246 lines
7.6 KiB
YAML
246 lines
7.6 KiB
YAML
# =============================================================================
|
|
# Kong API Gateway - 声明式配置
|
|
# =============================================================================
|
|
# 分布式部署说明:
|
|
# - Kong 服务器: 192.168.1.100
|
|
# - 后端服务器: 192.168.1.111
|
|
#
|
|
# 使用方法:
|
|
# 1. 启动 Kong: ./deploy.sh up
|
|
# 2. 配置会自动加载
|
|
#
|
|
# 文档: https://docs.konghq.com/gateway/latest/
|
|
# =============================================================================
|
|
|
|
_format_version: "3.0"
|
|
_transform: true
|
|
|
|
# =============================================================================
|
|
# Services - 后端微服务定义
|
|
# =============================================================================
|
|
# 注意: 使用外部 IP 地址,因为 Kong 和后端服务在不同服务器上
|
|
# 后端服务器 IP: 192.168.1.111
|
|
# =============================================================================
|
|
services:
|
|
# ---------------------------------------------------------------------------
|
|
# Identity Service - 身份认证服务
|
|
# ---------------------------------------------------------------------------
|
|
- name: identity-service
|
|
url: http://192.168.1.111:3000
|
|
routes:
|
|
- name: identity-auth
|
|
paths:
|
|
- /api/v1/auth
|
|
strip_path: false
|
|
- name: identity-user
|
|
paths:
|
|
- /api/v1/user
|
|
strip_path: false
|
|
- name: identity-users
|
|
paths:
|
|
- /api/v1/users
|
|
strip_path: false
|
|
- name: identity-health
|
|
paths:
|
|
- /api/v1/identity/health
|
|
strip_path: true
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Wallet Service - 钱包服务
|
|
# ---------------------------------------------------------------------------
|
|
- name: wallet-service
|
|
url: http://192.168.1.111:3001
|
|
routes:
|
|
- name: wallet-api
|
|
paths:
|
|
- /api/v1/wallets
|
|
strip_path: false
|
|
- name: wallet-health
|
|
paths:
|
|
- /api/v1/wallet/health
|
|
strip_path: true
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Backup Service - 备份服务
|
|
# ---------------------------------------------------------------------------
|
|
- name: backup-service
|
|
url: http://192.168.1.111:3002
|
|
routes:
|
|
- name: backup-api
|
|
paths:
|
|
- /api/v1/backups
|
|
strip_path: false
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Planting Service - 种植服务
|
|
# ---------------------------------------------------------------------------
|
|
- name: planting-service
|
|
url: http://192.168.1.111:3003
|
|
routes:
|
|
- name: planting-api
|
|
paths:
|
|
- /api/v1/plantings
|
|
- /api/v1/trees
|
|
strip_path: false
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Referral Service - 推荐服务
|
|
# ---------------------------------------------------------------------------
|
|
- name: referral-service
|
|
url: http://192.168.1.111:3004
|
|
routes:
|
|
- name: referral-api
|
|
paths:
|
|
- /api/v1/referrals
|
|
strip_path: false
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Reward Service - 奖励服务
|
|
# ---------------------------------------------------------------------------
|
|
- name: reward-service
|
|
url: http://192.168.1.111:3005
|
|
routes:
|
|
- name: reward-api
|
|
paths:
|
|
- /api/v1/rewards
|
|
strip_path: false
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# MPC Service - 多方计算服务
|
|
# ---------------------------------------------------------------------------
|
|
- name: mpc-service
|
|
url: http://192.168.1.111:3006
|
|
routes:
|
|
- name: mpc-api
|
|
paths:
|
|
- /api/v1/mpc
|
|
strip_path: false
|
|
- name: mpc-party-api
|
|
paths:
|
|
- /api/v1/mpc-party
|
|
strip_path: false
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Leaderboard Service - 排行榜服务
|
|
# ---------------------------------------------------------------------------
|
|
- name: leaderboard-service
|
|
url: http://192.168.1.111:3007
|
|
routes:
|
|
- name: leaderboard-api
|
|
paths:
|
|
- /api/v1/leaderboard
|
|
strip_path: false
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Reporting Service - 报表服务
|
|
# ---------------------------------------------------------------------------
|
|
- name: reporting-service
|
|
url: http://192.168.1.111:3008
|
|
routes:
|
|
- name: reporting-api
|
|
paths:
|
|
- /api/v1/reports
|
|
- /api/v1/statistics
|
|
strip_path: false
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Authorization Service - 授权服务
|
|
# ---------------------------------------------------------------------------
|
|
- name: authorization-service
|
|
url: http://192.168.1.111:3009
|
|
routes:
|
|
- name: authorization-api
|
|
paths:
|
|
- /api/v1/authorization
|
|
- /api/v1/permissions
|
|
- /api/v1/roles
|
|
strip_path: false
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Admin Service - 管理服务 (包含版本管理)
|
|
# ---------------------------------------------------------------------------
|
|
- name: admin-service
|
|
url: http://192.168.1.111:3010
|
|
routes:
|
|
- name: admin-versions
|
|
paths:
|
|
- /api/v1/versions
|
|
strip_path: false
|
|
- name: admin-api
|
|
paths:
|
|
- /api/v1/admin
|
|
strip_path: false
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Presence Service - 在线状态服务
|
|
# ---------------------------------------------------------------------------
|
|
- name: presence-service
|
|
url: http://192.168.1.111:3011
|
|
routes:
|
|
- name: presence-api
|
|
paths:
|
|
- /api/v1/presence
|
|
strip_path: false
|
|
|
|
# =============================================================================
|
|
# Plugins - 全局插件配置
|
|
# =============================================================================
|
|
plugins:
|
|
# CORS 跨域配置
|
|
- name: cors
|
|
config:
|
|
origins:
|
|
- "https://rwaadmin.szaiai.com"
|
|
- "https://update.szaiai.com"
|
|
- "https://app.rwadurian.com"
|
|
- "http://localhost:3000"
|
|
- "http://localhost:3020"
|
|
methods:
|
|
- GET
|
|
- POST
|
|
- PUT
|
|
- PATCH
|
|
- DELETE
|
|
- OPTIONS
|
|
headers:
|
|
- Accept
|
|
- Accept-Version
|
|
- Content-Length
|
|
- Content-MD5
|
|
- Content-Type
|
|
- Date
|
|
- Authorization
|
|
- X-Auth-Token
|
|
exposed_headers:
|
|
- X-Auth-Token
|
|
credentials: true
|
|
max_age: 3600
|
|
|
|
# 请求限流
|
|
- name: rate-limiting
|
|
config:
|
|
minute: 100
|
|
hour: 5000
|
|
policy: local
|
|
|
|
# 请求日志
|
|
- name: file-log
|
|
config:
|
|
path: /tmp/kong-access.log
|
|
reopen: true
|
|
|
|
# 请求/响应大小限制 (500MB 用于 APK/IPA 上传)
|
|
- name: request-size-limiting
|
|
config:
|
|
allowed_payload_size: 500
|
|
size_unit: megabytes
|
|
|
|
# Prometheus 监控指标
|
|
- name: prometheus
|
|
config:
|
|
per_consumer: true
|
|
status_code_metrics: true
|
|
latency_metrics: true
|
|
bandwidth_metrics: true
|
|
upstream_health_metrics: true
|