.gitignore

@@ -1,6 +1,9 @@
+.env
+data/framed.db
 node_modules
 
+
 ##ignore all public folder and nested public folders
 
 **/public/
-**/build/
+**/build/

docker-compose.yml

@@ -1,4 +1,59 @@
 services:
+  proxy:
+    image: traefik:v3
+    container_name: proxy
+    restart: unless-stopped
+    command:
+      - '--api'
+      - '--global.sendAnonymousUsage=false'
+      - '--global.checkNewVersion=false'
+      - '--log=true'
+      - '--log.level=DEBUG'
+      - '--log.format=common'
+      # providers
+      - "--providers.docker=true"
+      - "--providers.docker.network=proxy"
+      - "--providers.docker.exposedByDefault=false"
+      - "--providers.file.directory=/etc/traefik/"
+      - "--providers.file.watch=true"
+      - "--entrypoints.web.address=:80"
+      - "--entrypoints.web.http.redirections.entrypoint.to=websecure"
+      - "--entryPoints.web.http.redirections.entrypoint.scheme=https"
+      - "--entrypoints.websecure.address=:443"
+      # letsencrypt
+      - "--certificatesresolvers.leresolver.acme.dnschallenge=true"
+      - "--certificatesresolvers.leresolver.acme.dnschallenge.provider=ovh"
+      - "--certificatesresolvers.leresolver.acme.dnschallenge.resolvers=8.8.8.8:53"
+      - "--certificatesresolvers.leresolver.acme.email=${EMAIL}"
+      - "--certificatesresolvers.leresolver.acme.storage=/letsencrypt/acme.json"
+    ports:
+      #- "80:80"
+      - "443:443"
+    volumes:
+      - "./traefik/config:/etc/traefik"
+      - "./traefik/letsencrypt:/letsencrypt"
+      - "/var/run/docker.sock:/var/run/docker.sock:ro"
+    networks:
+      - proxy
+    labels:
+      - "traefik.enable=true"
+      # API & Dashboard
+      - "traefik.http.routers.dashboard.rule=(Host(`${DASHBOARD}`)) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
+      - "traefik.http.routers.dashboard.service=api@internal"
+      - "traefik.http.routers.dashboard.entrypoints=websecure"
+      - "traefik.http.routers.dashboard.tls=true"
+      - "traefik.http.routers.dashboard.tls.certresolver=leresolver"
+      - "traefik.http.routers.dashboard.middlewares=auth"
+      - "traefik.http.middlewares.auth.basicauth.users=${DASHBOARD_USER}:${DASHBOARD_PASSWORD}"
+
+      ## middleware redirect
+      #- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
+
+      ## global redirect to https
+      #- "traefik.http.routers.redirs.rule=hostregexp(`{host:.+}`)"
+      #- "traefik.http.routers.redirs.entrypoints=web"
+      #- "traefik.http.routers.redirs.middlewares=redirect-to-https"
+
   # Service pour le backend
   framed-server:
     build:
@@ -6,8 +61,8 @@ services:
       dockerfile: Dockerfile
     container_name: framed-tracker-server
     restart: unless-stopped
-    ports:
-      - "3000:3000"
+    # ports:
+    #  - "3000:3000"
     volumes:
       - ./server:/app
       - ./data:/app/data
@@ -17,31 +72,51 @@ services:
       - PORT=3000
       - DB_PATH=/app/data/framed.db
       - CORS_ORIGINS=https://${HOSTNAME:-localhost}
-    
+    networks:
+      - proxy
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.framed-tracker-api.rule=(Host(`${HOSTNAME}`)) && (PathPrefix(`/api`) || PathPrefix(`/ws`))"
+      - "traefik.http.routers.framed-tracker-api.entrypoints=websecure"
+      - "traefik.http.routers.framed-tracker-api.tls=true"
+      - "traefik.http.routers.framed-tracker-api.tls.certresolver=leresolver"
+      - "traefik.http.services.framed-tracker-api.loadbalancer.server.port=3000"
+
   # Service pour le frontend (en développement)
   framed-client-dev:
     image: node:18-alpine
     container_name: framed-tracker-client-dev
     restart: unless-stopped
     working_dir: /app
-    ports:
-      - "3001:3001"
+    # ports:
+    #   - "3001:3001"
     volumes:
       - ./client:/app
+    networks:
+      - proxy
     environment:
       - PORT=3001
       ## use hostname env var or localhost
-      - REACT_APP_API_URL=http://${HOSTNAME:-localhost}/api
-      - REACT_APP_WS_URL=ws://${HOSTNAME:-localhost}
+      - REACT_APP_API_URL=https://${HOSTNAME:-localhost}/api
+      - REACT_APP_WS_URL=wss://${HOSTNAME:-localhost}
     command: sh -c "npm install && npm start"
     depends_on:
       - framed-server
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.framed-tracker.rule=Host(`${HOSTNAME}`)"
+      - "traefik.http.routers.framed-tracker.entrypoints=websecure"
+      - "traefik.http.routers.framed-tracker.tls=true"
+      - "traefik.http.routers.framed-tracker.tls.certresolver=leresolver"
+      - "traefik.http.services.framed-tracker.loadbalancer.server.port=3001"
 
   # Service pour construire le frontend (production)
   framed-client-build:
     image: node:18-alpine
     container_name: framed-tracker-client-build
     working_dir: /app
+    networks:
+      - proxy
     volumes:
       - ./client:/app
       - ./server/public:/output
@@ -49,3 +124,7 @@ services:
     profiles:
       - build
 
+networks:
+  proxy:
+    name: proxy
+

server/server.js

@@ -12,7 +12,11 @@ const server = http.createServer(app);
 const port = process.env.PORT || 3000;
 
 // Create a WebSocket server
-const wss = new WebSocket.Server({ server });
+//const wss = new WebSocket.Server({ server });
+const wss = new WebSocket.Server({
+  server: server,
+  path: '/ws'  // Spécifie le chemin d'écoute sur /ws
+});
 
 // Store connected WebSocket clients
 const clients = new Set();