectclass: top
 ou: users
 # Entrée 9: uid=admin,ou=users,ou=ninegate,dc=nine,dc=org
 dn: uid=admin,ou=users,ou=ninegate,dc=nine,dc=org
 objectclass: top
 objectclass: person
 objectclass: organizationalPerson
 objectclass: inetOrgPerson
 objectclass: cadolesPerson
 objectclass: cadolesSiren
 objectclass: cadolesSiret
 authlevel: simple
 uid: admin
 cn: nine
 sn: nine
 displayname: Administrateur nine
 givenname: Administrateur
 mail: admin@no-reply.fr
 siren: 0000000A
 niveau01: nine
 userpassword: {SSHA}JYfvUM9Hf/v/NbWR5zgUkt4E5lBRGuR2
--- a/services/30-redis/dockercompose/dockercompose.yml
+++ b/services/30-redis/dockercompose/dockercompose.yml
@ -10,3 +10,5 @@ services:
      - nine-network    
    environment:
      - TZ=Europe/Paris
    volumes:
      - ./services/30-redis/volume/data:/data:rw
--- a/services/30-redis/misc/nine.sh
+++ b/services/30-redis/misc/nine.sh
@ -18,6 +18,16 @@ function destroyredis(){
        stop $REDIS_SERVICE_NAME 1
        docker-compose rm -s -v -f "$REDIS_SERVICE_NAME"  
        if [[ -z $1 ]]; then 
            Question_ouinon "Souhaitez-vous supprimer la BDD associé à $REDIS_SERVICE_NAME ?";
            response=$?
        fi
        if [[ "$response" == 0 || ! -z $1 ]]
        then
            EchoRouge "Delete BDD = $REDIS_SERVICE_NAME"
            rm -rf services/30-redis/volume/data
        fi
        echo ""
   fi  
 }
--- a/services/35-sentinel/dockercompose/dockercompose.yml
+++ b/services/35-sentinel/dockercompose/dockercompose.yml
@ -0,0 +1,11 @@
 services:
  # Sentinel
  # Sentinel du servince redis
  # Port interne 26379
  sentinel:
    image: reg.cadoles.com/envole/sentinel
    container_name: nine-sentinel
    env_file: ./services/35-sentinel/env/.env.merge
    networks:
      - nine-network
--- a/services/35-sentinel/env/.env
+++ b/services/35-sentinel/env/.env
@ -0,0 +1,3 @@
 # == SENTINEL ================================================================================================================================
--- a/services/35-sentinel/misc/nine.sh
+++ b/services/35-sentinel/misc/nine.sh
@ -0,0 +1,23 @@
 #!/bin/bash
 function upsentinel {
    if [[ $SENTINEL_ACTIVATE == 1 && $SENTINEL_LOCAL == 1 ]]
    then
        Title "SENTINEL"
        EchoVert "CONTAINER"
        upservice $SENTINEL_SERVICE_NAME
        Echo
    fi
 }
 function destroysentinel(){
    if [[ $SENTINEL_LOCAL == 1 ]]
    then
        Title "DESTROY $SENTINEL_SERVICE_NAME"
        stop $SENTINEL_SERVICE_NAME 1
        docker-compose rm -s -v -f "$SENTINEL_SERVICE_NAME"  
        echo ""
   fi  
 }
--- a/services/40-keycloak/dockercompose/dockercompose.yml
+++ b/services/40-keycloak/dockercompose/dockercompose.yml
@ -12,8 +12,12 @@ services:
    volumes:
      - ./services/40-keycloak/volume/realm:/opt/keycloak/data/import
      - ./services/40-keycloak/volume/nine:/nine
      - ./services/40-keycloak/volume/themes:/opt/keycloak/themes
    command:
      - start
      - --spi-theme-static-max-age=-1
      - --spi-theme-cache-themes=false
      - --spi-theme-cache-templates=false
      - --import-realm
      - --proxy-headers
      - xforwarded
--- a/services/40-keycloak/env/.env
+++ b/services/40-keycloak/env/.env
@ -1,8 +1,8 @@
 # == KEYCLOAK =============================================================================================================================
-KEYCLOAK_ADMIN=${CAS_USER}
+KEYCLOAK_ADMIN=${KEYCLOAK_USER}
-KEYCLOAK_ADMIN_PASSWORD=${CAS_PASSWORD}
+KEYCLOAK_ADMIN_PASSWORD=${KEYCLOAK_PASSWORD}
 KC_DB=mariadb
 KC_DB_URL=jdbc:mariadb://${MARIADB_HOST}:${MARIADB_PORT}/keycloak
@ -12,7 +12,7 @@ KC_DB_PASSWORD=${MARIADB_PASSWORD}
 KC_HTTPS_CERTIFICATE_FILE=/nine/server.crt.pem
 KC_HTTPS_CERTIFICATE_KEY_FILE=/nine/server.key.pem
 KC_HOSTNAME_PATH=/auth
-KC_HOSTNAME=nine.local
+KC_HOSTNAME=${WEB_URL}
 KC_PROXY_ADDRESS_FORWARDING=true
 KC_PROXY_HEADERS=xforwarded
--- a/services/40-keycloak/tmpl/realm-export.json
+++ b/services/40-keycloak/tmpl/realm-export.json
@ -527,15 +527,15 @@
      "clientId": "nine",
      "name": "",
      "description": "",
-      "rootUrl": "https://nine.local",
+      "rootUrl": "${PROTOCOLE}://${WEB_URL}",
-      "adminUrl": "https://nine.local",
+      "adminUrl": "${PROTOCOLE}://${WEB_URL}",
-      "baseUrl": "https://nine.local",
+      "baseUrl": "${PROTOCOLE}://${WEB_URL}",
      "surrogateAuthRequired": false,
      "enabled": true,
      "alwaysDisplayInConsole": false,
      "clientAuthenticatorType": "client-secret",
      "redirectUris": [
-        "https://nine.local/*"
+        "${PROTOCOLE}://${WEB_URL}/*"
      ],
      "webOrigins": [],
      "notBefore": 0,
@ -1711,8 +1711,11 @@
      }
    ]
  },
-  "internationalizationEnabled": false,
+  "internationalizationEnabled": true,
-  "supportedLocales": [],
+  "supportedLocales": [
    "fr"
  ],
  "defaultLocale": "fr",
  "authenticationFlows": [
    {
      "id": "6f96a656-96bf-4dfb-ae4c-5a8f0b8b8dbd",
--- a/services/40-keycloak/volume/nine/realm-export.json
+++ b/services/40-keycloak/volume/nine/realm-export.json
@ -1727,8 +1727,11 @@
      }
    ]
  },
-  "internationalizationEnabled": false,
+  "internationalizationEnabled": true,
-  "supportedLocales": [],
+  "supportedLocales": [
    "fr"
  ],
  "defaultLocale": "fr",
  "authenticationFlows": [
    {
      "id": "2769839a-7135-4319-bcf2-1208e18004cb",
--- a/services/40-keycloak/volume/themes/nine/login/resources/css/styles.css
+++ b/services/40-keycloak/volume/themes/nine/login/resources/css/styles.css
@ -0,0 +1,13 @@
 .login-pf body {
    background: #2e3131 none;
 }
 .login-pf-page {
    width: 500px;
    max-width: 80%;
    margin: auto;
 }
 .kc-logo-text {
    display:none;
 }
--- a/services/40-keycloak/volume/themes/nine/login/theme.properties
+++ b/services/40-keycloak/volume/themes/nine/login/theme.properties
@ -0,0 +1,3 @@
 parent=keycloak
 import=common/keycloak
 styles=css/styles.css
--- a/services/50-keeweb/apache/apache.conf
+++ b/services/50-keeweb/apache/apache.conf
@ -0,0 +1,4 @@
 # Keeweb
 ProxyPass /keeweb http://keeweb/keeweb retry=0 keepalive=On
 ProxyPassReverse /keeweb http://keeweb/keeweb retry=0
--- a/services/50-keeweb/dockercompose/dockercompose.yml
+++ b/services/50-keeweb/dockercompose/dockercompose.yml
@ -0,0 +1,13 @@
 services:
  # keeweb
  # interface Web pour KeePass
  # Port interne 80
  keeweb:
    image: reg.cadoles.com/envole/keeweb
    container_name: nine-keeweb
    restart: unless-stopped
    env_file: ./services/50-keeweb/env/.env.merge
    networks:
      - nine-network
    volumes:
      - ./services/50-keeweb/volume/data:/data
--- a/services/50-keeweb/env/.env
+++ b/services/50-keeweb/env/.env
@ -0,0 +1,5 @@
 # == KEEWEB =================================================================================================================================
 WEBDAV_USER=${ADMIN_USER}
 WEBDAV_PASS=${ADMIN_PASSWORD}    
--- a/services/50-keeweb/misc/nine.sh
+++ b/services/50-keeweb/misc/nine.sh
@ -0,0 +1,36 @@
 #!/bin/bash
 function upkeeweb {
    if [[ $KEEWEB_ACTIVATE == 1 && $KEEWEB_LOCAL == 1 ]]
    then
        Title ${KEEWEB_SERVICE_NAME^^}
        EchoVert "CONTAINER"
        upservice ${KEEWEB_SERVICE_NAME}
        chmod -R a+wr ./services/50-keeweb/volume/data
        Echo
    fi    
 }
 function destroykeeweb {
    if [[ $KEEWEB_LOCAL == 1 ]]
    then
        Title "DESTROY $KEEWEB_SERVICE_NAME"
        stop $KEEWEB_SERVICE_NAME 1
        docker-compose rm -s -v -f "$KEEWEB_SERVICE_NAME"
        if [[ -z $1 ]]; then 
            Question_ouinon "Souhaitez-vous supprimer le volume associé à $KEEWEB_SERVICE_NAME ?";
            response=$?
        fi
        if [[ "$response" == 0 || ! -z $1 ]]
        then
            EchoRouge "Delete Volume = $KEEWEB_SERVICE_NAME"
            rm -rf services/50-keeweb/volume/data
        fi
        echo ""
    fi   
 }
--- a/services/50-komga/apache/apache.conf
+++ b/services/50-komga/apache/apache.conf
@ -0,0 +1,12 @@
 # Konga
 ProxyPass /komga http://komga:25600/komga retry=0 keepalive=On
 ProxyPassReverse /komga http://komga:25600/komga retry=0
 <LocationMatch "^/komga/login$">
    Redirect 302 /komga/oauth2/authorization/keycloak
 </LocationMatch>
 <LocationMatch "^/komga/login?redirect=%2Fdashboard$">
    Redirect 302 /komga/oauth2/authorization/keycloak
 </LocationMatch>
--- a/services/50-komga/dockercompose/dockercompose.yml
+++ b/services/50-komga/dockercompose/dockercompose.yml
@ -0,0 +1,18 @@
 services:
  # Komga
  # Biobliotheque ebook
  # Port interne 25600
  komga:
    image: gotson/komga
    container_name: nine-komga
    restart: unless-stopped  
    env_file: ./services/50-komga/env/.env.merge
    user: "1000:1000"
    networks:
      - nine-network
    volumes:
      - ./services/50-komga/volume/data:/data:rw
      - ./services/50-komga/volume/config:/config:rw
      - ./services/50-komga/volume/ebook:/ebook:rw
--- a/services/50-komga/env/.env
+++ b/services/50-komga/env/.env
@ -0,0 +1,6 @@
 # == KOMGA ================================================================================================================================
 TZ=Europe/Paris
 SERVER_SERVLET_CONTEXT_PATH=/komga
 KOMGA_OAUTH2_ACCOUNT_CREATION=1
--- a/services/50-komga/misc/nine.sh
+++ b/services/50-komga/misc/nine.sh
@ -0,0 +1,35 @@
 #!/bin/bash
 function upkomga {
    if [[ $KOMGA_ACTIVATE == 1 && $KOMGA_LOCAL == 1 ]]
    then
        Title ${KOMGA_SERVICE_NAME^^}
        EchoVert "CONTAINER"
        upservice ${KOMGA_SERVICE_NAME}
        chmod -R a+wr ./services/50-komga/volume
        Echo
    fi    
 }
 function destroykomga {
    if [[ $KOMGA_LOCAL == 1 ]]
    then
        Title "DESTROY $KOMGA_SERVICE_NAME"
        stop $KOMGA_SERVICE_NAME 1
        docker-compose rm -s -v -f "$KOMGA_SERVICE_NAME"
        if [[ -z $1 ]]; then 
            Question_ouinon "Souhaitez-vous supprimer les volumes associés à $KOMGA_SERVICE_NAME ?";
            response=$?
        fi
        if [[ "$response" == 0 || ! -z $1 ]]
        then
            rm -rf services/50-komga/volume
        fi
        echo ""
    fi   
 }
--- a/services/50-komga/tmpl/application.yml
+++ b/services/50-komga/tmpl/application.yml
@ -0,0 +1,31 @@
 spring:
  security:
    oauth2:
      client:
        registration:
          keycloak:
            provider: keycloak # this must match the provider below
            client-id: komga
            client-secret: changeme
            client-name: keycloak
            scope: openid,email
            authorization-grant-type: authorization_code
            # the placeholders in {} will be replaced automatically, you don't need to change this line
            redirect-uri: "{baseUrl}/{action}/oauth2/code/{registrationId}"
        provider:
          keycloak: # this must match the provider above
            user-name-attribute: sub
            # either set the issuer-uri, in which case the app will lookup the configuration for you automatically
            issuer-uri: https://nine.local/auth/realms/nine
            # or set all of the following
            authorization-uri: https://nine.local/auth/realms/nine/protocol/openid-connect/auth
            token-uri: https://nine.local/auth/realms/nine/protocol/openid-connect/token
            jwk-set-uri: https://nine.local/auth/realms/nine/protocol/openid-connect/certs
            user-info-uri: https://nine.local/auth/realms/nine/protocol/openid-connect/userinfo
  ssl:
    enabled: false
  webclient:
    ssl:
      trust-all: true            
 komga:
  oauth2-account-creation: true   
--- a/services/50-nextcloud/volume/nine/app/user_cas/appinfo/info.xml
+++ b/services/50-nextcloud/volume/nine/app/user_cas/appinfo/info.xml
@ -30,7 +30,7 @@
    <dependencies>
        <owncloud min-version="10.0" max-version="10.10"/>
-        <nextcloud min-version="14" max-version="27.1"/>
+        <nextcloud min-version="14" max-version="27.2"/>
    </dependencies>
    <commands>
--- a/services/50-nextcloud/volume/nine/app/user_cas/lib/Controller/AuthenticationController.php
+++ b/services/50-nextcloud/volume/nine/app/user_cas/lib/Controller/AuthenticationController.php
@ -123,7 +123,7 @@ class AuthenticationController extends Controller
                $this->loggingService->write(\OCA\UserCas\Service\LoggingService::FATAL, 'Fatal error with code: ' . $e->getCode() . ' and message: ' . $e->getMessage());
-                header("Location: " . $this->appService->getAbsoluteURL('/'));
+                header("Location: " . this->getServiceBasedUrl());
                die();
            }
        }
@ -217,7 +217,7 @@ class AuthenticationController extends Controller
                $this->loggingService->write(\OCA\UserCas\Service\LoggingService::FATAL, 'Fatal error with code: ' . $e->getCode() . ' and message: ' . $e->getMessage());
-                header("Location: " . $this->appService->getAbsoluteURL('/'));
+                header("Location: " . this->getServiceBasedUrl());
                die();
            }
        }
@ -278,19 +278,26 @@ class AuthenticationController extends Controller
            $newProtocol = 'http://';
            if (intval($this->config->getAppValue($this->appName, 'cas_server_port')) === 443) {
                $newProtocol = 'https://';
            }
            $params['backUrl'] = $newProtocol . $this->config->getAppValue($this->appName, 'cas_server_hostname') . $this->config->getAppValue($this->appName, 'cas_server_path');
        } else {*/
-            $params['backUrl'] = $this->appService->getAbsoluteURL('/');
+
        $params['backUrl'] = this->getServiceBasedUrl();
        //}
        $response = new TemplateResponse($this->appName, 'cas-error', $params, 'guest');
        return $response;
    }
    private function getServiceBasedUrl(): string {
        $overwrite = \OC::$server->getConfig()->getSystemValue('overwrite.cli.url');
        if($overwrite) return $overwrite;
        $httpProtocol = \OC::$server->getConfig()->getSystemValue('protocol');
        $currentUrl = $_SERVER['SERVER_NAME'];
        return $httpProtocol . $currentUrl;
    }    
 }
--- a/services/50-nextcloud/volume/nine/app/user_cas/lib/Hooks/UserHooks.php
+++ b/services/50-nextcloud/volume/nine/app/user_cas/lib/Hooks/UserHooks.php
@ -406,7 +406,7 @@ class UserHooks
            # Reset cookie
            setcookie("user_cas_redirect_url", '/', 0, '/');
-            \phpCAS::logout(array("service" => $this->appService->getAbsoluteURL('/')));
+            \phpCAS::logout(array("service" => $this->getServiceBasedUrl()));
        } else {
@ -445,4 +445,14 @@ class UserHooks
        return $attributes;
    }
    private function getServiceBasedUrl(): string {
        $overwrite = \OC::$server->getConfig()->getSystemValue('overwrite.cli.url');
        if($overwrite) return $overwrite;
        $httpProtocol = \OC::$server->getConfig()->getSystemValue('protocol');
        $currentUrl = $_SERVER['SERVER_NAME'];
        return $httpProtocol . $currentUrl;
    }    
 }
--- a/services/50-nextcloud/volume/prestart/prestart.sh
+++ b/services/50-nextcloud/volume/prestart/prestart.sh
@ -16,6 +16,7 @@ run_as 'php occ config:system:set trusted_domains 1 --value '${WEB_URL}
 run_as 'php occ config:system:set overwrite.cli.url --value '${NEXTCLOUD_URL}
 run_as 'php occ config:system:set overwritewebroot --value '${NEXTCLOUD_ALIAS}
 run_as 'php occ config:system:set htaccess.RewriteBase --value '${NEXTCLOUD_ALIAS}
 run_as 'php occ config:system:set overwriteprotocol --value '${PROTOCOLE}
 echo 
 echo "== CALENDAR"
@ -54,7 +55,7 @@ run_as 'php occ app:update files_external'
 run_as 'php occ app:enable files_external'
 if [[ "${NEXTCLOUD_SAMBA}" == "1" ]]
 then
-run_as 'php  occ files_external:import /envole/mount.json -q'
+run_as 'php  occ files_external:import /nine/mount.json -q'
 fi
 echo 
@ -65,9 +66,9 @@ run_as 'php occ app:enable files_mindmap'
 echo 
 echo "== USER CAS"
-if [[ "${MODE_AUTH}" == "CAS" && "${CAS_ACTIVATE}" == "1" ]]
+if [[ "${MODE_AUTH}" == "CAS" ]]
 then
-    cp -rf /envole/app/user_cas /var/www/html/custom_apps
+    cp -rf /nine/app/user_cas /var/www/html/custom_apps
    chown www-data:www-data /var/www/html/custom_apps -R
    run_as 'php occ config:app:set user_cas cas_server_hostname --value='${CAS_HOST}' -q'
    run_as 'php occ config:app:set user_cas cas_server_path --value='${CAS_PATH}' -q'
--- a/services/50-nineboard/env/.env
+++ b/services/50-nineboard/env/.env
@ -3,4 +3,12 @@
 APP_AUTH=${MODE_AUTH}
 APP_ALIAS=nineboard
 APP_WEBURL=${WEB_URL}
 DATABASE_NAME=nineboard
 DATABASE_USER=${MARIADB_USER}
 DATABASE_PASSWORD=${MARIADB_ROOT_PASSWORD}
 DATABASE_HOST=${MARIADB_HOST}
 LDAP_FILTERGROUP=${LDAP_GROUP_FILTER}
 LDAP_FILTERUSER=${LDAP_USER_FILTER}
--- a/services/50-nineboard/misc/nine.sh
+++ b/services/50-nineboard/misc/nine.sh
@ -4,7 +4,15 @@ function upnineboard {
    if [[ $NINEBOARD_ACTIVATE == 1 && $NINEBOARD_LOCAL == 1 ]]
    then
        Title ${NINEBOARD_SERVICE_NAME^^}
-               
+
        if [[ $MARIADB_ACTIVATE == 1 && $MARIADB_LOCAL == 1 ]]
        then
            EchoVert "DATABASE"
            Echo ${NINEBOARD_SERVICE_NAME^^}
            docker-compose exec $MARIADB_SERVICE_NAME /nine/init.sh $NINEBOARD_SERVICE_NAME
            Echo
        fi
        EchoVert "CONTAINER"
        upservice ${NINEBOARD_SERVICE_NAME}
        Echo
--- a/services/50-ninecompta/apache/apache.conf
+++ b/services/50-ninecompta/apache/apache.conf
@ -0,0 +1,4 @@
 # Ninecompta
 ProxyPass /ninecompta http://ninecompta/ninecompta retry=0 keepalive=On
 ProxyPassReverse /ninecompta http://ninecompta/ninecompta retry=0
--- a/services/50-ninecompta/dockercompose/dockercompose.yml
+++ b/services/50-ninecompta/dockercompose/dockercompose.yml
@ -0,0 +1,13 @@
 services:
  # Ninecompta
  # Petite comptabilité
  # Port interne 80
  ninecompta:
    image: reg.cadoles.com/envole/ninecompta
    container_name: nine-ninecompta
    restart: unless-stopped  
    env_file: ./services/50-ninecompta/env/.env.merge
    networks:
      - nine-network
    volumes:
      - ./services/50-ninecompta/volume/data/public:/app/public/uploads
--- a/services/50-ninecompta/env/.env
+++ b/services/50-ninecompta/env/.env
@ -0,0 +1,6 @@
 # == NINECOMPTA =============================================================================================================================
 APP_SECRET=${ADMIN_PASSWORD}
 DATABASE_URL="mysql://${MARIADB_USER}:${MARIADB_PASSWORD}@${MARIADB_SERVICE_NAME}:3306/ninecompta"
--- a/services/50-ninecompta/misc/nine.sh
+++ b/services/50-ninecompta/misc/nine.sh
@ -0,0 +1,45 @@
 #!/bin/bash
 function upninecompta {
    if [[ $NINECOMPTA_ACTIVATE == 1 && $NINECOMPTA_LOCAL == 1 ]]
    then
        Title ${NINECOMPTA_SERVICE_NAME^^}
        if [[ $MARIADB_ACTIVATE == 1 && $MARIADB_LOCAL == 1 ]]
        then
            EchoVert "DATABASE"
            Echo ${NINECOMPTA_SERVICE_NAME^^}
            docker-compose exec $MARIADB_SERVICE_NAME /nine/init.sh $NINECOMPTA_SERVICE_NAME
            Echo
        fi
        EchoVert "CONTAINER"
        upservice ${NINECOMPTA_SERVICE_NAME}
        chmod -R a+wr ./services/50-ninecompta/volume/data
        Echo
    fi    
 }
 function destroyninecompta {
    if [[ $NINECOMPTA_LOCAL == 1 ]]
    then
        Title "DESTROY $NINECOMPTA_SERVICE_NAME"
        stop $NINECOMPTA_SERVICE_NAME 1
        docker-compose rm -s -v -f "$NINECOMPTA_SERVICE_NAME"
        if [[ -z $1 ]]; then 
            Question_ouinon "Souhaitez-vous supprimer la BDD associé à $NINECOMPTA_SERVICE_NAME ?";
            response=$?
        fi
        if [[ "$response" == 0 || ! -z $1 ]]
        then
            EchoRouge "Delete BDD = $NINECOMPTA_SERVICE_NAME"
            docker-compose exec $MARIADB_SERVICE_NAME /nine/delete.sh $NINECOMPTA_SERVICE_NAME
            rm -rf services/50-ninecompta/volume/data
        fi
        echo ""
    fi   
 }
--- a/services/50-ninefolio/apache/apache.conf
+++ b/services/50-ninefolio/apache/apache.conf
@ -0,0 +1,5 @@
 # ninefolio
 ProxyPass /ninefolio http://ninefolio/ninefolio retry=0 keepalive=On
 ProxyPassReverse /ninefolio http://ninefolio/ninefolio retry=0
 ProxyPass /wssninefolio ws://ninefolio/wssninefolio retry=0 keepalive=On
 ProxyPassReverse /wssninefolio ws://ninefolio/wssninefolio retry=0
--- a/services/50-ninefolio/dockercompose/dockercompose.yml
+++ b/services/50-ninefolio/dockercompose/dockercompose.yml
@ -0,0 +1,15 @@
 services:
  # ninefolio
  # Portail collaboratif
  # Port interne 80
  ninefolio:
    image: reg.cadoles.com/envole/ninefolio
    container_name: nine-ninefolio
    restart: unless-stopped  
    env_file: ./services/50-ninefolio/env/.env.merge
    networks:
      - nine-network
    volumes:
      - ./services/50-ninefolio/volume/data/private:/app/uploads
      - ./services/50-ninefolio/volume/data/public:/app/public/uploads
--- a/services/50-ninefolio/env/.env
+++ b/services/50-ninefolio/env/.env
@ -0,0 +1,29 @@
 # == NINEFOLIO =============================================================================================================================
 # BASIC
 APP_ALIAS=ninefolio
 APP_NAME="NINEFOLIO"
 APP_CRON=1
 INITPWDADMIN=${ADMIN_PASSWORD}
 APP_AUTH=${MODE_AUTH}
 APP_WEBURL=${WEB_URL}
 # NINEGATE
 NINEGATE_SECRET=${ADMIN_PASSWORD}
 NINEGATE_MASTERIDENTITY=${MASTERIDENTITY}
 # Webpack
 APP_PUBLIC_PATH=/${APP_ALIAS}/build
 APP_MANIFEST_KEY_PREFIX=${APP_ALIAS}
 # BDD
 DATABASE_NAME=${NINEFOLIO_SERVICE_NAME}
 DATABASE_USER=${MARIADB_USER}
 DATABASE_PASSWORD=${MARIADB_PASSWORD}
 DATABASE_HOST=${MARIADB_SERVICE_NAME}
--- a/services/50-ninefolio/misc/nine.sh
+++ b/services/50-ninefolio/misc/nine.sh
@ -0,0 +1,45 @@
 #!/bin/bash
 function upninefolio {
    if [[ $NINEFOLIO_ACTIVATE == 1 && $NINEFOLIO_LOCAL == 1 ]]
    then
        Title ${NINEFOLIO_SERVICE_NAME^^}
        if [[ $MARIADB_ACTIVATE == 1 && $MARIADB_LOCAL == 1 ]]
        then
            EchoVert "DATABASE"
            Echo ${NINEFOLIO_SERVICE_NAME^^}
            docker-compose exec $MARIADB_SERVICE_NAME /nine/init.sh $NINEFOLIO_SERVICE_NAME
            Echo
        fi
        EchoVert "CONTAINER"
        upservice ${NINEFOLIO_SERVICE_NAME}
        chmod -R a+wr ./services/50-ninefolio/volume/data
        Echo
    fi    
 }
 function destroyninefolio {
    if [[ $NINEFOLIO_LOCAL == 1 ]]
    then
        Title "DESTROY $NINEFOLIO_SERVICE_NAME"
        stop $NINEFOLIO_SERVICE_NAME 1
        docker-compose rm -s -v -f "$NINEFOLIO_SERVICE_NAME"
        if [[ -z $1 ]]; then 
            Question_ouinon "Souhaitez-vous supprimer la BDD associé à $NINEFOLIO_SERVICE_NAME ?";
            response=$?
        fi
        if [[ "$response" == 0 || ! -z $1 ]]
        then
            EchoRouge "Delete BDD = $NINEFOLIO_SERVICE_NAME"
            docker-compose exec $MARIADB_SERVICE_NAME /nine/delete.sh $NINEFOLIO_SERVICE_NAME
            rm -rf services/50-ninefolio/volume/data
        fi
        echo ""
    fi   
 }
--- a/services/50-ninegate/env/.env
+++ b/services/50-ninegate/env/.env
@ -6,6 +6,11 @@ DATABASE_NAME=${NINEGATE_SERVICE_NAME}
 DATABASE_USER=${MARIADB_USER}
 DATABASE_PASSWORD=${MARIADB_PASSWORD}
 DATABASE_HOST=${MARIADB_SERVICE_NAME}
 WEBURL=${WEB_URL}
 APP_SECRET=${ADMIN_PASSWORD}
 # Init
 LIBELLE_ETAB=${LDAP_OUORGANISATION}
 # Activation Widget
 ACTIVATE_WIDADMINER=${ADMINER_ACTIVATE}
@ -20,6 +25,9 @@ WIDNEXTCLOUD_URL=${NEXTCLOUD_URL}
 ACTIVATE_WIDNINEBOARD=${NINEBOARD_ACTIVATE}
 WIDNINEBOARD_URL=${NINEBOARD_URL}
 ACTIVATE_WIDNINESCHOOL=${NINESCHOOL_ACTIVATE}
 WIDNINESCHOOL_URL=${NINESCHOOL_URL}
 ACTIVATE_WIDWORDPRESS=${WORDPRESS_ACTIVATE}
 WIDWORDPRESS_URL=${WORDPRESS_URL}
--- a/services/50-ninegate/misc/nine.sh
+++ b/services/50-ninegate/misc/nine.sh
@ -37,6 +37,7 @@ function destroyninegate {
        then
            EchoRouge "Delete BDD = $NINEGATE_SERVICE_NAME"
            docker-compose exec $MARIADB_SERVICE_NAME /nine/delete.sh $NINEGATE_SERVICE_NAME
            rm -rf services/50-ninegate/volume/data
        fi
        echo ""
--- a/services/50-ninegate/volume/data/public/avatar/admin.jpg
+++ b/services/50-ninegate/volume/data/public/avatar/admin.jpg
--- a/services/50-ninegate/volume/data/public/avatar/noavatar.png
+++ b/services/50-ninegate/volume/data/public/avatar/noavatar.png
--- a/services/50-ninegate/volume/data/public/avatar/system.jpg
+++ b/services/50-ninegate/volume/data/public/avatar/system.jpg
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Arno	41cff70194	svg	2025-07-27 15:45:31 +00:00
Arno	4638c183f4	svg	2025-07-27 15:05:10 +00:00
afornerot	241dec7128	svg	2025-07-27 16:25:41 +02:00
Arno	2ab1955ce2	svg keepass	2025-07-26 18:22:49 +00:00
afornerot	1a8f4d6613	add keeweb	2025-07-26 17:20:03 +02:00
afornerot	194144120f	add nineconfig	2025-04-09 22:10:05 +02:00
afornerot	8a519d247d	correction env keycloak / cas	2025-04-09 19:07:39 +02:00
afornerot	5a67e7c050	docker-compose down	2025-04-07 13:57:34 +02:00
afornerot	e1dabdc413	correctin env keycloak	2025-04-07 12:08:19 +02:00
root	b4d7d688c7	add script eole	2025-02-18 16:59:50 +01:00
afornerot	c14b74590d	nineapache82 as noroot	2025-01-04 10:59:24 +01:00
afornerot	a6bed85c2d	supervisor	2024-12-29 17:12:47 +01:00
afornerot	ea54b12e59	add supervisor to nineapache	2024-12-29 11:46:47 +01:00
Arno	8dbcfd0433	oidc komga	2024-12-28 11:13:07 +00:00
afornerot	d2932d7c32	add komga	2024-12-27 16:40:37 +01:00
afornerot	153e816ad6	add komga	2024-12-27 16:39:11 +01:00
afornerot	b4a318ae28	add ninecompta	2024-12-26 19:02:09 +01:00
afornerot	5bce95543f	theme keycloak	2024-12-26 10:41:45 +01:00
afornerot	31b63dec72	piwigo	2024-12-23 16:57:55 +01:00
afornerot	617d57d9e4	add nineschool	2024-12-23 16:23:48 +01:00
Arno	3846066b0c	svg	2024-11-13 10:29:50 +00:00
Arno	f1ad1cc9ba	svg	2024-11-13 10:28:44 +00:00
afornerot	dc47e660a8	redirection par défaut	2024-11-13 10:58:14 +01:00
afornerot	8acb110c78	svg	2024-11-13 09:56:52 +01:00
Arno	e44d2a71ac	svg	2024-11-03 15:29:28 +00:00
Arno	fc51943ace	svg	2024-11-03 13:22:39 +00:00
Arno	b7bfb0d6a7	svg	2024-11-01 16:04:34 +00:00
Arno	3a1ef938c3	svg	2024-10-31 13:59:21 +00:00
Arno	d25321ae9b	svg	2024-10-27 09:52:20 +00:00
Arno	8dcccf70d4	svg	2024-10-26 16:04:12 +00:00
Arno	b5e5a75d36	svg	2024-10-26 10:16:37 +00:00
Arno	6410bf5e34	svg	2024-10-25 12:53:07 +00:00
Arno	e9bc584efa	correction image wp	2024-10-23 13:36:49 +00:00
Arno	82a4442472	delete phpinfo nineapach	2024-10-22 18:46:55 +00:00
Arno	d217884d35	init nv01	2024-10-21 19:46:38 +00:00
afornerot	73a8539886	add nineapache82	2024-10-21 20:23:21 +02:00
Arno	94b01aa71e	correction env.merge et realm keycloak	2024-10-21 15:00:05 +00:00
afornerot	701e30433e	add sentinel + correction ninegate/nineskeletor + add nine pull	2024-09-28 17:26:05 +02:00
afornerot	071919ad82	add sentinel + correction ninegate/nineskeletor + add nine pull	2024-09-28 17:25:52 +02:00
afornerot	dc62da5bdf	resolution volume ninegate nineboard ninefolio	2024-09-25 22:13:34 +02:00
afornerot	a71cb12a42	resolution volume ninegate nineboard ninefolio	2024-09-25 22:13:05 +02:00
afornerot	273e808071	correctif nineboard	2024-09-22 21:01:11 +02:00
afornerot	c90885d903	correctif nineboard	2024-09-22 14:40:44 +02:00
afornerot	9f7f35b46d	correctif nineboard	2024-09-22 11:14:57 +02:00
afornerot	38f3cbb106	correstion nineskeletor	2024-09-22 10:38:32 +02:00
afornerot	2ca0cef4f6	correstion CAS nextcloud	2024-09-22 10:35:25 +02:00
afornerot	55e4226456	svg	2024-09-21 17:42:47 +02:00
afornerot	777e0c50f3	svg	2024-09-21 17:10:28 +02:00
afornerot	aacd73e3c4	ninefolio	2024-09-21 09:26:38 +02:00
afornerot	4714e705ad	ajout ninefolio	2024-09-20 18:08:33 +02:00
afornerot	91b42232f0	ajout ninefolio	2024-09-20 18:04:55 +02:00
		`@ -0,0 +1,2 @@`
							`templates=services/30-openldap/tmpl/nine.ldif`
							`destinations=services/30-openldap/volume/nine/ldif/nine.ldif`
		`@ -1 +1 @@`
			`ldappasswd -x -H ldap://${LDAP_HOST}:${LDAP_PORT} -D ${LDAP_USER} -w ${LDAP_PASSWORD} -s $2 "uid=$1,ou=users,ou=ninegate,dc=nine,dc=org"`				`ldappasswd -x -H ldap://${LDAP_HOST}:${LDAP_PORT} -D ${LDAP_USER} -w ${LDAP_PASSWORD} -s $2 "${LDAP_USERNAME}=$1,${LDAP_BASEUSER}"`
		`@ -0,0 +1,3 @@`

							`# == SENTINEL ================================================================================================================================`