v1.0 - Version stable: multi-PC, détection UI-DETR-1, 3 modes exécution

- Frontend v4 accessible sur réseau local (192.168.1.40)
- Ports ouverts: 3002 (frontend), 5001 (backend), 5004 (dashboard)
- Ollama GPU fonctionnel
- Self-healing interactif
- Dashboard confiance

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

server/setup_production.sh

@@ -0,0 +1,201 @@
+#!/bin/bash
+# setup_production.sh
+# Script d'installation automatique pour la production
+
+set -e
+
+echo "========================================"
+echo "RPA Vision V3 - Setup Production"
+echo "========================================"
+echo ""
+
+# Vérifier root
+if [ "$EUID" -ne 0 ]; then 
+    echo "⚠️  Ce script doit être exécuté en tant que root"
+    echo "   Utilisez: sudo ./setup_production.sh"
+    exit 1
+fi
+
+# Variables
+read -p "Nom de domaine pour l'API (ex: api.votre-domaine.com): " API_DOMAIN
+read -p "Nom de domaine pour le Dashboard (ex: dashboard.votre-domaine.com): " DASHBOARD_DOMAIN
+read -p "Email pour Let's Encrypt: " LETSENCRYPT_EMAIL
+read -sp "Password de chiffrement: " ENCRYPTION_PASSWORD
+echo ""
+
+# Vérifier les domaines
+echo ""
+echo "Vérification DNS..."
+if ! nslookup "$API_DOMAIN" > /dev/null 2>&1; then
+    echo "⚠️  ATTENTION: $API_DOMAIN ne résout pas correctement"
+    read -p "Continuer quand même? (y/N): " CONTINUE
+    if [ "$CONTINUE" != "y" ]; then
+        exit 1
+    fi
+fi
+
+# 1. Installer Nginx
+echo ""
+echo "📦 Installation de Nginx..."
+apt update
+apt install -y nginx
+
+# 2. Installer Certbot
+echo ""
+echo "🔒 Installation de Certbot..."
+apt install -y certbot python3-certbot-nginx
+
+# 3. Créer configuration Nginx pour l'API
+echo ""
+echo "⚙️  Configuration Nginx pour l'API..."
+cat > /etc/nginx/sites-available/rpa-api << EOF
+server {
+    listen 80;
+    server_name $API_DOMAIN;
+    
+    location / {
+        proxy_pass http://127.0.0.1:8000;
+        proxy_set_header Host \$host;
+        proxy_set_header X-Real-IP \$remote_addr;
+        proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto \$scheme;
+        
+        client_max_body_size 100M;
+        client_body_timeout 300s;
+        proxy_connect_timeout 300s;
+        proxy_send_timeout 300s;
+        proxy_read_timeout 300s;
+    }
+}
+EOF
+
+# 4. Créer configuration Nginx pour le Dashboard
+echo ""
+echo "⚙️  Configuration Nginx pour le Dashboard..."
+cat > /etc/nginx/sites-available/rpa-dashboard << EOF
+server {
+    listen 80;
+    server_name $DASHBOARD_DOMAIN;
+    
+    location / {
+        proxy_pass http://127.0.0.1:5001;
+        proxy_set_header Host \$host;
+        proxy_set_header X-Real-IP \$remote_addr;
+        proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto \$scheme;
+        
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade \$http_upgrade;
+        proxy_set_header Connection "upgrade";
+    }
+}
+EOF
+
+# 5. Activer les sites
+ln -sf /etc/nginx/sites-available/rpa-api /etc/nginx/sites-enabled/
+ln -sf /etc/nginx/sites-available/rpa-dashboard /etc/nginx/sites-enabled/
+
+# Tester la config
+nginx -t
+
+# Recharger Nginx
+systemctl reload nginx
+
+# 6. Obtenir les certificats SSL
+echo ""
+echo "🔒 Obtention des certificats SSL..."
+certbot --nginx -d "$API_DOMAIN" --non-interactive --agree-tos --email "$LETSENCRYPT_EMAIL" --redirect
+certbot --nginx -d "$DASHBOARD_DOMAIN" --non-interactive --agree-tos --email "$LETSENCRYPT_EMAIL" --redirect
+
+# 7. Créer le service systemd pour l'API
+echo ""
+echo "⚙️  Configuration service API..."
+
+# Détecter le chemin du projet
+PROJECT_DIR=$(dirname $(dirname $(readlink -f "$0")))
+VENV_DIR="$PROJECT_DIR/venv_v3"
+
+cat > /etc/systemd/system/rpa-api.service << EOF
+[Unit]
+Description=RPA Vision V3 - API Upload
+After=network.target
+
+[Service]
+Type=simple
+User=$SUDO_USER
+WorkingDirectory=$PROJECT_DIR/server
+Environment="ENCRYPTION_PASSWORD=$ENCRYPTION_PASSWORD"
+Environment="PATH=$VENV_DIR/bin:/usr/local/bin:/usr/bin:/bin"
+ExecStart=$VENV_DIR/bin/uvicorn api_upload:app --host 127.0.0.1 --port 8000
+Restart=always
+RestartSec=10
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+# 8. Créer le service systemd pour le Dashboard
+echo ""
+echo "⚙️  Configuration service Dashboard..."
+cat > /etc/systemd/system/rpa-dashboard.service << EOF
+[Unit]
+Description=RPA Vision V3 - Dashboard Web
+After=network.target
+
+[Service]
+Type=simple
+User=$SUDO_USER
+WorkingDirectory=$PROJECT_DIR/web_dashboard
+Environment="PATH=$VENV_DIR/bin:/usr/local/bin:/usr/bin:/bin"
+ExecStart=$VENV_DIR/bin/python app.py
+Restart=always
+RestartSec=10
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+# 9. Activer et démarrer les services
+echo ""
+echo "🚀 Démarrage des services..."
+systemctl daemon-reload
+systemctl enable rpa-api
+systemctl enable rpa-dashboard
+systemctl start rpa-api
+systemctl start rpa-dashboard
+
+# 10. Configurer le firewall
+echo ""
+echo "🔥 Configuration firewall..."
+ufw allow 80/tcp
+ufw allow 443/tcp
+ufw deny 8000/tcp
+ufw deny 5001/tcp
+echo "y" | ufw enable
+
+# 11. Vérifier tout
+echo ""
+echo "========================================"
+echo "✅ Installation terminée!"
+echo "========================================"
+echo ""
+echo "📊 Statut des services:"
+systemctl status rpa-api --no-pager | head -5
+systemctl status rpa-dashboard --no-pager | head -5
+echo ""
+echo "🔒 Certificats SSL:"
+certbot certificates | grep -E "Certificate Name|Domains|Expiry"
+echo ""
+echo "🌐 URLs:"
+echo "  API:       https://$API_DOMAIN"
+echo "  Dashboard: https://$DASHBOARD_DOMAIN"
+echo ""
+echo "🔑 Password chiffrement: ****** (configuré)"
+echo ""
+echo "📝 Commandes utiles:"
+echo "  sudo systemctl status rpa-api"
+echo "  sudo systemctl status rpa-dashboard"
+echo "  sudo journalctl -u rpa-api -f"
+echo "  sudo certbot renew --dry-run"
+echo ""
+echo "✅ Prêt pour la production!"