配置资源文件位置,默认application.properties是放在jar包中的,通过spring.config.location可以制定外部配置文件,这样更便于运维。
java -jar demo.jar --spring.config.location=/opt/config/application.properties
spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration
spring.pid.fail-on-write-error= # Fail if ApplicationPidFileWriter is used but it cannot write the PID file. spring.pid.file= # Location of the PID file to write (if ApplicationPidFileWriter is used).
设置 Tomcat 工作目录,默认 /tmp/tomcat-docbase.7057591687859485145.7000 通过下面配置修改
server.tomcat.basedir=/tmp/your_project
server.port=8080 # 监听端口 server.address= # 绑定的地址 server.context-path= #默认为/
连接数配置
server.tomcat.max-threads=2048 # 最大线程数
如果前端有 nginx 代理这个配置可以禁用
server.tomcat.accesslog.enabled=true server.tomcat.accesslog.directory=/tmp/logs server.tomcat.accesslog.pattern=common server.tomcat.accesslog.prefix=www.netkiller.cn.access server.tomcat.accesslog.suffix=.log
logging.path=/tmp # 日志目录默认为 /tmp logging.file=your.log # 日志文件名称,默认为spring.log
java -jar spring-boot-app.jar --logging.file=/tmp/spring-boot-app.log
Spring boot 默认并非UTF-8 所以下面配置必设,否则将会出现
spring.messages.encoding=UTF-8 server.tomcat.uri-encoding=UTF-8 spring.http.encoding.charset=UTF-8 spring.http.encoding.enabled=true spring.http.encoding.force=true
server.session.persistent 重启时是否持久化session,默认false server.session.timeout session的超时时间 server.session.tracking-modes 设定Session的追踪模式(cookie, url, ssl). server.session.timeout=1800 #session有效时长
server.session.cookie.comment 指定session cookie的comment server.session.cookie.domain 指定session cookie的domain server.session.cookie.http-only 否开启HttpOnly. server.session.cookie.max-age 设定session cookie的最大age. server.session.cookie.name 设定Session cookie 的名称. server.session.cookie.path 设定session cookie的路径. server.session.cookie.secure 设定session cookie的“Secure” flag.
案例
server.session.cookie.name=PHPSESSID server.session.cookie.domain=.example.com server.session.cookie.http-only=true server.session.cookie.path=/
server.compression.enabled=true #是否开启压缩,默认为false. server.compression.excluded-user-agents #指定不压缩的user-agent,多个以逗号分隔,默认值为:text/html,text/xml,text/plain,text/css server.compression.mime-types #指定要压缩的MIME type,多个以逗号分隔. server.compression.min-response-size #执行压缩的阈值,默认为2048 server.compression.enabled=true server.compression.mime-types=application/json,application/xml,text/html,text/xml,text/plain,text/css,application/javascript server.compression.min-response-size=1024
server.ssl.ciphers 是否支持SSL ciphers. server.ssl.client-auth 设定client authentication是wanted 还是 needed. server.ssl.enabled 是否开启ssl,默认: true server.ssl.key-alias 设定key store中key的别名. server.ssl.key-password 访问key store中key的密码. server.ssl.key-store 设定持有SSL certificate的key store的路径,通常是一个.jks文件. server.ssl.key-store-password设定访问key store的密码. server.ssl.key-store-provider设定key store的提供者. server.ssl.key-store-type 设定key store的类型. server.ssl.protocol 使用的SSL协议,默认: TLS server.ssl.trust-store 持有SSL certificates的Trust store. server.ssl.trust-store-password访问trust store的密码. server.ssl.trust-store-provider设定trust store的提供者. server.ssl.trust-store-type 指定trust store的类型.
生成证书
server.ssl.* #ssl相关配置
keytool -genkey -alias springboot -keyalg RSA -keystore /www/ssl/spring 设置密码 123456
配置 application.properties
server.ssl.enabled 启动tomcat ssl配置 server.ssl.keyAlias 别名 server.ssl.keyPassword 密码 server.ssl.keyStore 位置
server.port=8443 server.ssl.enabled=true server.ssl.keyAlias=springboot server.ssl.keyPassword=123456 server.ssl.keyStore=/www/ssl/spring
# Pretty-print JSON responses spring.jackson.serialization.indent_output=true
#序列化时间格式 spring.jackson.date-format=yyyy-MM-dd HH:mm:ss spring.mvc.date-format=yyyy-MM-dd HH:mm:ss #mvc序列化时候时区选择 spring.jackson.time-zone=GMT+8
spring.mail.host=smtp.netkiller.cn #spring.mail.username= #spring.mail.password= #spring.mail.properties.mail.smtp.auth=true #spring.mail.properties.mail.smtp.starttls.enable=true #spring.mail.properties.mail.smtp.starttls.required=true mail.smtp.debug=true
# REDIS (RedisProperties) # Redis数据库索引(默认为0) spring.redis.database=0 # Redis服务器地址 spring.redis.host=localhost # Redis服务器连接端口 spring.redis.port=6379 # Redis服务器连接密码(默认为空) spring.redis.password= # 连接池最大连接数(使用负值表示没有限制) spring.redis.pool.max-active=8 # 连接池最大阻塞等待时间(使用负值表示没有限制) spring.redis.pool.max-wait=-1 # 连接池中的最大空闲连接 spring.redis.pool.max-idle=8 # 连接池中的最小空闲连接 spring.redis.pool.min-idle=0 # 连接超时时间(毫秒) spring.redis.timeout=0
格式:mongodb://用户名:密码@主机地址/数据库
spring.data.mongodb.uri=mongodb://user:passw0rd@mdb.netkiller.cn/test spring.data.mongodb.repositories.enabled=true
spring.datasource.driver-class-name=com.mysql.jdbc.Driver spring.datasource.url=jdbc:mysql://主机地址:端口号/数据库 spring.datasource.username=用户名 spring.datasource.password=密码 spring.jpa.database=MYSQL # 启用JPA支持
spring.datasource.driver-class-name=oracle.jdbc.OracleDriver spring.datasource.url=jdbc:oracle:thin:@//odb.netkiller.cn:1521/orcl spring.datasource.username=orcl spring.datasource.password=passw0rd spring.datasource.connection-test-query="SELECT 1 FROM DUAL" spring.jpa.database-platform=org.hibernate.dialect.Oracle10gDialect spring.jpa.show-sql=true #spring.jpa.hibernate.ddl-auto=none #spring.jpa.hibernate.ddl-auto=create-drop spring.datasource.max-active=50 spring.datasource.initial-size=5 spring.datasource.max-idle=10 spring.datasource.min-idle=5 spring.datasource.test-while-idle=true spring.datasource.test-on-borrow=false spring.datasource.validation-query=SELECT 1 FROM DUAL spring.datasource.time-between-eviction-runs-millis=5000 spring.datasource.min-evictable-idle-time-millis=60000
启用/禁用 导入 schema.sql 和 data.sql / data-${platform}.sql 其中 platform 是 spring.datasource.platform 所定义的平台
spring.datasource.initialize=false spring.datasource.platform=MYSQL
spring.velocity.resourceLoaderPath=classpath:/templates/ spring.velocity.prefix= spring.velocity.suffix=.vm spring.velocity.cache=false spring.velocity.check-template-location=true spring.velocity.content-type=text/html spring.velocity.charset=UTF-8 spring.velocity.properties.input.encoding=UTF-8 spring.velocity.properties.output.encoding=UTF-8
禁用 velocity 模板引擎
spring.velocity.enabled=false spring.velocity.check-template-location=false
security.user.name=user security.user.password=password security.user.role=USER
Web 安全
# X-Frame-Options: DENY security.headers.frame=false security.headers.cache security.headers.content-type security.headers.hsts security.headers.xss
参考 https://github.com/spring-projects/spring-boot/blob/master/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/SecurityProperties.java#L171
spring.kafka.bootstrap-servers spring.kafka.client-id spring.kafka.ssl.key-password spring.kafka.ssl.keystore-location spring.kafka.ssl.keystore-password spring.kafka.ssl.truststore-location spring.kafka.ssl.truststore-password spring.kafka.template.default-topic spring.kafka.consumer.auto-commit-interval spring.kafka.consumer.auto-offset-reset spring.kafka.consumer.bootstrap-servers spring.kafka.consumer.client-id spring.kafka.consumer.enable-auto-commit spring.kafka.consumer.fetch-max-wait spring.kafka.consumer.fetch-min-size spring.kafka.consumer.group-id spring.kafka.consumer.heartbeat-interval spring.kafka.consumer.key-deserializer spring.kafka.consumer.max-poll-records spring.kafka.consumer.value-deserializer spring.kafka.listener.ack-count spring.kafka.listener.ack-mode spring.kafka.listener.ack-time spring.kafka.listener.concurrency spring.kafka.listener.poll-timeout spring.kafka.producer.acks spring.kafka.producer.batch-size spring.kafka.producer.bootstrap-servers spring.kafka.producer.buffer-memory spring.kafka.producer.client-id spring.kafka.producer.compression-type spring.kafka.producer.key-serializer spring.kafka.producer.retries spring.kafka.producer.value-serializer spring.kafka.properties
原文出处:Netkiller 系列 手札
本文作者:陈景峯
转载请与作者联系,同时请务必标明文章原始出处和作者信息及本声明。
