diff --git a/docs/production-config-guide.md b/docs/production-config-guide.md new file mode 100644 index 0000000..7127a7b --- /dev/null +++ b/docs/production-config-guide.md @@ -0,0 +1,180 @@ +# 生产环境配置说明 + +本文档说明如何使用 `application-prod.yaml` 配置文件。 + +## 配置架构 + +### 三层配置体系 + +``` +1. application.yaml (基础配置) + ↓ +2. application-prod.yaml (生产环境配置 + 环境变量占位符) + ↓ +3. Nacos 配置中心 (动态配置,优先级最高) +``` + +### 配置优先级 + +``` +Nacos 配置 > 环境变量 > application-prod.yaml 默认值 > application.yaml +``` + +## 环境变量命名规范 + +### 通用环境变量 + +| 环境变量 | 说明 | 默认值 | 示例 | +|---------|------|--------|------| +| `NACOS_SERVER_ADDR` | Nacos 服务器地址 | 127.0.0.1:8848 | 127.0.0.1:8848 | +| `NACOS_USERNAME` | Nacos 用户名 | 空 | nacos | +| `NACOS_PASSWORD` | Nacos 密码 | 空 | nacos123 | +| `NACOS_NAMESPACE` | Nacos 命名空间 | 空 | prod | +| `NACOS_GROUP` | Nacos 分组 | DEFAULT_GROUP | DEFAULT_GROUP | + +### 数据库环境变量 + +| 环境变量 | 说明 | 默认值 | +|---------|------|--------| +| `MYSQL_HOST` | MySQL 主机地址 | 127.0.0.1 | +| `MYSQL_PORT` | MySQL 端口 | 3306 | +| `MYSQL_DATABASE` | 数据库名 | aiot_platform | +| `MYSQL_USER` | 数据库用户名 | root | +| `MYSQL_PASSWORD` | 数据库密码 | 空 | + +### Redis 环境变量 + +| 环境变量 | 说明 | 默认值 | +|---------|------|--------| +| `REDIS_HOST` | Redis 主机地址 | 127.0.0.1 | +| `REDIS_PORT` | Redis 端口 | 6379 | +| `REDIS_DATABASE` | Redis 数据库索引 | 0 | +| `REDIS_PASSWORD` | Redis 密码 | 空 | + +### 消息队列环境变量 + +| 环境变量 | 说明 | 默认值 | +|---------|------|--------| +| `ROCKETMQ_NAMESRV_ADDR` | RocketMQ NameServer 地址 | 127.0.0.1:9876 | + +## 使用方式 + +### 方式 1: Docker Compose 环境变量注入(推荐) + +在 `docker-compose.core.yml` 中已配置: + +```yaml +viewsh-module-system-server: + environment: + SPRING_PROFILES_ACTIVE: prod # ← 激活 prod 配置 + NACOS_SERVER_ADDR: ${NACOS_HOST}:${NACOS_PORT} + MYSQL_HOST: ${MYSQL_HOST} + MYSQL_PASSWORD: ${MYSQL_PASSWORD} + # ... 其他环境变量 +``` + +### 方式 2: Nacos 配置中心覆盖 + +在 Nacos 控制台创建配置文件,会覆盖环境变量和本地配置: + +**Data ID**: `system-server-prod.yaml` +**Group**: `DEFAULT_GROUP` + +```yaml +spring: + datasource: + dynamic: + datasource: + master: + password: 从Nacos管理的密码 # ← 覆盖环境变量 +``` + +### 方式 3: 混合使用(最佳实践) + +- **环境变量**:配置基础设施连接信息(MySQL、Redis、Nacos) +- **Nacos**:配置业务参数、功能开关、动态配置 + +## 各服务配置差异 + +### 需要 MySQL 的服务 + +- `viewsh-module-system-server` +- `viewsh-module-infra-server` +- `viewsh-module-iot-server` + +### 需要 RocketMQ 的服务 + +- `viewsh-module-iot-server` +- `viewsh-module-iot-gateway` + +### 仅需要 Redis 的服务 + +- `viewsh-gateway` +- `viewsh-module-iot-gateway` + +## 激活生产环境配置 + +### 在 Docker Compose 中 + +已在 `docker-compose.core.yml` 中配置: + +```yaml +environment: + SPRING_PROFILES_ACTIVE: prod +``` + +### 手动启动 + +```bash +java -jar app.jar --spring.profiles.active=prod +``` + +## 配置验证 + +### 查看生效的配置 + +```bash +# 进入容器 +docker exec -it aiot-system-server sh + +# 查看环境变量 +env | grep MYSQL +env | grep REDIS + +# 查看 Spring Boot 配置 +curl http://localhost:48081/actuator/env +``` + +## 常见问题 + +### Q: 如何确认使用了 prod 配置? + +A: 查看日志,应该看到: + +``` +The following 1 profile is active: "prod" +``` + +### Q: 环境变量和 Nacos 哪个优先级高? + +A: Nacos 配置优先级最高,会覆盖环境变量。 + +### Q: 如何临时修改配置? + +A: +1. **临时修改**:在 Nacos 中修改(无需重启) +2. **永久修改**:修改 `.env` 文件并重启容器 + +## 配置文件位置 + +``` +viewsh-gateway/src/main/resources/application-prod.yaml +viewsh-module-system/viewsh-module-system-server/src/main/resources/application-prod.yaml +viewsh-module-infra/viewsh-module-infra-server/src/main/resources/application-prod.yaml +viewsh-module-iot/viewsh-module-iot-server/src/main/resources/application-prod.yaml +viewsh-module-iot/viewsh-module-iot-gateway/src/main/resources/application-prod.yaml +``` + +## 下一步 + +配置完成后,参考 [部署操作指南](deployment-guide.md) 进行部署。 diff --git a/viewsh-module-iot/viewsh-module-iot-gateway/src/main/resources/application-prod.yaml b/viewsh-module-iot/viewsh-module-iot-gateway/src/main/resources/application-prod.yaml index d972ac1..496fca1 100644 --- a/viewsh-module-iot/viewsh-module-iot-gateway/src/main/resources/application-prod.yaml +++ b/viewsh-module-iot/viewsh-module-iot-gateway/src/main/resources/application-prod.yaml @@ -23,7 +23,7 @@ spring: port: ${REDIS_PORT:6379} database: ${REDIS_DATABASE:0} password: ${REDIS_PASSWORD:} - timeout: 5000ms + timeout: ${REDIS_TIMEOUT:30000ms} lettuce: pool: max-active: 8 @@ -35,21 +35,83 @@ spring: rocketmq: name-server: ${ROCKETMQ_NAMESRV_ADDR:127.0.0.1:9876} + producer: + group: ${spring.application.name}_PRODUCER -spring: - rabbitmq: - host: ${RABBITMQ_HOST:127.0.0.1} - port: ${RABBITMQ_PORT:5672} - username: ${RABBITMQ_USERNAME:guest} - password: ${RABBITMQ_PASSWORD:guest} - kafka: - bootstrap-servers: ${KAFKA_BOOTSTRAP_SERVERS:127.0.0.1:9092} +--- #################### IoT 网关相关配置 #################### ---- #################### 服务保障相关配置 #################### +viewsh: + iot: + # 消息总线配置 + message-bus: + type: ${IOT_MESSAGE_BUS_TYPE:redis} -lock4j: - acquire-timeout: 3000 - expire: 30000 + # 网关配置 + gateway: + # 设备 RPC 配置 + rpc: + url: ${IOT_RPC_URL:http://127.0.0.1:48091} + connect-timeout: ${IOT_RPC_CONNECT_TIMEOUT:30s} + read-timeout: ${IOT_RPC_READ_TIMEOUT:30s} + + # 设备 Token 配置 + token: + secret: ${IOT_TOKEN_SECRET:viewshIotGatewayTokenSecret123456789} + expiration: ${IOT_TOKEN_EXPIRATION:7d} + + # 协议配置 + protocol: + # HTTP 协议配置 + http: + enabled: ${IOT_HTTP_ENABLED:true} + server-port: ${IOT_HTTP_PORT:8092} + + # EMQX 协议配置 + emqx: + enabled: ${IOT_EMQX_ENABLED:false} + http-port: ${IOT_EMQX_HTTP_PORT:8090} + mqtt-host: ${IOT_EMQX_MQTT_HOST:127.0.0.1} + mqtt-port: ${IOT_EMQX_MQTT_PORT:1883} + mqtt-username: ${IOT_EMQX_MQTT_USERNAME:admin} + mqtt-password: ${IOT_EMQX_MQTT_PASSWORD:public} + mqtt-client-id: ${IOT_EMQX_MQTT_CLIENT_ID:iot-gateway-mqtt} + mqtt-ssl: ${IOT_EMQX_MQTT_SSL:false} + mqtt-topics: + - "/sys/#" + clean-session: true + keep-alive-interval-seconds: 60 + max-inflight-queue: 10000 + connect-timeout-seconds: 10 + trust-all: false # 生产环境必须为 false + will: + enabled: true + topic: "gateway/status/${viewsh.iot.gateway.emqx.mqtt-client-id}" + payload: "offline" + qos: 1 + retain: true + ssl-options: + key-store-path: ${IOT_EMQX_SSL_KEYSTORE_PATH:classpath:certs/client.jks} + key-store-password: ${IOT_EMQX_SSL_KEYSTORE_PASSWORD:} + trust-store-path: ${IOT_EMQX_SSL_TRUSTSTORE_PATH:classpath:certs/trust.jks} + trust-store-password: ${IOT_EMQX_SSL_TRUSTSTORE_PASSWORD:} + + # TCP 协议配置 + tcp: + enabled: ${IOT_TCP_ENABLED:false} + port: ${IOT_TCP_PORT:8091} + keep-alive-timeout-ms: ${IOT_TCP_KEEPALIVE_TIMEOUT:30000} + max-connections: ${IOT_TCP_MAX_CONNECTIONS:1000} + ssl-enabled: ${IOT_TCP_SSL_ENABLED:false} + ssl-cert-path: ${IOT_TCP_SSL_CERT_PATH:classpath:certs/client.jks} + ssl-key-path: ${IOT_TCP_SSL_KEY_PATH:classpath:certs/client.jks} + + # MQTT 协议配置 + mqtt: + enabled: ${IOT_MQTT_ENABLED:true} + port: ${IOT_MQTT_PORT:1883} + max-message-size: ${IOT_MQTT_MAX_MESSAGE_SIZE:8192} + connect-timeout-seconds: ${IOT_MQTT_CONNECT_TIMEOUT:60} + ssl-enabled: ${IOT_MQTT_SSL_ENABLED:false} --- #################### 监控相关配置 #################### @@ -69,18 +131,19 @@ spring: username: ${SPRING_BOOT_ADMIN_USERNAME:admin} password: ${SPRING_BOOT_ADMIN_PASSWORD:admin} +--- #################### 日志相关配置 #################### + logging: level: root: INFO - com.viewsh: ${LOG_LEVEL:INFO} + com.viewsh.module.iot.gateway: ${LOG_LEVEL_IOT_GATEWAY:INFO} + org.springframework.boot: INFO + org.apache.rocketmq: WARN + com.viewsh.module.iot.gateway.protocol.emqx: ${LOG_LEVEL_EMQX:INFO} + com.viewsh.module.iot.gateway.protocol.http: ${LOG_LEVEL_HTTP:INFO} + com.viewsh.module.iot.gateway.protocol.mqtt: ${LOG_LEVEL_MQTT:INFO} file: name: ${LOG_FILE_PATH:/app/logs}/${spring.application.name}.log ---- #################### 芋道相关配置 #################### +debug: false -viewsh: - demo: false - env: - tag: ${HOSTNAME:prod} - security: - mock-enable: false