Auto merge dev → main (#1353)
* feat(gateway): hashed key store with grant + hot reload Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * feat(gateway): channel registry + aiohttp app (keyed auth, whoami, per-channel ws/proxy) Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * feat(gateway): manage_keys CLI (add/list/revoke) Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * feat(gateway): retire srebot_external, run relay-gateway under PM2 Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * feat(gateway): point ecosystem + README at relay-gateway Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * feat(tss): replay outbox producer for relay gateway Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * feat(tss): forward processed games to relay outbox Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * feat(tss-api): db helpers, app skeleton, info endpoint, fixtures Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * feat(tss-api): player, games, history, search endpoints Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * feat(tss-api): live, match, scoreboard, matches-search, maps Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * feat(tss-api): filter-required leaderboards (players/vehicles/stats) Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * feat(tss-api): tournament list/detail/standings/matches Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * feat: wire tss upstream through gateway + tssbot-api PM2 app Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
@@ -40,6 +40,9 @@
|
||||
SREBOT_EXTERNAL_PORT=18081
|
||||
SREBOT_EXTERNAL_BEARER_TOKEN=your_external_bridge_token # Optional, protects the bridge API and websocket
|
||||
SREBOT_EXTERNAL_UPSTREAM_URL=http://127.0.0.1:6000
|
||||
TSS_EXTERNAL_UPSTREAM_URL=http://127.0.0.1:6100 # Enables /api/tss/* proxy (omit -> 501)
|
||||
TSS_API_HOST=127.0.0.1 # tssbot-api bind host
|
||||
TSS_API_PORT=6100 # tssbot-api bind port
|
||||
SREBOT_TTL_ALERT_WEBHOOK_URL=https://discord.com/api/webhooks/... # Optional, maintains one Discord status message for TTL degradation/recovery
|
||||
NODE_ENV=production
|
||||
PYTHONUNBUFFERED=1
|
||||
@@ -50,30 +53,34 @@
|
||||
python BotScript.py
|
||||
```
|
||||
|
||||
### AXBot bridge process
|
||||
### Relay gateway
|
||||
|
||||
`ecosystem.config.js` now includes a dedicated PM2 app named `srebot-axbot`.
|
||||
It proxies read-only SREBOT queries and broadcasts replay/GOB envelopes over
|
||||
websocket on the same external port.
|
||||
Its outbox/state files live under the shared storage volume configured in
|
||||
`.env` via `STORAGE_VOL_PATH`.
|
||||
`ecosystem.config.js` includes a unified PM2 app named `relay-gateway`
|
||||
(code in `BOTS/SHARED/relay_gateway/`). It fronts **both** bots:
|
||||
|
||||
- proxies read-only queries: `/api/sqb/*` → SREBOT's internal API (`:6000`);
|
||||
`/api/tss/*` → the TSS HTTP API (`:6100`) or `501` until it is deployed
|
||||
- streams replay envelopes over `/ws/sqb` and `/ws/tss`
|
||||
- authenticates every request/socket against per-person keys at three levels
|
||||
(`all`/`sqb`/`tss`) stored in `$STORAGE_VOL_PATH/relay_keys.json`
|
||||
(SHA-256-hashed tokens, hot-reloaded on change)
|
||||
|
||||
Outbox/state files live under the shared storage volume (`STORAGE_VOL_PATH`):
|
||||
`external_bridge_outbox.jsonl` (sqb) and `tss_bridge_outbox.jsonl` (tss).
|
||||
|
||||
Useful commands:
|
||||
|
||||
```bash
|
||||
pm2 start ecosystem.config.js --only srebot-api
|
||||
pm2 start ecosystem.config.js --only srebot-axbot
|
||||
pm2 logs srebot-axbot
|
||||
pm2 start ecosystem.config.js --only relay-gateway
|
||||
pm2 logs relay-gateway
|
||||
|
||||
# manage downstream keys (run from BOTS/SHARED with the shared venv):
|
||||
python -m relay_gateway.manage_keys --file "$STORAGE_VOL_PATH/relay_keys.json" add --name cn-axbot --level sqb
|
||||
python -m relay_gateway.manage_keys --file "$STORAGE_VOL_PATH/relay_keys.json" list
|
||||
python -m relay_gateway.manage_keys --file "$STORAGE_VOL_PATH/relay_keys.json" revoke --name cn-axbot
|
||||
```
|
||||
|
||||
Clients should point their query client at:
|
||||
|
||||
```env
|
||||
SREBOT_API_BASE_URL=http://<srebot-host>:18081
|
||||
```
|
||||
|
||||
The bridge app logs both sides of the transfer:
|
||||
- incoming client HTTP requests
|
||||
- outgoing proxy responses
|
||||
- websocket envelopes broadcast to connected clients
|
||||
# test
|
||||
Downstream consumers (e.g. BOT-RELAY) discover their channels from
|
||||
`GET /api/whoami` and connect to `/ws/<channel>` + `/api/<channel>/*` using their
|
||||
bearer token. Point them at `http://<srebot-host>:18081`.
|
||||
|
||||
Reference in New Issue
Block a user