iconsulting/scripts/setup-kong.sh

#!/bin/bash

#===============================================================================
# Kong API Gateway 配置脚本
#
# 配置所有微服务的路由规则
#===============================================================================

set -e

KONG_ADMIN_URL="${KONG_ADMIN_URL:-http://localhost:8001}"

echo "配置 Kong API Gateway..."

# 等待 Kong 就绪
until curl -s "$KONG_ADMIN_URL" > /dev/null; do
    echo "等待 Kong Admin API..."
    sleep 2
done

echo "Kong Admin API 就绪"

#===============================================================================
# 创建服务
#===============================================================================

echo "创建服务..."

# User Service
curl -s -X POST "$KONG_ADMIN_URL/services" \
    -d "name=user-service" \
    -d "url=http://user-service:3001" || true

# Payment Service
curl -s -X POST "$KONG_ADMIN_URL/services" \
    -d "name=payment-service" \
    -d "url=http://payment-service:3002" || true

# Knowledge Service
curl -s -X POST "$KONG_ADMIN_URL/services" \
    -d "name=knowledge-service" \
    -d "url=http://knowledge-service:3003" || true

# Conversation Service
curl -s -X POST "$KONG_ADMIN_URL/services" \
    -d "name=conversation-service" \
    -d "url=http://conversation-service:3004" || true

# Evolution Service
curl -s -X POST "$KONG_ADMIN_URL/services" \
    -d "name=evolution-service" \
    -d "url=http://evolution-service:3005" || true

#===============================================================================
# 创建路由
#===============================================================================

echo "创建路由..."

# User Service 路由
curl -s -X POST "$KONG_ADMIN_URL/services/user-service/routes" \
    -d "name=user-route" \
    -d "paths[]=/v1/users" \
    -d "paths[]=/v1/auth" \
    -d "strip_path=false" || true

# Payment Service 路由
curl -s -X POST "$KONG_ADMIN_URL/services/payment-service/routes" \
    -d "name=payment-route" \
    -d "paths[]=/v1/payments" \
    -d "paths[]=/v1/balance" \
    -d "strip_path=false" || true

# Knowledge Service 路由
curl -s -X POST "$KONG_ADMIN_URL/services/knowledge-service/routes" \
    -d "name=knowledge-route" \
    -d "paths[]=/v1/knowledge" \
    -d "strip_path=false" || true

# Conversation Service 路由
curl -s -X POST "$KONG_ADMIN_URL/services/conversation-service/routes" \
    -d "name=conversation-route" \
    -d "paths[]=/v1/conversations" \
    -d "strip_path=false" || true

# Evolution Service 路由 (管理后台)
curl -s -X POST "$KONG_ADMIN_URL/services/evolution-service/routes" \
    -d "name=evolution-route" \
    -d "paths[]=/v1/evolution" \
    -d "paths[]=/v1/memory" \
    -d "strip_path=false" || true

# Admin 认证路由
curl -s -X POST "$KONG_ADMIN_URL/services/evolution-service/routes" \
    -d "name=admin-auth-route" \
    -d "paths[]=/v1/admin" \
    -d "strip_path=false" || true

#===============================================================================
# 配置插件
#===============================================================================

echo "配置插件..."

# 全局限流
curl -s -X POST "$KONG_ADMIN_URL/plugins" \
    -d "name=rate-limiting" \
    -d "config.minute=100" \
    -d "config.policy=local" || true

# 全局 CORS
curl -s -X POST "$KONG_ADMIN_URL/plugins" \
    -d "name=cors" \
    -d "config.origins=*" \
    -d "config.methods=GET,POST,PUT,DELETE,OPTIONS,PATCH" \
    -d "config.headers=Accept,Authorization,Content-Type,X-User-Id,X-Request-Id" \
    -d "config.credentials=true" \
    -d "config.max_age=3600" || true

# 请求日志
curl -s -X POST "$KONG_ADMIN_URL/plugins" \
    -d "name=file-log" \
    -d "config.path=/tmp/kong-access.log" || true

# IP 限制 (可选，针对敏感接口)
# curl -s -X POST "$KONG_ADMIN_URL/services/evolution-service/plugins" \
#     -d "name=ip-restriction" \
#     -d "config.allow=127.0.0.1,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16" || true

echo ""
echo "Kong 配置完成!"
echo ""
echo "已配置的服务:"
curl -s "$KONG_ADMIN_URL/services" | python3 -c "import sys,json; data=json.load(sys.stdin); print('\n'.join(['  - ' + s['name'] for s in data.get('data',[])]))" 2>/dev/null || echo "  (需要 python3 来格式化输出)"

echo ""
echo "已配置的路由:"
curl -s "$KONG_ADMIN_URL/routes" | python3 -c "import sys,json; data=json.load(sys.stdin); print('\n'.join(['  - ' + r['name'] + ': ' + ','.join(r.get('paths',[])) for r in data.get('data',[])]))" 2>/dev/null || echo "  (需要 python3 来格式化输出)"