# 配置参考

## Web 服务配置

### application.yml 主配置

```yaml
server:
  port: 8080
  servlet:
    context-path: /api/v1
  tomcat:
    threads:
      max: 200
      min-spare: 10
    connection-timeout: 20000
    keep-alive-timeout: 30000
```

### 数据库配置

```yaml
spring:
  datasource:
    driver-class-name: com.mysql.cj.jdbc.Driver
    url: jdbc:mysql://localhost:3306/finrep_report?useSSL=false&serverTimezone=Asia/Shanghai&characterEncoding=utf8
    username: root
    password: ${DB_PASSWORD}
    hikari:
      maximum-pool-size: 20
      minimum-idle: 5
      idle-timeout: 300000
      connection-timeout: 30000
      validation-timeout: 5000
```

### Redis 配置

```yaml
spring:
  redis:
    host: localhost
    port: 6379
    password: ${REDIS_PASSWORD}
    database: 0
    lettuce:
      pool:
        max-active: 20
        max-idle: 10
        min-idle: 5
    timeout: 3000
```

### RabbitMQ 配置

```yaml
spring:
  rabbitmq:
    host: localhost
    port: 5672
    username: finrep
    password: ${RABBITMQ_PASSWORD}
    virtual-host: /finrep
    listener:
      simple:
        acknowledge-mode: manual
        prefetch: 10
    template:
      retry:
        enabled: true
        max-attempts: 3
        initial-interval: 1000
```

### JWT 配置

```yaml
jwt:
  secret: ${JWT_SECRET}
  expiration: 86400
  refresh-expiration: 604800
  issuer: finrep-platform
  audience: finrep-api
```

### CORS 配置

```yaml
cors:
  allowed-origins:
    - http://localhost:3000
    - https://app.example.com
  allowed-methods:
    - GET
    - POST
    PUT
    - DELETE
    - OPTIONS
  allowed-headers: "*"
  exposed-headers:
    - X-Trace-Id
    - X-Tenant-Id
  allow-credentials: true
  max-age: 3600
```

### Python Agent 配置

```yaml
python-agent:
  base-url: http://localhost:8000/api/v1
  timeout: 30000
  retry:
    max-attempts: 3
    wait-duration: 1000
  circuit-breaker:
    failure-rate-threshold: 50
    wait-duration-in-open-state: 60000
    ring-buffer-size-in-half-open-state: 10
```

### OSS 配置

```yaml
aliyun:
  oss:
    endpoint: ${OSS_ENDPOINT}
    access-key-id: ${OSS_ACCESS_KEY_ID}
    access-key-secret: ${OSS_ACCESS_KEY_SECRET}
    bucket-name: ${OSS_BUCKET_NAME}
    base-path: finrep/
    connection-timeout: 30000
    socket-timeout: 30000
```

### 限流配置

```yaml
rate-limit:
  enabled: true
  api-per-second: 50
  task-create-per-minute: 10
  sse-per-tenant: 5
```

## Worker 服务配置

### application-worker.yml 主配置

```yaml
spring:
  application:
    name: finrep-worker
```

### Worker 特定配置

```yaml
worker:
  # 任务超时配置
  timeout:
    outline-generation: 300000
    data-preparation: 600000
    report-generation: 900000

  # 重试配置
  retry:
    max-attempts: 3
    wait-duration: 5000
    multiplier: 2

  # 清理配置
  cleanup:
    enabled: true
    schedule: "0 0 2 * * ?"
    keep-days: 30

  # 线程池配置
  thread-pool:
    core-size: 10
    max-size: 50
    queue-capacity: 1000
    keep-alive-seconds: 60
```

### 执行器配置

```yaml
executor:
  worker:
    core-size: 5
    max-size: 20
    queue-capacity: 500

  python-call:
    core-size: 10
    max-size: 30
    queue-capacity: 1000

  message-handler:
    core-size: 5
    max-size: 20
    queue-capacity: 500

  cleanup:
    core-size: 2
    max-size: 5
    queue-capacity: 100
```

### 定时任务配置

```yaml
scheduling:
  # 任务超时检查
  timeout-check:
    enabled: true
    cron: "0 */5 * * * * ?"
    timeout-threshold: 7200000

  # 任务重试
  retry:
    enabled: true
    cron: "0 */10 * * * * ?"
    retry-limit: 3

  # 数据清理
  cleanup:
    enabled: true
    cron: "0 0 2 * * ?"
    keep-days: 30
```

### Redisson 分布式锁配置

```yaml
redisson:
  address: redis://localhost:6379
  password: ${REDIS_PASSWORD}
  database: 0
  connection-pool-size: 10
  connection-minimum-idle-size: 5
  timeout: 3000
  lock:
    wait-time: 30000
    lease-time: 60000
```

## 监控配置

### Actuator 配置

```yaml
management:
  endpoints:
    web:
      exposure:
        include: health,metrics,prometheus,info,threaddump
      base-path: /actuator
  endpoint:
    health:
      show-details: always
      probes:
        enabled: true
  health:
    redis:
      enabled: true
    db:
      enabled: true
    rabbitmq:
      enabled: true
  metrics:
    export:
      prometheus:
        enabled: true
    distribution:
      percentiles-histogram:
        http.server.requests: true
    tags:
      application: ${spring.application.name}
```

### 日志配置

```yaml
logging:
  level:
    root: INFO
    com.yuxin.finrep: DEBUG
    org.springframework.web: INFO
    org.mybatis: DEBUG
  pattern:
    console: "%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n"
    file: "%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n"
  file:
    name: /var/log/finrep/application.log
    max-size: 100MB
    max-history: 30
    total-size-cap: 10GB
```

## 环境变量

### 生产环境

```bash
# 数据库
export DB_PASSWORD=your_secure_password

# Redis
export REDIS_PASSWORD=your_secure_password

# RabbitMQ
export RABBITMQ_PASSWORD=your_secure_password

# JWT
export JWT_SECRET=your_jwt_secret_key

# OSS
export OSS_ENDPOINT=https://oss-cn-hangzhou.aliyuncs.com
export OSS_ACCESS_KEY_ID=your_access_key_id
export OSS_ACCESS_KEY_SECRET=your_access_key_secret
export OSS_BUCKET_NAME=finrep-bucket

# Python Agent
export PYTHON_AGENT_BASE_URL=http://python-agent:8000/api/v1
```

### 开发环境

```bash
# 使用本地服务
export DB_PASSWORD=root
export REDIS_PASSWORD=
export RABBITMQ_PASSWORD=guest
export JWT_SECRET=dev-secret-key
export OSS_ENDPOINT=http://localhost:9000
export OSS_ACCESS_KEY_ID=minioadmin
export OSS_ACCESS_KEY_SECRET=minioadmin
export OSS_BUCKET_NAME=finrep-dev
export PYTHON_AGENT_BASE_URL=http://localhost:8000/api/v1
```

## 多租户配置

### 租户特征开关

```json
{
  "enable_outline_generation": true,
  "enable_data_preparation": true,
  "enable_report_generation": true,
  "enable_export": true,
  "enable_custom_template": false,
  "enable_advanced_search": false
}
```

### 租户配额

```json
{
  "max_tasks": 1000,
  "max_storage_mb": 10240,
  "max_concurrent_tasks": 10,
  "max_daily_requests": 10000
}
```

## 性能调优参数

### 数据库连接池

| 参数 | 推荐值 | 说明 |
|-----|---------|------|
| maximum-pool-size | 20-50 | 最大连接数 |
| minimum-idle | 5-10 | 最小空闲连接数 |
| idle-timeout | 300000 | 空闲连接超时 |
| connection-timeout | 30000 | 连接超时 |

### Redis 连接池

| 参数 | 推荐值 | 说明 |
|-----|---------|------|
| max-active | 20-30 | 最大活跃连接数 |
| max-idle | 10-15 | 最大空闲连接数 |
| min-idle | 5-10 | 最小空闲连接数 |
| timeout | 3000 | 命令超时 |

### 线程池配置

| 组件 | 核心线程 | 最大线程 | 队列容量 |
|-----|---------|---------|---------|
| Message Handler | 5 | 20 | 500 |
| Python Call | 10 | 30 | 1000 |
| Worker Executor | 5 | 20 | 500 |
| Cleanup | 2 | 5 | 100 |

## 安全配置

### JWT 最佳实践

- 密钥长度至少 256 位
- 生产环境使用随机密钥
- 设置合理的过期时间
- 实现刷新令牌机制

### 密码加密

- 使用 BCrypt 加密用户密码
- 使用 AES-256 加密敏感配置
- 密钥通过密钥管理系统获取

### HTTPS 配置

```yaml
server:
  ssl:
    enabled: true
    key-store: classpath:keystore.p12
    key-store-password: ${KEYSTORE_PASSWORD}
    key-store-type: PKCS12
    key-alias: finrep
```

## 故障排查配置

### 启用调试日志

```yaml
logging:
  level:
    com.yuxin.finrep: TRACE
    org.springframework: DEBUG
    org.springframework.web: DEBUG
```

### 慢 SQL 日志

```yaml
mybatis-plus:
  configuration:
    log-impl: org.apache.ibatis.logging.stdout.StdOutImpl
```

### HTTP 请求日志

```yaml
logging:
  level:
    org.springframework.web.client: DEBUG
    org.apache.http: DEBUG
```