mise en oeuvre v1

.editorconfig

@@ -0,0 +1,18 @@
+root = true
+
+[*]
+end_of_line = lf
+insert_final_newline = true
+charset = utf-8
+trim_trailing_whitespace = true
+
+[*.{php,xsl}]
+indent_style = space
+indent_size = 4
+
+[{*.{html,json,js},.travis.yml}]
+indent_style = space
+indent_size = 2
+
+[*.yml]
+trim_trailing_whitespace = false

.gitignore

@@ -0,0 +1,3 @@
+_site
+.sass-cache
+.jekyll-metadata

404.html

@@ -0,0 +1,24 @@
+---
+layout: default
+---
+
+<style type="text/css" media="screen">
+  .container {
+    margin: 10px auto;
+    max-width: 600px;
+    text-align: center;
+  }
+  h1 {
+    margin: 30px 0;
+    font-size: 4em;
+    line-height: 1;
+    letter-spacing: -1px;
+  }
+</style>
+
+<div class="container">
+  <h1>404</h1>
+
+  <p><strong>Page not found :(</strong></p>
+  <p>The requested page could not be found.</p>
+</div>

Gemfile

@@ -0,0 +1,31 @@
+source "https://rubygems.org"
+
+# Hello! This is where you manage which Jekyll version is used to run.
+# When you want to use a different version, change it below, save the
+# file and run `bundle install`. Run Jekyll with `bundle exec`, like so:
+#
+#     bundle exec jekyll serve
+#
+# This will help ensure the proper Jekyll version is running.
+# Happy Jekylling!
+gem "jekyll", "~> 3.8.4"
+
+# This is the default theme for new Jekyll sites. You may change this to anything you like.
+gem "minima", "~> 2.0"
+
+# If you want to use GitHub Pages, remove the "gem "jekyll"" above and
+# uncomment the line below. To upgrade, run `bundle update github-pages`.
+# gem "github-pages", group: :jekyll_plugins
+
+# If you have any plugins, put them here!
+group :jekyll_plugins do
+  gem "jekyll-feed", "~> 0.6"
+  gem "jekyll-menus"
+  gem "jekyll-sitemap"
+end
+
+# Windows does not include zoneinfo files, so bundle the tzinfo-data gem
+gem "tzinfo-data", platforms: [:mingw, :mswin, :x64_mingw, :jruby]
+
+# Performance-booster for watching directories on Windows
+gem "wdm", "~> 0.1.0" if Gem.win_platform?

Gemfile.lock

@@ -0,0 +1,87 @@
+GEM
+  remote: https://rubygems.org/
+  specs:
+    addressable (2.5.2)
+      public_suffix (>= 2.0.2, < 4.0)
+    colorator (1.1.0)
+    concurrent-ruby (1.0.5)
+    em-websocket (0.5.1)
+      eventmachine (>= 0.12.9)
+      http_parser.rb (~> 0.6.0)
+    eventmachine (1.2.7-x64-mingw32)
+    ffi (1.9.25-x64-mingw32)
+    forwardable-extended (2.6.0)
+    http_parser.rb (0.6.0)
+    i18n (0.9.5)
+      concurrent-ruby (~> 1.0)
+    jekyll (3.8.4)
+      addressable (~> 2.4)
+      colorator (~> 1.0)
+      em-websocket (~> 0.5)
+      i18n (~> 0.7)
+      jekyll-sass-converter (~> 1.0)
+      jekyll-watch (~> 2.0)
+      kramdown (~> 1.14)
+      liquid (~> 4.0)
+      mercenary (~> 0.3.3)
+      pathutil (~> 0.9)
+      rouge (>= 1.7, < 4)
+      safe_yaml (~> 1.0)
+    jekyll-feed (0.11.0)
+      jekyll (~> 3.3)
+    jekyll-menus (0.6.0)
+      jekyll (~> 3.1)
+    jekyll-sass-converter (1.5.2)
+      sass (~> 3.4)
+    jekyll-seo-tag (2.5.0)
+      jekyll (~> 3.3)
+    jekyll-sitemap (1.2.0)
+      jekyll (~> 3.3)
+    jekyll-watch (2.0.0)
+      listen (~> 3.0)
+    kramdown (1.17.0)
+    liquid (4.0.0)
+    listen (3.1.5)
+      rb-fsevent (~> 0.9, >= 0.9.4)
+      rb-inotify (~> 0.9, >= 0.9.7)
+      ruby_dep (~> 1.2)
+    mercenary (0.3.6)
+    minima (2.5.0)
+      jekyll (~> 3.5)
+      jekyll-feed (~> 0.9)
+      jekyll-seo-tag (~> 2.1)
+    pathutil (0.16.1)
+      forwardable-extended (~> 2.6)
+    public_suffix (3.0.3)
+    rb-fsevent (0.10.3)
+    rb-inotify (0.9.10)
+      ffi (>= 0.5.0, < 2)
+    rouge (3.2.1)
+    ruby_dep (1.5.0)
+    safe_yaml (1.0.4)
+    sass (3.6.0)
+      sass-listen (~> 4.0.0)
+    sass-listen (4.0.0)
+      rb-fsevent (~> 0.9, >= 0.9.4)
+      rb-inotify (~> 0.9, >= 0.9.7)
+    thread_safe (0.3.6)
+    tzinfo (1.2.5)
+      thread_safe (~> 0.1)
+    tzinfo-data (1.2018.5)
+      tzinfo (>= 1.0.0)
+    wdm (0.1.1)
+
+PLATFORMS
+  x64-mingw32
+
+DEPENDENCIES
+  jekyll (~> 3.8.4)
+  jekyll-feed (~> 0.6)
+  jekyll-menus
+  jekyll-sitemap
+  minima (~> 2.0)
+  tzinfo-data
+  wdm (~> 0.1.0)
+
+BUNDLED WITH
+   1.16.4

_config.yml

@@ -0,0 +1,40 @@
+# Welcome to Jekyll!
+#
+# This config file is meant for settings that affect your whole blog, values
+# which you are expected to set up once and rarely edit after that. If you find
+# yourself editing this file very often, consider using Jekyll's data files
+# feature for the data you need to update frequently.
+#
+# For technical reasons, this file is *NOT* reloaded automatically when you use
+# 'bundle exec jekyll serve'. If you change this file, please restart the server process.
+
+# Site settings
+# These are used to personalize your new site. If you look in the HTML files,
+# you will see them accessed via {{ site.title }}, {{ site.email }}, and so on.
+# You can create any custom variable you would like, and they will be accessible
+# in the templates via {{ site.myvariable }}.
+title: Adire Wiki
+email: [email protected]
+description: >- # this means to ignore newlines until "baseurl:"
+   Bienvenue sur la base de connaissance de la société Adire.
+baseurl: "" # the subpath of your site, e.g. /blog
+url: "" # the base hostname & protocol for your site, e.g. http://example.com
+
+# Build settings
+markdown: kramdown
+theme: minima
+plugins:
+  - jekyll-feed
+  - jekyll-menus
+
+# Exclude from processing.
+# The following items will not be processed, by default. Create a custom list
+# to override the default setting.
+# exclude:
+#   - Gemfile
+#   - Gemfile.lock
+#   - node_modules
+#   - vendor/bundle/
+#   - vendor/cache/
+#   - vendor/gems/
+#   - vendor/ruby/

_data/menus.yml

@@ -0,0 +1,13 @@
+header:
+  - title: AWS
+    identifier: aws
+    weight: 1
+  - title: Git Documentation
+    identifier: git
+    weight: 2
+  - title: Ubuntu
+    identifier: ubuntu
+    weight: 3
+  - title: Solr
+    identifier: solr
+    weight: 4

_layouts/default.html

@@ -0,0 +1,54 @@
+<!doctype html>
+<html lang="en">
+
+<head>
+  <!-- Beautiful Jekyll | MIT license | Copyright Dean Attali 2016 -->
+  {% include head.html %}
+  <link rel="shortcut icon" type="image/x-icon" href="/favicon.ico">
+  <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous">
+
+</head>
+
+<body>
+  <nav class="navbar navbar-expand-lg navbar-light bg-light">
+    <a class="navbar-brand" href="#">
+      <img src="/images/ADIRE_Logo.png" width="60" height="30" alt="">
+    </a>
+    <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarSupportedContent" aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="Toggle navigation">
+      <span class="navbar-toggler-icon"></span>
+    </button>
+    <div class="collapse navbar-collapse" id="navbarSupportedContent">
+      <ul class="navbar-nav mr-auto">
+        {% for item in site.menus.header %}
+        <li class="nav-item dropdown menu-item-{{ loop.index }}">
+          {% if item.url %}
+          <a class="nav-link" href="{{ item.url }}">{{ item.title }}</a>
+          {% else %}
+          <a class="nav-link dropdown-toggle" href="#" id="navbarDropdown" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">{{ item.title }}</a>
+          {% endif %}
+          {% if item.children %}
+          <div class="dropdown-menu" aria-labelledby="navbarDropdown">
+
+            {% for item in item.children %}
+            <a class="dropdown-item" href="{{ item.url }}">{{ item.title }}</a>
+            {% endfor %}
+          </div>
+          {% endif %}
+        </li>
+        {% endfor %}
+      </ul>
+    </div>
+  </nav>
+
+  <section class="container">
+    {{ content }}
+  </section>
+
+  {% include footer.html %}
+
+  <script src="https://code.jquery.com/jquery-3.3.1.slim.min.js" integrity="sha384-q8i/X+965DzO0rT7abK41JStQIAqVgRVzpbzo5smXKp4YfRvH+8abtTE1Pi6jizo" crossorigin="anonymous"></script>
+  <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js" integrity="sha384-ZMP7rVo3mIykV+2+9J3UJ46jBk0WLaUAdn689aCwoqbBJiSnjAK/l8WvCWPIPm49" crossorigin="anonymous"></script>
+  <script src="https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js" integrity="sha384-ChfqqxuZUCnJSK3+MXmPNIyE6ZbWh2IMqE241rYiqJxyMiZ6OW/JmZQ5stwEULTy" crossorigin="anonymous"></script>
+</body>
+
+</html>

index.md

@@ -0,0 +1,9 @@
+---
+# Feel free to add content and custom Front Matter to this file.
+# To modify the layout, see https://jekyllrb.com/docs/themes/#overriding-theme-defaults
+
+layout: default
+title: Home
+menus: header
+---
+## Bienvenue sur le site de connaissance de la société ADIRE.

pages/aws/API_gateway.md

@@ -0,0 +1,98 @@
+---
+# Feel free to add content and custom Front Matter to this file.
+# To modify the layout, see https://jekyllrb.com/docs/themes/#overriding-theme-defaults
+
+layout: default
+permalink: /aws/api_gateway.html
+tags: git
+description: Note sur l'utilisation d'AWS gateway.
+
+title: Amazon API Gateway
+menus: aws
+---
+# Amazon API Gateway
+
+API Gateway permet d’exposer une API sur internet de manière sécurisée.
+Cette article montre comment configurer API Gateway pour exposer une API exposée en HTTPS sur internet avec un accès restreint.
+
+## Exposition de l’API en HTTPS
+API Gateway ne prend un compte qu’un certains nombre de certificat racine non listé dans la documentation.
+
+Des tests effectués le 5 janvier 2016 montre que les certificats gratuit [Start SSL](https://www.startssl.com/) et [letsencrypt](https://letsencrypt.org/) ne sont pas supportés. Ceci se traduit par le message d’erreur suivant lors des appels à API Gateway lorsque le certificat racine n’est pas accepté :
+````
+{"message": "Internal server error"}
+````
+Les certificats [Gandi](https://www.gandi.net/) sont supportés.
+
+## Configuration de l’authentification forte
+L’authentification forte permet de s’assurer que seul API Gateway peut accèder à l’API que vous avez exposé sur internet.
+
+Dans API Gateway, il faut :
+1. Créer un certificat client
+2. Associer ce certificat client lors du déploiement
+3. Configurer votre serveur pour autoriser uniquement ce certificat client
+
+## Configuration apache
+Pour autoriser uniquement API gateway accéder à votre serveur apache, il faut ajouter le certificat client généré par AWS sur votre serveur (ici /etc/apache2/ssl/apigateway.pem) et mettre les lignes suivantes dans votre configuration apache :
+
+````
+SSLVerifyClient require
+SSLVerifyDepth 1
+SSLCACertificateFile /etc/apache2/ssl/apigateway.pem
+````
+## Configuration d’un domaine spécifique
+API gateway permet d’être hébergé sous votre propre nom de domaine.
+Pour cela, il vous faut votre certificat HTTPS ainsi que la possibilité d’ajouté un CNAME dans votre DNS.
+
+Dans la suite des exemples, nous aurons créé le domaine https://api.exemple.com
+## Sécurisation de l’accès à API gateway
+API gateway met à disposition deux éléments distincts pour sécuriser l’accès : gestion d’une clé dans le header et/ou signature de la requête.
+Les deux options peuvent être activées indépendamment l’une de l’autre.
+## Gestion de la clé dans le header
+Pour activer cette option, il faut activer l’option API Key Required dans les paramètres d’autorisation de la requête.
+Les clés peuvent être générées dans le section API Key.
+
+Les clients devront alors transmettre la clé dans le header sous cette forme :
+````
+x-api-key: <GENERATED KEY>
+````
+## Signature des requêtes
+Pour activer cette option, il faut sélectionner l’option AWS_IAM dans les paramètres d’autorisation de la requête.
+Les clients doivent alors signer les requêtes en respectant la [signature v4 d’aws](http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).
+Les clés pour cette signature sont à gérer dans la console [IAM](https://aws.amazon.com/documentation/iam/).
+
+L’utilisateur créé doit avoir les droits suivants :
+````
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Sid": "Stmt1452017440000",
+            "Effect": "Allow",
+            "Action": [
+                "execute-api:invoke"
+            ],
+            "Resource": [
+                "ARN de l'API créee"
+            ]
+        }
+    ]
+}
+````
+### Exemple de signature en PHP
+
+````
+<?php
+
+require_once 'vendor/autoload.php';
+use Aws\Signature\SignatureV4;
+use Aws\Credentials\Credentials;
+
+$signature = new SignatureV4("execute-api" , "eu-west-1");
+$client = new GuzzleHttp\Client();
+$request = new \GuzzleHttp\Psr7\Request('GET', 'https://api.exemple.com/prod/2');
+$credentials = new Credentials("KEY", "SECRET");
+$req = $signature->signRequest($request, $credentials);
+$response = $client->send($req);
+echo $response->getBody();
+````