hailin
/
rwadurian
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
rwadurian/backend/api-gateway/kong.yml

467 lines
15 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# =============================================================================
# Kong API Gateway - 声明式配置
# =============================================================================
# 分布式部署说明:
# - Kong 服务器: 192.168.1.100
# - 后端服务器: 192.168.1.111
#
# 使用方法:
# 1. 启动 Kong: ./deploy.sh up
# 2. 配置会自动加载
#
# 文档: https://docs.konghq.com/gateway/latest/
# =============================================================================
_format_version: "3.0"
_transform: true
# =============================================================================
# Services - 后端微服务定义
# =============================================================================
# 注意: 使用外部 IP 地址,因为 Kong 和后端服务在不同服务器上
# 后端服务器 IP: 192.168.1.111
# =============================================================================
services:
# ---------------------------------------------------------------------------
# Identity Service - 身份认证服务
# ---------------------------------------------------------------------------
- name: identity-service
url: http://192.168.1.111:3000
routes:
- name: identity-auth
paths:
- /api/v1/auth
strip_path: false
- name: identity-me
paths:
- /api/v1/me
strip_path: false
- name: identity-user
paths:
- /api/v1/user
strip_path: false
- name: identity-users
paths:
- /api/v1/users
strip_path: false
- name: identity-health
paths:
- /api/v1/identity/health
strip_path: true
- name: identity-admin-pending-actions
paths:
- /api/v1/admin/pending-actions
strip_path: false
# ---------------------------------------------------------------------------
# Wallet Service - 钱包服务
# ---------------------------------------------------------------------------
- name: wallet-service
url: http://192.168.1.111:3001
routes:
- name: wallet-api
paths:
- /api/v1/wallets
strip_path: false
- name: wallet-main
paths:
- /api/v1/wallet
strip_path: false
- name: wallet-health
paths:
- /api/v1/wallet-service/health
strip_path: true
# ---------------------------------------------------------------------------
# Backup Service - 备份服务
# ---------------------------------------------------------------------------
- name: backup-service
url: http://192.168.1.111:3002
routes:
- name: backup-api
paths:
- /api/v1/backups
strip_path: false
- name: backup-share-api
paths:
- /api/v1/backup-share
strip_path: false
# ---------------------------------------------------------------------------
# Planting Service - 种植服务
# ---------------------------------------------------------------------------
- name: planting-service
url: http://192.168.1.111:3003
routes:
- name: planting-api
paths:
- /api/v1/planting
strip_path: false
# ---------------------------------------------------------------------------
# Referral Service - 推荐服务
# ---------------------------------------------------------------------------
- name: referral-service
url: http://192.168.1.111:3004
routes:
- name: referral-api
paths:
- /api/v1/referral
strip_path: false
- name: referral-referrals
paths:
- /api/v1/referrals
strip_path: false
# 注意: /api/v1/leaderboard 已移至 leaderboard-service
- name: referral-team-statistics
paths:
- /api/v1/team-statistics
strip_path: false
# ---------------------------------------------------------------------------
# Reward Service - 奖励服务
# ---------------------------------------------------------------------------
- name: reward-service
url: http://192.168.1.111:3005
routes:
- name: reward-api
paths:
- /api/v1/rewards
strip_path: false
# ---------------------------------------------------------------------------
# MPC Service - 多方计算服务
# ---------------------------------------------------------------------------
- name: mpc-service
url: http://192.168.1.111:3006
routes:
- name: mpc-api
paths:
- /api/v1/mpc
strip_path: false
- name: mpc-party-api
paths:
- /api/v1/mpc-party
strip_path: false
# ---------------------------------------------------------------------------
# Leaderboard Service - 排行榜服务
# ---------------------------------------------------------------------------
- name: leaderboard-service
url: http://192.168.1.111:3007
routes:
- name: leaderboard-api
paths:
- /api/v1/leaderboard
strip_path: false
- name: leaderboard-virtual-accounts
paths:
- /api/v1/virtual-accounts
strip_path: false
# ---------------------------------------------------------------------------
# Reporting Service - 报表服务
# ---------------------------------------------------------------------------
- name: reporting-service
url: http://192.168.1.111:3008
routes:
- name: reporting-dashboard
paths:
- /api/v1/dashboard
strip_path: false
- name: reporting-api
paths:
- /api/v1/reports
strip_path: false
- name: reporting-export
paths:
- /api/v1/export
strip_path: false
# [2026-01-04] 新增:系统账户报表路由
- name: reporting-system-accounts
paths:
- /api/v1/system-account-reports
strip_path: false
# ---------------------------------------------------------------------------
# Authorization Service - 授权服务
# ---------------------------------------------------------------------------
- name: authorization-service
url: http://192.168.1.111:3009
routes:
- name: authorization-api
paths:
- /api/v1/authorizations
strip_path: false
- name: authorization-admin
paths:
- /api/v1/admin/authorizations
strip_path: false
# ---------------------------------------------------------------------------
# Admin Service - 管理服务 (包含版本管理和通知)
# ---------------------------------------------------------------------------
- name: admin-service
url: http://192.168.1.111:3010
routes:
- name: admin-versions
paths:
- /api/v1/versions
strip_path: false
- name: admin-api
paths:
- /api/v1/admin
strip_path: false
- name: admin-mobile-version
paths:
- /api/app/version
strip_path: false
- name: admin-downloads
paths:
- /downloads
strip_path: false
- name: admin-mobile-notifications
paths:
- /api/v1/mobile/notifications
strip_path: false
- name: admin-mobile-system
paths:
- /api/v1/mobile/system
strip_path: false
# ---------------------------------------------------------------------------
# Presence Service - 在线状态服务
# ---------------------------------------------------------------------------
- name: presence-service
url: http://192.168.1.111:3011
routes:
- name: presence-api
paths:
- /api/v1/presence
strip_path: false
- name: presence-analytics
paths:
- /api/v1/analytics
strip_path: false
# ---------------------------------------------------------------------------
# Blockchain Service - 区块链服务
# ---------------------------------------------------------------------------
- name: blockchain-service
url: http://192.168.1.111:3012
routes:
- name: blockchain-deposit
paths:
- /api/v1/deposit
strip_path: false
- name: blockchain-balance
paths:
- /api/v1/balance
strip_path: false
# ---------------------------------------------------------------------------
# MPC Account Service - MPC 账户服务 (Go - 共管钱包)
# ---------------------------------------------------------------------------
- name: mpc-account-service
url: http://192.168.1.111:4000
routes:
- name: mpc-co-managed
paths:
- /api/v1/co-managed
strip_path: false
# ===========================================================================
# RWA 2.0 Services - 新架构微服务
# ===========================================================================
# ---------------------------------------------------------------------------
# Contribution Service 2.0 - 算力服务
# 前端路径: /api/v2/contribution/...
# 后端路径: /api/v2/contribution/... (strip_path: false, 直接透传)
# ---------------------------------------------------------------------------
- name: contribution-service-v2
url: http://192.168.1.111:3020
routes:
- name: contribution-v2-api
paths:
- /api/v2/contribution
strip_path: false
- name: contribution-v2-health
paths:
- /api/v2/contribution/health
strip_path: false
# ---------------------------------------------------------------------------
# Mining Service 2.0 - 挖矿服务
# ---------------------------------------------------------------------------
- name: mining-service-v2
url: http://192.168.1.111:3021
routes:
- name: mining-v2-api
paths:
- /api/v2/mining
strip_path: false
- name: mining-v2-health
paths:
- /api/v2/mining/health
strip_path: false
# ---------------------------------------------------------------------------
# Trading Service 2.0 - 交易服务
# 前端路径: /api/v2/trading/... -> 后端路径: /api/v2/...
# ---------------------------------------------------------------------------
- name: trading-service-v2
url: http://192.168.1.111:3022/api/v2
routes:
- name: trading-v2-api
paths:
- /api/v2/trading
strip_path: true
- name: trading-v2-health
paths:
- /api/v2/trading/health
strip_path: true
# ---------------------------------------------------------------------------
# Trading Service WebSocket - 价格实时推送
# WebSocket 连接: wss://api.xxx.com/ws/price -> ws://192.168.1.111:3022/price
# Kong 会自动处理 HTTP -> WebSocket 升级,所以 protocols 只需要 http/https
# ---------------------------------------------------------------------------
- name: trading-ws-service
url: http://192.168.1.111:3022
routes:
- name: trading-ws-price
paths:
- /ws/price
strip_path: true
protocols:
- http
- https
# ---------------------------------------------------------------------------
# Mining Admin Service 2.0 - 挖矿管理后台服务
# 前端路径: /api/v2/mining-admin/... -> 后端路径: /api/v2/...
# ---------------------------------------------------------------------------
- name: mining-admin-service
url: http://192.168.1.111:3023/api/v2
routes:
- name: mining-admin-api
paths:
- /api/v2/mining-admin
strip_path: true
- name: mining-admin-health
paths:
- /api/v2/mining-admin/health
strip_path: true
# ---------------------------------------------------------------------------
# Mining Admin Service 2.0 - 版本管理(供 mobile-upgrade 前端使用)
# 前端路径: /mining-admin/api/v2/... -> 后端路径: /api/v2/...
# 注意: 不带 /api/v2 service path因为前端 URL 已包含 /api/v2
# ---------------------------------------------------------------------------
- name: mining-admin-upgrade-service
url: http://192.168.1.111:3023
routes:
- name: mining-admin-upgrade
paths:
- /mining-admin
strip_path: true
# ---------------------------------------------------------------------------
# Auth Service 2.0 - 用户认证服务
# 前端路径: /api/v2/auth/...
# 后端路径: /api/v2/auth/... (strip_path: false, 直接透传)
# ---------------------------------------------------------------------------
- name: auth-service-v2
url: http://192.168.1.111:3024
routes:
- name: auth-v2-api
paths:
- /api/v2/auth
strip_path: false
- name: auth-v2-health
paths:
- /api/v2/auth/health
strip_path: false
# ---------------------------------------------------------------------------
# Mining Wallet Service 2.0 - 挖矿钱包服务
# 前端路径: /api/v2/mining-wallet/... -> 后端路径: /api/v2/...
# ---------------------------------------------------------------------------
- name: mining-wallet-service
url: http://192.168.1.111:3025/api/v2
routes:
- name: mining-wallet-api
paths:
- /api/v2/mining-wallet
strip_path: true
- name: mining-wallet-health
paths:
- /api/v2/mining-wallet/health
strip_path: true
# =============================================================================
# Plugins - 全局插件配置
# =============================================================================
plugins:
# CORS 跨域配置
- name: cors
config:
origins:
- "https://rwaadmin.szaiai.com"
- "https://madmin.szaiai.com"
- "https://update.szaiai.com"
- "https://app.rwadurian.com"
- "http://localhost:3000"
- "http://localhost:3020"
- "http://localhost:3100"
methods:
- GET
- POST
- PUT
- PATCH
- DELETE
- OPTIONS
headers:
- Accept
- Accept-Version
- Content-Length
- Content-MD5
- Content-Type
- Date
- Authorization
- X-Auth-Token
exposed_headers:
- X-Auth-Token
credentials: true
max_age: 3600
# 请求限流
- name: rate-limiting
config:
minute: 10000
hour: 500000
policy: local
# 请求日志
- name: file-log
config:
path: /tmp/kong-access.log
reopen: true
# 请求/响应大小限制 (500MB 用于 APK/IPA 上传)
- name: request-size-limiting
config:
allowed_payload_size: 500
size_unit: megabytes
# Prometheus 监控指标
- name: prometheus
config:
per_consumer: true
status_code_metrics: true
latency_metrics: true
bandwidth_metrics: true
upstream_health_metrics: true
Reference in New Issue View Git Blame Copy Permalink