This commit is contained in:
NotSoToothless
2026-06-28 06:20:20 -07:00
committed by GitHub
parent 377f7b8397
commit ffb31f3bb1
3 changed files with 12 additions and 6 deletions
+5 -5
View File
@@ -58,15 +58,15 @@
`ecosystem.config.js` includes a unified PM2 app named `relay-gateway` `ecosystem.config.js` includes a unified PM2 app named `relay-gateway`
(code in `BOTS/SHARED/relay_gateway/`). It fronts **both** bots: (code in `BOTS/SHARED/relay_gateway/`). It fronts **both** bots:
- proxies read-only queries: `/api/sqb/*` → SREBOT's internal API (`:6000`); - proxies read-only queries: `/api/sre/*` → SREBOT's internal API (`:6000`);
`/api/tss/*` → the TSS HTTP API (`:6100`) or `501` until it is deployed `/api/tss/*` → the TSS HTTP API (`:6100`) or `501` until it is deployed
- streams replay envelopes over `/ws/sqb` and `/ws/tss` - streams replay envelopes over `/ws/sre` and `/ws/tss`
- authenticates every request/socket against per-person keys at three levels - authenticates every request/socket against per-person keys at three levels
(`all`/`sqb`/`tss`) stored in `$STORAGE_VOL_PATH/relay_keys.json` (`all`/`sre`/`tss`) stored in `$STORAGE_VOL_PATH/relay_keys.json`
(SHA-256-hashed tokens, hot-reloaded on change) (SHA-256-hashed tokens, hot-reloaded on change)
Outbox/state files live under the shared storage volume (`STORAGE_VOL_PATH`): Outbox/state files live under the shared storage volume (`STORAGE_VOL_PATH`):
`external_bridge_outbox.jsonl` (sqb) and `tss_bridge_outbox.jsonl` (tss). `external_bridge_outbox.jsonl` (sre) and `tss_bridge_outbox.jsonl` (tss).
Useful commands: Useful commands:
@@ -76,7 +76,7 @@ pm2 start ecosystem.config.js --only relay-gateway
pm2 logs relay-gateway pm2 logs relay-gateway
# manage downstream keys (run from BOTS/SHARED with the shared venv): # manage downstream keys (run from BOTS/SHARED with the shared venv):
python -m relay_gateway.manage_keys --file "$STORAGE_VOL_PATH/relay_keys.json" add --name cn-axbot --level sqb python -m relay_gateway.manage_keys --file "$STORAGE_VOL_PATH/relay_keys.json" add --name cn-axbot --level sre
python -m relay_gateway.manage_keys --file "$STORAGE_VOL_PATH/relay_keys.json" list python -m relay_gateway.manage_keys --file "$STORAGE_VOL_PATH/relay_keys.json" list
python -m relay_gateway.manage_keys --file "$STORAGE_VOL_PATH/relay_keys.json" revoke --name cn-axbot python -m relay_gateway.manage_keys --file "$STORAGE_VOL_PATH/relay_keys.json" revoke --name cn-axbot
``` ```
+1 -1
View File
@@ -72,7 +72,7 @@ module.exports = {
}, },
// Unified relay gateway fronting SREBOT (sqb) and TSSBOT (tss): // Unified relay gateway fronting SREBOT (sqb) and TSSBOT (tss):
// - Proxies read-only API queries (/api/sqb/* -> SREBOT :6000; /api/tss/* -> TSS API or 501) // - Proxies read-only API queries (/api/sre/* -> SREBOT :6000; /api/tss/* -> TSS API or 501)
// - Streams replay envelopes over /ws/sqb and /ws/tss // - Streams replay envelopes over /ws/sqb and /ws/tss
// - Per-key auth (all/sqb/tss) via $STORAGE_VOL_PATH/relay_keys.json // - Per-key auth (all/sqb/tss) via $STORAGE_VOL_PATH/relay_keys.json
// Lives in BOTS/SHARED/relay_gateway; loads SREBOT/.env for shared config. // Lives in BOTS/SHARED/relay_gateway; loads SREBOT/.env for shared config.
+6
View File
@@ -88,6 +88,12 @@ function requireAdminBearer(req, res, next) {
app.use('/api', requireApiBearer); app.use('/api', requireApiBearer);
// Rewrite /api/sre/* → /api/* so the gateway can forward channel-prefixed paths.
app.use('/api/sre', (req, res, next) => {
req.url = req.url.replace('/api/sre', '/api');
next();
});
// Readiness gate: heavy aggregation endpoints sit behind this so cold-start // Readiness gate: heavy aggregation endpoints sit behind this so cold-start
// requests don't pile up on the read connection while the DB is still opening // requests don't pile up on the read connection while the DB is still opening
// indexes and the vehicle-list cache is warming. Resolves when boot work // indexes and the vehicle-list cache is warming. Resolves when boot work