Stage 10: admin console & dictionary ops (complaint review, hot-reload, broadcasts)
Server-rendered admin console in the backend at /_gm (internal/adminconsole), fronted on the gateway's public listener by Basic-Auth + a verbatim reverse proxy (mounted on the edge mux below the h2c wrap). A same-origin check guards its POSTs; no operator identity is tracked. This supersedes the Stage 6 gateway-fronts- /api/v1/admin model: GATEWAY_ADMIN_ADDR and the backend /api/v1/admin ping are dropped and gateway/internal/admin is repurposed to the verbatim proxy. - Complaints: migration 00008 (+ jetgen) adds disposition/resolution_note/ resolved_at/applied_in_version + the deferred status CHECK; resolution feeds a query-derived pending dictionary-change pipeline (marked applied after a reload). - Dictionary hot-reload: per-version subdir BACKEND_DICT_DIR/<version>/ via the new Registry.LoadAvailable; engine.OpenWithVersions restores resident versions on restart. Partially addresses TODO-2. - Broadcasts: a backend Telegram-connector client (internal/connector, BACKEND_CONNECTOR_ADDR) for SendToUser / SendToGameChannel (discharges the Stage 9 forward-note). - Admin reads: account.ListAccounts/CountAccounts/Identities and game.ListGames/CountGames/GameByID/ListComplaints/GetComplaint/CountComplaints/ ResolveComplaint/DictionaryChanges/MarkChangesApplied. - Tests: adminconsole render, engine reload, same-origin guard, gateway verbatim proxy + h2c console mount, inttest complaint pipeline + list/count + /_gm console. - Docs: PLAN (Stage 10 done + refinements + TODO-2), ARCHITECTURE §1/§5/§6/§12/§13, FUNCTIONAL (+_ru), TESTING, backend/gateway READMEs.
This commit is contained in:
Ilia Denisov
@@ -11,11 +11,9 @@ import (
|
||||
|
||||
// Config holds the gateway's runtime configuration.
|
||||
type Config struct {
|
||||
// HTTPAddr is the public Connect/h2c listener address (host:port).
|
||||
// HTTPAddr is the public Connect/h2c listener address (host:port). It also
|
||||
// serves the admin console at /_gm when admin credentials are configured.
|
||||
HTTPAddr string
|
||||
// AdminAddr is the admin reverse-proxy listener address. Admin is enabled only
|
||||
// when AdminUser and AdminPassword are also set.
|
||||
AdminAddr string
|
||||
// LogLevel is the zap log level: "debug", "info", "warn" or "error".
|
||||
LogLevel string
|
||||
// BackendHTTPURL is the base URL of the backend REST API (gateway -> backend).
|
||||
@@ -59,7 +57,6 @@ type RateLimitConfig struct {
|
||||
// Defaults applied when the corresponding environment variable is unset.
|
||||
const (
|
||||
defaultHTTPAddr = ":8081"
|
||||
defaultAdminAddr = ":8082"
|
||||
defaultLogLevel = "info"
|
||||
defaultBackendHTTPURL = "http://localhost:8080"
|
||||
defaultBackendGRPCAddr = "localhost:9090"
|
||||
@@ -85,7 +82,6 @@ func Load() (Config, error) {
|
||||
var err error
|
||||
c := Config{
|
||||
HTTPAddr: envOr("GATEWAY_HTTP_ADDR", defaultHTTPAddr),
|
||||
AdminAddr: envOr("GATEWAY_ADMIN_ADDR", defaultAdminAddr),
|
||||
LogLevel: envOr("GATEWAY_LOG_LEVEL", defaultLogLevel),
|
||||
BackendHTTPURL: envOr("GATEWAY_BACKEND_HTTP_URL", defaultBackendHTTPURL),
|
||||
BackendGRPCAddr: envOr("GATEWAY_BACKEND_GRPC_ADDR", defaultBackendGRPCAddr),
|
||||
@@ -113,10 +109,10 @@ func Load() (Config, error) {
|
||||
return c, nil
|
||||
}
|
||||
|
||||
// AdminEnabled reports whether the admin proxy should be served (an address and
|
||||
// both Basic-Auth credentials are configured).
|
||||
// AdminEnabled reports whether the admin console proxy should be mounted (both
|
||||
// Basic-Auth credentials are configured).
|
||||
func (c Config) AdminEnabled() bool {
|
||||
return c.AdminAddr != "" && c.AdminUser != "" && c.AdminPassword != ""
|
||||
return c.AdminUser != "" && c.AdminPassword != ""
|
||||
}
|
||||
|
||||
// validate reports whether the configuration values are acceptable.
|
||||
|
||||
Reference in New Issue
Block a user