feat(go-services): tracker WS servers (/ws/position + /ws/live) + robust shadow
Completes the Go tracker as a cutover-ready drop-in: - wslive.go: browser broadcast hub with per-client subscribe filters (nil=all), request_dungeon_map replies, and command routing; auth = internal-trust or session cookie. The ingestor broadcasts every handled event to it. - wsposition.go: plugin ingest server with X-Plugin-Secret/SHARED_SECRET auth (constant-time, fails closed, legacy fallback), register -> plugin_conns, and dispatch into the shared Ingestor. plugin registry for backend->plugin commands. - main.go: statusRecorder.Unwrap() so coder/websocket can hijack through the logging middleware (WS handshakes failed without it); /ws/ bypasses HTTP auth. Shadow consumer robustness (the harness was being evicted under the full firehose): decouple socket read from processing — the read loop only copies raw frames to a queue; a worker unmarshals + dispatches. JSON parsing in the read loop was slowing it enough that Python's broadcast send errored and evicted us (Read then blocked forever). Added a 25s read-deadline watchdog to self-heal. Validated live: shadow /live online = 73 = production; telemetry sustained ~12/s, 0 drops, no eviction; and the shadow's /ws/live re-broadcast stream is IDENTICAL to production's (TOTAL 2150=2150, every event type exact). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
parent
7350b00341
commit
27757636e4
7 changed files with 418 additions and 34 deletions
|
|
@ -147,7 +147,8 @@ func isPublicPath(p string) bool {
|
|||
case "/login", "/logout", "/login.html", "/login-style.css", "/health":
|
||||
return true
|
||||
}
|
||||
return strings.HasPrefix(p, "/icons/")
|
||||
// WS endpoints authenticate inside their own handlers.
|
||||
return strings.HasPrefix(p, "/icons/") || strings.HasPrefix(p, "/ws/")
|
||||
}
|
||||
|
||||
func clientIP(r *http.Request) string {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue