Migration des services vers Docker, reverse proxy HTTPS, DNS filtrant, inventaire reseau.
23 / 49 taches terminees (47%) | Preparation anticipee | Mise a jour : 05/05/2026
| Indicateur | Avant | Actuel (13/04) | Cible | Statut |
|---|---|---|---|---|
| Services Docker | 0 | 17 | 11 | 🟢 |
| Reverse proxy HTTPS | non | Traefik v2.11 | oui | 🟢 |
| DNS filtrant | oui | PiHole (branche DHCP 13/04) | branche | 🟡 |
| Inventaire Netbox | vide | 17 devices | complet | 🟡 |
| VLANs configures | 0 | 0 | ≥ 2 | 🔴 |
| Backup vzdump | non | quotidien CT 200 | quotidien | 🟢 |
| Autostart production | 0/4 | 4/4 | 4/4 | 🟢 |
CT 200 docker-srv (
10.0.112.20) — Debian 13, Docker 29.4.2, 4 coeurs, 8 Go RAM
8 conteneurs support (4 Netbox + 4 Authentik) : postgres-netbox, redis-netbox, netbox-worker, netbox-housekeeping.
| Decision | Choix | Justification |
|---|---|---|
| Virtualisation | LXC unprivilegie (nesting+keyctl) | Overhead minimal, overlayfs natif |
| Stockage | local-lvm (thin provisioning) | Performance + snapshots |
| Reseau | Traefik + wildcard DNS *.docker.bts.sio | HTTPS automatique, noms parlants |
| Backup | vzdump snapshot quotidien 02h00 | Retention 3, compression zstd |
| Monitoring | Prometheus + Grafana + Node Exporter | Stack standard, dashboards preconfigures |
Prerequis : Phase 1 Sprint 2 rotation MDP ✅ (terminee 14/04, sauf T21 phase 2 prevue 15/04 et OPNsense 2 reporte). VLANs en attente decision Manu.