nucleo000/agent-ui
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add HTTPS/Traefik support with centralized endpoints

Browse Source 
- Create traefik/agent-ui.yml with full routing config for domain z590.nucleoriofrio.com
- Add frontend/src/config/endpoints.ts for automatic HTTP/HTTPS detection
- Update all hardcoded localhost URLs to use relative paths
- WebSocket connections auto-detect wss:// vs ws:// based on page protocol
- Configure path-based WebSocket routing (/ws/terminal, /ws/mcp, /ws/status, /ws/whisper)
- Add commented IP whitelist middleware for future security
This commit is contained in:
josedario87
2026-02-14 03:20:51 -06:00
parent 47f5524416
commit 902029c805
18 changed files with 471 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

248
traefik/agent-ui.yml Normal file
View File

@@ -0,0 +1,248 @@
## ============================================
## Agent UI - Traefik Dynamic Configuration
## ============================================
##
## INSTALACIÓN:
## 1. Copia este archivo a tu directorio de config dinámica de Traefik
## Ejemplo: /etc/traefik/dynamic/agent-ui.yml
##
## 2. Asegúrate de tener el file provider habilitado en traefik.yml:
## providers:
## file:
## directory: /etc/traefik/dynamic
## watch: true
##
## 3. Asegúrate de tener el certResolver configurado (letsencrypt)
##
## ARQUITECTURA:
## ┌─────────────────────────────────────────────────────┐
## │ https://z590.nucleoriofrio.com │
## │ / → Frontend (4100) │
## │ /api/* → API Server (4101) │
## │ /ws/terminal→ Terminal WebSocket (4103) │
## │ /ws/status → Claude Status WebSocket (4103) │
## │ /ws/mcp → WebMCP WebSocket (4102) │
## │ /ws/whisper → Whisper WebSocket (4104) │
## └─────────────────────────────────────────────────────┘
##
http:
## ============================================
## MIDDLEWARES
## ============================================
middlewares:
## ----------------------------------------
## IP Whitelist (DESCOMENTEAR PARA ACTIVAR)
## ----------------------------------------
## Para activar: descomenta este bloque y agrega
## "agentui-ipwhitelist" a la lista de middlewares
## de cada router.
##
# agentui-ipwhitelist:
# ipWhiteList:
# sourceRange:
# - "192.168.87.0/24" # Red local del servidor
# - "192.168.1.0/24" # Otra red local
# - "10.0.0.0/8" # Redes internas
# - "YOUR_PUBLIC_IP/32" # Tu IP pública específica
# # Si hay proxies intermedios, usa ipStrategy:
# # ipStrategy:
# # depth: 1
## ----------------------------------------
## Strip Prefix para WebSockets
## ----------------------------------------
## Traefik recibe /ws/terminal pero el backend espera /
strip-ws-terminal:
stripPrefix:
prefixes:
- "/ws/terminal"
strip-ws-status:
stripPrefix:
prefixes:
- "/ws/status"
strip-ws-mcp:
stripPrefix:
prefixes:
- "/ws/mcp"
strip-ws-whisper:
stripPrefix:
prefixes:
- "/ws/whisper"
## ----------------------------------------
## Headers de seguridad
## ----------------------------------------
agentui-headers:
headers:
customRequestHeaders:
X-Forwarded-Proto: "https"
# Headers de seguridad opcionales:
# stsSeconds: 31536000
# stsIncludeSubdomains: true
# contentTypeNosniff: true
# browserXssFilter: true
## ============================================
## ROUTERS
## ============================================
routers:
## ----------------------------------------
## Frontend (/) - Vue App
## ----------------------------------------
## Sirve la aplicación Vue, assets, PWA manifest, etc.
## Excluye /api y /ws para que los otros routers los manejen.
##
agentui-frontend:
rule: "Host(`z590.nucleoriofrio.com`) && !PathPrefix(`/api`) && !PathPrefix(`/ws`)"
entryPoints:
- websecure
service: agentui-frontend
middlewares:
- agentui-headers
# - agentui-ipwhitelist # Descomentar para activar
tls:
certResolver: letsencrypt
priority: 1
## ----------------------------------------
## API Backend (/api/*) - REST API
## ----------------------------------------
## Maneja todas las llamadas REST:
## - /api/health - Health check
## - /api/themes/* - Sistema de temas
## - /api/components/* - Componentes Vue guardados
## - /api/database/* - Explorador de base de datos
## - /api/claude-status - Status de Claude (desde hooks)
## - /api/whisper/* - Control de Whisper
## - etc.
##
agentui-api:
rule: "Host(`z590.nucleoriofrio.com`) && PathPrefix(`/api`)"
entryPoints:
- websecure
service: agentui-api
middlewares:
- agentui-headers
# - agentui-ipwhitelist
tls:
certResolver: letsencrypt
priority: 10
## ----------------------------------------
## Terminal WebSocket (/ws/terminal)
## ----------------------------------------
## Conexión WebSocket para xterm.js
## Permite ejecutar comandos en el servidor.
##
agentui-ws-terminal:
rule: "Host(`z590.nucleoriofrio.com`) && PathPrefix(`/ws/terminal`)"
entryPoints:
- websecure
service: agentui-terminal
middlewares:
- strip-ws-terminal
# - agentui-ipwhitelist
tls:
certResolver: letsencrypt
priority: 20
## ----------------------------------------
## Claude Status WebSocket (/ws/status)
## ----------------------------------------
## Recibe actualizaciones de estado de Claude/Nucleo
## para las animaciones del FAB.
## Usa el mismo backend que terminal (4103).
##
agentui-ws-status:
rule: "Host(`z590.nucleoriofrio.com`) && PathPrefix(`/ws/status`)"
entryPoints:
- websecure
service: agentui-terminal
middlewares:
- strip-ws-status
# - agentui-ipwhitelist
tls:
certResolver: letsencrypt
priority: 20
## ----------------------------------------
## WebMCP WebSocket (/ws/mcp)
## ----------------------------------------
## Bridge entre Claude Code MCP y el browser.
## Permite que Claude ejecute herramientas en la UI:
## - render_vue_component
## - navigate_to
## - set_theme_variable
## - etc.
##
agentui-ws-mcp:
rule: "Host(`z590.nucleoriofrio.com`) && PathPrefix(`/ws/mcp`)"
entryPoints:
- websecure
service: agentui-mcp
middlewares:
- strip-ws-mcp
# - agentui-ipwhitelist
tls:
certResolver: letsencrypt
priority: 20
## ----------------------------------------
## Whisper WebSocket (/ws/whisper)
## ----------------------------------------
## Transcripción de voz con Whisper.
## Opcional - solo si usas la función de voz.
##
agentui-ws-whisper:
rule: "Host(`z590.nucleoriofrio.com`) && PathPrefix(`/ws/whisper`)"
entryPoints:
- websecure
service: agentui-whisper
middlewares:
- strip-ws-whisper
# - agentui-ipwhitelist
tls:
certResolver: letsencrypt
priority: 20
## ============================================
## SERVICES (Backends)
## ============================================
## Cambia 192.168.87.135 por la IP de tu servidor
## si es diferente.
##
services:
## Frontend - Vite dev server o build estático
agentui-frontend:
loadBalancer:
servers:
- url: "http://192.168.87.135:4100"
## API Server - Bun HTTP
agentui-api:
loadBalancer:
servers:
- url: "http://192.168.87.135:4101"
## Terminal WebSocket Server
## También maneja Claude status broadcast
agentui-terminal:
loadBalancer:
servers:
- url: "http://192.168.87.135:4103"
## WebMCP WebSocket Server
agentui-mcp:
loadBalancer:
servers:
- url: "http://192.168.87.135:4102"
## Whisper WebSocket Server (opcional)
agentui-whisper:
loadBalancer:
servers:
- url: "http://192.168.87.135:4104"