JoyD/Claw/scripts/configure_nginx_websocket.bat

@echo off
echo 🚀 开始配置 Claw 项目 Nginx 和 WebSocket 环境...
echo 📅 配置时间: %date% %time%

REM 检查是否以管理员身份运行
net session >nul 2>&1
if %errorlevel% neq 0 (
    echo ⚠️  警告：请以管理员身份运行此脚本以获得最佳效果
    pause
)

REM 设置配置参数
set NGINX_CONF_SOURCE=d:\Projects\trunk\JoyD\Claw\docs\nginx.conf
set NGINX_CONF_TARGET=C:\nginx\conf\nginx.conf
set NGINX_SSL_DIR=C:\nginx\ssl
set GATEWAY_URL=http://localhost:8000

echo 📋 配置参数:
echo    Nginx 配置文件: %NGINX_CONF_SOURCE%
echo    目标配置文件: %NGINX_CONF_TARGET%
echo    SSL 证书目录: %NGINX_SSL_DIR%
echo    网关服务地址: %GATEWAY_URL%

REM 检查 Nginx 是否已安装
where nginx >nul 2>&1
if %errorlevel% neq 0 (
    echo ❌ 错误：未检测到 Nginx 安装
    echo 📥 请先安装 Nginx 到 C:\nginx 目录
    echo 🔗 下载地址: http://nginx.org/en/download.html
    pause
    exit /b 1
)

REM 备份现有配置
echo 💾 备份现有 Nginx 配置...
if exist "%NGINX_CONF_TARGET%" (
    copy /Y "%NGINX_CONF_TARGET%" "%NGINX_CONF_TARGET%.backup.%date:~-4,4%%date:~-10,2%%date:~-7,2%_%time:~0,2%%time:~3,2%%time:~6,2%"
    echo ✅ 已备份现有配置
) else (
    echo ℹ️  未发现现有配置，跳过备份
)

REM 创建 SSL 目录
echo 📁 创建 SSL 证书目录...
if not exist "%NGINX_SSL_DIR%" mkdir "%NGINX_SSL_DIR%"

REM 检查 SSL 证书
echo 🔐 检查 SSL 证书...
if exist "%NGINX_SSL_DIR%\pactgo.cn-chain.pem" (
    echo ✅ SSL 证书已存在
) else (
    echo ⚠️  警告：未找到 SSL 证书文件
    echo 📄 请将证书文件复制到: %NGINX_SSL_DIR%
    echo 📋 需要的文件:
    echo    - pactgo.cn-chain.pem (证书链)
    echo    - pactgo.cn-key.pem (私钥)
)

REM 复制 Nginx 配置
echo 📄 复制 Nginx 配置文件...
copy /Y "%NGINX_CONF_SOURCE%" "%NGINX_CONF_TARGET%"
if %errorlevel% neq 0 (
    echo ❌ 错误：配置文件复制失败
    pause
    exit /b 1
)

REM 验证 Nginx 配置
echo 🔍 验证 Nginx 配置...
nginx -t
if %errorlevel% neq 0 (
    echo ❌ 错误：Nginx 配置验证失败
    echo 🔧 请检查配置文件语法
    pause
    exit /b 1
)

echo ✅ Nginx 配置验证通过

REM 配置环境变量
echo 🔧 配置环境变量...
echo 📄 创建环境配置文件...

REM 为 Gateway 服务创建环境配置
echo # Gateway 服务环境配置 > "%~dp0..\Server\gateway\.env"
echo PORT=8000 >> "%~dp0..\Server\gateway\.env"
echo ENVIRONMENT=production >> "%~dp0..\Server\gateway\.env"
echo RUST_LOG=info >> "%~dp0..\Server\gateway\.env"
echo.
echo # WebSocket 配置 >> "%~dp0..\Server\gateway\.env"
echo WEBSOCKET_ENABLED=true >> "%~dp0..\Server\gateway\.env"
echo.
echo # 企业微信配置（请根据实际情况修改） >> "%~dp0..\Server\gateway\.env"
echo WECOM_CORP_ID=your_corp_id >> "%~dp0..\Server\gateway\.env"
echo WECOM_SECRET=your_secret >> "%~dp0..\Server\gateway\.env"
echo WECOM_AGENT_ID=your_agent_id >> "%~dp0..\Server\gateway\.env"
echo.
echo # Redis 配置 >> "%~dp0..\Server\gateway\.env"
echo REDIS_URL=redis://127.0.0.1:6379 >> "%~dp0..\Server\gateway\.env"

REM 为 SmartClaw 服务创建环境配置
echo # SmartClaw 服务环境配置 > "%~dp0..\Server\SmartClaw\.env"
echo PORT=3001 >> "%~dp0..\Server\SmartClaw\.env"
echo ENVIRONMENT=production >> "%~dp0..\Server\SmartClaw\.env"
echo RUST_LOG=info >> "%~dp0..\Server\SmartClaw\.env"
echo.
echo # WebSocket 客户端配置 >> "%~dp0..\Server\SmartClaw\.env"
echo GATEWAY_URL=http://localhost:8000 >> "%~dp0..\Server\SmartClaw\.env"
echo WEBSOCKET_ENABLED=true >> "%~dp0..\Server\SmartClaw\.env"
echo.
echo # LMStudio 配置 >> "%~dp0..\Server\SmartClaw\.env"
echo LMSTUDIO_URL=http://127.0.0.1:1234 >> "%~dp0..\Server\SmartClaw\.env"
echo LMSTUDIO_API_KEY= >> "%~dp0..\Server\SmartClaw\.env"

echo ✅ 环境配置文件已创建

REM 配置 Windows 防火墙规则
echo 🔥 配置 Windows 防火墙...
echo 📋 添加防火墙规则...

REM 检查规则是否已存在，如果存在则先删除
echo 🔍 检查现有防火墙规则...
netsh advfirewall firewall show rule name="Claw Gateway HTTP" >nul 2>&1
if %errorlevel%==0 (
    echo 🗑️  删除现有 HTTP 规则...
    netsh advfirewall firewall delete rule name="Claw Gateway HTTP"
)

netsh advfirewall firewall show rule name="Claw Gateway HTTPS" >nul 2>&1
if %errorlevel%==0 (
    echo 🗑️  删除现有 HTTPS 规则...
    netsh advfirewall firewall delete rule name="Claw Gateway HTTPS"
)

netsh advfirewall firewall show rule name="Claw SmartClaw" >nul 2>&1
if %errorlevel%==0 (
    echo 🗑️  删除现有 SmartClaw 规则...
    netsh advfirewall firewall delete rule name="Claw SmartClaw"
)

REM 添加新的防火墙规则
echo ➕ 添加新的防火墙规则...
netsh advfirewall firewall add rule name="Claw Gateway HTTP" dir=in action=allow protocol=TCP localport=80
netsh advfirewall firewall add rule name="Claw Gateway HTTPS" dir=in action=allow protocol=TCP localport=443
netsh advfirewall firewall add rule name="Claw SmartClaw" dir=in action=allow protocol=TCP localport=3001
netsh advfirewall firewall add rule name="Claw Gateway Internal" dir=in action=allow protocol=TCP localport=8000

echo ✅ 防火墙配置完成

REM 创建服务启动脚本
echo 📝 创建服务启动脚本...
echo @echo off > "%~dp0nginx_start.bat"
echo echo 🚀 启动 Nginx... >> "%~dp0nginx_start.bat"
echo cd /d C:\nginx >> "%~dp0nginx_start.bat"
echo start nginx >> "%~dp0nginx_start.bat"
echo echo ✅ Nginx 已启动 >> "%~dp0nginx_start.bat"
echo pause >> "%~dp0nginx_start.bat"

echo @echo off > "%~dp0nginx_stop.bat"
echo echo 🛑 停止 Nginx... >> "%~dp0nginx_stop.bat"
echo cd /d C:\nginx >> "%~dp0nginx_stop.bat"
echo nginx -s stop >> "%~dp0nginx_stop.bat"
echo echo ✅ Nginx 已停止 >> "%~dp0nginx_stop.bat"
echo pause >> "%~dp0nginx_stop.bat"

echo @echo off > "%~dp0nginx_reload.bat"
echo echo 🔄 重载 Nginx 配置... >> "%~dp0nginx_reload.bat"
echo cd /d C:\nginx >> "%~dp0nginx_reload.bat"
echo nginx -s reload >> "%~dp0nginx_reload.bat"
echo echo ✅ Nginx 配置已重载 >> "%~dp0nginx_reload.bat"
echo pause >> "%~dp0nginx_reload.bat"

echo ✅ 启动脚本已创建

REM 显示配置信息
echo.
echo 🎉 Nginx 和 WebSocket 环境配置完成！
echo.
echo 📍 配置信息:
echo    Nginx 配置文件: %NGINX_CONF_TARGET%
echo    SSL 证书目录: %NGINX_SSL_DIR%
echo    网关服务端口: 8000 (内部)
echo    HTTP 服务端口: 80 (外部)
echo    HTTPS 服务端口: 443 (外部)
echo    SmartClaw 端口: 3001 (内部)
echo.
echo 🔧 管理命令:
echo    启动 Nginx: %~dp0nginx_start.bat
echo    停止 Nginx: %~dp0nginx_stop.bat
echo    重载配置: %~dp0nginx_reload.bat
echo.
echo ⚠️  注意事项:
echo    1. 请确保 SSL 证书文件已放置在 %NGINX_SSL_DIR% 目录
echo    2. 网关服务和 SmartClaw 服务需要单独启动
echo    3. WebSocket 连接将通过 Nginx 代理到网关服务
echo    4. 企业微信回调将通过 HTTPS 访问
echo.
echo 📅 完成时间: %date% %time%
echo.
echo 🚀 下一步:
echo    1. 复制 SSL 证书到 %NGINX_SSL_DIR%
echo    2. 启动 Nginx 服务
echo    3. 启动网关服务 (端口 8000)
echo    4. 启动 SmartClaw 服务 (端口 3001)
echo    5. 测试 WebSocket 连接
echo.
pause