chore(config): 将配置文件中的敏感信息替换为环境变量占位符

- 将 application.yml 中的邮件密码、token密钥、阿里云OSS等敏感配置替换为环境变量 - 将 application-dev.yml 中的数据库连接、Redis、MQTT等配置替换为环境变量占位符 - 将 application-prod.yml 中的数据库连接、Redis、MQTT、阿里云等配置替换为环境变量 - 为代码生成器添加环境变量支持和 .env 文件加载功能 - 更新 .gitignore 文件以忽略 .env 相关配置文件 - 修改 README.md 文档说明环境变量配置方式 - 修复联系邮箱地址错误
2026-01-08 18:13:07 +08:00
parent 2814a4e655
commit f1ba2cbecc
7 changed files with 205 additions and 71 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -31,6 +31,14 @@ build/
 .vscode/
 /cert/
 /src/main/resources/dev/
+.env
+.env.*
+/src/main/resources/application-local.yml
+/src/main/resources/application-*-local.yml
+/src/main/resources/application-secrets.yml
+/src/main/resources/application-*.secrets.yml
+/config/application-local.yml
+/config/application-*-local.yml

 ### macOS ###
 .DS_Store
--- a/README.md
+++ b/README.md
@@ -87,17 +87,23 @@ CREATE DATABASE websoft_db CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
 ```

 ### 3. 配置文件
-编辑 `src/main/resources/application-dev.yml` 文件，配置数据库连接：
-```yaml
-spring:
-  datasource:
-    url: jdbc:mysql://localhost:3306/websoft_db?useUnicode=true&characterEncoding=utf8&serverTimezone=GMT%2B8
-    username: your_username
-    password: your_password
-  redis:
-    host: localhost
-    port: 6379
-    password: your_redis_password
+本项目的 `application-*.yml` 已使用环境变量占位符，避免将真实密码提交到 Git。
+
+开发环境可通过环境变量配置数据库/Redis连接（示例）：
+```bash
+export SPRING_DATASOURCE_URL='jdbc:mysql://localhost:3306/websoft_db?useUnicode=true&characterEncoding=utf8&useSSL=false&serverTimezone=GMT%2B8'
+export SPRING_DATASOURCE_USERNAME='your_username'
+export SPRING_DATASOURCE_PASSWORD='your_password'
+export SPRING_REDIS_HOST='localhost'
+export SPRING_REDIS_PORT='6379'
+export SPRING_REDIS_PASSWORD='your_redis_password'
+```
+
+代码生成器（`src/test/java/com/gxwebsoft/generator/*Generator.java`）使用：
+```bash
+export CODEGEN_DB_URL='jdbc:mysql://localhost:3306/websoft_db?useUnicode=true&characterEncoding=utf8&useSSL=false&serverTimezone=GMT%2B8'
+export CODEGEN_DB_USERNAME='your_username'
+export CODEGEN_DB_PASSWORD='your_password'
 ```

 ### 4. 启动项目
@@ -278,7 +284,7 @@ docker run -d -p 9200:9200 websoft-api
 ## 📞 联系我们

 - 官网：https://websoft.top
- 邮箱：170083662@qq.top
+- 邮箱：170083662@qq.com
 - QQ群：479713884

 ---
--- a/src/main/resources/application-dev.yml
+++ b/src/main/resources/application-dev.yml
@@ -7,18 +7,18 @@ server:
 # 数据源配置
 spring:
  datasource:
-    url: jdbc:mysql://47.119.165.234:13308/modules?useUnicode=true&characterEncoding=utf8&useSSL=false&serverTimezone=GMT%2B8
-    username: modules
-    password: P7KsAyDXG8YdLnkA
+    url: ${SPRING_DATASOURCE_URL:jdbc:mysql://localhost:3306/modules?useUnicode=true&characterEncoding=utf8&useSSL=false&serverTimezone=GMT%2B8}
+    username: ${SPRING_DATASOURCE_USERNAME:modules}
+    password: ${SPRING_DATASOURCE_PASSWORD:}
    driver-class-name: com.mysql.cj.jdbc.Driver
    type: com.alibaba.druid.pool.DruidDataSource

  # redis
  redis:
    database: 0
-    host: 47.119.165.234
-    port: 16379
-    password: redis_WSDb88
+    host: ${SPRING_REDIS_HOST:localhost}
+    port: ${SPRING_REDIS_PORT:6379}
+    password: ${SPRING_REDIS_PASSWORD:}

 # 日志配置
 logging:
@@ -34,12 +34,12 @@ socketio:
 # MQTT配置
 mqtt:
  enabled: false  # 添加开关来禁用MQTT服务
-  host: tcp://1.14.159.185:1883
-  username: swdev
-  password: Sw20250523
-  client-id-prefix: hjm_car_
-  topic: /SW_GPS/#
-  qos: 2
+  host: ${MQTT_HOST:}
+  username: ${MQTT_USERNAME:}
+  password: ${MQTT_PASSWORD:}
+  client-id-prefix: ${MQTT_CLIENT_ID_PREFIX:hjm_car_}
+  topic: ${MQTT_TOPIC:/SW_GPS/#}
+  qos: ${MQTT_QOS:2}
  connection-timeout: 10
  keep-alive-interval: 20
  auto-reconnect: true
@@ -52,7 +52,7 @@ config:

  # JWT配置
  jwt:
-    secret: websoft-jwt-secret-key-2025-dev-environment
+    secret: ${JWT_SECRET:}
    expire: 86400  # token过期时间(秒) 24小时

 # 开发环境证书配置
--- a/src/main/resources/application-prod.yml
+++ b/src/main/resources/application-prod.yml
@@ -3,9 +3,9 @@
 # 数据源配置
 spring:
  datasource:
-    url: jdbc:mysql://1Panel-mysql-Bqdt:3306/modules?useUnicode=true&characterEncoding=utf8&useSSL=false&serverTimezone=Asia/Shanghai
-    username: modules
-    password: 8YdLnk7KsPAyDXGA
+    url: ${SPRING_DATASOURCE_URL}
+    username: ${SPRING_DATASOURCE_USERNAME}
+    password: ${SPRING_DATASOURCE_PASSWORD}
    driver-class-name: com.mysql.cj.jdbc.Driver
    type: com.alibaba.druid.pool.DruidDataSource
    druid:
@@ -14,9 +14,9 @@ spring:
  # redis
  redis:
    database: 0
-    host: 1Panel-redis-Q1LE
-    port: 6379
-    password: redis_WSDb88
+    host: ${SPRING_REDIS_HOST}
+    port: ${SPRING_REDIS_PORT:6379}
+    password: ${SPRING_REDIS_PASSWORD:}

 # 日志配置
 logging:
@@ -33,12 +33,12 @@ socketio:
 # MQTT配置
 mqtt:
  enabled: false  # 添加开关来禁用MQTT服务
-  host: tcp://1.14.159.185:1883
-  username: swdev
-  password: Sw20250523
-  client-id-prefix: hjm_car_
-  topic: /SW_GPS/#
-  qos: 2
+  host: ${MQTT_HOST:}
+  username: ${MQTT_USERNAME:}
+  password: ${MQTT_PASSWORD:}
+  client-id-prefix: ${MQTT_CLIENT_ID_PREFIX:hjm_car_}
+  topic: ${MQTT_TOPIC:/SW_GPS/#}
+  qos: ${MQTT_QOS:2}
  connection-timeout: 10
  keep-alive-interval: 20
  auto-reconnect: true
@@ -50,12 +50,12 @@ config:
  upload-path: /www/wwwroot/file.ws/

  # 阿里云OSS云存储
-  endpoint: https://oss-cn-shenzhen.aliyuncs.com
-  accessKeyId: LTAI4GKGZ9Z2Z8JZ77c3GNZP
-  accessKeySecret: BiDkpS7UXj72HWwDWaFZxiXjNFBNCM
-  bucketName: oss-gxwebsoft
-  bucketDomain: https://oss.wsdns.cn
-  aliyunDomain: https://oss-gxwebsoft.oss-cn-shenzhen.aliyuncs.com
+  endpoint: ${ALIYUN_OSS_ENDPOINT:}
+  accessKeyId: ${ALIYUN_OSS_ACCESS_KEY_ID:}
+  accessKeySecret: ${ALIYUN_OSS_ACCESS_KEY_SECRET:}
+  bucketName: ${ALIYUN_OSS_BUCKET_NAME:}
+  bucketDomain: ${ALIYUN_OSS_BUCKET_DOMAIN:}
+  aliyunDomain: ${ALIYUN_OSS_ALIYUN_DOMAIN:}

 # 生产环境证书配置
 certificate:
@@ -72,9 +72,9 @@ payment:

 aliyun:
  knowledge-base:
-    access-key-id: LTAI5tD5YRKuxWz6Eg7qrM4P
-    access-key-secret: bO8TBDXflOwbtSKimPpG8XrJnyzgTk
-    workspace-id: llm-4pf5auwewoz34zqu
+    access-key-id: ${ALIYUN_KB_ACCESS_KEY_ID:}
+    access-key-secret: ${ALIYUN_KB_ACCESS_KEY_SECRET:}
+    workspace-id: ${ALIYUN_KB_WORKSPACE_ID:}

 ai:
  template:
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -65,7 +65,7 @@ spring:
  mail:
    host: smtp.qq.com
    username: 170083662@qq.com
-    password: mnfokualhfaucaie
+    password: ${SPRING_MAIL_PASSWORD:}
    default-encoding: UTF-8
    properties:
      mail:
@@ -95,7 +95,7 @@ config:
  swagger-title: 网宿软件 API文档
  swagger-description: websoft - 基于java spring、vue3、antd构建的前后端分离快速开发框架
  swagger-version: 2.0
-  token-key: WLgNsWJ8rPjRtnjzX/Gx2RGS80Kwnm/ZeLbvIL+NrBs=
+  token-key: ${APP_TOKEN_KEY:}
  # 主服务器
  server-url: https://server.websoft.top/api
  # 文件服务器
@@ -106,12 +106,12 @@ config:
  local-upload-path: /Users/gxwebsoft/Documents/uploads

  # 阿里云OSS云存储
-  endpoint: https://oss-cn-shenzhen.aliyuncs.com
-  accessKeyId: LTAI4GKGZ9Z2Z8JZ77c3GNZP
-  accessKeySecret: BiDkpS7UXj72HWwDWaFZxiXjNFBNCM
-  bucketName: oss-gxwebsoft
-  bucketDomain: https://oss.wsdns.cn
-  aliyunDomain: https://oss-gxwebsoft.oss-cn-shenzhen.aliyuncs.com
+  endpoint: ${ALIYUN_OSS_ENDPOINT:}
+  accessKeyId: ${ALIYUN_OSS_ACCESS_KEY_ID:}
+  accessKeySecret: ${ALIYUN_OSS_ACCESS_KEY_SECRET:}
+  bucketName: ${ALIYUN_OSS_BUCKET_NAME:}
+  bucketDomain: ${ALIYUN_OSS_BUCKET_DOMAIN:}
+  aliyunDomain: ${ALIYUN_OSS_ALIYUN_DOMAIN:}

 # 商城订单配置
 shop:
@@ -176,7 +176,7 @@ certificate:
  # 微信支付证书配置
  wechat-pay:
    dev:
-      api-v3-key: "0kF5OlPr482EZwtn9zGufUcqa7ovgxRL"
+      api-v3-key: ${WECHATPAY_API_V3_KEY:}
      private-key-file: "apiclient_key.pem"
      apiclient-cert-file: "apiclient_cert.pem"
      wechatpay-cert-file: "wechatpay_cert.pem"
--- a/src/test/java/com/gxwebsoft/generator/ClinicGenerator.java
+++ b/src/test/java/com/gxwebsoft/generator/ClinicGenerator.java
@@ -9,6 +9,7 @@ import com.baomidou.mybatisplus.generator.config.po.TableInfo;
 import com.baomidou.mybatisplus.generator.config.rules.NamingStrategy;
 import com.gxwebsoft.generator.engine.BeetlTemplateEnginePlus;

+import java.nio.charset.StandardCharsets;
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
@@ -40,11 +41,24 @@ public class ClinicGenerator {
  private static final String AUTHOR = "科技小王子";
  // 是否在xml中添加二级缓存配置
  private static final boolean ENABLE_CACHE = false;
+
+  static {
+    loadDotEnvIfPresent();
+  }
+
  // 数据库连接配置
-  private static final String DB_URL = "jdbc:mysql://8.134.169.209:13306/modules?useUnicode=true&characterEncoding=utf8&useSSL=false&serverTimezone=GMT%2B8";
-  private static final String DB_DRIVER = "com.mysql.cj.jdbc.Driver";
-  private static final String DB_USERNAME = "modules";
-  private static final String DB_PASSWORD = "P7KsAyDXG8YdLnkA";
+  private static final String DB_URL = envOrProperty(
+    "CODEGEN_DB_URL",
+    "SPRING_DATASOURCE_URL",
+    "jdbc:mysql://localhost:3306/modules?useUnicode=true&characterEncoding=utf8&useSSL=false&serverTimezone=GMT%2B8"
+  );
+  private static final String DB_DRIVER = envOrProperty(
+    "CODEGEN_DB_DRIVER",
+    "SPRING_DATASOURCE_DRIVER_CLASS_NAME",
+    "com.mysql.cj.jdbc.Driver"
+  );
+  private static final String DB_USERNAME = envOrProperty("CODEGEN_DB_USERNAME", "SPRING_DATASOURCE_USERNAME", "modules");
+  private static final String DB_PASSWORD = envOrProperty("CODEGEN_DB_PASSWORD", "SPRING_DATASOURCE_PASSWORD", "");
  // 包名
  private static final String PACKAGE_NAME = "com.gxwebsoft";
  // 模块名
@@ -99,6 +113,52 @@ public class ClinicGenerator {
  // 模板所在位置
  private static final String TEMPLATES_DIR = "/src/test/java/com/gxwebsoft/generator/templates";

+  private static String envOrProperty(String primaryKey, String fallbackKey, String defaultValue) {
+    String value = envOrProperty(primaryKey, "");
+    if (value.isBlank() && fallbackKey != null && !fallbackKey.isBlank()) {
+      value = envOrProperty(fallbackKey, "");
+    }
+    return value.isBlank() ? defaultValue : value;
+  }
+
+  private static String envOrProperty(String key, String defaultValue) {
+    String value = System.getProperty(key);
+    if (value == null || value.isBlank()) value = System.getenv(key);
+    if (value == null || value.isBlank()) return defaultValue;
+    return value;
+  }
+
+  private static boolean shouldImportDotEnvKey(String key) {
+    return key.startsWith("CODEGEN_") || key.startsWith("SPRING_DATASOURCE_");
+  }
+
+  private static void loadDotEnvIfPresent() {
+    var envPath = Paths.get(OUTPUT_LOCATION, ".env");
+    if (!Files.isRegularFile(envPath)) return;
+
+    try {
+      for (String rawLine : Files.readAllLines(envPath, StandardCharsets.UTF_8)) {
+        String line = rawLine.trim();
+        if (line.isEmpty() || line.startsWith("#")) continue;
+        if (line.startsWith("export ")) line = line.substring("export ".length()).trim();
+        int equalsIndex = line.indexOf('=');
+        if (equalsIndex <= 0) continue;
+
+        String key = line.substring(0, equalsIndex).trim();
+        if (key.isEmpty() || !shouldImportDotEnvKey(key)) continue;
+        if (System.getProperty(key) != null || System.getenv(key) != null) continue;
+
+        String value = line.substring(equalsIndex + 1).trim();
+        if ((value.startsWith("\"") && value.endsWith("\"")) || (value.startsWith("'") && value.endsWith("'"))) {
+          value = value.substring(1, value.length() - 1);
+        }
+        System.setProperty(key, value);
+      }
+    } catch (Exception e) {
+      System.err.println("Warning: failed to load .env from " + envPath + " (" + e.getClass().getSimpleName() + ")");
+    }
+  }
+
  public static void main(String[] args) {
    // 代码生成器
    AutoGenerator mpg = new AutoGenerator();
--- a/src/test/java/com/gxwebsoft/generator/CreditGenerator.java
+++ b/src/test/java/com/gxwebsoft/generator/CreditGenerator.java
@@ -9,6 +9,7 @@ import com.baomidou.mybatisplus.generator.config.po.TableInfo;
 import com.baomidou.mybatisplus.generator.config.rules.NamingStrategy;
 import com.gxwebsoft.generator.engine.BeetlTemplateEnginePlus;

+import java.nio.charset.StandardCharsets;
 import java.nio.file.Files;
 import java.nio.file.Paths;
 import java.util.ArrayList;
@@ -40,11 +41,24 @@ public class CreditGenerator {
  private static final String AUTHOR = "科技小王子";
  // 是否在xml中添加二级缓存配置
  private static final boolean ENABLE_CACHE = false;
+
+  static {
+    loadDotEnvIfPresent();
+  }
+
  // 数据库连接配置
-  private static final String DB_URL = "jdbc:mysql://47.119.165.234:13308/modules?useUnicode=true&characterEncoding=utf8&useSSL=false&serverTimezone=GMT%2B8";
-  private static final String DB_DRIVER = "com.mysql.cj.jdbc.Driver";
-  private static final String DB_USERNAME = "modules";
-  private static final String DB_PASSWORD = "P7KsAyDXG8YdLnkA";
+  private static final String DB_URL = envOrProperty(
+    "CODEGEN_DB_URL",
+    "SPRING_DATASOURCE_URL",
+    "jdbc:mysql://localhost:3306/modules?useUnicode=true&characterEncoding=utf8&useSSL=false&serverTimezone=GMT%2B8"
+  );
+  private static final String DB_DRIVER = envOrProperty(
+    "CODEGEN_DB_DRIVER",
+    "SPRING_DATASOURCE_DRIVER_CLASS_NAME",
+    "com.mysql.cj.jdbc.Driver"
+  );
+  private static final String DB_USERNAME = envOrProperty("CODEGEN_DB_USERNAME", "SPRING_DATASOURCE_USERNAME", "modules");
+  private static final String DB_PASSWORD = envOrProperty("CODEGEN_DB_PASSWORD", "SPRING_DATASOURCE_PASSWORD", "");
  // 包名
  private static final String PACKAGE_NAME = "com.gxwebsoft";
  // 模块名
@@ -71,13 +85,13 @@ public class CreditGenerator {
 //              "credit_risk_relation",
 //              "credit_supplier",
 //              "credit_xgxf",
-                "credit_administrative_license",
-                "credit_bankruptcy",
-                "credit_branch",
-                "credit_historical_legal_person",
-                "credit_nearby_company",
+//                "credit_administrative_license",
+//                "credit_bankruptcy",
+//                "credit_branch",
+//                "credit_historical_legal_person",
+//                "credit_nearby_company",
                "credit_patent",
-                "credit_suspected_relationship"
+//                "credit_suspected_relationship"
  };
  // 需要去除的表前缀
  private static final String[] TABLE_PREFIX = new String[]{
@@ -111,6 +125,52 @@ public class CreditGenerator {
  // 模板所在位置
  private static final String TEMPLATES_DIR = "/src/test/java/com/gxwebsoft/generator/templates";

+  private static String envOrProperty(String primaryKey, String fallbackKey, String defaultValue) {
+    String value = envOrProperty(primaryKey, "");
+    if (value.isBlank() && fallbackKey != null && !fallbackKey.isBlank()) {
+      value = envOrProperty(fallbackKey, "");
+    }
+    return value.isBlank() ? defaultValue : value;
+  }
+
+  private static String envOrProperty(String key, String defaultValue) {
+    String value = System.getProperty(key);
+    if (value == null || value.isBlank()) value = System.getenv(key);
+    if (value == null || value.isBlank()) return defaultValue;
+    return value;
+  }
+
+  private static boolean shouldImportDotEnvKey(String key) {
+    return key.startsWith("CODEGEN_") || key.startsWith("SPRING_DATASOURCE_");
+  }
+
+  private static void loadDotEnvIfPresent() {
+    var envPath = Paths.get(OUTPUT_LOCATION, ".env");
+    if (!Files.isRegularFile(envPath)) return;
+
+    try {
+      for (String rawLine : Files.readAllLines(envPath, StandardCharsets.UTF_8)) {
+        String line = rawLine.trim();
+        if (line.isEmpty() || line.startsWith("#")) continue;
+        if (line.startsWith("export ")) line = line.substring("export ".length()).trim();
+        int equalsIndex = line.indexOf('=');
+        if (equalsIndex <= 0) continue;
+
+        String key = line.substring(0, equalsIndex).trim();
+        if (key.isEmpty() || !shouldImportDotEnvKey(key)) continue;
+        if (System.getProperty(key) != null || System.getenv(key) != null) continue;
+
+        String value = line.substring(equalsIndex + 1).trim();
+        if ((value.startsWith("\"") && value.endsWith("\"")) || (value.startsWith("'") && value.endsWith("'"))) {
+          value = value.substring(1, value.length() - 1);
+        }
+        System.setProperty(key, value);
+      }
+    } catch (Exception e) {
+      System.err.println("Warning: failed to load .env from " + envPath + " (" + e.getClass().getSimpleName() + ")");
+    }
+  }
+
  public static void main(String[] args) {
    // 代码生成器
    AutoGenerator mpg = new AutoGenerator();