feat(core): 初始化 Key-IP Sentinel 服务与部署骨架

- 搭建 FastAPI、Redis、PostgreSQL、Nginx 与 Docker Compose 基础结构
- 实现反向代理、首用绑定、拦截告警、归档任务和管理接口
- 提供 Vue3 管理后台初版，以及 uv/requirements 双依赖配置

app/core/ip_utils.py

@@ -0,0 +1,35 @@
+from __future__ import annotations
+
+from ipaddress import ip_address, ip_network
+
+from fastapi import Request
+
+from app.config import Settings
+
+
+def is_ip_in_network(candidate_ip: str, network_value: str) -> bool:
+    return ip_address(candidate_ip) in ip_network(network_value, strict=False)
+
+
+def is_trusted_proxy(source_ip: str, settings: Settings) -> bool:
+    try:
+        parsed_ip = ip_address(source_ip)
+    except ValueError:
+        return False
+    return any(parsed_ip in network for network in settings.trusted_proxy_networks)
+
+
+def extract_client_ip(request: Request, settings: Settings) -> str:
+    client_host = request.client.host if request.client else "127.0.0.1"
+    if not is_trusted_proxy(client_host, settings):
+        return client_host
+
+    real_ip = request.headers.get("x-real-ip")
+    if not real_ip:
+        return client_host
+
+    try:
+        ip_address(real_ip)
+    except ValueError:
+        return client_host
+    return real_ip