配置資源檔案位置,預設application.properties是放在jar包中的,通過spring.config.location可以制定外部配置檔案,這樣更便于運維。
java -jar demo.jar --spring.config.location=/opt/config/application.properties
spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration
spring.pid.fail-on-write-error= # Fail if ApplicationPidFileWriter is used but it cannot write the PID file. spring.pid.file= # Location of the PID file to write (if ApplicationPidFileWriter is used).
設置 Tomcat 工作目錄,預設 /tmp/tomcat-docbase.7057591687859485145.7000 通過下面配置修改
server.tomcat.basedir=/tmp/your_project
server.port=8080 # 監聽連接埠 server.address= # 綁定的地址 server.context-path= #預設為/
連接數配置
server.tomcat.max-threads=2048 # 最大綫程數
如果前端有 nginx 代理這個配置可以禁用
server.tomcat.accesslog.enabled=true server.tomcat.accesslog.directory=/tmp/logs server.tomcat.accesslog.pattern=common server.tomcat.accesslog.prefix=www.netkiller.cn.access server.tomcat.accesslog.suffix=.log
logging.path=/tmp # 日誌目錄預設為 /tmp logging.file=your.log # 日誌檔案名稱,預設為spring.log
java -jar spring-boot-app.jar --logging.file=/tmp/spring-boot-app.log
Spring boot 預設並非UTF-8 所以下面配置必設,否則將會出現
spring.messages.encoding=UTF-8 server.tomcat.uri-encoding=UTF-8 spring.http.encoding.charset=UTF-8 spring.http.encoding.enabled=true spring.http.encoding.force=true
server.session.persistent 重啟時是否持久化session,預設false server.session.timeout session的超時時間 server.session.tracking-modes 設定Session的追蹤模式(cookie, url, ssl). server.session.timeout=1800 #session有效時長
server.session.cookie.comment 指定session cookie的comment server.session.cookie.domain 指定session cookie的domain server.session.cookie.http-only 否開啟HttpOnly. server.session.cookie.max-age 設定session cookie的最大age. server.session.cookie.name 設定Session cookie 的名稱. server.session.cookie.path 設定session cookie的路徑. server.session.cookie.secure 設定session cookie的“Secure” flag.
案例
server.session.cookie.name=PHPSESSID server.session.cookie.domain=.example.com server.session.cookie.http-only=true server.session.cookie.path=/
server.compression.enabled=true #是否開啟壓縮,預設為false. server.compression.excluded-user-agents #指定不壓縮的user-agent,多個以逗號分隔,預設值為:text/html,text/xml,text/plain,text/css server.compression.mime-types #指定要壓縮的MIME type,多個以逗號分隔. server.compression.min-response-size #執行壓縮的閾值,預設為2048 server.compression.enabled=true server.compression.mime-types=application/json,application/xml,text/html,text/xml,text/plain,text/css,application/javascript server.compression.min-response-size=1024
server.ssl.ciphers 是否支持SSL ciphers. server.ssl.client-auth 設定client authentication是wanted 還是 needed. server.ssl.enabled 是否開啟ssl,預設: true server.ssl.key-alias 設定key store中key的別名. server.ssl.key-password 訪問key store中key的密碼. server.ssl.key-store 設定持有SSL certificate的key store的路徑,通常是一個.jks檔案. server.ssl.key-store-password設定訪問key store的密碼. server.ssl.key-store-provider設定key store的提供者. server.ssl.key-store-type 設定key store的類型. server.ssl.protocol 使用的SSL協議,預設: TLS server.ssl.trust-store 持有SSL certificates的Trust store. server.ssl.trust-store-password訪問trust store的密碼. server.ssl.trust-store-provider設定trust store的提供者. server.ssl.trust-store-type 指定trust store的類型.
生成證書
server.ssl.* #ssl相關配置
keytool -genkey -alias springboot -keyalg RSA -keystore /www/ssl/spring 設置密碼 123456
配置 application.properties
server.ssl.enabled 啟動tomcat ssl配置 server.ssl.keyAlias 別名 server.ssl.keyPassword 密碼 server.ssl.keyStore 位置
server.port=8443 server.ssl.enabled=true server.ssl.keyAlias=springboot server.ssl.keyPassword=123456 server.ssl.keyStore=/www/ssl/spring
# Pretty-print JSON responses spring.jackson.serialization.indent_output=true
#序列化時間格式 spring.jackson.date-format=yyyy-MM-dd HH:mm:ss spring.mvc.date-format=yyyy-MM-dd HH:mm:ss #mvc序列化時候時區選擇 spring.jackson.time-zone=GMT+8
spring.mail.host=smtp.netkiller.cn #spring.mail.username= #spring.mail.password= #spring.mail.properties.mail.smtp.auth=true #spring.mail.properties.mail.smtp.starttls.enable=true #spring.mail.properties.mail.smtp.starttls.required=true mail.smtp.debug=true
# REDIS (RedisProperties) # Redis資料庫索引(預設為0) spring.redis.database=0 # Redis伺服器地址 spring.redis.host=localhost # Redis伺服器連接連接埠 spring.redis.port=6379 # Redis伺服器連接密碼(預設為空) spring.redis.password= # 連接池最大連接數(使用負值表示沒有限制) spring.redis.pool.max-active=8 # 連接池最大阻塞等待時間(使用負值表示沒有限制) spring.redis.pool.max-wait=-1 # 連接池中的最大空閒連接 spring.redis.pool.max-idle=8 # 連接池中的最小空閒連接 spring.redis.pool.min-idle=0 # 連接超時時間(毫秒) spring.redis.timeout=0
格式:mongodb://用戶名:密碼@主機地址/資料庫
spring.data.mongodb.uri=mongodb://user:passw0rd@mdb.netkiller.cn/test spring.data.mongodb.repositories.enabled=true
spring.datasource.driver-class-name=com.mysql.jdbc.Driver spring.datasource.url=jdbc:mysql://主機地址:連接埠號/資料庫 spring.datasource.username=用戶名 spring.datasource.password=密碼 spring.jpa.database=MYSQL # 啟用JPA支持
spring.datasource.driver-class-name=oracle.jdbc.OracleDriver spring.datasource.url=jdbc:oracle:thin:@//odb.netkiller.cn:1521/orcl spring.datasource.username=orcl spring.datasource.password=passw0rd spring.datasource.connection-test-query="SELECT 1 FROM DUAL" spring.jpa.database-platform=org.hibernate.dialect.Oracle10gDialect spring.jpa.show-sql=true #spring.jpa.hibernate.ddl-auto=none #spring.jpa.hibernate.ddl-auto=create-drop spring.datasource.max-active=50 spring.datasource.initial-size=5 spring.datasource.max-idle=10 spring.datasource.min-idle=5 spring.datasource.test-while-idle=true spring.datasource.test-on-borrow=false spring.datasource.validation-query=SELECT 1 FROM DUAL spring.datasource.time-between-eviction-runs-millis=5000 spring.datasource.min-evictable-idle-time-millis=60000
啟用/禁用 導入 schema.sql 和 data.sql / data-${platform}.sql 其中 platform 是 spring.datasource.platform 所定義的平台
spring.datasource.initialize=false spring.datasource.platform=MYSQL
spring.velocity.resourceLoaderPath=classpath:/templates/ spring.velocity.prefix= spring.velocity.suffix=.vm spring.velocity.cache=false spring.velocity.check-template-location=true spring.velocity.content-type=text/html spring.velocity.charset=UTF-8 spring.velocity.properties.input.encoding=UTF-8 spring.velocity.properties.output.encoding=UTF-8
禁用 velocity 模板引擎
spring.velocity.enabled=false spring.velocity.check-template-location=false
security.user.name=user security.user.password=password security.user.role=USER
Web 安全
# X-Frame-Options: DENY security.headers.frame=false security.headers.cache security.headers.content-type security.headers.hsts security.headers.xss
參考 https://github.com/spring-projects/spring-boot/blob/master/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/SecurityProperties.java#L171
# APACHE KAFKA (KafkaProperties) spring.kafka.admin.client-id= # ID to pass to the server when making requests. Used for server-side logging. spring.kafka.admin.fail-fast=false # Whether to fail fast if the broker is not available on startup. spring.kafka.admin.properties.*= # Additional admin-specific properties used to configure the client. spring.kafka.admin.ssl.key-password= # Password of the private key in the key store file. spring.kafka.admin.ssl.keystore-location= # Location of the key store file. spring.kafka.admin.ssl.keystore-password= # Store password for the key store file. spring.kafka.admin.ssl.keystore-type= # Type of the key store. spring.kafka.admin.ssl.protocol= # SSL protocol to use. spring.kafka.admin.ssl.truststore-location= # Location of the trust store file. spring.kafka.admin.ssl.truststore-password= # Store password for the trust store file. spring.kafka.admin.ssl.truststore-type= # Type of the trust store. spring.kafka.bootstrap-servers= # Comma-delimited list of host:port pairs to use for establishing the initial connection to the Kafka cluster. spring.kafka.client-id= # ID to pass to the server when making requests. Used for server-side logging. spring.kafka.consumer.auto-commit-interval= # Frequency with which the consumer offsets are auto-committed to Kafka if 'enable.auto.commit' is set to true. spring.kafka.consumer.auto-offset-reset= # What to do when there is no initial offset in Kafka or if the current offset no longer exists on the server. spring.kafka.consumer.bootstrap-servers= # Comma-delimited list of host:port pairs to use for establishing the initial connection to the Kafka cluster. spring.kafka.consumer.client-id= # ID to pass to the server when making requests. Used for server-side logging. spring.kafka.consumer.enable-auto-commit= # Whether the consumer's offset is periodically committed in the background. spring.kafka.consumer.fetch-max-wait= # Maximum amount of time the server blocks before answering the fetch request if there isn't sufficient data to immediately satisfy the requirement given by "fetch.min.bytes". spring.kafka.consumer.fetch-min-size= # Minimum amount of data, in bytes, the server should return for a fetch request. spring.kafka.consumer.group-id= # Unique string that identifies the consumer group to which this consumer belongs. spring.kafka.consumer.heartbeat-interval= # Expected time between heartbeats to the consumer coordinator. spring.kafka.consumer.key-deserializer= # Deserializer class for keys. spring.kafka.consumer.max-poll-records= # Maximum number of records returned in a single call to poll(). spring.kafka.consumer.properties.*= # Additional consumer-specific properties used to configure the client. spring.kafka.consumer.ssl.key-password= # Password of the private key in the key store file. spring.kafka.consumer.ssl.keystore-location= # Location of the key store file. spring.kafka.consumer.ssl.keystore-password= # Store password for the key store file. spring.kafka.consumer.ssl.keystore-type= # Type of the key store. spring.kafka.consumer.ssl.protocol= # SSL protocol to use. spring.kafka.consumer.ssl.truststore-location= # Location of the trust store file. spring.kafka.consumer.ssl.truststore-password= # Store password for the trust store file. spring.kafka.consumer.ssl.truststore-type= # Type of the trust store. spring.kafka.consumer.value-deserializer= # Deserializer class for values. spring.kafka.jaas.control-flag=required # Control flag for login configuration. spring.kafka.jaas.enabled=false # Whether to enable JAAS configuration. spring.kafka.jaas.login-module=com.sun.security.auth.module.Krb5LoginModule # Login module. spring.kafka.jaas.options= # Additional JAAS options. spring.kafka.listener.ack-count= # Number of records between offset commits when ackMode is "COUNT" or "COUNT_TIME". spring.kafka.listener.ack-mode= # Listener AckMode. See the spring-kafka documentation. spring.kafka.listener.ack-time= # Time between offset commits when ackMode is "TIME" or "COUNT_TIME". spring.kafka.listener.client-id= # Prefix for the listener's consumer client.id property. spring.kafka.listener.concurrency= # Number of threads to run in the listener containers. spring.kafka.listener.idle-event-interval= # Time between publishing idle consumer events (no data received). spring.kafka.listener.log-container-config= # Whether to log the container configuration during initialization (INFO level). spring.kafka.listener.monitor-interval= # Time between checks for non-responsive consumers. If a duration suffix is not specified, seconds will be used. spring.kafka.listener.no-poll-threshold= # Multiplier applied to "pollTimeout" to determine if a consumer is non-responsive. spring.kafka.listener.poll-timeout= # Timeout to use when polling the consumer. spring.kafka.listener.type=single # Listener type. spring.kafka.producer.acks= # Number of acknowledgments the producer requires the leader to have received before considering a request complete. spring.kafka.producer.batch-size= # Default batch size in bytes. spring.kafka.producer.bootstrap-servers= # Comma-delimited list of host:port pairs to use for establishing the initial connection to the Kafka cluster. spring.kafka.producer.buffer-memory= # Total bytes of memory the producer can use to buffer records waiting to be sent to the server. spring.kafka.producer.client-id= # ID to pass to the server when making requests. Used for server-side logging. spring.kafka.producer.compression-type= # Compression type for all data generated by the producer. spring.kafka.producer.key-serializer= # Serializer class for keys. spring.kafka.producer.properties.*= # Additional producer-specific properties used to configure the client. spring.kafka.producer.retries= # When greater than zero, enables retrying of failed sends. spring.kafka.producer.ssl.key-password= # Password of the private key in the key store file. spring.kafka.producer.ssl.keystore-location= # Location of the key store file. spring.kafka.producer.ssl.keystore-password= # Store password for the key store file. spring.kafka.producer.ssl.keystore-type= # Type of the key store. spring.kafka.producer.ssl.protocol= # SSL protocol to use. spring.kafka.producer.ssl.truststore-location= # Location of the trust store file. spring.kafka.producer.ssl.truststore-password= # Store password for the trust store file. spring.kafka.producer.ssl.truststore-type= # Type of the trust store. spring.kafka.producer.transaction-id-prefix= # When non empty, enables transaction support for producer. spring.kafka.producer.value-serializer= # Serializer class for values. spring.kafka.properties.*= # Additional properties, common to producers and consumers, used to configure the client. spring.kafka.ssl.key-password= # Password of the private key in the key store file. spring.kafka.ssl.keystore-location= # Location of the key store file. spring.kafka.ssl.keystore-password= # Store password for the key store file. spring.kafka.ssl.keystore-type= # Type of the key store. spring.kafka.ssl.protocol= # SSL protocol to use. spring.kafka.ssl.truststore-location= # Location of the trust store file. spring.kafka.ssl.truststore-password= # Store password for the trust store file. spring.kafka.ssl.truststore-type= # Type of the trust store. spring.kafka.template.default-topic= # Default topic to which messages are sent.