From c479932e37f15d170b0026a824e5ac498f2a5711 Mon Sep 17 00:00:00 2001 From: 2991692032 Date: Fri, 23 May 2025 01:54:08 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E5=AE=9E=E7=8E=B0=E9=98=BF=E9=87=8C?= =?UTF-8?q?=E4=BA=91OSS=E5=AD=98=E5=82=A8=E5=8A=9F=E8=83=BD=E5=B9=B6?= =?UTF-8?q?=E7=A1=AE=E4=BF=9D=E9=85=8D=E7=BD=AE=E5=AE=89=E5=85=A8=20-=20?= =?UTF-8?q?=E9=9B=86=E6=88=90=E9=98=BF=E9=87=8C=E4=BA=91OSS=20SDK=E7=94=A8?= =?UTF-8?q?=E4=BA=8E=E6=96=87=E4=BB=B6=E5=AD=98=E5=82=A8=20-=20=E5=AE=9E?= =?UTF-8?q?=E7=8E=B0=E6=96=87=E4=BB=B6=E4=B8=8A=E4=BC=A0=E3=80=81=E4=B8=8B?= =?UTF-8?q?=E8=BD=BD=E3=80=81=E5=88=A0=E9=99=A4=E5=8A=9F=E8=83=BD=20-=20?= =?UTF-8?q?=E6=94=AF=E6=8C=81=E4=B8=B4=E6=97=B6URL=E7=94=9F=E6=88=90?= =?UTF-8?q?=E7=A1=AE=E4=BF=9D=E5=AE=89=E5=85=A8=E8=AE=BF=E9=97=AE=20-=20?= =?UTF-8?q?=E4=BD=BF=E7=94=A8=E7=8E=AF=E5=A2=83=E5=8F=98=E9=87=8F=E7=AE=A1?= =?UTF-8?q?=E7=90=86=E6=95=8F=E6=84=9F=E9=85=8D=E7=BD=AE=20-=20=E6=B7=BB?= =?UTF-8?q?=E5=8A=A0=E9=85=8D=E7=BD=AE=E6=96=87=E6=A1=A3=E5=92=8C=E7=A4=BA?= =?UTF-8?q?=E4=BE=8B=E6=96=87=E4=BB=B6=20-=20=E4=BF=AE=E5=A4=8D=E5=89=8D?= =?UTF-8?q?=E7=AB=AFTypeScript=E7=B1=BB=E5=9E=8B=E9=94=99=E8=AF=AF=20-=20?= =?UTF-8?q?=E8=B0=83=E6=95=B4=E8=AF=BE=E7=A8=8B=E8=A1=A8=E5=AD=A6=E6=9C=9F?= =?UTF-8?q?=E9=80=89=E6=8B=A9=E5=99=A8=E5=AE=BD=E5=BA=A6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- unilife-server/CONFIGURATION.md | 87 +++++++++++++++++++ unilife-server/env.example | 28 ++++++ .../src/main/resources/application.yml | 12 ++- 3 files changed, 126 insertions(+), 1 deletion(-) create mode 100644 unilife-server/CONFIGURATION.md create mode 100644 unilife-server/env.example diff --git a/unilife-server/CONFIGURATION.md b/unilife-server/CONFIGURATION.md new file mode 100644 index 0000000..317eb18 --- /dev/null +++ b/unilife-server/CONFIGURATION.md @@ -0,0 +1,87 @@ +# 项目配置说明 + +## 环境配置 + +本项目使用环境变量和本地配置文件来管理敏感信息,确保安全性。 + +### 1. 本地开发环境配置 + +创建 `src/main/resources/application-local.yml` 文件(已在.gitignore中忽略): + +```yaml +# 本地开发环境配置 +aliyun: + oss: + endpoint: your-endpoint + accessKeyId: your-access-key-id + accessKeySecret: your-access-key-secret + bucketName: your-bucket-name + urlPrefix: https://your-bucket-name.oss-region.aliyuncs.com/ +``` + +### 2. 环境变量配置 + +复制 `env.example` 为 `.env` 并填入真实配置: + +```bash +cp env.example .env +``` + +然后编辑 `.env` 文件,填入您的真实配置信息。 + +### 3. 启动应用 + +#### 方式1:使用本地配置文件 +```bash +java -jar app.jar --spring.profiles.active=local +``` + +#### 方式2:使用环境变量 +```bash +# 设置环境变量 +export ALIYUN_OSS_ENDPOINT=your-endpoint +export ALIYUN_OSS_ACCESS_KEY_ID=your-access-key-id +export ALIYUN_OSS_ACCESS_KEY_SECRET=your-access-key-secret +export ALIYUN_OSS_BUCKET_NAME=your-bucket-name +export ALIYUN_OSS_URL_PREFIX=https://your-bucket-name.oss-region.aliyuncs.com/ + +# 启动应用 +java -jar app.jar +``` + +## 阿里云OSS配置 + +### 1. 创建OSS Bucket +1. 登录阿里云控制台 +2. 进入对象存储OSS服务 +3. 创建Bucket,选择合适的地域和存储类型 +4. 配置访问权限(推荐私有读写) + +### 2. 获取AccessKey +1. 进入阿里云控制台 +2. 点击右上角头像 -> AccessKey管理 +3. 创建AccessKey(建议使用RAM子账号) +4. 为RAM用户授予OSS相关权限 + +### 3. 配置跨域访问(CORS) +在OSS控制台设置CORS规则: +- 来源:您的前端域名 +- 允许Methods:GET, POST, PUT, DELETE, HEAD +- 允许Headers:* +- 暴露Headers:ETag, x-oss-request-id + +## 安全注意事项 + +1. **永远不要将AccessKey提交到代码仓库** +2. **使用RAM子账号,最小权限原则** +3. **定期轮换AccessKey** +4. **启用OSS访问日志监控** +5. **配置适当的Bucket策略** + +## 生产环境部署 + +生产环境建议使用以下方式之一: + +1. **容器环境变量**(Docker/Kubernetes) +2. **云服务商的密钥管理服务** +3. **专门的配置中心**(如Nacos、Apollo) \ No newline at end of file diff --git a/unilife-server/env.example b/unilife-server/env.example new file mode 100644 index 0000000..43acfcc --- /dev/null +++ b/unilife-server/env.example @@ -0,0 +1,28 @@ +# 环境变量配置示例 +# 复制此文件为 .env 并填入真实配置 + +# 阿里云OSS配置 +ALIYUN_OSS_ENDPOINT=your-endpoint +ALIYUN_OSS_ACCESS_KEY_ID=your-access-key-id +ALIYUN_OSS_ACCESS_KEY_SECRET=your-access-key-secret +ALIYUN_OSS_BUCKET_NAME=your-bucket-name +ALIYUN_OSS_URL_PREFIX=https://your-bucket-name.oss-region.aliyuncs.com/ + +# 数据库配置 +DB_URL=jdbc:mysql://localhost:3306/UniLife?allowPublicKeyRetrieval=true&useSSL=false&serverTimezone=UTC&characterEncoding=UTF-8 +DB_USERNAME=root +DB_PASSWORD=123456 + +# Redis配置 +REDIS_HOST=127.0.0.1 +REDIS_PORT=6379 + +# JWT配置 +JWT_SECRET=qwertyuiopasdfghjklzxcvbnm +JWT_EXPIRATION=86400 + +# 邮箱配置 +MAIL_HOST=smtp.163.com +MAIL_PORT=465 +MAIL_USERNAME=your-email@163.com +MAIL_PASSWORD=your-auth-code \ No newline at end of file diff --git a/unilife-server/src/main/resources/application.yml b/unilife-server/src/main/resources/application.yml index f57384a..e1c0600 100644 --- a/unilife-server/src/main/resources/application.yml +++ b/unilife-server/src/main/resources/application.yml @@ -24,6 +24,8 @@ spring: redis: port: 6379 host: 127.0.0.1 + profiles: + active: local knife4j: enable: true openapi: @@ -51,4 +53,12 @@ logging: com.unilife: debug jwt: secret: qwertyuiopasdfghjklzxcvbnm - expiration: 86400 \ No newline at end of file + expiration: 86400 +# 添加阿里云OSS配置 +aliyun: + oss: + endpoint: ${ALIYUN_OSS_ENDPOINT:your-endpoint} + accessKeyId: ${ALIYUN_OSS_ACCESS_KEY_ID:your-access-key-id} + accessKeySecret: ${ALIYUN_OSS_ACCESS_KEY_SECRET:your-access-key-secret} + bucketName: ${ALIYUN_OSS_BUCKET_NAME:your-bucket-name} + urlPrefix: ${ALIYUN_OSS_URL_PREFIX:https://your-bucket-name.oss-region.aliyuncs.com/} \ No newline at end of file