2025-12-18 13:50:39 +08:00
|
|
|
|
# Sub2API Configuration File
|
|
|
|
|
|
# Copy this file to /etc/sub2api/config.yaml and modify as needed
|
|
|
|
|
|
# Documentation: https://github.com/Wei-Shaw/sub2api
|
|
|
|
|
|
|
|
|
|
|
|
# =============================================================================
|
|
|
|
|
|
# Server Configuration
|
|
|
|
|
|
# =============================================================================
|
|
|
|
|
|
server:
|
|
|
|
|
|
# Bind address (0.0.0.0 for all interfaces)
|
|
|
|
|
|
host: "0.0.0.0"
|
|
|
|
|
|
# Port to listen on
|
|
|
|
|
|
port: 8080
|
|
|
|
|
|
# Mode: "debug" for development, "release" for production
|
|
|
|
|
|
mode: "release"
|
|
|
|
|
|
|
2025-12-29 03:17:25 +08:00
|
|
|
|
# =============================================================================
|
|
|
|
|
|
# Run Mode Configuration
|
|
|
|
|
|
# =============================================================================
|
|
|
|
|
|
# Run mode: "standard" (default) or "simple" (for internal use)
|
|
|
|
|
|
# - standard: Full SaaS features with billing/balance checks
|
|
|
|
|
|
# - simple: Hides SaaS features and skips billing/balance checks
|
|
|
|
|
|
run_mode: "standard"
|
|
|
|
|
|
|
2025-12-31 08:50:12 +08:00
|
|
|
|
# =============================================================================
|
|
|
|
|
|
# 网关配置
|
|
|
|
|
|
# =============================================================================
|
|
|
|
|
|
gateway:
|
|
|
|
|
|
# 等待上游响应头超时时间(秒)
|
|
|
|
|
|
response_header_timeout: 300
|
|
|
|
|
|
# 请求体最大字节数(默认 100MB)
|
|
|
|
|
|
max_body_size: 104857600
|
2025-12-31 11:43:58 +08:00
|
|
|
|
# 连接池隔离策略:
|
|
|
|
|
|
# - proxy: 按代理隔离,同一代理共享连接池(适合代理少、账户多)
|
|
|
|
|
|
# - account: 按账户隔离,同一账户共享连接池(适合账户少、需严格隔离)
|
|
|
|
|
|
# - account_proxy: 按账户+代理组合隔离(默认,最细粒度)
|
|
|
|
|
|
connection_pool_isolation: "account_proxy"
|
2025-12-31 08:50:12 +08:00
|
|
|
|
# HTTP 上游连接池配置(HTTP/2 + 多代理场景默认)
|
|
|
|
|
|
max_idle_conns: 240
|
|
|
|
|
|
max_idle_conns_per_host: 120
|
|
|
|
|
|
max_conns_per_host: 240
|
|
|
|
|
|
idle_conn_timeout_seconds: 300
|
2025-12-31 11:43:58 +08:00
|
|
|
|
# 上游连接池客户端缓存配置
|
|
|
|
|
|
# max_upstream_clients: 最大缓存客户端数量,超出后淘汰最久未使用的
|
|
|
|
|
|
# client_idle_ttl_seconds: 客户端空闲回收阈值(秒),超时且无活跃请求时回收
|
|
|
|
|
|
max_upstream_clients: 5000
|
|
|
|
|
|
client_idle_ttl_seconds: 900
|
2025-12-31 08:50:12 +08:00
|
|
|
|
# 并发槽位过期时间(分钟)
|
|
|
|
|
|
concurrency_slot_ttl_minutes: 15
|
|
|
|
|
|
|
2025-12-18 13:50:39 +08:00
|
|
|
|
# =============================================================================
|
|
|
|
|
|
# Database Configuration (PostgreSQL)
|
|
|
|
|
|
# =============================================================================
|
|
|
|
|
|
database:
|
|
|
|
|
|
host: "localhost"
|
|
|
|
|
|
port: 5432
|
|
|
|
|
|
user: "postgres"
|
|
|
|
|
|
password: "your_secure_password_here"
|
|
|
|
|
|
dbname: "sub2api"
|
|
|
|
|
|
# SSL mode: disable, require, verify-ca, verify-full
|
|
|
|
|
|
sslmode: "disable"
|
|
|
|
|
|
|
|
|
|
|
|
# =============================================================================
|
|
|
|
|
|
# Redis Configuration
|
|
|
|
|
|
# =============================================================================
|
|
|
|
|
|
redis:
|
|
|
|
|
|
host: "localhost"
|
|
|
|
|
|
port: 6379
|
|
|
|
|
|
# Leave empty if no password is set
|
|
|
|
|
|
password: ""
|
|
|
|
|
|
# Database number (0-15)
|
|
|
|
|
|
db: 0
|
|
|
|
|
|
|
|
|
|
|
|
# =============================================================================
|
|
|
|
|
|
# JWT Configuration
|
|
|
|
|
|
# =============================================================================
|
|
|
|
|
|
jwt:
|
|
|
|
|
|
# IMPORTANT: Change this to a random string in production!
|
|
|
|
|
|
# Generate with: openssl rand -hex 32
|
|
|
|
|
|
secret: "change-this-to-a-secure-random-string"
|
|
|
|
|
|
# Token expiration time in hours
|
|
|
|
|
|
expire_hour: 24
|
|
|
|
|
|
|
|
|
|
|
|
# =============================================================================
|
|
|
|
|
|
# Default Settings
|
|
|
|
|
|
# =============================================================================
|
|
|
|
|
|
default:
|
|
|
|
|
|
# Initial admin account (created on first run)
|
|
|
|
|
|
admin_email: "admin@example.com"
|
|
|
|
|
|
admin_password: "admin123"
|
|
|
|
|
|
|
|
|
|
|
|
# Default settings for new users
|
|
|
|
|
|
user_concurrency: 5 # Max concurrent requests per user
|
|
|
|
|
|
user_balance: 0 # Initial balance for new users
|
|
|
|
|
|
|
|
|
|
|
|
# API key settings
|
|
|
|
|
|
api_key_prefix: "sk-" # Prefix for generated API keys
|
|
|
|
|
|
|
|
|
|
|
|
# Rate multiplier (affects billing calculation)
|
|
|
|
|
|
rate_multiplier: 1.0
|
|
|
|
|
|
|
|
|
|
|
|
# =============================================================================
|
|
|
|
|
|
# Rate Limiting
|
|
|
|
|
|
# =============================================================================
|
|
|
|
|
|
rate_limit:
|
|
|
|
|
|
# Cooldown time (in minutes) when upstream returns 529 (overloaded)
|
|
|
|
|
|
overload_cooldown_minutes: 10
|
|
|
|
|
|
|
|
|
|
|
|
# =============================================================================
|
|
|
|
|
|
# Pricing Data Source (Optional)
|
|
|
|
|
|
# =============================================================================
|
|
|
|
|
|
pricing:
|
|
|
|
|
|
# URL to fetch model pricing data (default: LiteLLM)
|
|
|
|
|
|
remote_url: "https://raw.githubusercontent.com/BerriAI/litellm/main/model_prices_and_context_window.json"
|
|
|
|
|
|
# Hash verification URL (optional)
|
|
|
|
|
|
hash_url: ""
|
|
|
|
|
|
# Local data directory for caching
|
|
|
|
|
|
data_dir: "./data"
|
|
|
|
|
|
# Fallback pricing file
|
|
|
|
|
|
fallback_file: "./resources/model-pricing/model_prices_and_context_window.json"
|
|
|
|
|
|
# Update interval in hours
|
|
|
|
|
|
update_interval_hours: 24
|
|
|
|
|
|
# Hash check interval in minutes
|
|
|
|
|
|
hash_check_interval_minutes: 10
|
2025-12-25 06:43:00 -08:00
|
|
|
|
|
fix: 修复 /v1/messages 间歇性 400 错误 (#18)
* fix(upstream): 修复上游格式兼容性问题
- 跳过Claude模型无signature的thinking block
- 支持custom类型工具(MCP)格式转换
- 添加ClaudeCustomToolSpec结构体支持MCP工具
- 添加Custom字段验证,跳过无效custom工具
- 在convertClaudeToolsToGeminiTools中添加schema清理
- 完整的单元测试覆盖,包含边界情况
修复: Issue 0.1 signature缺失, Issue 0.2 custom工具格式
改进: Codex审查发现的2个重要问题
测试:
- TestBuildParts_ThinkingBlockWithoutSignature: 验证thinking block处理
- TestBuildTools_CustomTypeTools: 验证custom工具转换和边界情况
- TestConvertClaudeToolsToGeminiTools_CustomType: 验证service层转换
* feat(gemini): 添加Gemini限额与TierID支持
实现PR1:Gemini限额与TierID功能
后端修改:
- GeminiTokenInfo结构体添加TierID字段
- fetchProjectID函数返回(projectID, tierID, error)
- 从LoadCodeAssist响应中提取tierID(优先IsDefault,回退到第一个非空tier)
- ExchangeCode、RefreshAccountToken、GetAccessToken函数更新以处理tierID
- BuildAccountCredentials函数保存tier_id到credentials
前端修改:
- AccountStatusIndicator组件添加tier显示
- 支持LEGACY/PRO/ULTRA等tier类型的友好显示
- 使用蓝色badge展示tier信息
技术细节:
- tierID提取逻辑:优先选择IsDefault的tier,否则选择第一个非空tier
- 所有fetchProjectID调用点已更新以处理新的返回签名
- 前端gracefully处理missing/unknown tier_id
* refactor(gemini): 优化TierID实现并添加安全验证
根据并发代码审查(code-reviewer, security-auditor, gemini, codex)的反馈进行改进:
安全改进:
- 添加validateTierID函数验证tier_id格式和长度(最大64字符)
- 限制tier_id字符集为字母数字、下划线、连字符和斜杠
- 在BuildAccountCredentials中验证tier_id后再存储
- 静默跳过无效tier_id,不阻塞账户创建
代码质量改进:
- 提取extractTierIDFromAllowedTiers辅助函数消除重复代码
- 重构fetchProjectID函数,tierID提取逻辑只执行一次
- 改进代码可读性和可维护性
审查工具:
- code-reviewer agent (a09848e)
- security-auditor agent (a9a149c)
- gemini CLI (bcc7c81)
- codex (b5d8919)
修复问题:
- HIGH: 未验证的tier_id输入
- MEDIUM: 代码重复(tierID提取逻辑重复2次)
* fix(format): 修复 gofmt 格式问题
- 修复 claude_types.go 中的字段对齐问题
- 修复 gemini_messages_compat_service.go 中的缩进问题
* fix(upstream): 修复上游格式兼容性问题 (#14)
* fix(upstream): 修复上游格式兼容性问题
- 跳过Claude模型无signature的thinking block
- 支持custom类型工具(MCP)格式转换
- 添加ClaudeCustomToolSpec结构体支持MCP工具
- 添加Custom字段验证,跳过无效custom工具
- 在convertClaudeToolsToGeminiTools中添加schema清理
- 完整的单元测试覆盖,包含边界情况
修复: Issue 0.1 signature缺失, Issue 0.2 custom工具格式
改进: Codex审查发现的2个重要问题
测试:
- TestBuildParts_ThinkingBlockWithoutSignature: 验证thinking block处理
- TestBuildTools_CustomTypeTools: 验证custom工具转换和边界情况
- TestConvertClaudeToolsToGeminiTools_CustomType: 验证service层转换
* fix(format): 修复 gofmt 格式问题
- 修复 claude_types.go 中的字段对齐问题
- 修复 gemini_messages_compat_service.go 中的缩进问题
* fix(format): 修复 claude_types.go 的 gofmt 格式问题
* feat(antigravity): 优化 thinking block 和 schema 处理
- 为 dummy thinking block 添加 ThoughtSignature
- 重构 thinking block 处理逻辑,在每个条件分支内创建 part
- 优化 excludedSchemaKeys,移除 Gemini 实际支持的字段
(minItems, maxItems, minimum, maximum, additionalProperties, format)
- 添加详细注释说明 Gemini API 支持的 schema 字段
* fix(antigravity): 增强 schema 清理的安全性
基于 Codex review 建议:
- 添加 format 字段白名单过滤,只保留 Gemini 支持的 date-time/date/time
- 补充更多不支持的 schema 关键字到黑名单:
* 组合 schema: oneOf, anyOf, allOf, not, if/then/else
* 对象验证: minProperties, maxProperties, patternProperties 等
* 定义引用: $defs, definitions
- 避免不支持的 schema 字段导致 Gemini API 校验失败
* fix(lint): 修复 gemini_messages_compat_service 空分支警告
- 在 cleanToolSchema 的 if 语句中添加 continue
- 移除重复的注释
* fix(antigravity): 移除 minItems/maxItems 以兼容 Claude API
- 将 minItems 和 maxItems 添加到 schema 黑名单
- Claude API (Vertex AI) 不支持这些数组验证字段
- 添加调试日志记录工具 schema 转换过程
- 修复 tools.14.custom.input_schema 验证错误
* fix(antigravity): 修复 additionalProperties schema 对象问题
- 将 additionalProperties 的 schema 对象转换为布尔值 true
- Claude API 只支持 additionalProperties: false,不支持 schema 对象
- 修复 tools.14.custom.input_schema 验证错误
- 参考 Claude 官方文档的 JSON Schema 限制
* fix(antigravity): 修复 Claude 模型 thinking 块兼容性问题
- 完全跳过 Claude 模型的 thinking 块以避免 signature 验证失败
- 只在 Gemini 模型中使用 dummy thought signature
- 修改 additionalProperties 默认值为 false(更安全)
- 添加调试日志以便排查问题
* fix(upstream): 修复跨模型切换时的 dummy signature 问题
基于 Codex review 和用户场景分析的修复:
1. 问题场景
- Gemini (thinking) → Claude (thinking) 切换时
- Gemini 返回的 thinking 块使用 dummy signature
- Claude API 会拒绝 dummy signature,导致 400 错误
2. 修复内容
- request_transformer.go:262: 跳过 dummy signature
- 只保留真实的 Claude signature
- 支持频繁的跨模型切换
3. 其他修复(基于 Codex review)
- gateway_service.go:691: 修复 io.ReadAll 错误处理
- gateway_service.go:687: 条件日志(尊重 LogUpstreamErrorBody 配置)
- gateway_service.go:915: 收紧 400 failover 启发式
- request_transformer.go:188: 移除签名成功日志
4. 新增功能(默认关闭)
- 阶段 1: 上游错误日志(GATEWAY_LOG_UPSTREAM_ERROR_BODY)
- 阶段 2: Antigravity thinking 修复
- 阶段 3: API-key beta 注入(GATEWAY_INJECT_BETA_FOR_APIKEY)
- 阶段 3: 智能 400 failover(GATEWAY_FAILOVER_ON_400)
测试:所有测试通过
* fix(lint): 修复 golangci-lint 问题
- 应用 De Morgan 定律简化条件判断
- 修复 gofmt 格式问题
- 移除未使用的 min 函数
2026-01-01 04:21:18 +08:00
|
|
|
|
# =============================================================================
|
|
|
|
|
|
# Gateway (Optional)
|
|
|
|
|
|
# =============================================================================
|
|
|
|
|
|
gateway:
|
|
|
|
|
|
# Wait time (in seconds) for upstream response headers (streaming body not affected)
|
|
|
|
|
|
response_header_timeout: 300
|
|
|
|
|
|
# Log upstream error response body summary (safe/truncated; does not log request content)
|
|
|
|
|
|
log_upstream_error_body: false
|
|
|
|
|
|
# Max bytes to log from upstream error body
|
|
|
|
|
|
log_upstream_error_body_max_bytes: 2048
|
|
|
|
|
|
# Auto inject anthropic-beta for API-key accounts when needed (default off)
|
|
|
|
|
|
inject_beta_for_apikey: false
|
|
|
|
|
|
# Allow failover on selected 400 errors (default off)
|
|
|
|
|
|
failover_on_400: false
|
|
|
|
|
|
|
2025-12-25 06:43:00 -08:00
|
|
|
|
# =============================================================================
|
2025-12-25 21:25:16 -08:00
|
|
|
|
# Gemini OAuth (Required for Gemini accounts)
|
|
|
|
|
|
# =============================================================================
|
|
|
|
|
|
# Sub2API supports TWO Gemini OAuth modes:
|
|
|
|
|
|
#
|
|
|
|
|
|
# 1. Code Assist OAuth (需要 GCP project_id)
|
|
|
|
|
|
# - Uses: cloudcode-pa.googleapis.com (Code Assist API)
|
|
|
|
|
|
#
|
|
|
|
|
|
# 2. AI Studio OAuth (不需要 project_id)
|
|
|
|
|
|
# - Uses: generativelanguage.googleapis.com (AI Studio API)
|
|
|
|
|
|
#
|
|
|
|
|
|
# Default: Uses Gemini CLI's public OAuth credentials (same as Google's official CLI tool)
|
2025-12-25 06:43:00 -08:00
|
|
|
|
gemini:
|
|
|
|
|
|
oauth:
|
2025-12-25 21:25:16 -08:00
|
|
|
|
# Gemini CLI public OAuth credentials (works for both Code Assist and AI Studio)
|
|
|
|
|
|
client_id: "681255809395-oo8ft2oprdrnp9e3aqf6av3hmdib135j.apps.googleusercontent.com"
|
|
|
|
|
|
client_secret: "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"
|
|
|
|
|
|
# Optional scopes (space-separated). Leave empty to auto-select based on oauth_type.
|
2025-12-25 06:43:00 -08:00
|
|
|
|
scopes: ""
|
2026-01-01 04:22:39 +08:00
|
|
|
|
quota:
|
|
|
|
|
|
# Optional: local quota simulation for Gemini Code Assist (local billing).
|
|
|
|
|
|
# These values are used for UI progress + precheck scheduling, not official Google quotas.
|
|
|
|
|
|
tiers:
|
|
|
|
|
|
LEGACY:
|
|
|
|
|
|
pro_rpd: 50
|
|
|
|
|
|
flash_rpd: 1500
|
|
|
|
|
|
cooldown_minutes: 30
|
|
|
|
|
|
PRO:
|
|
|
|
|
|
pro_rpd: 1500
|
|
|
|
|
|
flash_rpd: 4000
|
|
|
|
|
|
cooldown_minutes: 5
|
|
|
|
|
|
ULTRA:
|
|
|
|
|
|
pro_rpd: 2000
|
|
|
|
|
|
flash_rpd: 0
|
|
|
|
|
|
cooldown_minutes: 5
|