feat: /api/v2 ts/proc to Rust htyts:3003 htyproc:3004, admin routes

- ts.conf/proc.conf: v2 locations and huiwing_htyts_rust/htyproc_rust vars
- admin.conf: /api/v2/ts and /api/v2/proc on admin for same-origin tests
- local_macos proc.conf; remove duplicate conf/alchemy
- huiwings ai.conf: coze auth comment lines merged from removed alchemy copy

Made-with: Cursor

conf/huiwings/ts.conf

@@ -10,7 +10,10 @@ server {
      ssl_certificate /etc/letsencrypt/live/huiwings.cn/fullchain.pem; # managed by Certbot
      ssl_certificate_key /etc/letsencrypt/live/huiwings.cn/privkey.pem; # managed by Certbot
 
-    set $task_server "http://127.0.0.1:8080"; # task server host
+    set $task_server "http://127.0.0.1:8080"; # Java task_server
+    # huiwing 仓库：`cargo run -p htyts`，env 见 envs/*/htyts.env（TS_PORT=3003）
+    set $huiwing_htyts_rust "127.0.0.1:3003";
+    set $task_server_rust "http://$huiwing_htyts_rust"; # 与 Java 并行，仅 /api/v2 走此
     set $htyuc "http://127.0.0.1:3000"; #htyuc host
     set $resty_loc "/usr/local/openresty";
 
@@ -26,6 +29,19 @@ server {
         }
         proxy_pass http://127.0.0.1:8080/api/v1/ts/;
     }
+
+    # Rust htyts：对外 /api/v2/ts → 本进程；后端路由仍为 /api/v1/ts（与 Java /api/v1/ts 并行）
+    location /api/v2/ts/ {
+        add_header Access-Control-Allow-Origin $http_origin always;
+        add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS' always;
+        add_header Access-Control-Allow-Headers 'Authorization,HtyAdminToken,HtySudoerToken,HtyHost,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type' always;
+        add_header Access-Control-Allow-Credentials true always;
+        add_header Access-Control-Max-Age 86400 always;
+        if ($request_method = 'OPTIONS') {
+            return 200;
+        }
+        proxy_pass http://$huiwing_htyts_rust/api/v1/ts/;
+    }
 }
 
 # server {