Commit initial : infrastructure Ansible pour homeserver

- Playbooks Ansible avec rôles (common, cockpit, docker, services)
- 30+ stacks Docker Compose avec reverse proxy Traefik
- Ansible Vault pour gestion secrets
- Intégration CrowdSec pour détection intrusions
- Versions images Docker fixées pour reproductibilité

stacks/crowdsec/config/user.yaml

@@ -0,0 +1,38 @@
+common:
+  daemonize: false
+  log_media: stdout
+  log_level: info
+  log_dir: /var/log/
+config_paths:
+  config_dir: /etc/crowdsec/
+  data_dir: /var/lib/crowdsec/data
+  #simulation_path: /etc/crowdsec/config/simulation.yaml
+  #hub_dir: /etc/crowdsec/hub/
+  #index_path: ./config/hub/.index.json
+crowdsec_service:
+  #acquisition_path: ./config/acquis.yaml
+  parser_routines: 1
+cscli:
+  output: human
+db_config:
+  type: sqlite
+  db_path: /var/lib/crowdsec/data/crowdsec.db
+  user: crowdsec
+  #log_level: info
+  password: crowdsec
+  db_name: crowdsec
+  host: "127.0.0.1"
+  port: 3306
+api:
+  client:
+    insecure_skip_verify: false # default true
+    credentials_path: /etc/crowdsec/local_api_credentials.yaml
+  server:
+    #log_level: info
+    listen_uri: 127.0.0.1:8080
+    profiles_path: /etc/crowdsec/profiles.yaml
+    online_client: # Central API
+      credentials_path: /etc/crowdsec/online_api_credentials.yaml
+prometheus:
+  enabled: true
+  level: full