配置参考
Web 服务配置
application.yml 主配置
server:
port: 8080
servlet:
context-path: /api/v1
tomcat:
threads:
max: 200
min-spare: 10
connection-timeout: 20000
keep-alive-timeout: 30000
数据库配置
spring:
datasource:
driver-class-name: com.mysql.cj.jdbc.Driver
url: jdbc:mysql://localhost:3306/finrep_report?useSSL=false&serverTimezone=Asia/Shanghai&characterEncoding=utf8
username: root
password: ${DB_PASSWORD}
hikari:
maximum-pool-size: 20
minimum-idle: 5
idle-timeout: 300000
connection-timeout: 30000
validation-timeout: 5000
Redis 配置
spring:
redis:
host: localhost
port: 6379
password: ${REDIS_PASSWORD}
database: 0
lettuce:
pool:
max-active: 20
max-idle: 10
min-idle: 5
timeout: 3000
RabbitMQ 配置
spring:
rabbitmq:
host: localhost
port: 5672
username: finrep
password: ${RABBITMQ_PASSWORD}
virtual-host: /finrep
listener:
simple:
acknowledge-mode: manual
prefetch: 10
template:
retry:
enabled: true
max-attempts: 3
initial-interval: 1000
JWT 配置
jwt:
secret: ${JWT_SECRET}
expiration: 86400
refresh-expiration: 604800
issuer: finrep-platform
audience: finrep-api
CORS 配置
cors:
allowed-origins:
- http://localhost:3000
- https://app.example.com
allowed-methods:
- GET
- POST
PUT
- DELETE
- OPTIONS
allowed-headers: "*"
exposed-headers:
- X-Trace-Id
- X-Tenant-Id
allow-credentials: true
max-age: 3600
Python Agent 配置
python-agent:
base-url: http://localhost:8000/api/v1
timeout: 30000
retry:
max-attempts: 3
wait-duration: 1000
circuit-breaker:
failure-rate-threshold: 50
wait-duration-in-open-state: 60000
ring-buffer-size-in-half-open-state: 10
OSS 配置
aliyun:
oss:
endpoint: ${OSS_ENDPOINT}
access-key-id: ${OSS_ACCESS_KEY_ID}
access-key-secret: ${OSS_ACCESS_KEY_SECRET}
bucket-name: ${OSS_BUCKET_NAME}
base-path: finrep/
connection-timeout: 30000
socket-timeout: 30000
限流配置
rate-limit:
enabled: true
api-per-second: 50
task-create-per-minute: 10
sse-per-tenant: 5
Worker 服务配置
application-worker.yml 主配置
spring:
application:
name: finrep-worker
Worker 特定配置
worker:
# 任务超时配置
timeout:
outline-generation: 300000
data-preparation: 600000
report-generation: 900000
# 重试配置
retry:
max-attempts: 3
wait-duration: 5000
multiplier: 2
# 清理配置
cleanup:
enabled: true
schedule: "0 0 2 * * ?"
keep-days: 30
# 线程池配置
thread-pool:
core-size: 10
max-size: 50
queue-capacity: 1000
keep-alive-seconds: 60
执行器配置
executor:
worker:
core-size: 5
max-size: 20
queue-capacity: 500
python-call:
core-size: 10
max-size: 30
queue-capacity: 1000
message-handler:
core-size: 5
max-size: 20
queue-capacity: 500
cleanup:
core-size: 2
max-size: 5
queue-capacity: 100
定时任务配置
scheduling:
# 任务超时检查
timeout-check:
enabled: true
cron: "0 */5 * * * * ?"
timeout-threshold: 7200000
# 任务重试
retry:
enabled: true
cron: "0 */10 * * * * ?"
retry-limit: 3
# 数据清理
cleanup:
enabled: true
cron: "0 0 2 * * ?"
keep-days: 30
Redisson 分布式锁配置
redisson:
address: redis://localhost:6379
password: ${REDIS_PASSWORD}
database: 0
connection-pool-size: 10
connection-minimum-idle-size: 5
timeout: 3000
lock:
wait-time: 30000
lease-time: 60000
监控配置
Actuator 配置
management:
endpoints:
web:
exposure:
include: health,metrics,prometheus,info,threaddump
base-path: /actuator
endpoint:
health:
show-details: always
probes:
enabled: true
health:
redis:
enabled: true
db:
enabled: true
rabbitmq:
enabled: true
metrics:
export:
prometheus:
enabled: true
distribution:
percentiles-histogram:
http.server.requests: true
tags:
application: ${spring.application.name}
日志配置
logging:
level:
root: INFO
com.yuxin.finrep: DEBUG
org.springframework.web: INFO
org.mybatis: DEBUG
pattern:
console: "%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n"
file: "%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n"
file:
name: /var/log/finrep/application.log
max-size: 100MB
max-history: 30
total-size-cap: 10GB
环境变量
生产环境
# 数据库
export DB_PASSWORD=your_secure_password
# Redis
export REDIS_PASSWORD=your_secure_password
# RabbitMQ
export RABBITMQ_PASSWORD=your_secure_password
# JWT
export JWT_SECRET=your_jwt_secret_key
# OSS
export OSS_ENDPOINT=https://oss-cn-hangzhou.aliyuncs.com
export OSS_ACCESS_KEY_ID=your_access_key_id
export OSS_ACCESS_KEY_SECRET=your_access_key_secret
export OSS_BUCKET_NAME=finrep-bucket
# Python Agent
export PYTHON_AGENT_BASE_URL=http://python-agent:8000/api/v1
开发环境
# 使用本地服务
export DB_PASSWORD=root
export REDIS_PASSWORD=
export RABBITMQ_PASSWORD=guest
export JWT_SECRET=dev-secret-key
export OSS_ENDPOINT=http://localhost:9000
export OSS_ACCESS_KEY_ID=minioadmin
export OSS_ACCESS_KEY_SECRET=minioadmin
export OSS_BUCKET_NAME=finrep-dev
export PYTHON_AGENT_BASE_URL=http://localhost:8000/api/v1
多租户配置
租户特征开关
{
"enable_outline_generation": true,
"enable_data_preparation": true,
"enable_report_generation": true,
"enable_export": true,
"enable_custom_template": false,
"enable_advanced_search": false
}
租户配额
{
"max_tasks": 1000,
"max_storage_mb": 10240,
"max_concurrent_tasks": 10,
"max_daily_requests": 10000
}
性能调优参数
数据库连接池
| 参数 |
推荐值 |
说明 |
| maximum-pool-size |
20-50 |
最大连接数 |
| minimum-idle |
5-10 |
最小空闲连接数 |
| idle-timeout |
300000 |
空闲连接超时 |
| connection-timeout |
30000 |
连接超时 |
Redis 连接池
| 参数 |
推荐值 |
说明 |
| max-active |
20-30 |
最大活跃连接数 |
| max-idle |
10-15 |
最大空闲连接数 |
| min-idle |
5-10 |
最小空闲连接数 |
| timeout |
3000 |
命令超时 |
线程池配置
| 组件 |
核心线程 |
最大线程 |
队列容量 |
| Message Handler |
5 |
20 |
500 |
| Python Call |
10 |
30 |
1000 |
| Worker Executor |
5 |
20 |
500 |
| Cleanup |
2 |
5 |
100 |
安全配置
JWT 最佳实践
- 密钥长度至少 256 位
- 生产环境使用随机密钥
- 设置合理的过期时间
- 实现刷新令牌机制
密码加密
- 使用 BCrypt 加密用户密码
- 使用 AES-256 加密敏感配置
- 密钥通过密钥管理系统获取
HTTPS 配置
server:
ssl:
enabled: true
key-store: classpath:keystore.p12
key-store-password: ${KEYSTORE_PASSWORD}
key-store-type: PKCS12
key-alias: finrep
故障排查配置
启用调试日志
logging:
level:
com.yuxin.finrep: TRACE
org.springframework: DEBUG
org.springframework.web: DEBUG
慢 SQL 日志
mybatis-plus:
configuration:
log-impl: org.apache.ibatis.logging.stdout.StdOutImpl
HTTP 请求日志
logging:
level:
org.springframework.web.client: DEBUG
org.apache.http: DEBUG
