Commit initial : infrastructure Ansible pour homeserver

- Playbooks Ansible avec rôles (common, cockpit, docker, services)
- 30+ stacks Docker Compose avec reverse proxy Traefik
- Ansible Vault pour gestion secrets
- Intégration CrowdSec pour détection intrusions
- Versions images Docker fixées pour reproductibilité

stacks/crowdsec/config/dev.yaml

@@ -0,0 +1,47 @@
+common:
+  daemonize: true
+  log_media: stdout
+  log_level: info
+config_paths:
+  config_dir: ./config
+  data_dir: ./data/   
+  notification_dir: ./config/notifications/
+  plugin_dir: ./plugins/
+  #simulation_path: /etc/crowdsec/config/simulation.yaml
+  #hub_dir: /etc/crowdsec/hub/
+  #index_path: ./config/hub/.index.json
+crowdsec_service:
+  acquisition_path: ./config/acquis.yaml
+  parser_routines: 1
+plugin_config:
+  user: $USER # plugin process would be ran on behalf of this user
+  group: $USER # plugin process would be ran on behalf of this group
+cscli:
+  output: human
+db_config:
+  type: sqlite
+  db_path: ./data/crowdsec.db
+  user: root
+  password: crowdsec
+  db_name: crowdsec
+  host: "172.17.0.2"
+  port: 3306
+  flush:
+    #max_items: 10000
+    #max_age: 168h
+api:
+  client:
+    credentials_path: ./config/local_api_credentials.yaml
+  server:
+    console_path: ./config/console.yaml
+    #insecure_skip_verify: true
+    listen_uri: 127.0.0.1:8081
+    profiles_path: ./config/profiles.yaml
+    tls:
+      #cert_file: ./cert.pem
+      #key_file: ./key.pem
+    online_client: # Central API
+      credentials_path: ./config/online_api_credentials.yaml
+prometheus:
+  enabled: true
+  level: full