官网仓库https://github.com/codecentric/spring-boot-admin
官方文档https://codecentric.github.io/spring-boot-admin/2.7.2/
使用版本 2.7.1 非微服务项目
一、Server端
1、新建项目引入依赖,我用的gradle,pom也差不多
```
implementation'org.springframework.boot:spring-boot-starter-undertow'
implementation'org.springframework.boot:spring-boot-starter-security'
implementation'org.springframework.boot:spring-boot-starter-mail'
implementation"de.codecentric:spring-boot-admin-starter-server:${property('springboot-admin.version')}"
```
2、配置yml 配置参考官网
https://codecentric.github.io/spring-boot-admin/#set-up-admin-server
forward-headers-strategy: native
use-forward-headers: true
这两个配置最好加上,不然后面nginx访问会失败
spring:
security:
user:
name: admin
password: admin
配置登录用户
使用企业微信通知
web版登录地址:https://work.exmail.qq.com/ 获取邮件密码
生成密码
3、security 配置 参考官网配置
https://codecentric.github.io/spring-boot-admin/#_securing_spring_boot_admin_server
新建配置类,注意springboot 2.7以后WebSecurityConfigurerAdapter已弃用,官方文档是2.7之前的
@Configuration(proxyBeanMethods =false)
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled =true)
@RequiredArgsConstructor
public class WebSecurityConfiguration {
private final AdminServerPropertiesadminServer;
@Bean
SecurityFilterChainfilterChain(HttpSecurity http)throws Exception {
SavedRequestAwareAuthenticationSuccessHandler successHandler =new SavedRequestAwareAuthenticationSuccessHandler();
successHandler.setTargetUrlParameter("redirectTo");
successHandler.setDefaultTargetUrl(this.adminServer.path("/"));
return http.authorizeRequests(
(authorizeRequests) -> authorizeRequests.antMatchers(this.adminServer.path("/assets/**")).permitAll()
.antMatchers(this.adminServer.path("/actuator/info")).permitAll()
.antMatchers(this.adminServer.path("/actuator/health")).permitAll()
.antMatchers(this.adminServer.path("/login")).permitAll().anyRequest().authenticated()
).formLogin(
(formLogin) -> formLogin.loginPage(this.adminServer.path("/login")).successHandler(successHandler).and()
).logout((logout) -> logout.logoutUrl(this.adminServer.path("/logout"))).httpBasic(Customizer.withDefaults())
.csrf((csrf) -> csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
.ignoringRequestMatchers(
new AntPathRequestMatcher(this.adminServer.path("/instances"),
HttpMethod.POST.toString()),
new AntPathRequestMatcher(this.adminServer.path("/instances/*"),
HttpMethod.DELETE.toString()),
new AntPathRequestMatcher(this.adminServer.path("/actuator/**"))
))
.rememberMe((rememberMe) -> rememberMe.key(UUID.randomUUID().toString()).tokenValiditySeconds(1209600)).build();
}
@Bean
WebSecurityCustomizerwebSecurityCustomizer() {
return web -> web.ignoring().antMatchers("/favicon.ico", "/public/**");
}
}
application类注解
@SpringBootApplication
@EnableAdminServer
public class Application {
public static void main(String[] args) {
SpringApplication.run(Application.class, args);
}
}
至此server端就配置完成。
二、Server端Nginx配置
location / {
proxy_pass http://ip:8899; # 转 发 规 则
proxy_set_header Host $proxy_host; # 修 改 转 发 请 求 头 , 让 8080端 口 的 应 用 可 以 受 到 真 实 的 请 求
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $host;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Port $server_port;
}
我一直卡在nginx这里,配置出来的总是访问ui会报错
注意几个X-Forwarded的配置就行了,我也是参考了GitHub 的issue才解决的问题
还有上面配置 public-url
https://github.com/codecentric/spring-boot-admin/issues/1770
https://github.com/codecentric/spring-boot-admin/issues/1496
三、客户端
只需在 yml 配置即可
spring.boot.admin.client.url: 刚配置服务端地址
spring.boot.admin.client.username: admin
spring.boot.admin.client.password: admin
spring.boot.admin.client.instance.prefer-ip: true
暴露端点
management:
endpoints:
web:
exposure:
include: "*"
endpoint:
health:
show-details: ALWAYS
logfile:
external-file: ./logs/${spring.application.name}.log # 日志访问
搞定
配图
-- The End
网友评论