feat: 完成Rust User API完整开发
Some checks failed
Deploy to Production / Run Tests (push) Failing after 16m35s
Deploy to Production / Security Scan (push) Has been skipped
Deploy to Production / Build Docker Image (push) Has been skipped
Deploy to Production / Deploy to Staging (push) Has been skipped
Deploy to Production / Deploy to Production (push) Has been skipped
Deploy to Production / Notify Results (push) Successful in 31s
Some checks failed
Deploy to Production / Run Tests (push) Failing after 16m35s
Deploy to Production / Security Scan (push) Has been skipped
Deploy to Production / Build Docker Image (push) Has been skipped
Deploy to Production / Deploy to Staging (push) Has been skipped
Deploy to Production / Deploy to Production (push) Has been skipped
Deploy to Production / Notify Results (push) Successful in 31s
✨ 新功能: - SQLite数据库集成和持久化存储 - 数据库迁移系统和版本管理 - API分页功能和高效查询 - 用户搜索和过滤机制 - 完整的RBAC角色权限系统 - 结构化日志记录和系统监控 - API限流和多层安全防护 - Docker容器化和生产部署配置 🔒 安全特性: - JWT认证和授权 - 限流和防暴力破解 - 安全头和CORS配置 - 输入验证和XSS防护 - 审计日志和安全监控 📊 监控和运维: - Prometheus指标收集 - 健康检查和系统监控 - 自动化备份和恢复 - 完整的运维文档和脚本 - CI/CD流水线配置 🚀 部署支持: - 多环境Docker配置 - 生产环境部署指南 - 性能优化和安全加固 - 故障排除和应急响应 - 自动化运维脚本 📚 文档完善: - API使用文档 - 部署检查清单 - 运维操作手册 - 性能和安全指南 - 故障排除指南
This commit is contained in:
161
config/production.env.template
Normal file
161
config/production.env.template
Normal file
@@ -0,0 +1,161 @@
|
||||
# 生产环境配置模板
|
||||
# 复制此文件为 .env.production 并填入实际值
|
||||
|
||||
# ===========================================
|
||||
# 服务器配置
|
||||
# ===========================================
|
||||
SERVER_HOST=0.0.0.0
|
||||
SERVER_PORT=3000
|
||||
RUST_LOG=info
|
||||
RUST_BACKTRACE=0
|
||||
|
||||
# ===========================================
|
||||
# 数据库配置
|
||||
# ===========================================
|
||||
# SQLite配置(默认)
|
||||
DATABASE_URL=sqlite:///app/data/production.db?mode=rwc
|
||||
|
||||
# PostgreSQL配置(可选)
|
||||
# DATABASE_URL=postgresql://username:password@localhost:5432/rust_api_prod
|
||||
# DATABASE_MAX_CONNECTIONS=10
|
||||
# DATABASE_MIN_CONNECTIONS=1
|
||||
# DATABASE_CONNECT_TIMEOUT=30
|
||||
# DATABASE_IDLE_TIMEOUT=600
|
||||
|
||||
# ===========================================
|
||||
# 安全配置
|
||||
# ===========================================
|
||||
# JWT密钥(必须更改为强密钥)
|
||||
JWT_SECRET=CHANGE_THIS_TO_A_SECURE_SECRET_KEY_AT_LEAST_32_CHARACTERS_LONG
|
||||
|
||||
# 限流配置
|
||||
SECURITY_RATE_LIMIT_PER_MINUTE=100
|
||||
SECURITY_BURST_SIZE=20
|
||||
SECURITY_BRUTE_FORCE_MAX_ATTEMPTS=5
|
||||
SECURITY_BAN_DURATION=3600
|
||||
|
||||
# CORS配置
|
||||
CORS_ALLOWED_ORIGINS=https://yourdomain.com,https://www.yourdomain.com
|
||||
CORS_ALLOWED_METHODS=GET,POST,PUT,DELETE,OPTIONS
|
||||
CORS_ALLOWED_HEADERS=Content-Type,Authorization,X-Requested-With
|
||||
CORS_MAX_AGE=3600
|
||||
|
||||
# 安全头配置
|
||||
SECURITY_HEADERS_ENABLED=true
|
||||
HSTS_MAX_AGE=31536000
|
||||
CSP_POLICY=default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
|
||||
|
||||
# ===========================================
|
||||
# 日志配置
|
||||
# ===========================================
|
||||
LOG_LEVEL=info
|
||||
LOG_FORMAT=json
|
||||
LOG_TO_CONSOLE=true
|
||||
LOG_TO_FILE=true
|
||||
LOG_FILE_PATH=/app/logs/app.log
|
||||
LOG_FILE_MAX_SIZE=100MB
|
||||
LOG_FILE_MAX_FILES=10
|
||||
|
||||
# 审计日志
|
||||
AUDIT_LOG_ENABLED=true
|
||||
AUDIT_LOG_PATH=/app/logs/audit.log
|
||||
AUDIT_LOG_RETENTION_DAYS=90
|
||||
|
||||
# ===========================================
|
||||
# 监控配置
|
||||
# ===========================================
|
||||
METRICS_ENABLED=true
|
||||
HEALTH_CHECK_ENABLED=true
|
||||
PROMETHEUS_METRICS_ENABLED=true
|
||||
SYSTEM_METRICS_INTERVAL=60
|
||||
|
||||
# 告警配置
|
||||
ALERT_EMAIL_ENABLED=false
|
||||
ALERT_EMAIL_SMTP_HOST=smtp.gmail.com
|
||||
ALERT_EMAIL_SMTP_PORT=587
|
||||
ALERT_EMAIL_USERNAME=your-email@gmail.com
|
||||
ALERT_EMAIL_PASSWORD=your-app-password
|
||||
ALERT_EMAIL_TO=admin@yourdomain.com
|
||||
|
||||
# ===========================================
|
||||
# 性能配置
|
||||
# ===========================================
|
||||
# 线程池配置
|
||||
TOKIO_WORKER_THREADS=4
|
||||
MAX_BLOCKING_THREADS=512
|
||||
|
||||
# 请求配置
|
||||
MAX_REQUEST_SIZE=1MB
|
||||
REQUEST_TIMEOUT=30
|
||||
KEEP_ALIVE_TIMEOUT=75
|
||||
|
||||
# 连接池配置
|
||||
CONNECTION_POOL_SIZE=10
|
||||
CONNECTION_POOL_TIMEOUT=30
|
||||
|
||||
# ===========================================
|
||||
# 缓存配置
|
||||
# ===========================================
|
||||
CACHE_ENABLED=true
|
||||
CACHE_TTL=300
|
||||
CACHE_MAX_SIZE=1000
|
||||
|
||||
# Redis配置(可选)
|
||||
# REDIS_URL=redis://localhost:6379
|
||||
# REDIS_MAX_CONNECTIONS=10
|
||||
# REDIS_CONNECTION_TIMEOUT=5
|
||||
|
||||
# ===========================================
|
||||
# 备份配置
|
||||
# ===========================================
|
||||
BACKUP_ENABLED=true
|
||||
BACKUP_INTERVAL=3600
|
||||
BACKUP_RETENTION_DAYS=30
|
||||
BACKUP_PATH=/app/backups
|
||||
|
||||
# S3备份配置(可选)
|
||||
# AWS_ACCESS_KEY_ID=your-access-key
|
||||
# AWS_SECRET_ACCESS_KEY=your-secret-key
|
||||
# AWS_REGION=us-east-1
|
||||
# S3_BUCKET=your-backup-bucket
|
||||
|
||||
# ===========================================
|
||||
# 外部服务配置
|
||||
# ===========================================
|
||||
# 邮件服务
|
||||
EMAIL_SERVICE_ENABLED=false
|
||||
EMAIL_PROVIDER=smtp
|
||||
SMTP_HOST=smtp.gmail.com
|
||||
SMTP_PORT=587
|
||||
SMTP_USERNAME=your-email@gmail.com
|
||||
SMTP_PASSWORD=your-app-password
|
||||
|
||||
# 短信服务
|
||||
SMS_SERVICE_ENABLED=false
|
||||
SMS_PROVIDER=twilio
|
||||
TWILIO_ACCOUNT_SID=your-account-sid
|
||||
TWILIO_AUTH_TOKEN=your-auth-token
|
||||
TWILIO_PHONE_NUMBER=+1234567890
|
||||
|
||||
# ===========================================
|
||||
# 开发和调试配置
|
||||
# ===========================================
|
||||
# 开发模式(生产环境应设为false)
|
||||
DEBUG_MODE=false
|
||||
DEVELOPMENT_MODE=false
|
||||
|
||||
# API文档
|
||||
API_DOCS_ENABLED=false
|
||||
SWAGGER_UI_ENABLED=false
|
||||
|
||||
# 测试配置
|
||||
TEST_MODE=false
|
||||
MOCK_EXTERNAL_SERVICES=false
|
||||
|
||||
# ===========================================
|
||||
# 环境标识
|
||||
# ===========================================
|
||||
ENVIRONMENT=production
|
||||
SERVICE_NAME=rust-user-api
|
||||
SERVICE_VERSION=1.0.0
|
||||
DEPLOYMENT_ID=prod-001
|
||||
Reference in New Issue
Block a user