first commit

deploy/config.example.yaml

@@ -0,0 +1,563 @@
+# Sub2API Configuration File
+# Sub2API 配置文件
+#
+# Copy this file to /etc/sub2api/config.yaml and modify as needed
+# 复制此文件到 /etc/sub2api/config.yaml 并根据需要修改
+#
+# Documentation / 文档: https://github.com/Wei-Shaw/sub2api
+
+# =============================================================================
+# Server Configuration
+# 服务器配置
+# =============================================================================
+server:
+  # Bind address (0.0.0.0 for all interfaces)
+  # 绑定地址（0.0.0.0 表示监听所有网络接口）
+  host: "0.0.0.0"
+  # Port to listen on
+  # 监听端口
+  port: 8080
+  # Mode: "debug" for development, "release" for production
+  # 运行模式："debug" 用于开发，"release" 用于生产环境
+  mode: "release"
+  # Trusted proxies for X-Forwarded-For parsing (CIDR/IP). Empty disables trusted proxies.
+  # 信任的代理地址（CIDR/IP 格式），用于解析 X-Forwarded-For 头。留空则禁用代理信任。
+  trusted_proxies: []
+
+# =============================================================================
+# Run Mode Configuration
+# 运行模式配置
+# =============================================================================
+# Run mode: "standard" (default) or "simple" (for internal use)
+# 运行模式："standard"（默认）或 "simple"（内部使用）
+# - standard: Full SaaS features with billing/balance checks
+# - standard: 完整 SaaS 功能，包含计费和余额校验
+# - simple: Hides SaaS features and skips billing/balance checks
+# - simple: 隐藏 SaaS 功能，跳过计费和余额校验
+run_mode: "standard"
+
+# =============================================================================
+# CORS Configuration
+# 跨域资源共享 (CORS) 配置
+# =============================================================================
+cors:
+  # Allowed origins list. Leave empty to disable cross-origin requests.
+  # 允许的来源列表。留空则禁用跨域请求。
+  allowed_origins: []
+  # Allow credentials (cookies/authorization headers). Cannot be used with "*".
+  # 允许携带凭证（cookies/授权头）。不能与 "*" 通配符同时使用。
+  allow_credentials: true
+
+# =============================================================================
+# Security Configuration
+# 安全配置
+# =============================================================================
+security:
+  url_allowlist:
+    # Enable URL allowlist validation (disable to skip all URL checks)
+    # 启用 URL 白名单验证（禁用则跳过所有 URL 检查）
+    enabled: false
+    # Allowed upstream hosts for API proxying
+    # 允许代理的上游 API 主机列表
+    upstream_hosts:
+      - "api.openai.com"
+      - "api.anthropic.com"
+      - "api.kimi.com"
+      - "open.bigmodel.cn"
+      - "api.minimaxi.com"
+      - "generativelanguage.googleapis.com"
+      - "cloudcode-pa.googleapis.com"
+      - "*.openai.azure.com"
+    # Allowed hosts for pricing data download
+    # 允许下载定价数据的主机列表
+    pricing_hosts:
+      - "raw.githubusercontent.com"
+    # Allowed hosts for CRS sync (required when using CRS sync)
+    # 允许 CRS 同步的主机列表（使用 CRS 同步功能时必须配置）
+    crs_hosts: []
+    # Allow localhost/private IPs for upstream/pricing/CRS (use only in trusted networks)
+    # 允许本地/私有 IP 地址用于上游/定价/CRS（仅在可信网络中使用）
+    allow_private_hosts: true
+    # Allow http:// URLs when allowlist is disabled (default: false, require https)
+    # 白名单禁用时是否允许 http:// URL（默认: false，要求 https）
+    allow_insecure_http: true
+  response_headers:
+    # Enable configurable response header filtering (disable to use default allowlist)
+    # 启用可配置的响应头过滤（禁用则使用默认白名单）
+    enabled: false
+    # Extra allowed response headers from upstream
+    # 额外允许的上游响应头
+    additional_allowed: []
+    # Force-remove response headers from upstream
+    # 强制移除的上游响应头
+    force_remove: []
+  csp:
+    # Enable Content-Security-Policy header
+    # 启用内容安全策略 (CSP) 响应头
+    enabled: true
+    # Default CSP policy (override if you host assets on other domains)
+    # 默认 CSP 策略（如果静态资源托管在其他域名，请自行覆盖）
+    policy: "default-src 'self'; script-src 'self' https://challenges.cloudflare.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' https:; frame-src https://challenges.cloudflare.com; frame-ancestors 'none'; base-uri 'self'; form-action 'self'"
+  proxy_probe:
+    # Allow skipping TLS verification for proxy probe (debug only)
+    # 允许代理探测时跳过 TLS 证书验证（仅用于调试）
+    insecure_skip_verify: false
+
+# =============================================================================
+# Gateway Configuration
+# 网关配置
+# =============================================================================
+gateway:
+  # Timeout for waiting upstream response headers (seconds)
+  # 等待上游响应头超时时间（秒）
+  response_header_timeout: 600
+  # Max request body size in bytes (default: 100MB)
+  # 请求体最大字节数（默认 100MB）
+  max_body_size: 104857600
+  # Connection pool isolation strategy:
+  # 连接池隔离策略：
+  # - proxy: Isolate by proxy, same proxy shares connection pool (suitable for few proxies, many accounts)
+  # - proxy: 按代理隔离，同一代理共享连接池（适合代理少、账户多）
+  # - account: Isolate by account, same account shares connection pool (suitable for few accounts, strict isolation)
+  # - account: 按账户隔离，同一账户共享连接池（适合账户少、需严格隔离）
+  # - account_proxy: Isolate by account+proxy combination (default, finest granularity)
+  # - account_proxy: 按账户+代理组合隔离（默认，最细粒度）
+  connection_pool_isolation: "account_proxy"
+  # HTTP upstream connection pool settings (HTTP/2 + multi-proxy scenario defaults)
+  # HTTP 上游连接池配置（HTTP/2 + 多代理场景默认值）
+  # Max idle connections across all hosts
+  # 所有主机的最大空闲连接数
+  max_idle_conns: 240
+  # Max idle connections per host
+  # 每个主机的最大空闲连接数
+  max_idle_conns_per_host: 120
+  # Max connections per host
+  # 每个主机的最大连接数
+  max_conns_per_host: 240
+  # Idle connection timeout (seconds)
+  # 空闲连接超时时间（秒）
+  idle_conn_timeout_seconds: 90
+  # Upstream client cache settings
+  # 上游连接池客户端缓存配置
+  # max_upstream_clients: Max cached clients, evicts least recently used when exceeded
+  # max_upstream_clients: 最大缓存客户端数量，超出后淘汰最久未使用的
+  max_upstream_clients: 5000
+  # client_idle_ttl_seconds: Client idle reclaim threshold (seconds), reclaimed when idle and no active requests
+  # client_idle_ttl_seconds: 客户端空闲回收阈值（秒），超时且无活跃请求时回收
+  client_idle_ttl_seconds: 900
+  # Concurrency slot expiration time (minutes)
+  # 并发槽位过期时间（分钟）
+  concurrency_slot_ttl_minutes: 30
+  # Stream data interval timeout (seconds), 0=disable
+  # 流数据间隔超时（秒），0=禁用
+  stream_data_interval_timeout: 180
+  # Stream keepalive interval (seconds), 0=disable
+  # 流式 keepalive 间隔（秒），0=禁用
+  stream_keepalive_interval: 10
+  # SSE max line size in bytes (default: 40MB)
+  # SSE 单行最大字节数（默认 40MB）
+  max_line_size: 41943040
+  # Log upstream error response body summary (safe/truncated; does not log request content)
+  # 记录上游错误响应体摘要（安全/截断；不记录请求内容）
+  log_upstream_error_body: true
+  # Max bytes to log from upstream error body
+  # 记录上游错误响应体的最大字节数
+  log_upstream_error_body_max_bytes: 2048
+  # Auto inject anthropic-beta header for API-key accounts when needed (default: off)
+  # 需要时自动为 API-key 账户注入 anthropic-beta 头（默认：关闭）
+  inject_beta_for_apikey: false
+  # Allow failover on selected 400 errors (default: off)
+  # 允许在特定 400 错误时进行故障转移（默认：关闭）
+  failover_on_400: false
+  # Scheduling configuration
+  # 调度配置
+  scheduling:
+    # Sticky session max waiting queue size
+    # 粘性会话最大排队长度
+    sticky_session_max_waiting: 3
+    # Sticky session wait timeout (duration)
+    # 粘性会话等待超时（时间段）
+    sticky_session_wait_timeout: 120s
+    # Fallback wait timeout (duration)
+    # 兜底排队等待超时（时间段）
+    fallback_wait_timeout: 30s
+    # Fallback max waiting queue size
+    # 兜底最大排队长度
+    fallback_max_waiting: 100
+    # Enable batch load calculation for scheduling
+    # 启用调度批量负载计算
+    load_batch_enabled: true
+    # Slot cleanup interval (duration)
+    # 并发槽位清理周期（时间段）
+    slot_cleanup_interval: 30s
+    # 是否允许受控回源到 DB（默认 true，保持现有行为）
+    db_fallback_enabled: true
+    # 受控回源超时（秒），0 表示不额外收紧超时
+    db_fallback_timeout_seconds: 0
+    # 受控回源限流（实例级 QPS），0 表示不限制
+    db_fallback_max_qps: 0
+    # outbox 轮询周期（秒）
+    outbox_poll_interval_seconds: 1
+    # outbox 滞后告警阈值（秒）
+    outbox_lag_warn_seconds: 5
+    # outbox 触发强制重建阈值（秒）
+    outbox_lag_rebuild_seconds: 10
+    # outbox 连续滞后触发次数
+    outbox_lag_rebuild_failures: 3
+    # outbox 积压触发重建阈值（行数）
+    outbox_backlog_rebuild_rows: 10000
+    # 全量重建周期（秒），0 表示禁用
+    full_rebuild_interval_seconds: 300
+
+# =============================================================================
+# API Key Auth Cache Configuration
+# API Key 认证缓存配置
+# =============================================================================
+api_key_auth_cache:
+  # L1 cache size (entries), in-process LRU/TTL cache
+  # L1 缓存容量（条目数），进程内 LRU/TTL 缓存
+  l1_size: 65535
+  # L1 cache TTL (seconds)
+  # L1 缓存 TTL（秒）
+  l1_ttl_seconds: 15
+  # L2 cache TTL (seconds), stored in Redis
+  # L2 缓存 TTL（秒），Redis 中存储
+  l2_ttl_seconds: 300
+  # Negative cache TTL (seconds)
+  # 负缓存 TTL（秒）
+  negative_ttl_seconds: 30
+  # TTL jitter percent (0-100)
+  # TTL 抖动百分比（0-100）
+  jitter_percent: 10
+  # Enable singleflight for cache misses
+  # 缓存未命中时启用 singleflight 合并回源
+  singleflight: true
+
+# =============================================================================
+# Dashboard Cache Configuration
+# 仪表盘缓存配置
+# =============================================================================
+dashboard_cache:
+  # Enable dashboard cache
+  # 启用仪表盘缓存
+  enabled: true
+  # Redis key prefix for multi-environment isolation
+  # Redis key 前缀，用于多环境隔离
+  key_prefix: "sub2api:"
+  # Fresh TTL (seconds); within this window cached stats are considered fresh
+  # 新鲜阈值（秒）；命中后处于该窗口视为新鲜数据
+  stats_fresh_ttl_seconds: 15
+  # Cache TTL (seconds) stored in Redis
+  # Redis 缓存 TTL（秒）
+  stats_ttl_seconds: 30
+  # Async refresh timeout (seconds)
+  # 异步刷新超时（秒）
+  stats_refresh_timeout_seconds: 30
+
+# =============================================================================
+# Dashboard Aggregation Configuration
+# 仪表盘预聚合配置（重启生效）
+# =============================================================================
+dashboard_aggregation:
+  # Enable aggregation job
+  # 启用聚合作业
+  enabled: true
+  # Refresh interval (seconds)
+  # 刷新间隔（秒）
+  interval_seconds: 60
+  # Lookback window (seconds) for late-arriving data
+  # 回看窗口（秒），处理迟到数据
+  lookback_seconds: 120
+  # Allow manual backfill
+  # 允许手动回填
+  backfill_enabled: false
+  # Backfill max range (days)
+  # 回填最大跨度（天）
+  backfill_max_days: 31
+  # Recompute recent N days on startup
+  # 启动时重算最近 N 天
+  recompute_days: 2
+  # Retention windows (days)
+  # 保留窗口（天）
+  retention:
+    # Raw usage_logs retention
+    # 原始 usage_logs 保留天数
+    usage_logs_days: 90
+    # Hourly aggregation retention
+    # 小时聚合保留天数
+    hourly_days: 180
+    # Daily aggregation retention
+    # 日聚合保留天数
+    daily_days: 730
+
+# =============================================================================
+# Concurrency Wait Configuration
+# 并发等待配置
+# =============================================================================
+concurrency:
+  # SSE ping interval during concurrency wait (seconds)
+  # 并发等待期间的 SSE ping 间隔（秒）
+  ping_interval: 10
+
+# =============================================================================
+# Database Configuration (PostgreSQL)
+# 数据库配置 (PostgreSQL)
+# =============================================================================
+database:
+  # Database host address
+  # 数据库主机地址
+  host: "localhost"
+  # Database port
+  # 数据库端口
+  port: 5432
+  # Database username
+  # 数据库用户名
+  user: "postgres"
+  # Database password
+  # 数据库密码
+  password: "your_secure_password_here"
+  # Database name
+  # 数据库名称
+  dbname: "sub2api"
+  # SSL mode: disable, require, verify-ca, verify-full
+  # SSL 模式：disable（禁用）, require（要求）, verify-ca（验证CA）, verify-full（完全验证）
+  sslmode: "disable"
+
+# =============================================================================
+# Redis Configuration
+# Redis 配置
+# =============================================================================
+redis:
+  # Redis host address
+  # Redis 主机地址
+  host: "localhost"
+  # Redis port
+  # Redis 端口
+  port: 6379
+  # Redis password (leave empty if no password is set)
+  # Redis 密码（如果未设置密码则留空）
+  password: ""
+  # Database number (0-15)
+  # 数据库编号（0-15）
+  db: 0
+
+# =============================================================================
+# Ops Monitoring (Optional)
+# 运维监控 (可选)
+# =============================================================================
+ops:
+  # Enable ops monitoring features (background jobs and APIs)
+  # 是否启用运维监控功能（后台任务和接口）
+  # Set to false to hide ops menu in sidebar and disable all ops features
+  # 设置为 false 可在左侧栏隐藏运维监控菜单并禁用所有运维监控功能
+  # Other detailed settings (cleanup, aggregation, etc.) are configured in ops settings dialog
+  # 其他详细设置（数据清理、预聚合等）在运维监控设置对话框中配置
+  enabled: true
+
+# =============================================================================
+# JWT Configuration
+# JWT 配置
+# =============================================================================
+jwt:
+  # IMPORTANT: Change this to a random string in production!
+  # 重要：生产环境中请更改为随机字符串！
+  # Generate with / 生成命令: openssl rand -hex 32
+  secret: "change-this-to-a-secure-random-string"
+  # Token expiration time in hours (max 24)
+  # 令牌过期时间（小时，最大 24）
+  expire_hour: 24
+
+# =============================================================================
+# LinuxDo Connect OAuth Login (SSO)
+# LinuxDo Connect OAuth 登录（用于 Sub2API 用户登录）
+# =============================================================================
+linuxdo_connect:
+  enabled: false
+  client_id: ""
+  client_secret: ""
+  authorize_url: "https://connect.linux.do/oauth2/authorize"
+  token_url: "https://connect.linux.do/oauth2/token"
+  userinfo_url: "https://connect.linux.do/api/user"
+  scopes: "user"
+  # 示例: "https://your-domain.com/api/v1/auth/oauth/linuxdo/callback"
+  redirect_url: ""
+  # 安全提示：
+  # - 建议使用同源相对路径（以 / 开头），避免把 token 重定向到意外的第三方域名
+  # - 该地址不应包含 #fragment（本实现使用 URL fragment 传递 access_token）
+  frontend_redirect_url: "/auth/linuxdo/callback"
+  token_auth_method: "client_secret_post" # client_secret_post | client_secret_basic | none
+  # 注意：当 token_auth_method=none（public client）时，必须启用 PKCE
+  use_pkce: false
+  userinfo_email_path: ""
+  userinfo_id_path: ""
+  userinfo_username_path: ""
+
+# =============================================================================
+# Default Settings
+# 默认设置
+# =============================================================================
+default:
+  # Initial admin account (created on first run)
+  # 初始管理员账户（首次运行时创建）
+  admin_email: "admin@example.com"
+  admin_password: "admin123"
+
+  # Default settings for new users
+  # 新用户默认设置
+  # Max concurrent requests per user
+  # 每用户最大并发请求数
+  user_concurrency: 5
+  # Initial balance for new users
+  # 新用户初始余额
+  user_balance: 0
+
+  # API key settings
+  # API 密钥设置
+  # Prefix for generated API keys
+  # 生成的 API 密钥前缀
+  api_key_prefix: "sk-"
+
+  # Rate multiplier (affects billing calculation)
+  # 费率倍数（影响计费计算）
+  rate_multiplier: 1.0
+
+# =============================================================================
+# Rate Limiting
+# 速率限制
+# =============================================================================
+rate_limit:
+  # Cooldown time (in minutes) when upstream returns 529 (overloaded)
+  # 上游返回 529（过载）时的冷却时间（分钟）
+  overload_cooldown_minutes: 10
+
+# =============================================================================
+# Pricing Data Source (Optional)
+# 定价数据源（可选）
+# =============================================================================
+pricing:
+  # URL to fetch model pricing data (default: LiteLLM)
+  # 获取模型定价数据的 URL（默认：LiteLLM）
+  remote_url: "https://raw.githubusercontent.com/BerriAI/litellm/main/model_prices_and_context_window.json"
+  # Hash verification URL (optional)
+  # 哈希校验 URL（可选）
+  hash_url: ""
+  # Local data directory for caching
+  # 本地数据缓存目录
+  data_dir: "./data"
+  # Fallback pricing file
+  # 备用定价文件
+  fallback_file: "./resources/model-pricing/model_prices_and_context_window.json"
+  # Update interval in hours
+  # 更新间隔（小时）
+  update_interval_hours: 24
+  # Hash check interval in minutes
+  # 哈希检查间隔（分钟）
+  hash_check_interval_minutes: 10
+
+# =============================================================================
+# Billing Configuration
+# 计费配置
+# =============================================================================
+billing:
+  circuit_breaker:
+    # Enable circuit breaker for billing service
+    # 启用计费服务熔断器
+    enabled: true
+    # Number of failures before opening circuit
+    # 触发熔断的失败次数阈值
+    failure_threshold: 5
+    # Time to wait before attempting reset (seconds)
+    # 熔断后重试等待时间（秒）
+    reset_timeout_seconds: 30
+    # Number of requests to allow in half-open state
+    # 半开状态允许通过的请求数
+    half_open_requests: 3
+
+# =============================================================================
+# Turnstile Configuration
+# Turnstile 人机验证配置
+# =============================================================================
+turnstile:
+  # Require Turnstile in release mode (when enabled, login/register will fail if not configured)
+  # 在 release 模式下要求 Turnstile 验证（启用后，若未配置则登录/注册会失败）
+  required: false
+
+# =============================================================================
+# Gemini OAuth (Required for Gemini accounts)
+# Gemini OAuth 配置（Gemini 账户必需）
+# =============================================================================
+# Sub2API supports TWO Gemini OAuth modes:
+# Sub2API 支持两种 Gemini OAuth 模式：
+#
+# 1. Code Assist OAuth (requires GCP project_id)
+# 1. Code Assist OAuth（需要 GCP project_id）
+#    - Uses: cloudcode-pa.googleapis.com (Code Assist API)
+#    - 使用：cloudcode-pa.googleapis.com（Code Assist API）
+#
+# 2. AI Studio OAuth (no project_id needed)
+# 2. AI Studio OAuth（不需要 project_id）
+#    - Uses: generativelanguage.googleapis.com (AI Studio API)
+#    - 使用：generativelanguage.googleapis.com（AI Studio API）
+#
+# Default: Uses Gemini CLI's public OAuth credentials (same as Google's official CLI tool)
+# 默认：使用 Gemini CLI 的公开 OAuth 凭证（与 Google 官方 CLI 工具相同）
+gemini:
+  oauth:
+    # Gemini CLI public OAuth credentials (works for both Code Assist and AI Studio)
+    # Gemini CLI 公开 OAuth 凭证（适用于 Code Assist 和 AI Studio）
+    client_id: "681255809395-oo8ft2oprdrnp9e3aqf6av3hmdib135j.apps.googleusercontent.com"
+    client_secret: "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"
+    # Optional scopes (space-separated). Leave empty to auto-select based on oauth_type.
+    # 可选的权限范围（空格分隔）。留空则根据 oauth_type 自动选择。
+    scopes: ""
+  quota:
+    # Optional: local quota simulation for Gemini Code Assist (local billing).
+    # 可选：Gemini Code Assist 本地配额模拟（本地计费）。
+    # These values are used for UI progress + precheck scheduling, not official Google quotas.
+    # 这些值用于 UI 进度显示和预检调度，并非 Google 官方配额。
+    tiers:
+      LEGACY:
+        # Pro model requests per day
+        # Pro 模型每日请求数
+        pro_rpd: 50
+        # Flash model requests per day
+        # Flash 模型每日请求数
+        flash_rpd: 1500
+        # Cooldown time (minutes) after hitting quota
+        # 达到配额后的冷却时间（分钟）
+        cooldown_minutes: 30
+      PRO:
+        # Pro model requests per day
+        # Pro 模型每日请求数
+        pro_rpd: 1500
+        # Flash model requests per day
+        # Flash 模型每日请求数
+        flash_rpd: 4000
+        # Cooldown time (minutes) after hitting quota
+        # 达到配额后的冷却时间（分钟）
+        cooldown_minutes: 5
+      ULTRA:
+        # Pro model requests per day
+        # Pro 模型每日请求数
+        pro_rpd: 2000
+        # Flash model requests per day (0 = unlimited)
+        # Flash 模型每日请求数（0 = 无限制）
+        flash_rpd: 0
+        # Cooldown time (minutes) after hitting quota
+        # 达到配额后的冷却时间（分钟）
+        cooldown_minutes: 5
+
+# =============================================================================
+# Update Configuration (在线更新配置)
+# =============================================================================
+update:
+  # Proxy URL for accessing GitHub (used for online updates and pricing data)
+  # 用于访问 GitHub 的代理地址（用于在线更新和定价数据获取）
+  # Supports: http, https, socks5, socks5h
+  # Examples:
+  #   - HTTP proxy: "http://127.0.0.1:7890"
+  #   - SOCKS5 proxy: "socks5://127.0.0.1:1080"
+  #   - With authentication: "http://user:pass@proxy.example.com:8080"
+  # Leave empty for direct connection (recommended for overseas servers)
+  # 留空表示直连（适用于海外服务器）
+  proxy_url: ""