fanfpy/AriStockAI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(traefik): 添加HTTPS支持并更新服务路由配置

Browse Source 
- 在traefik配置中添加TLS证书支持
- 开放443端口用于HTTPS通信
- 更新各微服务的路由规则,使用PathPrefix代替Host匹配
- 为API路由添加路径前缀剥离中间件
- 添加SSL证书文件到项目
This commit is contained in:
fanfpy 2025-07-17 09:56:02 +08:00
parent 8e87081312
commit a44ac35f39
10 changed files with 87 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
consul/config/prod/data-service.json
View File

@ -8,10 +8,13 @@
}, },
"id": "data-service-1", "id": "data-service-1",
"tags": [ "tags": [
"traefik.enable=true", "traefik.enable=true",
"traefik.http.routers.data-service.rule=Host(\"data.aristockai.com\")", "traefik.http.routers.data-service.rule=PathPrefix(`/api/data`) || PathPrefix(`/api/public`)",
"traefik.http.routers.data-service.entrypoints=web" "traefik.http.routers.data-service.priority=100",
], "traefik.http.routers.data-service.entrypoints=web",
"traefik.http.middlewares.data-service-stripprefix.stripprefix.prefixes=/api/data,/api/public",
"traefik.http.routers.data-service.middlewares=data-service-stripprefix@consulcatalog"
],
"name": "data-service", "name": "data-service",
"port": 8000 "port": 8000
} }

6
consul/config/prod/emotion-service.json
View File

@ -9,8 +9,10 @@
"id": "emotion-service-1", "id": "emotion-service-1",
"tags": [ "tags": [
"traefik.enable=true", "traefik.enable=true",
"traefik.http.routers.emotion-service.rule=Host(\"emotion.aristockai.com\")", "traefik.http.routers.emotion-service.rule=PathPrefix(`/api/emotion`) || PathPrefix(`/api/sentiment`)",
"traefik.http.routers.emotion-service.entrypoints=web" "traefik.http.routers.emotion-service.entrypoints=web",
"traefik.http.middlewares.emotion-service-stripprefix.stripprefix.prefixes=/api/emotion,/api/sentiment",
"traefik.http.routers.emotion-service.middlewares=emotion-service-stripprefix@consulcatalog"
], ],
"name": "emotion-service", "name": "emotion-service",
"port": 8002 "port": 8002

3
consul/config/prod/frontend.json
View File

@ -9,7 +9,8 @@
"id": "frontend-1", "id": "frontend-1",
"tags": [ "tags": [
"traefik.enable=true", "traefik.enable=true",
"traefik.http.routers.frontend.rule=Host(\"aristockai.com\") || Host(\"www.aristockai.com\")", "traefik.http.routers.frontend.rule=PathPrefix(`/`) || PathPrefix(`/index.html`) || PathPrefix(`/static`)",
"traefik.http.routers.frontend.priority=10",
"traefik.http.routers.frontend.entrypoints=web" "traefik.http.routers.frontend.entrypoints=web"
], ],
"name": "frontend", "name": "frontend",

6
consul/config/prod/quant-service.json
View File

@ -9,8 +9,10 @@
"id": "quant-service-1", "id": "quant-service-1",
"tags": [ "tags": [
"traefik.enable=true", "traefik.enable=true",
"traefik.http.routers.quant-service.rule=Host(\"quant.aristockai.com\")", "traefik.http.routers.quant-service.rule=PathPrefix(`/api/quant`) || PathPrefix(`/api/strategy`)",
"traefik.http.routers.quant-service.entrypoints=web" "traefik.http.routers.quant-service.entrypoints=web",
"traefik.http.middlewares.quant-service-stripprefix.stripprefix.prefixes=/api/quant,/api/strategy",
"traefik.http.routers.quant-service.middlewares=quant-service-stripprefix@consulcatalog"
], ],
"name": "quant-service", "name": "quant-service",
"port": 8001 "port": 8001

6
consul/config/prod/recommend-service.json
View File

@ -9,8 +9,10 @@
"id": "recommend-service-1", "id": "recommend-service-1",
"tags": [ "tags": [
"traefik.enable=true", "traefik.enable=true",
"traefik.http.routers.recommend-service.rule=Host(\"recommend.aristockai.com\")", "traefik.http.routers.recommend-service.rule=PathPrefix(`/api/recommend`) || PathPrefix(`/api/suggest`)",
"traefik.http.routers.recommend-service.entrypoints=web" "traefik.http.routers.recommend-service.entrypoints=web",
"traefik.http.middlewares.recommend-service-stripprefix.stripprefix.prefixes=/api/recommend,/api/suggest",
"traefik.http.routers.recommend-service.middlewares=recommend-service-stripprefix@consulcatalog"
], ],
"name": "recommend-service", "name": "recommend-service",
"port": 8003 "port": 8003

6
consul/config/prod/user-service.json
View File

@ -9,8 +9,10 @@
"id": "user-service-1", "id": "user-service-1",
"tags": [ "tags": [
"traefik.enable=true", "traefik.enable=true",
"traefik.http.routers.user-service.rule=Host(\"user.aristockai.com\")", "traefik.http.routers.user-service.rule=PathPrefix(`/api/user`) || PathPrefix(`/api/auth`)",
"traefik.http.routers.user-service.entrypoints=web" "traefik.http.routers.user-service.entrypoints=web",
"traefik.http.middlewares.user-service-stripprefix.stripprefix.prefixes=/api/user,/api/auth",
"traefik.http.routers.user-service.middlewares=user-service-stripprefix@consulcatalog"
], ],
"name": "user-service", "name": "user-service",
"port": 8004 "port": 8004

2
docker-compose.yml
View File

@ -30,10 +30,12 @@ services:
- --configFile=/etc/traefik/traefik.yml - --configFile=/etc/traefik/traefik.yml
ports: ports:
- "80:80" - "80:80"
- "443:443"
- "8080:8080" # Traefik dashboard - "8080:8080" # Traefik dashboard
volumes: volumes:
- /var/run/docker.sock:/var/run/docker.sock - /var/run/docker.sock:/var/run/docker.sock
- ./traefik/config/${TRAEFIK_CONFIG_DIR}/traefik.yml:/etc/traefik/traefik.yml - ./traefik/config/${TRAEFIK_CONFIG_DIR}/traefik.yml:/etc/traefik/traefik.yml
- ./traefik/certs:/etc/traefik/certs
networks: networks:
- microservice-network - microservice-network

27
traefik/certs/cert.pem Normal file
View File

@ -0,0 +1,27 @@
-----BEGIN CERTIFICATE-----
MIIEqDCCA5CgAwIBAgIULhNAPQNIE+da1BmK/iUIJHMEpdcwDQYJKoZIhvcNAQEL
BQAwgYsxCzAJBgNVBAYTAlVTMRkwFwYDVQQKExBDbG91ZEZsYXJlLCBJbmMuMTQw
MgYDVQQLEytDbG91ZEZsYXJlIE9yaWdpbiBTU0wgQ2VydGlmaWNhdGUgQXV0aG9y
aXR5MRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRMwEQYDVQQIEwpDYWxpZm9ybmlh
MB4XDTI1MDcxNzAxNDcwMFoXDTQwMDcxMzAxNDcwMFowYjEZMBcGA1UEChMQQ2xv
dWRGbGFyZSwgSW5jLjEdMBsGA1UECxMUQ2xvdWRGbGFyZSBPcmlnaW4gQ0ExJjAk
BgNVBAMTHUNsb3VkRmxhcmUgT3JpZ2luIENlcnRpZmljYXRlMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA299gig6KEga4cEjyJ2OFvcodXDvG2+GZ50P7
vJgI2tX4yCJeynq8rkB7hPGJj7nUCyPO2gOZCdzWrapYLFe9udPoePMk2rQTW/pv
nrX7wmdV+ETa9KmeJA+oShLSPOfT9eYJ+6DcrF2F9Rj+GpijGstJNmmXgAczJbZV
F32tJOWANT+7n9gQOPJJYr1oY9yrYLuTGQasVZx0ikXPexvCfncYfwcZH9+MQXSK
2oSMeMjx4+jRe/4CCP8G3/q1KiEz8PXL9N6urJ111OeGxiWG2yBCxegZxVOmECNU
oklDjJmKlwBIoXUcco9TNYkEIGSN3Qpr6RHB3i6bvsv1aGepbwIDAQABo4IBKjCC
ASYwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
ATAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRK+tCx63O5SsPB1nQg+hrgtfMXHjAf
BgNVHSMEGDAWgBQk6FNXXXw0QIep65TbuuEWePwppDBABggrBgEFBQcBAQQ0MDIw
MAYIKwYBBQUHMAGGJGh0dHA6Ly9vY3NwLmNsb3VkZmxhcmUuY29tL29yaWdpbl9j
YTArBgNVHREEJDAighAqLmFyaXN0b2NrYWkuY29tgg5hcmlzdG9ja2FpLmNvbTA4
BgNVHR8EMTAvMC2gK6AphidodHRwOi8vY3JsLmNsb3VkZmxhcmUuY29tL29yaWdp
bl9jYS5jcmwwDQYJKoZIhvcNAQELBQADggEBAHXxDKrOIY57/9ro/PzFFiOgDFdf
vtVbxUeNsZZo433sV27ZbUSSlu5qpuaY9SRI8q/aEhXIXhsUgBfbU9gkESx6Zpt3
s7QR0a87lNKnu7BdBsK8WNMgIxVKKYhxwn0qxY0ko4Nro5r4eu+0zbJbZpB0EjR+
30wkKwNdPCrYwuwrqf0Hvx7oHH7OSOPRpGOPf7KdF3hOZH+geyut26TGxzPQOku3
Lif12iUSQL9M8TJgnNuBkGrLJivnrPcKBC3+OiY4+N2jHd0NV0B025rhy2JLlZ6n
GWLSslvSJ+VYcixYCd7q6RZh6QHbmTqhVdacYIiEnt9MfmxGHFYuoDJAYVQ=
-----END CERTIFICATE-----

28
traefik/certs/key.pem Normal file
View File

@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDb32CKDooSBrhw
SPInY4W9yh1cO8bb4ZnnQ/u8mAja1fjIIl7KeryuQHuE8YmPudQLI87aA5kJ3Nat
qlgsV7250+h48yTatBNb+m+etfvCZ1X4RNr0qZ4kD6hKEtI859P15gn7oNysXYX1
GP4amKMay0k2aZeABzMltlUXfa0k5YA1P7uf2BA48klivWhj3Ktgu5MZBqxVnHSK
Rc97G8J+dxh/Bxkf34xBdIrahIx4yPHj6NF7/gII/wbf+rUqITPw9cv03q6snXXU
54bGJYbbIELF6BnFU6YQI1SiSUOMmYqXAEihdRxyj1M1iQQgZI3dCmvpEcHeLpu+
y/VoZ6lvAgMBAAECggEAN5ODbfIV4U+UkEFIAD/OPvZXLIipj8u7ILNU7stJNbNv
MntJlYmnpq4C6sw41r0EhZpT/1R4ev84vmX36qF1AgM32FaxQpzQ5edsDmR2kiGX
n+0boUs8f2X7xllyjdWVhKrUbCexj9oF8bmTBTr+w1eOFnRjSIfJXGd1o73vJYtr
DWP4yIOR84aVnfv9R555FsJrrHfiCi1IqMmwGqTnjPxlAUGaNiM40o1BORnwCEqd
Rya7a+6Poh0EtxdSNvJQefLt+Od41kAg4Mnmgz04FlNTEnxp0vOKNq4F3wBqRE3G
rSdEXXs4V1FTAM2h693nEsieREEDb2iiczp0Bta7MQKBgQD8W+ms3RZSdFTbxSZH
Rj2TsNjxP0SUSOmb9dcSwLLFfriRpivhbDnhwdWlEbHTjNAtjOKmhWPUwoUWo4rF
kSlCXfhCPISoVv8+cLDwJSR6RFwLPwad14WoWTa46mp3NFMMwH/+oWtuAMQLhZzp
z+sE19S6TTZOxRdzKTxxqbxq3wKBgQDfC3nEypYfmsXyI3z6OXsTAD6zBYHMWx8m
GFFUjoF2zr23LywAupZAX3200EbwzJcs06S3CrFFhQXz2b+qRINWkYYS1C9Qfmqn
G7kNb4R2mfGPWJbSbQuwFjF8LzM9y6kYSMhrXmmy2yHiy4k/wkl5jlIW4SvClfqz
2SouGmAjcQKBgBKp/ZNSWqdIgUorv5P/5uf4aWMWSc0pw1VMjlaNt+sRXzcucgpf
BbzjqBhoQZ2iyXbE97JXJTYEGPG+sLHB9ao55vWHIkyM+p20mfF43cTJL4GJbMTZ
vsHfr0Nn2u3sCcRkrFK5v4dIOTec7yj/vqMCD3Kj6UNUIlLbFuRVKGFDAoGBAJRT
D1Ec36R4ynXxv6SvIPdLzGZEnUKGvjoZJcyzT8jwRx1Qk1SQwGZimjfp4aM0irvW
qszGoYh3o7O79EeIdEbXU2+mByjiSI6EUxVqOY6dZRRMd0/MEF+zAolw4gSQMQzj
KdSs3mGAdBJcBBOQYkghqtloOC+YiTWcjv5Fr/UhAoGAHZNnuX6+OvAxf9l0fmAS
zzeDIGNb3pMnPL1jiPzd4olA7rOsDtDhHe4bWsQZ7JgNlC8M1vRD2OH6rXqla+kk
6QcRA4YIVkARXSVQUBeiaX+Pb0s+ryVk1ZtG2DHnrXdvrVNg21AdxrvB6eP9Y5C8
PP2F6VN5eyIxyzORR5FVl/8=
-----END PRIVATE KEY-----

5
traefik/config/prod/traefik.yml
View File

@ -8,6 +8,11 @@ entryPoints:
scheme: https scheme: https
websecure: websecure:
address: ":443" address: ":443"
http:
tls:
certificates:
- certFile: /etc/traefik/certs/cert.pem
keyFile: /etc/traefik/certs/key.pem
providers: providers: