From 098d3347a0df808908aab8c554cd7c4febc5e6d9 Mon Sep 17 00:00:00 2001
From: 疯狂的狮子Li <15040126243@163.com>
Date: 星期一, 26 八月 2024 11:43:59 +0800
Subject: [PATCH] !577 发布 5.2.2 正式版 安全性提升 Merge pull request !577 from 疯狂的狮子Li/dev
---
ruoyi-admin/src/main/resources/application-dev.yml | 178 +++++++++++++++++++++++++++++++++++++++++++++--------------
1 files changed, 135 insertions(+), 43 deletions(-)
diff --git a/ruoyi-admin/src/main/resources/application-dev.yml b/ruoyi-admin/src/main/resources/application-dev.yml
index 7b7380b..5e20dae 100644
--- a/ruoyi-admin/src/main/resources/application-dev.yml
+++ b/ruoyi-admin/src/main/resources/application-dev.yml
@@ -5,30 +5,26 @@
url: http://localhost:9090/admin
instance:
service-host-type: IP
+ metadata:
+ username: ${spring.boot.admin.client.username}
+ userpassword: ${spring.boot.admin.client.password}
username: ruoyi
password: 123456
---- # xxl-job 閰嶇疆
-xxl.job:
- # 鎵ц鍣ㄥ紑鍏�
+--- # snail-job 閰嶇疆
+snail-job:
enabled: true
- # 璋冨害涓績鍦板潃锛氬璋冨害涓績闆嗙兢閮ㄧ讲瀛樺湪澶氫釜鍦板潃鍒欑敤閫楀彿鍒嗛殧銆�
- admin-addresses: http://localhost:9100/xxl-job-admin
- # 鎵ц鍣ㄩ�氳TOKEN锛氶潪绌烘椂鍚敤
- access-token: xxl-job
- executor:
- # 鎵ц鍣ˋppName锛氭墽琛屽櫒蹇冭烦娉ㄥ唽鍒嗙粍渚濇嵁锛涗负绌哄垯鍏抽棴鑷姩娉ㄥ唽
- appname: xxl-job-executor
- # 鎵ц鍣ㄧ鍙e彿 鎵ц鍣ㄤ粠9101寮�濮嬪線鍚庡啓
- port: 9101
- # 鎵ц鍣ㄦ敞鍐岋細榛樿IP:PORT
- address:
- # 鎵ц鍣↖P锛氶粯璁よ嚜鍔ㄨ幏鍙朓P
- ip:
- # 鎵ц鍣ㄨ繍琛屾棩蹇楁枃浠跺瓨鍌ㄧ鐩樿矾寰�
- logpath: ./logs/xxl-job
- # 鎵ц鍣ㄦ棩蹇楁枃浠朵繚瀛樺ぉ鏁帮細澶т簬3鐢熸晥
- logretentiondays: 30
+ # 闇�瑕佸湪 SnailJob 鍚庡彴缁勭鐞嗗垱寤哄搴斿悕绉扮殑缁�,鐒跺悗鍒涘缓浠诲姟鐨勬椂鍊欓�夋嫨瀵瑰簲鐨勭粍,鎵嶈兘姝g‘鍒嗘淳浠诲姟
+ group: "ruoyi_group"
+ # SnailJob 鎺ュ叆楠岃瘉浠ょ墝 璇﹁ script/sql/snail_job.sql `sj_group_config` 琛�
+ token: "SJ_cKqBTPzCsWA3VyuCfFoccmuIEGXjr5KT"
+ server:
+ host: 127.0.0.1
+ port: 17888
+ # 璇﹁ script/sql/snail_job.sql `sj_namespace` 琛�
+ namespace: ${spring.profiles.active}
+ # 闅忎富搴旂敤绔彛椋橀��
+ port: 2${server.port}
--- # 鏁版嵁婧愰厤缃�
spring:
@@ -49,7 +45,7 @@
driverClassName: com.mysql.cj.jdbc.Driver
# jdbc 鎵�鏈夊弬鏁伴厤缃弬鑰� https://lionli.blog.csdn.net/article/details/122018562
# rewriteBatchedStatements=true 鎵瑰鐞嗕紭鍖� 澶у箙鎻愬崌鎵归噺鎻掑叆鏇存柊鍒犻櫎鎬ц兘(瀵规暟鎹簱鏈夋�ц兘鎹熻�� 浣跨敤鎵归噺鎿嶄綔搴旇�冭檻鎬ц兘闂)
- url: jdbc:mysql://localhost:3306/ry-vue?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=GMT%2B8&autoReconnect=true&rewriteBatchedStatements=true
+ url: jdbc:mysql://localhost:3306/ry-vue?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=GMT%2B8&autoReconnect=true&rewriteBatchedStatements=true&allowPublicKeyRetrieval=true&nullCatalogMeansCurrent=true
username: root
password: root
# 浠庡簱鏁版嵁婧�
@@ -57,7 +53,7 @@
lazy: true
type: ${spring.datasource.type}
driverClassName: com.mysql.cj.jdbc.Driver
- url: jdbc:mysql://localhost:3306/ry-vue?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=GMT%2B8&autoReconnect=true&rewriteBatchedStatements=true
+ url: jdbc:mysql://localhost:3306/ry-vue?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=GMT%2B8&autoReconnect=true&rewriteBatchedStatements=true&allowPublicKeyRetrieval=true&nullCatalogMeansCurrent=true
username:
password:
# oracle:
@@ -66,8 +62,6 @@
# url: jdbc:oracle:thin:@//localhost:1521/XE
# username: ROOT
# password: root
-# hikari:
-# connectionTestQuery: SELECT 1 FROM DUAL
# postgres:
# type: ${spring.datasource.type}
# driverClassName: org.postgresql.Driver
@@ -86,18 +80,18 @@
# 鏈�灏忕┖闂茬嚎绋嬫暟閲�
minIdle: 10
# 閰嶇疆鑾峰彇杩炴帴绛夊緟瓒呮椂鐨勬椂闂�
- connectionTimeout: 10000
+ connectionTimeout: 30000
# 鏍¢獙瓒呮椂鏃堕棿
validationTimeout: 5000
# 绌洪棽杩炴帴瀛樻椿鏈�澶ф椂闂达紝榛樿10鍒嗛挓
- idleTimeout: 60000
+ idleTimeout: 600000
# 姝ゅ睘鎬ф帶鍒舵睜涓繛鎺ョ殑鏈�闀跨敓鍛藉懆鏈燂紝鍊�0琛ㄧず鏃犻檺鐢熷懡鍛ㄦ湡锛岄粯璁�30鍒嗛挓
- maxLifetime: 900000
- # 杩炴帴娴嬭瘯query锛堥厤缃娴嬭繛鎺ユ槸鍚︽湁鏁堬級
- connectionTestQuery: SELECT 1
+ maxLifetime: 1800000
+ # 澶氫箙妫�鏌ヤ竴娆¤繛鎺ョ殑娲绘��
+ keepaliveTime: 30000
--- # redis 鍗曟満閰嶇疆(鍗曟満涓庨泦缇ゅ彧鑳藉紑鍚竴涓彟涓�涓渶瑕佹敞閲婃帀)
-spring:
+spring.data:
redis:
# 鍦板潃
host: localhost
@@ -105,13 +99,14 @@
port: 6379
# 鏁版嵁搴撶储寮�
database: 0
- # 瀵嗙爜(濡傛病鏈夊瘑鐮佽娉ㄩ噴鎺�)
- # password:
+ # redis 瀵嗙爜蹇呴』閰嶇疆
+ password: ruoyi123
# 杩炴帴瓒呮椂鏃堕棿
timeout: 10s
# 鏄惁寮�鍚痵sl
- ssl: false
+ ssl.enabled: false
+# redisson 閰嶇疆
redisson:
# redis key鍓嶇紑
keyPrefix:
@@ -156,14 +151,111 @@
# Socket杩炴帴瓒呮椂鍊硷紝鍗曚綅姣锛岀己鐪佸�间笉瓒呮椂
connectionTimeout: 0
---- # sms 鐭俊
+--- # sms 鐭俊 鏀寔 闃块噷浜� 鑵捐浜� 浜戠墖 绛夌瓑鍚勫紡鍚勬牱鐨勭煭淇℃湇鍔″晢
+# https://sms4j.com/doc3/ 宸紓閰嶇疆鏂囨。鍦板潃 鏀寔鍗曞巶鍟嗗閰嶇疆锛屽彲浠ラ厤缃涓悓鏃朵娇鐢�
sms:
- enabled: false
- # 闃块噷浜� dysmsapi.aliyuncs.com
- # 鑵捐浜� sms.tencentcloudapi.com
- endpoint: "dysmsapi.aliyuncs.com"
- accessKeyId: xxxxxxx
- accessKeySecret: xxxxxx
- signName: 娴嬭瘯
- # 鑵捐涓撶敤
- sdkAppId:
+ # 閰嶇疆婧愮被鍨嬬敤浜庢爣瀹氶厤缃潵婧�(interface,yaml)
+ config-type: yaml
+ # 鐢ㄤ簬鏍囧畾yml涓殑閰嶇疆鏄惁寮�鍚煭淇℃嫤鎴紝鎺ュ彛閰嶇疆涓嶅彈姝ら檺鍒�
+ restricted: true
+ # 鐭俊鎷︽埅闄愬埗鍗曟墜鏈哄彿姣忓垎閽熸渶澶у彂閫侊紝鍙寮�鍚簡鎷︽埅鐨勯厤缃湁鏁�
+ minute-max: 1
+ # 鐭俊鎷︽埅闄愬埗鍗曟墜鏈哄彿姣忔棩鏈�澶у彂閫侀噺锛屽彧瀵瑰紑鍚簡鎷︽埅鐨勯厤缃湁鏁�
+ account-max: 30
+ # 浠ヤ笅閰嶇疆鏉ヨ嚜浜� org.dromara.sms4j.provider.config.BaseConfig绫讳腑
+ blends:
+ # 鍞竴ID 鐢ㄤ簬鍙戦�佺煭淇″鎵惧叿浣撻厤缃� 闅忎究瀹氫箟鍒敤涓枃鍗冲彲
+ # 鍙互鍚屾椂瀛樺湪涓や釜鐩稿悓鍘傚晢 渚嬪: ali1 ali2 涓や釜涓嶅悓鐨勯樋閲岀煭淇¤处鍙� 涔熷彲鐢ㄤ簬鍖哄垎绉熸埛
+ config1:
+ # 妗嗘灦瀹氫箟鐨勫巶鍟嗗悕绉版爣璇嗭紝鏍囧畾姝ら厤缃槸鍝釜鍘傚晢锛岃缁嗚鐪嬪巶鍟嗘爣璇嗕粙缁嶉儴鍒�
+ supplier: alibaba
+ # 鏈変簺绉颁负accessKey鏈変簺绉颁箣涓篴piKey锛屼篃鏈夌О涓簊dkKey鎴栬�卆ppId銆�
+ access-key-id: 鎮ㄧ殑accessKey
+ # 绉颁负accessSecret鏈変簺绉颁箣涓篴piSecret
+ access-key-secret: 鎮ㄧ殑accessKeySecret
+ signature: 鎮ㄧ殑鐭俊绛惧悕
+ sdk-app-id: 鎮ㄧ殑sdkAppId
+ config2:
+ # 鍘傚晢鏍囪瘑锛屾爣瀹氭閰嶇疆鏄摢涓巶鍟嗭紝璇︾粏璇风湅鍘傚晢鏍囪瘑浠嬬粛閮ㄥ垎
+ supplier: tencent
+ access-key-id: 鎮ㄧ殑accessKey
+ access-key-secret: 鎮ㄧ殑accessKeySecret
+ signature: 鎮ㄧ殑鐭俊绛惧悕
+ sdk-app-id: 鎮ㄧ殑sdkAppId
+
+
+--- # 涓夋柟鎺堟潈
+justauth:
+ # 鍓嶇澶栫綉璁块棶鍦板潃
+ address: http://localhost:80
+ type:
+ maxkey:
+ # maxkey 鏈嶅姟鍣ㄥ湴鍧�
+ # 娉ㄦ剰 濡備笅鍧囬厤缃潎涓嶉渶瑕佷慨鏀� maxkey 宸茬粡鍐呯疆濂戒簡鏁版嵁
+ server-url: http://sso.maxkey.top
+ client-id: 876892492581044224
+ client-secret: x1Y5MTMwNzIwMjMxNTM4NDc3Mzche8
+ redirect-uri: ${justauth.address}/social-callback?source=maxkey
+ topiam:
+ # topiam 鏈嶅姟鍣ㄥ湴鍧�
+ server-url: http://127.0.0.1:1989/api/v1/authorize/y0q************spq***********8ol
+ client-id: 449c4*********937************759
+ client-secret: ac7***********1e0************28d
+ redirect-uri: ${justauth.address}/social-callback?source=topiam
+ scopes: [openid, email, phone, profile]
+ qq:
+ client-id: 10**********6
+ client-secret: 1f7d08**********5b7**********29e
+ redirect-uri: ${justauth.address}/social-callback?source=qq
+ union-id: false
+ weibo:
+ client-id: 10**********6
+ client-secret: 1f7d08**********5b7**********29e
+ redirect-uri: ${justauth.address}/social-callback?source=weibo
+ gitee:
+ client-id: 91436b7940090d09c72c7daf85b959cfd5f215d67eea73acbf61b6b590751a98
+ client-secret: 02c6fcfd70342980cd8dd2f2c06c1a350645d76c754d7a264c4e125f9ba915ac
+ redirect-uri: ${justauth.address}/social-callback?source=gitee
+ dingtalk:
+ client-id: 10**********6
+ client-secret: 1f7d08**********5b7**********29e
+ redirect-uri: ${justauth.address}/social-callback?source=dingtalk
+ baidu:
+ client-id: 10**********6
+ client-secret: 1f7d08**********5b7**********29e
+ redirect-uri: ${justauth.address}/social-callback?source=baidu
+ csdn:
+ client-id: 10**********6
+ client-secret: 1f7d08**********5b7**********29e
+ redirect-uri: ${justauth.address}/social-callback?source=csdn
+ coding:
+ client-id: 10**********6
+ client-secret: 1f7d08**********5b7**********29e
+ redirect-uri: ${justauth.address}/social-callback?source=coding
+ coding-group-name: xx
+ oschina:
+ client-id: 10**********6
+ client-secret: 1f7d08**********5b7**********29e
+ redirect-uri: ${justauth.address}/social-callback?source=oschina
+ alipay_wallet:
+ client-id: 10**********6
+ client-secret: 1f7d08**********5b7**********29e
+ redirect-uri: ${justauth.address}/social-callback?source=alipay_wallet
+ alipay-public-key: MIIB**************DAQAB
+ wechat_open:
+ client-id: 10**********6
+ client-secret: 1f7d08**********5b7**********29e
+ redirect-uri: ${justauth.address}/social-callback?source=wechat_open
+ wechat_mp:
+ client-id: 10**********6
+ client-secret: 1f7d08**********5b7**********29e
+ redirect-uri: ${justauth.address}/social-callback?source=wechat_mp
+ wechat_enterprise:
+ client-id: 10**********6
+ client-secret: 1f7d08**********5b7**********29e
+ redirect-uri: ${justauth.address}/social-callback?source=wechat_enterprise
+ agent-id: 1000002
+ gitlab:
+ client-id: 10**********6
+ client-secret: 1f7d08**********5b7**********29e
+ redirect-uri: ${justauth.address}/social-callback?source=gitlab
--
Gitblit v1.9.3