# ============================================================================= # Kong API Gateway - 2.0 Standalone 声明式配置 # ============================================================================= # 部署说明: # - Kong + 2.0 服务: 同一台物理机 (192.168.1.10) # - 1.0 后端服务器: 192.168.1.111 # - 2.0 服务通过 host.docker.internal 访问宿主机端口 (无需走局域网) # # 使用方法: # ./deploy.sh up2 # 启动 Kong 并加载此配置 # ./deploy.sh sync2 # 仅重新同步此配置 # ============================================================================= _format_version: "3.0" _transform: true # ============================================================================= # Services # ============================================================================= services: # =========================================================================== # 1.0 Services → 192.168.1.111 (通过局域网) # =========================================================================== - name: identity-service url: http://192.168.1.111:3000 routes: - name: identity-auth paths: - /api/v1/auth strip_path: false - name: identity-me paths: - /api/v1/me strip_path: false - name: identity-user paths: - /api/v1/user strip_path: false - name: identity-users paths: - /api/v1/users strip_path: false - name: identity-health paths: - /api/v1/identity/health strip_path: true - name: identity-admin-pending-actions paths: - /api/v1/admin/pending-actions strip_path: false - name: wallet-service url: http://192.168.1.111:3001 routes: - name: wallet-api paths: - /api/v1/wallets strip_path: false - name: wallet-main paths: - /api/v1/wallet strip_path: false - name: wallet-health paths: - /api/v1/wallet-service/health strip_path: true - name: backup-service url: http://192.168.1.111:3002 routes: - name: backup-api paths: - /api/v1/backups strip_path: false - name: backup-share-api paths: - /api/v1/backup-share strip_path: false - name: planting-service url: http://192.168.1.111:3003 routes: - name: planting-api paths: - /api/v1/planting strip_path: false - name: referral-service url: http://192.168.1.111:3004 routes: - name: referral-api paths: - /api/v1/referral strip_path: false - name: referral-referrals paths: - /api/v1/referrals strip_path: false - name: referral-team-statistics paths: - /api/v1/team-statistics strip_path: false - name: reward-service url: http://192.168.1.111:3005 routes: - name: reward-api paths: - /api/v1/rewards strip_path: false - name: mpc-service url: http://192.168.1.111:3006 routes: - name: mpc-api paths: - /api/v1/mpc strip_path: false - name: mpc-party-api paths: - /api/v1/mpc-party strip_path: false - name: leaderboard-service url: http://192.168.1.111:3007 routes: - name: leaderboard-api paths: - /api/v1/leaderboard strip_path: false - name: leaderboard-virtual-accounts paths: - /api/v1/virtual-accounts strip_path: false - name: reporting-service url: http://192.168.1.111:3008 routes: - name: reporting-dashboard paths: - /api/v1/dashboard strip_path: false - name: reporting-api paths: - /api/v1/reports strip_path: false - name: reporting-export paths: - /api/v1/export strip_path: false - name: reporting-system-accounts paths: - /api/v1/system-account-reports strip_path: false - name: authorization-service url: http://192.168.1.111:3009 routes: - name: authorization-api paths: - /api/v1/authorizations strip_path: false - name: authorization-admin paths: - /api/v1/admin/authorizations strip_path: false - name: admin-service url: http://192.168.1.111:3010 routes: - name: admin-versions paths: - /api/v1/versions strip_path: false - name: admin-api paths: - /api/v1/admin strip_path: false - name: admin-mobile-version paths: - /api/app/version strip_path: false - name: admin-downloads paths: - /downloads strip_path: false - name: admin-mobile-notifications paths: - /api/v1/mobile/notifications strip_path: false - name: admin-mobile-system paths: - /api/v1/mobile/system strip_path: false - name: presence-service url: http://192.168.1.111:3011 routes: - name: presence-api paths: - /api/v1/presence strip_path: false - name: presence-analytics paths: - /api/v1/analytics strip_path: false - name: blockchain-service url: http://192.168.1.111:3012 routes: - name: blockchain-deposit paths: - /api/v1/deposit strip_path: false - name: blockchain-balance paths: - /api/v1/balance strip_path: false - name: mpc-account-service url: http://192.168.1.111:4000 routes: - name: mpc-co-managed paths: - /api/v1/co-managed strip_path: false # =========================================================================== # 2.0 Services → host.docker.internal (同一台物理机,通过宿主机端口) # =========================================================================== - name: contribution-service-v2 url: http://host.docker.internal:3020 routes: - name: contribution-v2-api paths: - /api/v2/contribution strip_path: false - name: contribution-v2-health paths: - /api/v2/contribution/health strip_path: false - name: mining-service-v2 url: http://host.docker.internal:3021 routes: - name: mining-v2-api paths: - /api/v2/mining strip_path: false - name: mining-v2-health paths: - /api/v2/mining/health strip_path: false - name: trading-service-v2 url: http://host.docker.internal:3022/api/v2 routes: - name: trading-v2-api paths: - /api/v2/trading strip_path: true - name: trading-v2-health paths: - /api/v2/trading/health strip_path: true - name: trading-ws-service url: http://host.docker.internal:3022 routes: - name: trading-ws-price paths: - /ws/price strip_path: true protocols: - http - https - name: mining-admin-service url: http://host.docker.internal:3023/api/v2 routes: - name: mining-admin-api paths: - /api/v2/mining-admin strip_path: true - name: mining-admin-health paths: - /api/v2/mining-admin/health strip_path: true - name: mining-admin-upgrade-service url: http://host.docker.internal:3023 routes: - name: mining-admin-upgrade paths: - /mining-admin strip_path: true - name: auth-service-v2 url: http://host.docker.internal:3024 routes: - name: auth-v2-api paths: - /api/v2/auth strip_path: false - name: auth-v2-health paths: - /api/v2/auth/health strip_path: false - name: mining-wallet-service url: http://host.docker.internal:3025/api/v2 routes: - name: mining-wallet-api paths: - /api/v2/mining-wallet strip_path: true - name: mining-wallet-health paths: - /api/v2/mining-wallet/health strip_path: true - name: mining-blockchain-service url: http://host.docker.internal:3026 routes: - name: mining-blockchain-api paths: - /api/v1/mining-blockchain strip_path: false # ============================================================================= # Plugins # ============================================================================= plugins: - name: cors config: origins: - "https://rwaadmin.szaiai.com" - "https://madmin.szaiai.com" - "https://mapi.szaiai.com" - "https://update.szaiai.com" - "https://app.rwadurian.com" - "http://localhost:3000" - "http://localhost:3020" - "http://localhost:3100" methods: - GET - POST - PUT - PATCH - DELETE - OPTIONS headers: - Accept - Accept-Version - Content-Length - Content-MD5 - Content-Type - Date - Authorization - X-Auth-Token exposed_headers: - X-Auth-Token credentials: true max_age: 3600 - name: rate-limiting config: minute: 10000 hour: 500000 policy: local - name: file-log config: path: /tmp/kong-access.log reopen: true - name: request-size-limiting config: allowed_payload_size: 500 size_unit: megabytes - name: prometheus config: per_consumer: true status_code_metrics: true latency_metrics: true bandwidth_metrics: true upstream_health_metrics: true