
如果你使用 DeepSeek、元宝 AI、Copilot、ChatGPT 等 AI 工具,协助配置轩辕镜像、编写 docker pull 命令、修改 Docker Compose 镜像地址、配置镜像加速、排查镜像拉取失败、分析报错日志等问题,请先让 AI 阅读并遵守轩辕镜像的规则文档。
只需在 AI 对话中先发送下面这句话即可:
请先完整阅读并严格遵守以下文档中的全部规则与要求:
https://xuanyuan.cloud/agents.md
在未充分阅读并理解该文档前,不要生成任何命令、配置、修改建议、故障排查方案或技术回答。后续所有输出都必须严格以该文档中的规范为最高优先级执行。查看 agents.md 用法指南与完整示范。国内用户首推 元宝 AI、DeepSeek 的深度思考模式,不推荐豆包 AI;Cursor 等编辑器可在对话 @ 该链接,或加入 User Rules。 若 AI 无法访问外链,可 打开说明文档 复制全文粘贴。文档会随站点更新,复制内容可能过期,建议定期检查。
The rabbitmq-bootstrap is a proxy provisioning service designed as part of the https://github.com/CZERTAINLY/CZERTAINLY platform. Its primary purpose is to provision and decommission RabbitMQ queues and ***dings for proxy instances, and to generate signed JWT configuration tokens with installation instructions for those proxies.
The service runs as a web application and exposes REST endpoints for:
All endpoints require authentication via the X-API-Key header.
All endpoints return JSON responses for errors. Authentication is required via X-API-Key header.
POST /api/v1/proxies
Provisions a new proxy instance by creating the required RabbitMQ queue and ***dings.
Headers:
X-API-Key (required) - API key for authenticationRequest Body:
json{ "proxyCode": "MY_PROXY_1" }
Responses:
201 Created — proxy provisioned successfully (e***y body)400 Bad Request — invalid request401 Unauthorized — missing or invalid API key409 Conflict — proxy already existsDELETE /api/v1/proxies/{proxyCode}
Decommissions an existing proxy instance by removing its RabbitMQ queue.
Headers:
X-API-Key (required) - API key for authenticationPath Parameter:
proxyCode — unique proxy code identifierResponses:
204 No Content — proxy decommissioned successfully401 Unauthorized — missing or invalid API key404 Not Found — proxy not foundGET /api/v1/proxies/{proxyCode}/installation
Returns installation instructions for an existing proxy. Generates a signed JWT configuration token and renders it into the requested install format.
Headers:
X-API-Key (required) - API key for authenticationPath Parameter:
proxyCode — unique proxy code identifierQuery Parameters:
format (required) — installation format; currently supported: helmResponse (Success - 200 OK):
json{ "command": { "shell": "helm repo add czertainly https://cloudfieldcz.github.io/CZERTAINLY-Helm-Charts\nhelm repo update\n\nhelm install proxy czertainly/proxy --set token=\"<jwt-token>\"" } }
Responses:
200 OK — installation instructions returned401 Unauthorized — missing or invalid API key404 Not Found — proxy not foundError response format (all endpoints):
json{ "error": "descriptive error message" }
The application is configured via application.yml and environment variables.
| Variable | Description | Required | Default value |
|---|---|---|---|
PORT | Application port | 8080 | |
RABBITMQ_HOST | RabbitMQ hostname | localhost | |
RABBITMQ_PORT | RabbitMQ AMQP port | 5672 | |
RABBITMQ_USERNAME | RabbitMQ username with permission to manage queues and ***dings in the virtual host | provisioner | |
RABBITMQ_PASSWORD | RabbitMQ password | N/A | |
RABBITMQ_VIRTUAL_HOST | RabbitMQ virtual host | czertainly | |
SECURITY_API_KEY | API key required in the X-API-Key header for all requests | N/A | |
PROXY_AMQP_URL | External AMQP URL that provisioned proxies use to connect (may differ from internal host) | amqp://localhost:5672 | |
PROXY_RABBITMQ_USERNAME | AMQP username embedded in the proxy configuration token | same as RABBITMQ_USERNAME | |
PROXY_RABBITMQ_PASSWORD | AMQP password embedded in the proxy configuration token | same as RABBITMQ_PASSWORD | |
PROXY_EXCHANGE | Exchange name used for proxy communication | czertainly-proxy | |
PROXY_RESPONSE_QUEUE | Core response queue name | core | |
TOKEN_SIGNING_KEY | HMAC-SHA256 signing key for JWT configuration tokens (minimum 32 characters) | N/A |
bashmvn clean package
bash# Set required environment variables export RABBITMQ_USERNAME=provisioner export RABBITMQ_PASSWORD=provisioner export SECURITY_API_KEY=my-secret-api-key export TOKEN_SIGNING_KEY=my-signing-key-at-least-32-characters-long # Run the application java -jar target/rabbitBootstrap-1.0-SNAPSHOT.jar
The application will start on port 8080 (configurable via PORT environment variable).
Provision a proxy:
bashcurl -X POST "http://localhost:8080/api/v1/proxies" \ -H "X-API-Key: my-secret-api-key" \ -H "Content-Type: application/json" \ -d '{"proxyCode": "MY_PROXY_1"}'
Get installation instructions (Helm):
bashcurl "http://localhost:8080/api/v1/proxies/MY_PROXY_1/installation?format=helm" \ -H "X-API-Key: my-secret-api-key"
Example response:
json{ "command": { "shell": "# Add the Helm repository\nhelm repo add czertainly https://cloudfieldcz.github.io/CZERTAINLY-Helm-Charts\nhelm repo update\n\n# Install the chart\nhelm install proxy czertainly/proxy --set token=\"<jwt-token>\"" } }
Decommission a proxy:
bashcurl -X DELETE "http://localhost:8080/api/v1/proxies/MY_PROXY_1" \ -H "X-API-Key: my-secret-api-key"
bashdocker build -t czertainly/rabbitmq-bootstrap:latest .
bashdocker run -d \ --name rabbitmq-bootstrap \ -p 8080:8080 \ -e RABBITMQ_HOST=rabbitmq \ -e RABBITMQ_USERNAME=provisioner \ -e RABBITMQ_PASSWORD=provisioner \ -e RABBITMQ_VIRTUAL_HOST=czertainly \ -e SECURITY_API_KEY=my-secret-api-key \ -e PROXY_AMQP_URL=amqp://rabbitmq:5672 \ -e TOKEN_SIGNING_KEY=my-signing-key-at-least-32-characters-long \ czertainly/rabbitmq-bootstrap:latest
The service expects an external RabbitMQ instance. Create a .env file with your connection details:
bashRABBITMQ_HOST=your-rabbitmq-host RABBITMQ_USERNAME=provisioner RABBITMQ_PASSWORD=provisioner RABBITMQ_VIRTUAL_HOST=czertainly SECURITY_API_KEY=my-secret-api-key PROXY_AMQP_URL=amqp://your-rabbitmq-host:5672 TOKEN_SIGNING_KEY=my-signing-key-at-least-32-characters-long
Then run with Docker Compose:
bashdocker-compose up -d
Check logs:
bashdocker-compose logs -f rabbitmq-bootstrap
Stop the service:
bashdocker-compose down
您可以使用以下命令拉取该镜像。请将 <标签> 替换为具体的标签版本。如需查看所有可用标签版本,请访问 标签列表页面。
来自真实用户的反馈,见证轩辕镜像的优质服务