Gitiles
Code Review Sign In
source.supwisdom.com / institute / deploy-authx-service / 42b5b063f5016d72bff2e5fbab35d7f084b83ef0 / . / project / newcapec-test / k8s-rancher / 1.authx-service / 6.personal-security-center / 4.4.personal-security-center-bff.yaml
blob: 8454183164ddda07bf2fb5c9c38834fb43a0ca21 [file] [log] [blame]
刘洪青d0187d02020-08-19 14:55:05 +0800[diff] [blame]1# personal-security-center-bff.yaml
2
3---
4apiVersion: v1
5kind: ConfigMap
6metadata:
7 namespace: personal-security-center-test
8 name: personal-security-center-bff-template-env
9data:
10 # 根据情况,修改邮件模板
11 EMAIL_TEMPLATE_ACTIVE_USER_SEND_CODE_BY_EMAIL_ADDRESS: '{name}:您正在激活帐号,须验证邮箱有效,验证码{code},有效期5分钟,请尽快完成验证。'
12 EMAIL_TEMPLATE_FORGOT_PASSWORD_SEND_CODE: '{name}:您正在找回密码,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
13
14 EMAIL_TEMPLATE_USER_SECURITY_PASSWORD_SEND_CODE: '{name}:您正在修改密码,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
15 EMAIL_TEMPLATE_USER_SECURITY_EMAIL_ADDRESS_SEND_CODE: '{name}:您正在修改安全邮箱,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
16 EMAIL_TEMPLATE_USER_SECURITY_EMAIL_ADDRESS_SEND_CODE_BY_EMAIL_ADDRESS: '{name}:您正在修改安全邮箱,须验证邮箱有效,验证码{code},有效期5分钟,请尽快完成验证。'
17 EMAIL_TEMPLATE_USER_SECURITY_MOBILE_SEND_CODE: '{name}:您正在修改安全手机,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
18
19 EMAIL_TEMPLATE_USER_FEDERATION_QQ_SEND_CODE: '{name}:您正在绑定QQ,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
20 EMAIL_TEMPLATE_USER_FEDERATION_QQ_SEND_CODE_UNBIND_QQ: '{name}:您正在解绑QQ,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
21 EMAIL_TEMPLATE_USER_FEDERATION_OPENWEIXIN_SEND_CODE: '{name}:您正在绑定微信,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
22 EMAIL_TEMPLATE_USER_FEDERATION_OPENWEIXIN_SEND_CODE_UNBIND_OPENWEIXIN: '{name}:您正在解绑微信,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
23 EMAIL_TEMPLATE_USER_FEDERATION_WORKWEIXIN_SEND_CODE: '{name}:您正在绑定企业微信,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
24 EMAIL_TEMPLATE_USER_FEDERATION_WORKWEIXIN_SEND_CODE_UNBIND_WORKWEIXIN: '{name}:您正在解绑企业微信,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
25 EMAIL_TEMPLATE_USER_FEDERATION_ALIPAY_SEND_CODE: '{name}:您正在绑定支付宝,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
26 EMAIL_TEMPLATE_USER_FEDERATION_ALIPAY_SEND_CODE_UNBIND_ALIPAY: '{name}:您正在解绑支付宝,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
27
28 # 根据情况,修改短信模板
29 SMS_TEMPLATE_ACTIVE_USER_SEND_CODE_BY_PRE_MOBILE: '{prefix}{name}:您正在激活帐号,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
30 SMS_TEMPLATE_ACTIVE_USER_SEND_CODE_BY_MOBILE: '{prefix}{name}:您正在激活帐号,须验证手机有效,验证码{code},有效期5分钟,请尽快完成验证。'
31 SMS_TEMPLATE_FORGOT_PASSWORD_SEND_CODE: '{prefix}{name}:您正在找回密码,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
32
33 SMS_TEMPLATE_USER_SECURITY_PASSWORD_SEND_CODE: '{prefix}{name}:您正在修改密码,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
34 SMS_TEMPLATE_USER_SECURITY_EMAIL_ADDRESS_SEND_CODE: '{prefix}{name}:您正在修改安全邮箱,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
35 SMS_TEMPLATE_USER_SECURITY_MOBILE_SEND_CODE: '{prefix}{name}:您正在修改安全手机,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
36 SMS_TEMPLATE_USER_SECURITY_MOBILE_SEND_CODE_BY_MOBILE: '{prefix}{name}:您正在修改安全手机,须验证手机有效,验证码{code},有效期5分钟,请尽快完成验证。'
37
38 SMS_TEMPLATE_USER_FEDERATION_QQ_SEND_CODE: '{prefix}{name}:您正在绑定QQ,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
39 SMS_TEMPLATE_USER_FEDERATION_QQ_SEND_CODE_UNBIND_QQ: '{prefix}{name}:您正在解绑QQ,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
40 SMS_TEMPLATE_USER_FEDERATION_OPENWEIXIN_SEND_CODE: '{prefix}{name}:您正在绑定微信,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
41 SMS_TEMPLATE_USER_FEDERATION_OPENWEIXIN_SEND_CODE_UNBIND_OPENWEIXIN: '{prefix}{name}:您正在解绑微信,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
42 SMS_TEMPLATE_USER_FEDERATION_WORKWEIXIN_SEND_CODE: '{prefix}{name}:您正在绑定企业微信,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
43 SMS_TEMPLATE_USER_FEDERATION_WORKWEIXIN_SEND_CODE_UNBIND_WORKWEIXIN: '{prefix}{name}:您正在解绑企业微信,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
44 SMS_TEMPLATE_USER_FEDERATION_ALIPAY_SEND_CODE: '{prefix}{name}:您正在绑定支付宝,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
45 SMS_TEMPLATE_USER_FEDERATION_ALIPAY_SEND_CODE_UNBIND_ALIPAY: '{prefix}{name}:您正在解绑支付宝,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
46
刘洪青2a8d4c52020-10-15 16:21:23 +0800[diff] [blame]47 # 身份验证验证码 {"signName": "{prefix}", "templateCode": "SMS_184545299", "templateParam": {"code": "{code}"}}
48 # 信息变更验证码 {"signName": "{prefix}", "templateCode": "SMS_184545294", "templateParam": {"code": "{code}"}}
49
50 SMS_TEMPLATE_PREFIX: '树维认证'
刘洪青d0187d02020-08-19 14:55:05 +0800[diff] [blame]51
52
53---
54apiVersion: v1
55kind: ConfigMap
56metadata:
57 namespace: personal-security-center-test
58 name: personal-security-center-bff-env
59data:
60 SERVER_PORT: "8080"
61 SSL_ENABLED: "false"
62 #SSL_KEYSTORE_FILE: file:/certs/server/server.keystore
63 #SSL_KEYSTORE_PASSWORD: ""
64 #SSL_TRUSTSTORE_FILE: file:/certs/server/server.truststore
65 #SSL_TRUSTSTORE_PASSWORD: ""
66
67 SERVER_MAXHTTPHEADERSIZE: "10240"
68
69 SERVER_TOMCAT_ACCEPT_COUNT: "5000"
70 SERVER_TOMCAT_MAX_CONNECTIONS: "10000"
71 SERVER_TOMCAT_MAX_THREADS: "800"
72 SERVER_TOMCAT_MIN_SPARE_THREADS: "100"
73
74 SPRING_REDIS_JEDIS_POOL_MAXACTIVE: "800"
75 SPRING_REDIS_JEDIS_POOL_MAXIDLE: "100"
76 SPRING_REDIS_JEDIS_POOL_MINIDLE: "100"
77
78 LOGGING_LEVEL_COM_SUPWISDOM_INSTITUTE_PERSONAL_SECURITY_CENTER_BFF: INFO
79
80
81 # 修改为学校的 personal-security-center 的访问域名
82 PERSONAL_SECURITY_CENTER_SERVER_PREFIX: https://personal-security-center-test.newcapec.edu.cn
83 # 修改为学校的 cas 的访问域名
84 CAS_SERVER_PREFIX: https://cas-test.paas.newcapec.cn/cas
85
86 PERSONAL_SECURITY_BFF_NONCE_STORE_IMPL: redis
87
88
89 # 新开普人脸对接配置
90 # 修改为实际项目配置
91 PERSONAL_SECURITY_BFF_FACE_AIFACE_URL: "http://117.158.17.228:3003/aiface"
92 PERSONAL_SECURITY_BFF_FACE_AIFACE_APPKEY: "GcacXnw46DxMAApNoSTX"
93 PERSONAL_SECURITY_BFF_FACE_AIFACE_APPSECRET: "eXl15kcYGBdCYTOCFD21"
94 PERSONAL_SECURITY_BFF_FACE_AIFACE_SECRETKEY: "12345678abcdefgh87654321"
95 PERSONAL_SECURITY_BFF_FACE_AIFACE_TERM_CODE: "12"
96
97
98 CASSERVER_SITE_SERVER_URL: http://cas-server-site-webapp-svc.cas-server-test.svc.cluster.local:8080/cas
99 CASSERVER_SITE_CLIENT_AUTH_ENABLED: "false"
100 #CASSERVER_SITE_CLIENT_AUTH_KEY_PASSWORD: ""
101 #CASSERVER_SITE_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
102 #CASSERVER_SITE_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
103 #CASSERVER_SITE_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
104 #CASSERVER_SITE_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
105
106 CASSERVER_SA_API_SERVER_URL: http://cas-server-sa-api-svc.cas-server-test.svc.cluster.local:8080
107 CASSERVER_SA_API_CLIENT_AUTH_ENABLED: "false"
108 #CASSERVER_SA_API_CLIENT_AUTH_KEY_PASSWORD: ""
109 #CASSERVER_SA_API_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
110 #CASSERVER_SA_API_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
111 #CASSERVER_SA_API_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
112 #CASSERVER_SA_API_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
113
114 USER_DATA_SERVICE_SERVER_URL: http://user-data-service-goa-svc.user-data-service-test.svc.cluster.local:8080
115 USER_DATA_SERVICE_CLIENT_AUTH_ENABLED: "false"
116 #USER_DATA_SERVICE_CLIENT_AUTH_KEY_PASSWORD: ""
117 #USER_DATA_SERVICE_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
118 #USER_DATA_SERVICE_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
119 #USER_DATA_SERVICE_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
120 #USER_DATA_SERVICE_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
121
122
123 TPAS_FILE_API_URL: http://agent-service-svc.thirdparty-agent-service-test.svc.cluster.local:8080/api/v1/tpas/file/db
124 TPAS_MAIL_API_URL: http://agent-service-svc.thirdparty-agent-service-test.svc.cluster.local:8080/api/v1/tpas/mail/smtp
125 TPAS_SMS_API_URL: http://agent-service-svc.thirdparty-agent-service-test.svc.cluster.local:8080/api/v1/tpas/sms/console
126 TPAS_CLIENT_AUTH_ENABLED: "false"
127 #TPAS_CLIENT_AUTH_KEY_PASSWORD: ""
128 #TPAS_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
129 #TPAS_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
130 #TPAS_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
131 #TPAS_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
132
133
134 # COMMUNICATOR_EMAIL_MAIL_SERVER_HOST: "smtp.supwisdom.com"
135 # COMMUNICATOR_EMAIL_MAIL_SERVER_PORT: "25"
136 # COMMUNICATOR_EMAIL_USER_NAME: "security.institute@supwisdom.com"
137 # COMMUNICATOR_EMAIL_PASSWORD: "Security2019"
138 # COMMUNICATOR_EMAIL_VALIDATE: "true"
139
140 # COMMUNICATOR_SMS_SENDER_URL: https://agent-service-api.supwisdom.com/api/v1/tpas/sms/console/send
141
142---
143apiVersion: v1
144kind: Secret
145metadata:
146 namespace: personal-security-center-test
147 name: personal-security-center-bff-env-secret
148type: Opaque
149data:
150
151
152
153---
154apiVersion: v1
155kind: Service
156metadata:
157 namespace: personal-security-center-test
158 name: personal-security-center-bff-svc
159 labels:
160 app: personal-security-center-bff
161 needMonitor: 'true'
162spec:
163 ports:
164 - port: 8080
165 targetPort: http
166 protocol: TCP
167 name: http
168 - port: 6060
169 targetPort: http-metrics
170 protocol: TCP
171 name: http-metrics
172 selector:
173 app: personal-security-center-bff
174
175---
176apiVersion: apps/v1
177kind: Deployment
178metadata:
179 namespace: personal-security-center-test
180 name: personal-security-center-bff
181spec:
182 selector:
183 matchLabels:
184 app: personal-security-center-bff
185 replicas: 1
186 template:
187 metadata:
188 labels:
189 app: personal-security-center-bff
190 spec:
191 containers:
192 - name: personal-security-center-bff
193 # 若使用了学校搭设的私有仓库,请修改
194 image: harbor.supwisdom.com/personal-security-center/personal-security-bff:1.0.2-SNAPSHOT
195 imagePullPolicy: Always
196 ports:
197 - containerPort: 8080
198 name: http
199 - containerPort: 6060
200 name: http-metrics
201 envFrom:
202 - configMapRef:
203 name: jvm-env
204 - secretRef:
205 name: redis-env-secret
206 - secretRef:
207 name: personal-security-center-bff-env-secret
208 - configMapRef:
209 name: personal-security-center-bff-env
210 - configMapRef:
211 name: personal-security-center-bff-template-env
212 resources:
213 requests:
214 memory: "1024Mi"
215 limits:
216 memory: "1024Mi"
217 readinessProbe:
218 httpGet:
219 path: /actuator/health
220 port: 8080
221 initialDelaySeconds: 20
222 periodSeconds: 5
223 timeoutSeconds: 5
224 successThreshold: 1
225 failureThreshold: 10
226 imagePullSecrets:
227 - name: harbor-registry
228