local-dev: rebuild dead sandbox + harden lobby card UX
Three fixes around the dev sandbox end-to-end path. Each one was flushed out by an actual login walkthrough after the previous commit. Backend bootstrap now treats `cancelled`, `finished`, and `start_failed` as terminal: the per-boot find-or-create skips such games and provisions a fresh one. Without this, a single bad shutdown cascade leaves the developer staring at a dead lobby tile forever (cancelled games don't transition back). Covered by TestTerminalSandboxStatus. Tools/local-dev: stop killing engine containers in `make down`. The runtime treats the disappearance of an engine as a real failure (cascading the lobby game to `cancelled`); leaving the container running across `down/up` lets the runtime reconciler re-attach on the next boot. The teardown happens only in `make clean`, where the DB is wiped anyway. Compose now also exposes :9090 (authenticated EdgeGateway listener) on the host so the Vite dev proxy can reach the Connect-Web surface, and bumps the gateway anti-abuse limits for `public_misc` so the same surface is not blanket-rejected with 413. Ui/frontend: the lobby's `My Games` cards are now clickable only for the playable statuses (`running`, `paused`, `finished`). All other statuses render as disabled buttons so a click on a draft or cancelled game no longer drops the user on a 404 — the in-game view at /games/:id/* doesn't exist before Phase 10 and never makes sense for a cancelled game. Vite proxy splits the dev targets so `/api/*` continues to talk to the REST listener and `/galaxy.gateway.v1.EdgeGateway/*` is routed to the Connect-Web listener via VITE_DEV_GRPC_PROXY_TARGET (defaults to :9090). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
Ilia Denisov
@@ -167,6 +167,16 @@ services:
|
||||
GATEWAY_PUBLIC_HTTP_ANTI_ABUSE_SEND_EMAIL_CODE_IDENTITY_RATE_LIMIT_BURST: "1000"
|
||||
GATEWAY_PUBLIC_HTTP_ANTI_ABUSE_CONFIRM_EMAIL_CODE_IDENTITY_RATE_LIMIT_REQUESTS: "10000"
|
||||
GATEWAY_PUBLIC_HTTP_ANTI_ABUSE_CONFIRM_EMAIL_CODE_IDENTITY_RATE_LIMIT_BURST: "1000"
|
||||
# public_misc class wraps the authenticated EdgeGateway gRPC
|
||||
# endpoints (ExecuteCommand, SubscribeEvents). The gateway's
|
||||
# default for this class is 0 bytes, which rejects every
|
||||
# non-empty body with HTTP 413; override with a generous limit
|
||||
# so browser-side commands carrying signed envelopes go through.
|
||||
GATEWAY_PUBLIC_HTTP_ANTI_ABUSE_PUBLIC_MISC_MAX_BODY_BYTES: "131072"
|
||||
GATEWAY_PUBLIC_HTTP_ANTI_ABUSE_PUBLIC_MISC_RATE_LIMIT_REQUESTS: "10000"
|
||||
GATEWAY_PUBLIC_HTTP_ANTI_ABUSE_PUBLIC_MISC_RATE_LIMIT_BURST: "1000"
|
||||
GATEWAY_PUBLIC_HTTP_ANTI_ABUSE_BROWSER_BOOTSTRAP_MAX_BODY_BYTES: "65536"
|
||||
GATEWAY_PUBLIC_HTTP_ANTI_ABUSE_BROWSER_ASSET_MAX_BODY_BYTES: "65536"
|
||||
GATEWAY_AUTHENTICATED_GRPC_ANTI_ABUSE_IP_RATE_LIMIT_REQUESTS: "10000"
|
||||
GATEWAY_AUTHENTICATED_GRPC_ANTI_ABUSE_IP_RATE_LIMIT_BURST: "1000"
|
||||
GATEWAY_AUTHENTICATED_GRPC_ANTI_ABUSE_SESSION_RATE_LIMIT_REQUESTS: "10000"
|
||||
@@ -177,6 +187,10 @@ services:
|
||||
GATEWAY_AUTHENTICATED_GRPC_ANTI_ABUSE_MESSAGE_CLASS_RATE_LIMIT_BURST: "1000"
|
||||
ports:
|
||||
- "8080:8080"
|
||||
# Authenticated EdgeGateway connect-web/gRPC listener. The
|
||||
# browser reaches it via the Vite dev proxy in
|
||||
# ui/frontend/vite.config.ts.
|
||||
- "9090:9090"
|
||||
volumes:
|
||||
- ./keys/gateway-response.pem:/run/secrets/gateway-response.pem:ro
|
||||
networks:
|
||||
|
||||
Reference in New Issue
Block a user