feat(kimi): add Kimi CLI forward mode support

- Add AccountTypeCLI domain constant
- Add KimiCLIGateway to forward requests through local kimi-cli binary
- Route CLI accounts in ForwardKimiChatCompletions to cli gateway
- Handle CLI type in GetAccessToken (no token needed)
- Fix Gin oneof binding to accept 'cli' type (Create/Update Account)
- Fix validateDataAccount to accept bedrock and cli types
- Remove unsupported --model arg from kimi-cli invocation
- Frontend: CLI account creation UI with model mapping, pool mode
- Frontend: CLI edit modal support
- Frontend: UseKeyModal shows OpenAI examples for kimi platform
- Add i18n strings for CLI account type

[缅因猫/Codex🐾]

backend/config.test.yaml

@@ -0,0 +1,181 @@
+server:
+  host: "0.0.0.0"
+  port: 3004
+  mode: "debug"
+  frontend_url: "http://localhost:3003"
+
+database:
+  host: "localhost"
+  port: 5432
+  user: "sub2api"
+  password: "sub2api"
+  dbname: "sub2api"
+  sslmode: "disable"
+  max_open_conns: 50
+  max_idle_conns: 10
+
+redis:
+  host: "localhost"
+  port: 6379
+  password: ""
+  db: 0
+  pool_size: 100
+  min_idle_conns: 10
+
+jwt:
+  secret: "test-secret-do-not-use-in-production"
+  expire_hour: 24
+
+totp:
+  encryption_key: ""
+
+default:
+  admin_email: "admin@test.com"
+  admin_password: "admin123"
+  user_concurrency: 5
+  user_balance: 0
+  api_key_prefix: "sk-"
+  rate_multiplier: 1.0
+
+gateway:
+  response_header_timeout: 600
+  max_body_size: 268435456
+  upstream_response_read_max_bytes: 8388608
+  connection_pool_isolation: "account_proxy"
+  max_idle_conns: 2560
+  max_idle_conns_per_host: 120
+  max_conns_per_host: 1024
+  idle_conn_timeout_seconds: 90
+  max_upstream_clients: 5000
+  client_idle_ttl_seconds: 900
+  concurrency_slot_ttl_minutes: 30
+  stream_data_interval_timeout: 180
+  stream_keepalive_interval: 10
+  max_line_size: 41943040
+  log_upstream_error_body: true
+  log_upstream_error_body_max_bytes: 2048
+  inject_beta_for_apikey: false
+  failover_on_400: false
+  scheduling:
+    sticky_session_max_waiting: 3
+    sticky_session_wait_timeout: 120s
+    fallback_wait_timeout: 30s
+    fallback_max_waiting: 100
+    load_batch_enabled: true
+    slot_cleanup_interval: 30s
+    db_fallback_enabled: true
+    db_fallback_timeout_seconds: 0
+    db_fallback_max_qps: 0
+    outbox_poll_interval_seconds: 1
+    outbox_lag_warn_seconds: 5
+    outbox_lag_rebuild_seconds: 10
+    outbox_lag_rebuild_failures: 3
+    outbox_backlog_rebuild_rows: 10000
+    full_rebuild_interval_seconds: 300
+  tls_fingerprint:
+    enabled: false
+
+log:
+  level: "debug"
+  format: "console"
+  service_name: "sub2api"
+  env: "dev"
+  caller: true
+  stacktrace_level: "error"
+  output:
+    to_stdout: true
+    to_file: false
+  rotation:
+    max_size_mb: 100
+    max_backups: 10
+    max_age_days: 7
+    compress: true
+    local_time: true
+  sampling:
+    enabled: false
+    initial: 100
+    thereafter: 100
+
+api_key_auth_cache:
+  l1_size: 65535
+  l1_ttl_seconds: 15
+  l2_ttl_seconds: 300
+  negative_ttl_seconds: 30
+  jitter_percent: 10
+  singleflight: true
+
+dashboard_cache:
+  enabled: true
+  key_prefix: "sub2api:"
+  stats_fresh_ttl_seconds: 15
+  stats_ttl_seconds: 30
+  stats_refresh_timeout_seconds: 30
+
+dashboard_aggregation:
+  enabled: false
+  interval_seconds: 60
+  lookback_seconds: 120
+  backfill_enabled: false
+  backfill_max_days: 31
+  recompute_days: 2
+  retention:
+    usage_logs_days: 90
+    hourly_days: 180
+    daily_days: 730
+
+usage_cleanup:
+  enabled: false
+  max_range_days: 31
+  batch_size: 5000
+  worker_interval_seconds: 10
+  task_timeout_seconds: 1800
+
+idempotency:
+  observe_only: true
+  default_ttl_seconds: 86400
+  system_operation_ttl_seconds: 3600
+  processing_timeout_seconds: 30
+  failed_retry_backoff_seconds: 5
+  max_stored_response_len: 65536
+  cleanup_interval_seconds: 60
+  cleanup_batch_size: 500
+
+concurrency:
+  ping_interval: 10
+
+token_refresh:
+  sync_linked_sora_accounts: false
+
+ops:
+  enabled: false
+
+rate_limit:
+  overload_cooldown_minutes: 10
+
+security:
+  url_allowlist:
+    enabled: false
+    upstream_hosts: []
+    pricing_hosts: []
+    crs_hosts: []
+    allow_private_hosts: true
+    allow_insecure_http: true
+  response_headers:
+    enabled: true
+    additional_allowed: []
+    force_remove: []
+  csp:
+    enabled: false
+  proxy_probe:
+    insecure_skip_verify: false
+  proxy_fallback:
+    allow_direct_on_error: false
+
+turnstile:
+  required: false
+
+linuxdo_connect:
+  enabled: false
+
+oidc_connect:
+  enabled: false