refactor(rpc): Centralize RPC service and unify API (#1427)

This change introduces a major refactoring of the RPC service layer to improve modularity, unify the API, and simplify the overall architecture.

Key changes:
- Replaced per-network-instance RPC services with a single global RPC server, reducing resource usage and simplifying management.
- All clients (CLI, Web UI, etc.) now interact with EasyTier core through a unified RPC entrypoint, enabling consistent authentication and control.
- RPC implementation logic has been moved to `easytier/src/rpc_service/` and organized by functionality (e.g., `instance_manage.rs`, `peer_manage.rs`, `config.rs`) for better maintainability.
- Standardized Protobuf API definitions under `easytier/src/proto/` with an `api_` prefix (e.g., `cli.proto` → `api_instance.proto`) to provide a consistent interface.
- CLI commands now require explicit `--instance-id` or `--instance-name` when multiple network instances are running; the parameter is optional when only one instance exists.

BREAKING CHANGE:  
RPC portal configuration (`rpc_portal` and `rpc_portal_whitelist`) has been removed from per-instance configs and the Web UI. The RPC listen address must now be specified globally via the `--rpc-portal` command-line flag or the `ET_RPC_PORTAL` environment variable, as there is only one RPC service for the entire application.

easytier/src/common/config.rs

@@ -6,7 +6,6 @@ use std::{
 };
 
 use anyhow::Context;
-use cidr::IpCidr;
 use serde::{Deserialize, Serialize};
 
 use crate::{
@@ -169,12 +168,6 @@ pub trait ConfigLoader: Send + Sync {
     fn get_mapped_listeners(&self) -> Vec<url::Url>;
     fn set_mapped_listeners(&self, listeners: Option<Vec<url::Url>>);
 
-    fn get_rpc_portal(&self) -> Option<SocketAddr>;
-    fn set_rpc_portal(&self, addr: SocketAddr);
-
-    fn get_rpc_portal_whitelist(&self) -> Option<Vec<IpCidr>>;
-    fn set_rpc_portal_whitelist(&self, whitelist: Option<Vec<IpCidr>>);
-
     fn get_vpn_portal_config(&self) -> Option<VpnPortalConfig>;
     fn set_vpn_portal_config(&self, config: VpnPortalConfig);
 
@@ -398,9 +391,6 @@ struct Config {
     peer: Option<Vec<PeerConfig>>,
     proxy_network: Option<Vec<ProxyNetworkConfig>>,
 
-    rpc_portal: Option<SocketAddr>,
-    rpc_portal_whitelist: Option<Vec<IpCidr>>,
-
     vpn_portal_config: Option<VpnPortalConfig>,
 
     routes: Option<Vec<cidr::Ipv4Cidr>>,
@@ -692,22 +682,6 @@ impl ConfigLoader for TomlConfigLoader {
         self.config.lock().unwrap().mapped_listeners = listeners;
     }
 
-    fn get_rpc_portal(&self) -> Option<SocketAddr> {
-        self.config.lock().unwrap().rpc_portal
-    }
-
-    fn set_rpc_portal(&self, addr: SocketAddr) {
-        self.config.lock().unwrap().rpc_portal = Some(addr);
-    }
-
-    fn get_rpc_portal_whitelist(&self) -> Option<Vec<IpCidr>> {
-        self.config.lock().unwrap().rpc_portal_whitelist.clone()
-    }
-
-    fn set_rpc_portal_whitelist(&self, whitelist: Option<Vec<IpCidr>>) {
-        self.config.lock().unwrap().rpc_portal_whitelist = whitelist;
-    }
-
     fn get_vpn_portal_config(&self) -> Option<VpnPortalConfig> {
         self.config.lock().unwrap().vpn_portal_config.clone()
     }

easytier/src/common/global_ctx.rs

@@ -10,9 +10,9 @@ use crate::common::stats_manager::StatsManager;
 use crate::common::token_bucket::TokenBucketManager;
 use crate::peers::acl_filter::AclFilter;
 use crate::proto::acl::GroupIdentity;
-use crate::proto::cli::PeerConnInfo;
+use crate::proto::api::config::InstanceConfigPatch;
+use crate::proto::api::instance::PeerConnInfo;
 use crate::proto::common::{PeerFeatureFlag, PortForwardConfigPb};
-use crate::proto::config::InstanceConfigPatch;
 use crate::proto::peer_rpc::PeerGroupInfo;
 use crossbeam::atomic::AtomicCell;
 

easytier/src/common/stats_manager.rs

@@ -664,7 +664,7 @@ impl Default for StatsManager {
 mod tests {
     use super::*;
     use crate::common::stats_manager::{LabelSet, LabelType, MetricName, StatsManager};
-    use crate::proto::cli::{
+    use crate::proto::api::instance::{
         GetPrometheusStatsRequest, GetPrometheusStatsResponse, GetStatsRequest, GetStatsResponse,
     };
     use std::collections::BTreeMap;
@@ -818,16 +818,19 @@ mod tests {
     #[tokio::test]
     async fn test_stats_rpc_data_structures() {
         // Test GetStatsRequest
-        let request = GetStatsRequest {};
-        assert_eq!(request, GetStatsRequest {});
+        let request = GetStatsRequest { instance: None };
+        assert_eq!(request, GetStatsRequest { instance: None });
 
         // Test GetStatsResponse
         let response = GetStatsResponse { metrics: vec![] };
         assert!(response.metrics.is_empty());
 
         // Test GetPrometheusStatsRequest
-        let prometheus_request = GetPrometheusStatsRequest {};
-        assert_eq!(prometheus_request, GetPrometheusStatsRequest {});
+        let prometheus_request = GetPrometheusStatsRequest { instance: None };
+        assert_eq!(
+            prometheus_request,
+            GetPrometheusStatsRequest { instance: None }
+        );
 
         // Test GetPrometheusStatsResponse
         let prometheus_response = GetPrometheusStatsResponse {
@@ -867,7 +870,7 @@ mod tests {
             }
 
             // This simulates what the RPC service would do
-            let _metric_snapshot = crate::proto::cli::MetricSnapshot {
+            let _metric_snapshot = crate::proto::api::instance::MetricSnapshot {
                 name: metric.name.to_string(),
                 value: metric.value,
                 labels,