holy meow (#1357)
This commit is contained in:
@@ -58,15 +58,15 @@
|
|||||||
`ecosystem.config.js` includes a unified PM2 app named `relay-gateway`
|
`ecosystem.config.js` includes a unified PM2 app named `relay-gateway`
|
||||||
(code in `BOTS/SHARED/relay_gateway/`). It fronts **both** bots:
|
(code in `BOTS/SHARED/relay_gateway/`). It fronts **both** bots:
|
||||||
|
|
||||||
- proxies read-only queries: `/api/sqb/*` → SREBOT's internal API (`:6000`);
|
- proxies read-only queries: `/api/sre/*` → SREBOT's internal API (`:6000`);
|
||||||
`/api/tss/*` → the TSS HTTP API (`:6100`) or `501` until it is deployed
|
`/api/tss/*` → the TSS HTTP API (`:6100`) or `501` until it is deployed
|
||||||
- streams replay envelopes over `/ws/sqb` and `/ws/tss`
|
- streams replay envelopes over `/ws/sre` and `/ws/tss`
|
||||||
- authenticates every request/socket against per-person keys at three levels
|
- authenticates every request/socket against per-person keys at three levels
|
||||||
(`all`/`sqb`/`tss`) stored in `$STORAGE_VOL_PATH/relay_keys.json`
|
(`all`/`sre`/`tss`) stored in `$STORAGE_VOL_PATH/relay_keys.json`
|
||||||
(SHA-256-hashed tokens, hot-reloaded on change)
|
(SHA-256-hashed tokens, hot-reloaded on change)
|
||||||
|
|
||||||
Outbox/state files live under the shared storage volume (`STORAGE_VOL_PATH`):
|
Outbox/state files live under the shared storage volume (`STORAGE_VOL_PATH`):
|
||||||
`external_bridge_outbox.jsonl` (sqb) and `tss_bridge_outbox.jsonl` (tss).
|
`external_bridge_outbox.jsonl` (sre) and `tss_bridge_outbox.jsonl` (tss).
|
||||||
|
|
||||||
Useful commands:
|
Useful commands:
|
||||||
|
|
||||||
@@ -76,7 +76,7 @@ pm2 start ecosystem.config.js --only relay-gateway
|
|||||||
pm2 logs relay-gateway
|
pm2 logs relay-gateway
|
||||||
|
|
||||||
# manage downstream keys (run from BOTS/SHARED with the shared venv):
|
# manage downstream keys (run from BOTS/SHARED with the shared venv):
|
||||||
python -m relay_gateway.manage_keys --file "$STORAGE_VOL_PATH/relay_keys.json" add --name cn-axbot --level sqb
|
python -m relay_gateway.manage_keys --file "$STORAGE_VOL_PATH/relay_keys.json" add --name cn-axbot --level sre
|
||||||
python -m relay_gateway.manage_keys --file "$STORAGE_VOL_PATH/relay_keys.json" list
|
python -m relay_gateway.manage_keys --file "$STORAGE_VOL_PATH/relay_keys.json" list
|
||||||
python -m relay_gateway.manage_keys --file "$STORAGE_VOL_PATH/relay_keys.json" revoke --name cn-axbot
|
python -m relay_gateway.manage_keys --file "$STORAGE_VOL_PATH/relay_keys.json" revoke --name cn-axbot
|
||||||
```
|
```
|
||||||
|
|||||||
+1
-1
@@ -72,7 +72,7 @@ module.exports = {
|
|||||||
},
|
},
|
||||||
|
|
||||||
// Unified relay gateway fronting SREBOT (sqb) and TSSBOT (tss):
|
// Unified relay gateway fronting SREBOT (sqb) and TSSBOT (tss):
|
||||||
// - Proxies read-only API queries (/api/sqb/* -> SREBOT :6000; /api/tss/* -> TSS API or 501)
|
// - Proxies read-only API queries (/api/sre/* -> SREBOT :6000; /api/tss/* -> TSS API or 501)
|
||||||
// - Streams replay envelopes over /ws/sqb and /ws/tss
|
// - Streams replay envelopes over /ws/sqb and /ws/tss
|
||||||
// - Per-key auth (all/sqb/tss) via $STORAGE_VOL_PATH/relay_keys.json
|
// - Per-key auth (all/sqb/tss) via $STORAGE_VOL_PATH/relay_keys.json
|
||||||
// Lives in BOTS/SHARED/relay_gateway; loads SREBOT/.env for shared config.
|
// Lives in BOTS/SHARED/relay_gateway; loads SREBOT/.env for shared config.
|
||||||
|
|||||||
@@ -88,6 +88,12 @@ function requireAdminBearer(req, res, next) {
|
|||||||
|
|
||||||
app.use('/api', requireApiBearer);
|
app.use('/api', requireApiBearer);
|
||||||
|
|
||||||
|
// Rewrite /api/sre/* → /api/* so the gateway can forward channel-prefixed paths.
|
||||||
|
app.use('/api/sre', (req, res, next) => {
|
||||||
|
req.url = req.url.replace('/api/sre', '/api');
|
||||||
|
next();
|
||||||
|
});
|
||||||
|
|
||||||
// Readiness gate: heavy aggregation endpoints sit behind this so cold-start
|
// Readiness gate: heavy aggregation endpoints sit behind this so cold-start
|
||||||
// requests don't pile up on the read connection while the DB is still opening
|
// requests don't pile up on the read connection while the DB is still opening
|
||||||
// indexes and the vehicle-list cache is warming. Resolves when boot work
|
// indexes and the vehicle-list cache is warming. Resolves when boot work
|
||||||
|
|||||||
Reference in New Issue
Block a user