Gitiles
Code Review Sign In
source.supwisdom.com / institute / deploy-authx-service / 61e83d0fd99869ee7688a0dfcf38f414b7944a77 / . / deploy-manifests / k8s-rancher / 1.authx-service / 6.personal-security-center / 4.4.personal-security-center-bff.yaml
blob: 329b1d0ac4d1d9c86cc7d1ef13bfbdd7ffc56201 [file] [log] [blame]
刘洪青47205852020-08-14 13:39:30 +0800[diff] [blame]1# personal-security-center-bff.yaml
2
3---
4apiVersion: v1
5kind: ConfigMap
6metadata:
7 namespace: personal-security-center
8 name: personal-security-center-bff-template-env
9data:
10 # 根据情况,修改邮件模板
刘洪青c31902b2020-08-19 14:52:46 +0800[diff] [blame]11 EMAIL_TEMPLATE_ACTIVE_USER_SEND_CODE_BY_EMAIL_ADDRESS: '{name}:您正在激活帐号,须验证邮箱有效,验证码{code},有效期5分钟,请尽快完成验证。'
12 EMAIL_TEMPLATE_FORGOT_PASSWORD_SEND_CODE: '{name}:您正在找回密码,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
刘洪青47205852020-08-14 13:39:30 +0800[diff] [blame]13
刘洪青c31902b2020-08-19 14:52:46 +0800[diff] [blame]14 EMAIL_TEMPLATE_USER_SECURITY_PASSWORD_SEND_CODE: '{name}:您正在修改密码,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
15 EMAIL_TEMPLATE_USER_SECURITY_EMAIL_ADDRESS_SEND_CODE: '{name}:您正在修改安全邮箱,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
16 EMAIL_TEMPLATE_USER_SECURITY_EMAIL_ADDRESS_SEND_CODE_BY_EMAIL_ADDRESS: '{name}:您正在修改安全邮箱,须验证邮箱有效,验证码{code},有效期5分钟,请尽快完成验证。'
17 EMAIL_TEMPLATE_USER_SECURITY_MOBILE_SEND_CODE: '{name}:您正在修改安全手机,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
刘洪青47205852020-08-14 13:39:30 +0800[diff] [blame]18
刘洪青c31902b2020-08-19 14:52:46 +0800[diff] [blame]19 EMAIL_TEMPLATE_USER_FEDERATION_QQ_SEND_CODE: '{name}:您正在绑定QQ,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
20 EMAIL_TEMPLATE_USER_FEDERATION_QQ_SEND_CODE_UNBIND_QQ: '{name}:您正在解绑QQ,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
21 EMAIL_TEMPLATE_USER_FEDERATION_OPENWEIXIN_SEND_CODE: '{name}:您正在绑定微信,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
22 EMAIL_TEMPLATE_USER_FEDERATION_OPENWEIXIN_SEND_CODE_UNBIND_OPENWEIXIN: '{name}:您正在解绑微信,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
23 EMAIL_TEMPLATE_USER_FEDERATION_WORKWEIXIN_SEND_CODE: '{name}:您正在绑定企业微信,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
24 EMAIL_TEMPLATE_USER_FEDERATION_WORKWEIXIN_SEND_CODE_UNBIND_WORKWEIXIN: '{name}:您正在解绑企业微信,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
25 EMAIL_TEMPLATE_USER_FEDERATION_ALIPAY_SEND_CODE: '{name}:您正在绑定支付宝,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
26 EMAIL_TEMPLATE_USER_FEDERATION_ALIPAY_SEND_CODE_UNBIND_ALIPAY: '{name}:您正在解绑支付宝,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
刘洪青47205852020-08-14 13:39:30 +0800[diff] [blame]27
28 # 根据情况,修改短信模板
刘洪青ad59f942020-10-14 16:44:50 +0800[diff] [blame]29 SMS_TEMPLATE_ACTIVE_USER_SEND_CODE_BY_PRE_MOBILE: '{prefix}您正在激活帐号,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
30 SMS_TEMPLATE_ACTIVE_USER_SEND_CODE_BY_MOBILE: '{prefix}您正在激活帐号,须验证手机有效,验证码{code},有效期5分钟,请尽快完成验证。'
31 SMS_TEMPLATE_FORGOT_PASSWORD_SEND_CODE: '{prefix}您正在找回密码,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
刘洪青47205852020-08-14 13:39:30 +0800[diff] [blame]32
刘洪青ad59f942020-10-14 16:44:50 +0800[diff] [blame]33 SMS_TEMPLATE_USER_SECURITY_PASSWORD_SEND_CODE: '{prefix}您正在修改密码,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
34 SMS_TEMPLATE_USER_SECURITY_EMAIL_ADDRESS_SEND_CODE: '{prefix}您正在修改安全邮箱,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
35 SMS_TEMPLATE_USER_SECURITY_MOBILE_SEND_CODE: '{prefix}您正在修改安全手机,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
36 SMS_TEMPLATE_USER_SECURITY_MOBILE_SEND_CODE_BY_MOBILE: '{prefix}您正在修改安全手机,须验证手机有效,验证码{code},有效期5分钟,请尽快完成验证。'
刘洪青47205852020-08-14 13:39:30 +0800[diff] [blame]37
刘洪青ad59f942020-10-14 16:44:50 +0800[diff] [blame]38 SMS_TEMPLATE_USER_FEDERATION_QQ_SEND_CODE: '{prefix}您正在绑定QQ,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
39 SMS_TEMPLATE_USER_FEDERATION_QQ_SEND_CODE_UNBIND_QQ: '{prefix}您正在解绑QQ,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
40 SMS_TEMPLATE_USER_FEDERATION_OPENWEIXIN_SEND_CODE: '{prefix}您正在绑定微信,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
41 SMS_TEMPLATE_USER_FEDERATION_OPENWEIXIN_SEND_CODE_UNBIND_OPENWEIXIN: '{prefix}您正在解绑微信,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
42 SMS_TEMPLATE_USER_FEDERATION_WORKWEIXIN_SEND_CODE: '{prefix}您正在绑定企业微信,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
43 SMS_TEMPLATE_USER_FEDERATION_WORKWEIXIN_SEND_CODE_UNBIND_WORKWEIXIN: '{prefix}您正在解绑企业微信,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
44 SMS_TEMPLATE_USER_FEDERATION_ALIPAY_SEND_CODE: '{prefix}您正在绑定支付宝,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
45 SMS_TEMPLATE_USER_FEDERATION_ALIPAY_SEND_CODE_UNBIND_ALIPAY: '{prefix}您正在解绑支付宝,须验证身份,验证码{code},有效期5分钟,请尽快完成验证。'
刘洪青47205852020-08-14 13:39:30 +0800[diff] [blame]46
刘洪青ad59f942020-10-14 16:44:50 +0800[diff] [blame]47 SMS_TEMPLATE_ACCOUNT_INFO_SEND_CODE_BY_MOBILE: '{prefix}您当前正在查询账号,须验证手机有效,验证码{code},有效期5分钟,请尽快完成验证。'
48 SMS_TEMPLATE_ACCOUNT_INFO_SEND_ACCOUNT_NAME: '{prefix}您当前正在查询账号,查询结果为:{accountName},账号是您在学校中的重要信息,请妥善保管。'
刘洪青3655f382020-09-17 11:39:34 +0800[diff] [blame]49
刘洪青c31902b2020-08-19 14:52:46 +0800[diff] [blame]50 SMS_TEMPLATE_PREFIX: ''
刘洪青47205852020-08-14 13:39:30 +0800[diff] [blame]51
52
53---
54apiVersion: v1
55kind: ConfigMap
56metadata:
57 namespace: personal-security-center
58 name: personal-security-center-bff-env
59data:
60 SERVER_PORT: "8080"
61 SSL_ENABLED: "false"
62 #SSL_KEYSTORE_FILE: file:/certs/server/server.keystore
63 #SSL_KEYSTORE_PASSWORD: ""
64 #SSL_TRUSTSTORE_FILE: file:/certs/server/server.truststore
65 #SSL_TRUSTSTORE_PASSWORD: ""
66
67 SERVER_MAXHTTPHEADERSIZE: "10240"
68
69 SERVER_TOMCAT_ACCEPT_COUNT: "5000"
70 SERVER_TOMCAT_MAX_CONNECTIONS: "10000"
71 SERVER_TOMCAT_MAX_THREADS: "800"
72 SERVER_TOMCAT_MIN_SPARE_THREADS: "100"
73
刘洪青9c2687b2020-09-10 15:53:39 +0800[diff] [blame]74 LOGGING_LEVEL_COM_SUPWISDOM_INSTITUTE_PERSONAL_SECURITY_CENTER_BFF: INFO
75
76
刘洪青61e83d02020-12-04 00:45:08 +0800[diff] [blame^]77 SPRING_SERVLET_MULTIPART_MAX_FILE_SIZE: 10Mb
78 # SPRING_SERVLET_MULTIPART_MAX_REQUEST_SIZE: 10Mb
79
刘洪青47205852020-08-14 13:39:30 +0800[diff] [blame]80 SPRING_REDIS_JEDIS_POOL_MAXACTIVE: "800"
81 SPRING_REDIS_JEDIS_POOL_MAXIDLE: "100"
82 SPRING_REDIS_JEDIS_POOL_MINIDLE: "100"
83
刘洪青47205852020-08-14 13:39:30 +0800[diff] [blame]84
85 # 修改为学校的 personal-security-center 的访问域名
86 PERSONAL_SECURITY_CENTER_SERVER_PREFIX: http://personal-security-center.paas.xxx.edu.cn
87 # 修改为学校的 cas 的访问域名
88 CAS_SERVER_PREFIX: http://cas.paas.xxx.edu.cn/cas
89
90 PERSONAL_SECURITY_BFF_NONCE_STORE_IMPL: redis
91
92
93 # 新开普人脸对接配置
94 # 修改为实际项目配置
95 PERSONAL_SECURITY_BFF_FACE_AIFACE_URL: "http://117.158.17.228:3003/aiface"
96 PERSONAL_SECURITY_BFF_FACE_AIFACE_APPKEY: "GcacXnw46DxMAApNoSTX"
97 PERSONAL_SECURITY_BFF_FACE_AIFACE_APPSECRET: "eXl15kcYGBdCYTOCFD21"
98 PERSONAL_SECURITY_BFF_FACE_AIFACE_SECRETKEY: "12345678abcdefgh87654321"
99 PERSONAL_SECURITY_BFF_FACE_AIFACE_TERM_CODE: "12"
100
101
102 CASSERVER_SITE_SERVER_URL: http://cas-server-site-webapp-svc.cas-server.svc.cluster.local:8080/cas
103 CASSERVER_SITE_CLIENT_AUTH_ENABLED: "false"
104 #CASSERVER_SITE_CLIENT_AUTH_KEY_PASSWORD: ""
105 #CASSERVER_SITE_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
106 #CASSERVER_SITE_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
107 #CASSERVER_SITE_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
108 #CASSERVER_SITE_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
109
110 CASSERVER_SA_API_SERVER_URL: http://cas-server-sa-api-svc.cas-server.svc.cluster.local:8080
111 CASSERVER_SA_API_CLIENT_AUTH_ENABLED: "false"
112 #CASSERVER_SA_API_CLIENT_AUTH_KEY_PASSWORD: ""
113 #CASSERVER_SA_API_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
114 #CASSERVER_SA_API_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
115 #CASSERVER_SA_API_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
116 #CASSERVER_SA_API_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
117
118 USER_DATA_SERVICE_SERVER_URL: http://user-data-service-goa-svc.user-data-service.svc.cluster.local:8080
119 USER_DATA_SERVICE_CLIENT_AUTH_ENABLED: "false"
120 #USER_DATA_SERVICE_CLIENT_AUTH_KEY_PASSWORD: ""
121 #USER_DATA_SERVICE_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
122 #USER_DATA_SERVICE_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
123 #USER_DATA_SERVICE_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
124 #USER_DATA_SERVICE_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
125
126 # PERSONAL_SECURITY_CENTER_SA_API_SERVER_URL: http://personal-security-center-sa-api-svc.personal-security-center.svc.cluster.local:8080
127 # PERSONAL_SECURITY_CENTER_SA_API_CLIENT_AUTH_ENABLED: "false"
128 #PERSONAL_SECURITY_CENTER_SA_API_CLIENT_AUTH_KEY_PASSWORD: ""
129 #PERSONAL_SECURITY_CENTER_SA_API_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
130 #PERSONAL_SECURITY_CENTER_SA_API_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
131 #PERSONAL_SECURITY_CENTER_SA_API_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
132 #PERSONAL_SECURITY_CENTER_SA_API_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
133
134
刘洪青5f8aff12020-09-12 23:24:30 +0800[diff] [blame]135 TPAS_FILE_API_URL: http://agent-service-svc.thirdparty-agent-service.svc.cluster.local:8080/api/v1/tpas/file/minio
刘洪青47205852020-08-14 13:39:30 +0800[diff] [blame]136 TPAS_MAIL_API_URL: http://agent-service-svc.thirdparty-agent-service.svc.cluster.local:8080/api/v1/tpas/mail/smtp
137 TPAS_SMS_API_URL: http://agent-service-svc.thirdparty-agent-service.svc.cluster.local:8080/api/v1/tpas/sms/console
138 TPAS_CLIENT_AUTH_ENABLED: "false"
139 #TPAS_CLIENT_AUTH_KEY_PASSWORD: ""
140 #TPAS_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
141 #TPAS_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
142 #TPAS_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
143 #TPAS_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""
144
145
146 # COMMUNICATOR_EMAIL_MAIL_SERVER_HOST: "smtp.supwisdom.com"
147 # COMMUNICATOR_EMAIL_MAIL_SERVER_PORT: "25"
148 # COMMUNICATOR_EMAIL_USER_NAME: "security.institute@supwisdom.com"
149 # COMMUNICATOR_EMAIL_PASSWORD: "Security2019"
150 # COMMUNICATOR_EMAIL_VALIDATE: "true"
151
152 # COMMUNICATOR_SMS_SENDER_URL: https://agent-service-api.supwisdom.com/api/v1/tpas/sms/console/send
153
154---
155apiVersion: v1
156kind: Secret
157metadata:
158 namespace: personal-security-center
159 name: personal-security-center-bff-env-secret
160type: Opaque
161data:
162
163
164
165---
166apiVersion: v1
167kind: Service
168metadata:
169 namespace: personal-security-center
170 name: personal-security-center-bff-svc
171 labels:
172 app: personal-security-center-bff
173 needMonitor: 'true'
174spec:
175 ports:
176 - port: 8080
177 targetPort: http
178 protocol: TCP
179 name: http
180 - port: 6060
181 targetPort: http-metrics
182 protocol: TCP
183 name: http-metrics
184 selector:
185 app: personal-security-center-bff
186
187---
188apiVersion: apps/v1
189kind: Deployment
190metadata:
191 namespace: personal-security-center
192 name: personal-security-center-bff
193spec:
194 selector:
195 matchLabels:
196 app: personal-security-center-bff
197 replicas: 1
198 template:
199 metadata:
200 labels:
201 app: personal-security-center-bff
202 spec:
203 containers:
204 - name: personal-security-center-bff
205 # 若使用了学校搭设的私有仓库,请修改
刘洪青61e83d02020-12-04 00:45:08 +0800[diff] [blame^]206 image: harbor.supwisdom.com/personal-security-center/personal-security-bff:1.0.4-RELEASE
刘洪青47205852020-08-14 13:39:30 +0800[diff] [blame]207 imagePullPolicy: Always
208 ports:
209 - containerPort: 8080
210 name: http
211 - containerPort: 6060
212 name: http-metrics
213 envFrom:
214 - configMapRef:
215 name: jvm-env
216 - secretRef:
217 name: redis-env-secret
218 - secretRef:
219 name: personal-security-center-bff-env-secret
220 - configMapRef:
221 name: personal-security-center-bff-env
222 - configMapRef:
223 name: personal-security-center-bff-template-env
224 resources:
225 requests:
刘洪青5f8aff12020-09-12 23:24:30 +0800[diff] [blame]226 memory: "512Mi"
刘洪青47205852020-08-14 13:39:30 +0800[diff] [blame]227 limits:
刘洪青5f8aff12020-09-12 23:24:30 +0800[diff] [blame]228 memory: "512Mi"
刘洪青47205852020-08-14 13:39:30 +0800[diff] [blame]229 readinessProbe:
230 httpGet:
231 path: /actuator/health
232 port: 8080
233 initialDelaySeconds: 20
234 periodSeconds: 5
235 timeoutSeconds: 5
236 successThreshold: 1
237 failureThreshold: 10
238 imagePullSecrets:
239 - name: harbor-registry
240