application.properties with envs

application.properties with envs

application.properties with envs
38e3f197 · MaxKey单点登录官方 · 3ab5d6db · 38e3f197 · 38e3f197 · 38e3f197
9 changed file
--- a/maxkey-webs/maxkey-boot-monitor/src/main/resources/application.properties
+++ b/maxkey-webs/maxkey-boot-monitor/src/main/resources/application.properties
@@ -15,17 +15,17 @@
 ############################################################################
 #MaxKey Title and Version                                                  #
 ############################################################################
-application.title=MaxKey
+application.title                               =MaxKey
 #for dynamic service discovery
-spring.application.name=maxkey-monitor
-application.formatted-version=v2.9.0 GA
+spring.application.name                         =maxkey-monitor
+application.formatted-version                   =v2.9.0 GA
 #nacos
-spring.cloud.nacos.discovery.enabled=false
-spring.cloud.nacos.discovery.instance-enabled=false
-spring.cloud.nacos.discovery.server-addr=127.0.0.1:8848
+spring.cloud.nacos.discovery.enabled            =${NACOS_DISCOVERY_ENABLED:false}
+spring.cloud.nacos.discovery.instance-enabled   =false
+spring.cloud.nacos.discovery.server-addr        =${NACOS_DISCOVERY_SERVER_ADDR:127.0.0.1:8848}

-server.port=9528
+server.port                                     =9528

-spring.security.user.name=monitor
-spring.security.user.password=maxkey
-spring.security.basic.enabled=false
\ No newline at end of file
+spring.security.user.name                       =monitor
+spring.security.user.password                   =maxkey
+spring.security.basic.enabled                   =false
\ No newline at end of file
--- a/maxkey-webs/maxkey-boot-monitor/src/main/resources/bootstrap.properties
+++ b/maxkey-webs/maxkey-boot-monitor/src/main/resources/bootstrap.properties
-spring.cloud.nacos.config.server-addr=127.0.0.1:8848
+spring.cloud.nacos.config.server-addr           =${NACOS_CONFIG_SERVER_ADDR:127.0.0.1:8848}

 # Nacos \u63A7\u5236\u53F0\u6DFB\u52A0\u914D\u7F6E\uFF1A
 # Data ID\uFF1Amaxkey-monitor.properties
 # Group\uFF1ADEFAULT_GROUP
 # \u914D\u7F6E\u5185\u5BB9\uFF1A
-spring.application.name=maxkey-monitor
+spring.application.name                         =maxkey-monitor
 # \u6307\u5B9A\u914D\u7F6E\u7684\u540E\u7F00\uFF0C\u652F\u6301 properties\u3001yaml\u3001yml\uFF0C\u9ED8\u8BA4\u4E3A properties
-spring.cloud.nacos.config.file-extension=properties
+spring.cloud.nacos.config.file-extension        =properties
 #spring.cloud.nacos.config.file-extension=yaml
 #\u662F\u5426\u542F\u7528nacos\u914D\u7F6E
-spring.cloud.nacos.config.enabled=false
\ No newline at end of file
+spring.cloud.nacos.config.enabled               =${NACOS_CONFIG_ENABLED:false}
\ No newline at end of file
--- a/maxkey-webs/maxkey-web-maxkey/src/main/resources/application-http.properties
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/resources/application-http.properties
@@ -16,62 +16,62 @@
 #spring.profiles.active=http                                               #
 ############################################################################
 #server port
-server.port=8080
+server.port                                     =8080
 #session default 1800
 #1800s =30m
 #28800s=8h
-server.servlet.session.timeout=1800
+server.servlet.session.timeout                  =1800
 #server context path
-server.servlet.context-path=/maxkey
+server.servlet.context-path                     =/maxkey
 #nacos
-spring.cloud.nacos.discovery.enabled=false
-spring.cloud.nacos.discovery.instance-enabled=false
-spring.cloud.nacos.discovery.server-addr=127.0.0.1:8848
+spring.cloud.nacos.discovery.enabled            =${NACOS_DISCOVERY_ENABLED:false}
+spring.cloud.nacos.discovery.instance-enabled   =false
+spring.cloud.nacos.discovery.server-addr        =${NACOS_DISCOVERY_SERVER_ADDR:127.0.0.1:8848}
 ############################################################################
 #domain name configuration                                                 #
 ############################################################################
-maxkey.server.scheme=http
-maxkey.server.basedomain=maxkey.top
-maxkey.server.domain=sso.${maxkey.server.basedomain}
-maxkey.server.name=${maxkey.server.scheme}://${maxkey.server.domain}
-maxkey.server.uri=${maxkey.server.name}/maxkey
-#default.uri
-maxkey.server.default.uri=${maxkey.server.uri}/maxkey/appList
-maxkey.server.mgt.uri=${maxkey.server.name}:9527/maxkey-mgt/login
-maxkey.server.authz.uri=${maxkey.server.name}/maxkey
-#InMemory 0 , Redis 2 
-maxkey.server.persistence=0
-#identity
-maxkey.identity.kafkasupport=false
-#issuer name
-maxkey.app.issuer=CN=ConSec,CN=COM,CN=SH
+maxkey.server.scheme                            =http
+maxkey.server.basedomain                        =${SERVER_DOMAIN:maxkey.top}
+maxkey.server.domain                            =sso.${maxkey.server.basedomain}
+maxkey.server.name                              =${maxkey.server.scheme}://${maxkey.server.domain}
+maxkey.server.uri                               =${maxkey.server.name}:${server.port}/maxkey
+#default.uri                
+maxkey.server.default.uri                       =${maxkey.server.uri}:${server.port}/maxkey/appList
+maxkey.server.mgt.uri                           =${maxkey.server.name}:9527/maxkey-mgt/login
+maxkey.server.authz.uri                         =${maxkey.server.name}:${server.port}/maxkey
+#InMemory 0 , Redis 2               
+maxkey.server.persistence                       =${SERVER_PERSISTENCE:0}
+#identity               
+maxkey.identity.kafkasupport                    =${SERVER_KAFKA_SUPPORT:false}
+#issuer name                
+maxkey.app.issuer                               =CN=ConSec,CN=COM,CN=SH
 ############################################################################
 #Login configuration                                                       #
 ############################################################################
 #enable captcha
-maxkey.login.captcha=true
+maxkey.login.captcha                            =${LOGIN_CAPTCHA:true}
 #text or arithmetic
-maxkey.login.captcha.type=text
+maxkey.login.captcha.type                       =${LOGIN_CAPTCHA_TYPE:text}
 #enable two factor,use one time password
-maxkey.login.mfa=true
+maxkey.login.mfa                                =${LOGIN_MFA_ENABLED:true}
 #TimeBasedOtpAuthn MailOtpAuthn SmsOtpAuthnYunxin SmsOtpAuthnAliyun SmsOtpAuthnTencentCloud
-maxkey.login.mfa.type=TimeBasedOtpAuthn
-#enable social sign on
-maxkey.login.socialsignon=true
-#social sign on providers
-maxkey.login.socialsignon.providers=gitee,wechatopen,sinaweibo,google,qq,dingtalk,microsoft,facebook,workweixin
-#Enable kerberos/SPNEGO
-maxkey.login.kerberos=true
-#wsFederation
-maxkey.login.wsfederation=false
-#remeberme
-maxkey.login.remeberme=true
-#validity
-maxkey.login.remeberme.validity=0
-#to default application web site
-maxkey.login.default.uri=/appList
-maxkey.ipaddress.whitelist=false
-maxkey.notices.visible=false
+maxkey.login.mfa.type                           =${LOGIN_MFA_TYPE:TimeBasedOtpAuthn}
+#enable social sign on          
+maxkey.login.socialsignon                       =${LOGIN_SOCIAL_ENABLED:true}
+#social sign on providers           
+maxkey.login.socialsignon.providers             =${LOGIN_SOCIAL_PROVIDERS:gitee,wechatopen,sinaweibo,google,qq,dingtalk,microsoft,facebook,workweixin}
+#Enable kerberos/SPNEGO         
+maxkey.login.kerberos                           =false
+#wsFederation           
+maxkey.login.wsfederation                       =false
+#remeberme          
+maxkey.login.remeberme                          =${LOGIN_REMEBERME:true}
+#validity           
+maxkey.login.remeberme.validity                 =0
+#to default application web site            
+maxkey.login.default.uri                        =appList
+maxkey.ipaddress.whitelist                      =false
+maxkey.notices.visible                          =false
 ############################################################################
 #ssl configuration                                                         #
 ############################################################################
@@ -88,64 +88,64 @@ maxkey.notices.visible=false
 #       highgo
 #       postgresql
 ############################################################################
-spring.datasource.type=com.alibaba.druid.pool.DruidDataSource
+spring.datasource.type                          =com.alibaba.druid.pool.DruidDataSource
 #mysql
-spring.datasource.username=root
-spring.datasource.password=maxkey
-spring.datasource.url=jdbc:mysql://localhost/maxkey?autoReconnect=true&characterEncoding=UTF-8&serverTimezone=UTC
-spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
+spring.datasource.driver-class-name             =com.mysql.cj.jdbc.Driver
+spring.datasource.username                      =${DATABASE_USER:root}
+spring.datasource.password                      =${DATABASE_PWD:maxkey}
+spring.datasource.url                           =jdbc:mysql://${DATABASE_HOST:localhost}:${DATABASE_PORT:3306}/${DATABASE_NAME:maxkey}?autoReconnect=true&characterEncoding=UTF-8&serverTimezone=UTC
 #highgo
+#spring.datasource.driver-class-name=com.highgo.jdbc.Driver
 #spring.datasource.username=highgo
 #spring.datasource.password=High@123
 #spring.datasource.url=jdbc:highgo://192.168.56.107:5866/highgo?characterEncoding=UTF-8&useUnicode=true&useSSL=false&tinyInt1isBit=false&allowPublicKeyRetrieval=true&serverTimezone=Asia/Shanghai
-#spring.datasource.driver-class-name=com.highgo.jdbc.Driver
 #postgresql
+#spring.datasource.driver-class-name=org.postgresql.Driver
 #spring.datasource.username=root
 #spring.datasource.password=maxkey!
 #spring.datasource.url=jdbc:postgresql://localhost/maxkey?characterEncoding=UTF-8&useUnicode=true&useSSL=false&tinyInt1isBit=false&allowPublicKeyRetrieval=true&serverTimezone=Asia/Shanghai
-#spring.datasource.driver-class-name=org.postgresql.Driver
 #mybatis
-mybatis.dialect=mysql
-mybatis.type-aliases-package=org.maxkey.entity,org.maxkey.entity.apps,
-mybatis.mapper-locations=classpath*:/org/maxkey/persistence/mapper/xml/${mybatis.dialect}/*.xml
-mybatis.table-column-snowflake-datacenter-id=1
-mybatis.table-column-snowflake-machine-id=1
-mybatis.table-column-escape=false
-mybatis.table-column-case=lowercase
+mybatis.dialect                                 =mysql
+mybatis.type-aliases-package                    =org.maxkey.entity,org.maxkey.entity.apps,
+mybatis.mapper-locations                        =classpath*:/org/maxkey/persistence/mapper/xml/${mybatis.dialect}/*.xml
+mybatis.table-column-snowflake-datacenter-id    =1
+mybatis.table-column-snowflake-machine-id       =1
+mybatis.table-column-escape                     =false
+mybatis.table-column-case                       =lowercase

 ############################################################################
 #redis server  configuration                                               #
 ############################################################################
-spring.redis.host=127.0.0.1
-spring.redis.port=6379
-spring.redis.password=password
-spring.redis.timeout=10000
-spring.redis.jedis.pool.max-wait=1000
-spring.redis.jedis.pool.max-idle=200
-spring.redis.lettuce.pool.max-active=-1
-spring.redis.lettuce.pool.min-idle=0
+spring.redis.host                               =${REDIS_HOST:127.0.0.1}
+spring.redis.port                               =${REDIS_PORT:6379}
+spring.redis.password                           =${REDIS_PWD:password}
+spring.redis.timeout                            =10000
+spring.redis.jedis.pool.max-wait                =1000
+spring.redis.jedis.pool.max-idle                =200
+spring.redis.lettuce.pool.max-active            =-1
+spring.redis.lettuce.pool.min-idle              =0

 ############################################################################
 #mail configuration                                                        #
 ############################################################################
-spring.mail.default-encoding=utf-8
-spring.mail.host=smtp.163.com
-spring.mail.port=465
-spring.mail.username=maxkey@163.com
-spring.mail.password=password
-spring.mail.protocol=smtp
-spring.mail.properties.ssl=true
-spring.mail.properties.sender=maxkey@163.com
-spring.mail.properties.mailotp.message.subject=MaxKey One Time PassWord
-spring.mail.properties.mailotp.message.template={0} You Token is {1} , it validity in {2}  minutes.
-spring.mail.properties.mailotp.message.type=html
-spring.mail.properties.mailotp.message.validity=300
+spring.mail.default-encoding                    =utf-8
+spring.mail.host                                =${MAIL_HOST:smtp.163.com}
+spring.mail.port                                =${MAIL_PORT:465}
+spring.mail.username                            =${MAIL_USER:maxkey@163.com}
+spring.mail.password                            =${MAIL_PWD:password}
+spring.mail.protocol                            =smtp
+spring.mail.properties.ssl                      =true
+spring.mail.properties.sender                   =${MAIL_SENDER:maxkey@163.com}
+spring.mail.properties.mailotp.message.subject  =MaxKey One Time PassWord
+spring.mail.properties.mailotp.message.template ={0} You Token is {1} , it validity in {2}  minutes.
+spring.mail.properties.mailotp.message.type     =html
+spring.mail.properties.mailotp.message.validity =300

 ############################################################################
 #Spring Session for Cluster configuration                                  #
 ############################################################################
 # Session store type.
-spring.session.store-type=none
+spring.session.store-type                       =none
 #spring.session.store-type=redis
 # Session timeout. If a duration suffix is not specified, seconds is used.
 #server.servlet.session.timeout=1800
@@ -157,103 +157,96 @@ spring.session.store-type=none
 ############################################################################
 #Kafka for connectors configuration                                        #
 ############################################################################
-spring.kafka.bootstrap-servers=localhost:9092
-# retries
-spring.kafka.producer.retries=0
-# acks
-spring.kafka.producer.acks=1
-# batch-size
-spring.kafka.producer.batch-size=16384
-# linger.ms
-spring.kafka.producer.properties.linger.ms=0
-# buffer-memory
-spring.kafka.producer.buffer-memory = 33554432
-# serializer
-spring.kafka.producer.key-serializer=org.apache.kafka.common.serialization.StringSerializer
-spring.kafka.producer.value-serializer=org.apache.kafka.common.serialization.StringSerializer
+spring.kafka.bootstrap-servers                  =${KAFKA_SERVERS:localhost:9092}
+# retries   
+spring.kafka.producer.retries                   =0
+# acks  
+spring.kafka.producer.acks                      =1
+# batch-size    
+spring.kafka.producer.batch-size                =16384
+# linger.ms 
+spring.kafka.producer.properties.linger.ms      =0
+# buffer-memory 
+spring.kafka.producer.buffer-memory             =33554432
+# serializer    
+spring.kafka.producer.key-serializer            =org.apache.kafka.common.serialization.StringSerializer
+spring.kafka.producer.value-serializer          =org.apache.kafka.common.serialization.StringSerializer
 # partitioner
-# spring.kafka.producer.properties.partitioner.class=com.felix.kafka.producer.CustomizePartitioner
+#spring.kafka.producer.properties.partitioner.class=com.felix.kafka.producer.CustomizePartitioner

 ############################################################################ 
 #SMS Message Login configuration                                           #
 #SmsOtpAuthnYunxin SmsOtpAuthnAliyun SmsOtpAuthnTencentCloud               #
 ############################################################################
 #default
-maxkey.otp.sms=SmsOtpAuthnYunxin
-#aliyun
-maxkey.otp.sms.aliyun.accesskeyid=94395d754eb55693043f5d6a2b772ef4
-maxkey.otp.sms.aliyun.accesssecret=05d5485357bc
-maxkey.otp.sms.aliyun.templatecode=14860095
-maxkey.otp.sms.aliyun.signname=maxkey
-#yunxin
-maxkey.otp.sms.yunxin.appkey=94395d754eb55693043f5d6a2b772ef4
-maxkey.otp.sms.yunxin.appsecret=05d5485357bc
-maxkey.otp.sms.yunxin.templateid=14860095
-#tencentcloud
-maxkey.otp.sms.tencentcloud.secretid=94395d754eb55693043f5d6a2b772ef4
-maxkey.otp.sms.tencentcloud.secretkey=05d5485357bc
-maxkey.otp.sms.tencentcloud.smssdkappid=1486220095
-maxkey.otp.sms.tencentcloud.templateid=14860095
-maxkey.otp.sms.tencentcloud.sign=1486009522
+maxkey.otp.sms                                  =${SMS_IMPL:SmsOtpAuthnYunxin}
+#aliyun     
+maxkey.otp.sms.aliyun.accesskeyid               =${SMS_ALIYUN_ACCESSKEYID:94395d754eb55693043f5d6a2b772ef4}
+maxkey.otp.sms.aliyun.accesssecret              =${SMS_ALIYUN_ACCESSSECRET:05d5485357bc}
+maxkey.otp.sms.aliyun.templatecode              =${SMS_ALIYUN_TEMPLATECODE:14860095}
+maxkey.otp.sms.aliyun.signname                  =${SMS_ALIYUN_SIGNNAME:maxkey}
+#yunxin     
+maxkey.otp.sms.yunxin.appkey                    =${SMS_YUNXIN_APPKEY:94395d754eb55693043f5d6a2b772ef3}
+maxkey.otp.sms.yunxin.appsecret                 =${SMS_YUNXIN_APPSECRET:05d5485357bc}
+maxkey.otp.sms.yunxin.templateid                =${SMS_YUNXIN_TEMPLATEID:14860099}
+#tencentcloud       
+maxkey.otp.sms.tencentcloud.secretid            =${SMS_TENCENTCLOUD_SECRETID:94395d754eb55693043f5d6a2b772ef4}
+maxkey.otp.sms.tencentcloud.secretkey           =${SMS_TENCENTCLOUD_SECRETKEY:05d5485357bc}
+maxkey.otp.sms.tencentcloud.smssdkappid         =${SMS_TENCENTCLOUD_SMSSDKAPPID:1486220095}
+maxkey.otp.sms.tencentcloud.templateid          =${SMS_TENCENTCLOUD_TEMPLATEID:14860095}
+maxkey.otp.sms.tencentcloud.sign                =${SMS_TENCENTCLOUD_SIGN:1486009522}

 ############################################################################ 
 #Time-based One-Time Password configuration                                #
 ############################################################################
-maxkey.otp.keyuri.format.type=totp
-maxkey.otp.keyuri.format.digits=6
-maxkey.otp.keyuri.format.issuer=MaxKey
-maxkey.otp.keyuri.format.domain=${maxkey.server.domain}
-maxkey.otp.keyuri.format.period=30
+maxkey.otp.keyuri.format.type                   =totp
+maxkey.otp.keyuri.format.digits                 =6
+maxkey.otp.keyuri.format.issuer                 =${OTP_KEYURI_ISSUER:MaxKey}
+maxkey.otp.keyuri.format.domain                 =${maxkey.server.domain}
+maxkey.otp.keyuri.format.period                 =30

 ############################################################################ 
 #LDAP Login support configuration                                          #
 ############################################################################
-maxkey.support.ldap.enable=false
-maxkey.support.ldap.jit=false
-#openldap,activedirectory,normal
-maxkey.support.ldap.product=openldap
-maxkey.support.ldap.ssl=false
-maxkey.support.ldap.providerurl=ldap://localhost:389
-#openldap  normal
-maxkey.support.ldap.principal=cn=Manager,dc=maxcrc,dc=com
-#activedirectory
-#maxkey.support.ldap.principal=administrator
-maxkey.support.ldap.credentials=secret
-maxkey.support.ldap.basedn=dc=maxcrc,dc=com
-#openldap  normal
-#maxkey.support.ldap.filter=(uid=%s)
-maxkey.support.ldap.filter=(uid=%s)
-#activedirectory
-#maxkey.support.ldap.filter=(sAMAccountname=%s)
-maxkey.support.ldap.truststore=maxkey
-maxkey.support.ldap.truststorepassword=maxkey
-#activedirectory effective
-maxkey.support.ldap.activedirectory.domain=MAXKEY.ORG
+maxkey.support.ldap.enable                      =${LDAP_ENABLE:false}
+maxkey.support.ldap.jit                         =false
+#openldap,activedirectory,normal    
+maxkey.support.ldap.product                     =${LDAP_PRODUCT:openldap}
+maxkey.support.ldap.ssl                         =${LDAP_SSL:false}
+maxkey.support.ldap.providerurl                 =${LDAP_PROVIDERURL:ldap://localhost:389}
+maxkey.support.ldap.principal                   =${LDAP_PRINCIPAL:cn=Manager,dc=maxcrc,dc=com}
+maxkey.support.ldap.credentials                 =${LDAP_CREDENTIALS:secret}
+maxkey.support.ldap.basedn                      =${LDAP_BASEDN:dc=maxcrc,dc=com}
+maxkey.support.ldap.filter                      =(uid=%s)
+maxkey.support.ldap.truststore                  =${LDAP_TRUSTSTORE:maxkey}
+maxkey.support.ldap.truststorepassword          =${LDAP_TRUSTSTORE_PASSWORD:maxkey}
+#activedirectory effective  
+maxkey.support.ldap.activedirectory.domain      =${LDAP_AD_DOMAIN:MAXKEY.ORG}

 ############################################################################ 
 #Kerberos Login configuration                                              #
 #short name of user domain must be in upper case,eg:MAXKEY                 #
 ############################################################################
-maxkey.support.kerberos.default.userdomain=MAXKEY
+maxkey.support.kerberos.default.userdomain      =MAXKEY
 #short name of user domain must be in upper case,eg:MAXKEY.ORG
-maxkey.support.kerberos.default.fulluserdomain=MAXKEY.ORG
+maxkey.support.kerberos.default.fulluserdomain  =MAXKEY.ORG
 #last 8Bit crypto for Kerberos web Authentication 
-maxkey.support.kerberos.default.crypto=846KZSzYq56M6d5o
+maxkey.support.kerberos.default.crypto          =846KZSzYq56M6d5o
 #Kerberos Authentication server RUL
-maxkey.support.kerberos.default.redirecturi=http://sso.maxkey.top/kerberos/authn/
+maxkey.support.kerberos.default.redirecturi     =http://sso.maxkey.top/kerberos/authn/

 ############################################################################ 
 #HTTPHEADER Login configuration                                            #
 ############################################################################
-maxkey.support.httpheader.enable=false
-maxkey.support.httpheader.headername=header-user
+maxkey.support.httpheader.enable                =false
+maxkey.support.httpheader.headername            =header-user
 # iv-user is for IBM Security Access Manager
 #config.httpheader.headername=iv-user

 ############################################################################ 
 #BASIC Login support configuration                                         #
 ############################################################################
-maxkey.support.basic.enable=false
+maxkey.support.basic.enable                     =false

 #############################################################################
 #WsFederation Login support configuration
@@ -265,184 +258,184 @@ maxkey.support.basic.enable=false
 #attributeMutator: (optional) a class (defined by you) that can modify the attributes/assertions returned by the ADFS server
 #signingCertificate: ADFS's signing certificate used to validate the token/assertions issued by ADFS.
 ############################################################################
-maxkey.support.wsfederation.identifier=http://adfs.maxkey.top/adfs/services/trust
-maxkey.support.wsfederation.url=https://adfs.maxkey.top/adfs/ls/
-maxkey.support.wsfederation.principal=upn
-maxkey.support.wsfederation.relyingParty=urn:federation:connsec
-maxkey.support.wsfederation.signingCertificate=adfs-signing.crt
-maxkey.support.wsfederation.tolerance=10000
-maxkey.support.wsfederation.upn.suffix=maxkey.org
-maxkey.support.wsfederation.logoutUrl=https://adfs.maxkey.top/adfs/ls/?wa=wsignout1.0
+maxkey.support.wsfederation.identifier          =http://adfs.maxkey.top/adfs/services/trust
+maxkey.support.wsfederation.url                 =https://adfs.maxkey.top/adfs/ls/
+maxkey.support.wsfederation.principal           =upn
+maxkey.support.wsfederation.relyingParty        =urn:federation:connsec
+maxkey.support.wsfederation.signingCertificate  =adfs-signing.crt
+maxkey.support.wsfederation.tolerance           =10000
+maxkey.support.wsfederation.upn.suffix          =maxkey.org
+maxkey.support.wsfederation.logoutUrl           =https://adfs.maxkey.top/adfs/ls/?wa=wsignout1.0

 #############################################################################
 #OIDC V1.0 METADATA configuration                                           #
 #############################################################################
-maxkey.oidc.metadata.issuer=${maxkey.server.name}/maxkey
-maxkey.oidc.metadata.authorizationEndpoint=${maxkey.server.name}/maxkey/authz/oauth/v20/authorize
-maxkey.oidc.metadata.tokenEndpoint=${maxkey.server.name}/maxkey/authz/oauth/v20/token
-maxkey.oidc.metadata.userinfoEndpoint=${maxkey.server.name}/maxkey/api/connect/userinfo
+maxkey.oidc.metadata.issuer                     =${maxkey.server.name}/maxkey
+maxkey.oidc.metadata.authorizationEndpoint      =${maxkey.server.name}/maxkey/authz/oauth/v20/authorize
+maxkey.oidc.metadata.tokenEndpoint              =${maxkey.server.name}/maxkey/authz/oauth/v20/token
+maxkey.oidc.metadata.userinfoEndpoint           =${maxkey.server.name}/maxkey/api/connect/userinfo

 #############################################################################
 #SAML V2.0 configuration                                                    #
 #############################################################################
 #saml common
-maxkey.saml.v20.max.parser.pool.size=2
-maxkey.saml.v20.assertion.validity.time.ins.seconds=90
-maxkey.saml.v20.replay.cache.life.in.millis=14400000
-maxkey.saml.v20.issue.instant.check.clock.skew.in.seconds=90
-maxkey.saml.v20.issue.instant.check.validity.time.in.seconds=300
+maxkey.saml.v20.max.parser.pool.size                            =2
+maxkey.saml.v20.assertion.validity.time.ins.seconds             =90
+maxkey.saml.v20.replay.cache.life.in.millis                     =14400000
+maxkey.saml.v20.issue.instant.check.clock.skew.in.seconds       =90
+maxkey.saml.v20.issue.instant.check.validity.time.in.seconds    =300
 #saml idp keystore
-maxkey.saml.v20.idp.keystore.password=maxkey
-maxkey.saml.v20.idp.keystore.private.key.password=maxkey
-maxkey.saml.v20.idp.keystore=classpath\:config/samlServerKeystore.jks
+maxkey.saml.v20.idp.keystore.password                           =maxkey
+maxkey.saml.v20.idp.keystore.private.key.password               =maxkey
+maxkey.saml.v20.idp.keystore                                    =classpath\:config/samlServerKeystore.jks
 #keystore id for sec
-maxkey.saml.v20.idp.issuing.entity.id=maxkey.top
-maxkey.saml.v20.idp.issuer=https://sso.maxkey.top/maxkey/saml
-maxkey.saml.v20.idp.receiver.endpoint=https\://sso.maxkey.top/
+maxkey.saml.v20.idp.issuing.entity.id                           =maxkey.top
+maxkey.saml.v20.idp.issuer                                      =https://sso.maxkey.top/maxkey/saml
+maxkey.saml.v20.idp.receiver.endpoint                           =https\://sso.maxkey.top/
 #saml sp keystore
-maxkey.saml.v20.sp.keystore.password=maxkey
-maxkey.saml.v20.sp.keystore.private.key.password=maxkey
-maxkey.saml.v20.sp.keystore=classpath\:config/samlClientKeystore.jks
-maxkey.saml.v20.sp.issuing.entity.id=client.maxkey.org
+maxkey.saml.v20.sp.keystore.password                            =maxkey
+maxkey.saml.v20.sp.keystore.private.key.password                =maxkey
+maxkey.saml.v20.sp.keystore                                     =classpath\:config/samlClientKeystore.jks
+maxkey.saml.v20.sp.issuing.entity.id                            =client.maxkey.org
 #Saml v20 METADATA
-maxkey.saml.v20.metadata.orgName=MaxKeyTop
-maxkey.saml.v20.metadata.orgDisplayName=MaxKeyTop
-maxkey.saml.v20.metadata.orgURL=https://www.maxkey.top
-maxkey.saml.v20.metadata.contactType=technical
-maxkey.saml.v20.metadata.company=MaxKeyTop
-maxkey.saml.v20.metadata.givenName=maxkey
-maxkey.saml.v20.metadata.surName=maxkey
-maxkey.saml.v20.metadata.emailAddress=maxkeysupport@163.com
-maxkey.saml.v20.metadata.telephoneNumber=4008981111
+maxkey.saml.v20.metadata.orgName                =MaxKeyTop
+maxkey.saml.v20.metadata.orgDisplayName         =MaxKeyTop
+maxkey.saml.v20.metadata.orgURL                 =https://www.maxkey.top
+maxkey.saml.v20.metadata.contactType            =technical
+maxkey.saml.v20.metadata.company                =MaxKeyTop
+maxkey.saml.v20.metadata.givenName              =maxkey
+maxkey.saml.v20.metadata.surName                =maxkey
+maxkey.saml.v20.metadata.emailAddress           =maxkeysupport@163.com
+maxkey.saml.v20.metadata.telephoneNumber        =4008981111

 ############################################################################
 #              Social Sign On Configuration                                #
 #you config client.id & client.secret only                                 #
 ############################################################################
 #gitee
-maxkey.socialsignon.gitee.provider=gitee
-maxkey.socialsignon.gitee.provider.name=Gitee
-maxkey.socialsignon.gitee.icon=images/social/gitee.png
-maxkey.socialsignon.gitee.client.id=ee6fdc484b3398d17e77d6ff37fd8b9fe502106398c7b22bf5522d3c01303f45
-maxkey.socialsignon.gitee.client.secret=d6c3558f295f044df538c966a9084166f9a877c7a7392543184007a5faccdbad
-maxkey.socialsignon.gitee.account.id=id
-maxkey.socialsignon.gitee.hidden=false
-maxkey.socialsignon.gitee.sortorder=1
+maxkey.socialsignon.gitee.provider              =gitee
+maxkey.socialsignon.gitee.provider.name         =Gitee
+maxkey.socialsignon.gitee.icon                  =images/social/gitee.png
+maxkey.socialsignon.gitee.client.id             =${SOCIAL_GITEE_CLIENTID:ee6fdc484b3398d17e77d6ff37fd8b9fe502106398c7b22bf5522d3c01303f45}
+maxkey.socialsignon.gitee.client.secret         =${SOCIAL_GITEE_CLIENTSECRET:d6c3558f295f044df538c966a9084166f9a877c7a7392543184007a5faccdbad}
+maxkey.socialsignon.gitee.account.id            =id
+maxkey.socialsignon.gitee.hidden                =false
+maxkey.socialsignon.gitee.sortorder             =1
 #wechat
-maxkey.socialsignon.wechatopen.provider=wechatopen
-maxkey.socialsignon.wechatopen.provider.name=\u5fae\u4fe1
-maxkey.socialsignon.wechatopen.icon=images/social/wechat.png
-maxkey.socialsignon.wechatopen.client.id=ee6fdc484b3398d17e7
-maxkey.socialsignon.wechatopen.client.secret=7a5faccdbad
-maxkey.socialsignon.wechatopen.account.id=id
-maxkey.socialsignon.wechatopen.hidden=false
-maxkey.socialsignon.wechatopen.sortorder=2
+maxkey.socialsignon.wechatopen.provider         =wechatopen
+maxkey.socialsignon.wechatopen.provider.name    =\u5fae\u4fe1
+maxkey.socialsignon.wechatopen.icon             =images/social/wechat.png
+maxkey.socialsignon.wechatopen.client.id        =${SOCIAL_WECHATOPEN_CLIENTID:ee6fdc484b3398d17e7}
+maxkey.socialsignon.wechatopen.client.secret    =${SOCIAL_WECHATOPEN_CLIENTSECRET:7a5faccdbad}
+maxkey.socialsignon.wechatopen.account.id       =id
+maxkey.socialsignon.wechatopen.hidden           =false
+maxkey.socialsignon.wechatopen.sortorder        =2
 #work weixin
-maxkey.socialsignon.workweixin.provider=workweixin
-maxkey.socialsignon.workweixin.provider.name=\u4F01\u4E1A\u5fae\u4fe1
-maxkey.socialsignon.workweixin.icon=images/social/wechat.png
-maxkey.socialsignon.workweixin.client.id=wx00d052e8f417f8f9
-maxkey.socialsignon.workweixin.client.secret=lIy40iP0z4D65eJaWDNoe-vSlttmqY2WGJBygbM0TlY
-maxkey.socialsignon.workweixin.agent.id=1000002
-maxkey.socialsignon.workweixin.account.id=id
-maxkey.socialsignon.workweixin.hidden=true
-maxkey.socialsignon.workweixin.sortorder=2
+maxkey.socialsignon.workweixin.provider         =workweixin
+maxkey.socialsignon.workweixin.provider.name    =\u4F01\u4E1A\u5fae\u4fe1
+maxkey.socialsignon.workweixin.icon             =images/social/wechat_enterprise.png
+maxkey.socialsignon.workweixin.client.id        =${SOCIAL_WORKWEIXIN_CLIENTID:ww61ca142e1fe5b8ca}
+maxkey.socialsignon.workweixin.client.secret    =${SOCIAL_WORKWEIXIN_CLIENTSECRET:CfWEoALuKdSKzXiV-QWXeGSD5zPd6Svze3GR_gB5eFs}
+maxkey.socialsignon.workweixin.agent.id         =${SOCIAL_WORKWEIXIN_AGENTID:1000002}
+maxkey.socialsignon.workweixin.account.id       =id
+maxkey.socialsignon.workweixin.hidden           =true
+maxkey.socialsignon.workweixin.sortorder        =2
 #sina weibo
-maxkey.socialsignon.sinaweibo.provider=sinaweibo
-maxkey.socialsignon.sinaweibo.provider.name=\u65b0\u6d6a\u5fae\u535a
-maxkey.socialsignon.sinaweibo.icon=images/social/weibo.png
-maxkey.socialsignon.sinaweibo.client.id=3379757634
-maxkey.socialsignon.sinaweibo.client.secret=1adfdf9800299037bcab9d1c238664ba
-maxkey.socialsignon.sinaweibo.account.id=id
-maxkey.socialsignon.sinaweibo.hidden=false
-maxkey.socialsignon.sinaweibo.sortorder=3
+maxkey.socialsignon.sinaweibo.provider          =sinaweibo
+maxkey.socialsignon.sinaweibo.provider.name     =\u65b0\u6d6a\u5fae\u535a
+maxkey.socialsignon.sinaweibo.icon              =images/social/weibo.png
+maxkey.socialsignon.sinaweibo.client.id         =${SOCIAL_SINAWEIBO_CLIENTID:3379757634}
+maxkey.socialsignon.sinaweibo.client.secret     =${SOCIAL_SINAWEIBO_CLIENTSECRET:1adfdf9800299037bcab9d1c238664ba}
+maxkey.socialsignon.sinaweibo.account.id        =id
+maxkey.socialsignon.sinaweibo.hidden            =false
+maxkey.socialsignon.sinaweibo.sortorder         =3
 #Google
-maxkey.socialsignon.google.provider=google
-maxkey.socialsignon.google.provider.name=Google
-maxkey.socialsignon.google.icon=images/social/google.png
-maxkey.socialsignon.google.client.id=519914515488.apps.googleusercontent.com
-maxkey.socialsignon.google.client.secret=3aTW3Iw7e11QqMnHxciCaXTt
-maxkey.socialsignon.google.account.id=id
-maxkey.socialsignon.google.hidden=false
-maxkey.socialsignon.google.sortorder=4
+maxkey.socialsignon.google.provider             =google
+maxkey.socialsignon.google.provider.name        =Google
+maxkey.socialsignon.google.icon                 =images/social/google.png
+maxkey.socialsignon.google.client.id            =${SOCIAL_GOOGLE_CLIENTID:519914515488.apps.googleusercontent.com}
+maxkey.socialsignon.google.client.secret        =${SOCIAL_GOOGLE_CLIENTSECRET:3aTW3Iw7e11QqMnHxciCaXTt}
+maxkey.socialsignon.google.account.id           =id
+maxkey.socialsignon.google.hidden               =false
+maxkey.socialsignon.google.sortorder            =4
 #dingtalk
-maxkey.socialsignon.dingtalk.provider=dingtalk
-maxkey.socialsignon.dingtalk.provider.name=dingtalk
-maxkey.socialsignon.dingtalk.icon=images/social/dingtalk.png
-maxkey.socialsignon.dingtalk.client.id=dingoawf2jyiwh2uzqnphg
-maxkey.socialsignon.dingtalk.client.secret=Crm7YJbMKfRlvG2i1SHpg4GHVpqF_oXiEjhmRQyiSiuzNRWpbFh9i0UjDTfhOoN9
-maxkey.socialsignon.dingtalk.account.id=openid
-maxkey.socialsignon.dingtalk.hidden=false
-maxkey.socialsignon.dingtalk.sortorder=5
+maxkey.socialsignon.dingtalk.provider           =dingtalk
+maxkey.socialsignon.dingtalk.provider.name      =dingtalk
+maxkey.socialsignon.dingtalk.icon               =images/social/dingtalk.png
+maxkey.socialsignon.dingtalk.client.id          =${SOCIAL_DINGTALK_CLIENTID:dingoawf2jyiwh2uzqnphg}
+maxkey.socialsignon.dingtalk.client.secret      =${SOCIAL_DINGTALK_CLIENTSECRET:Crm7YJbMKfRlvG2i1SHpg4GHVpqF_oXiEjhmRQyiSiuzNRWpbFh9i0UjDTfhOoN9}
+maxkey.socialsignon.dingtalk.account.id         =openid
+maxkey.socialsignon.dingtalk.hidden             =false
+maxkey.socialsignon.dingtalk.sortorder          =5
 #QQ
-maxkey.socialsignon.qq.provider=qq
-maxkey.socialsignon.qq.provider.name=QQ
-maxkey.socialsignon.qq.icon=images/social/qq.png
-maxkey.socialsignon.qq.client.id=101225363
-maxkey.socialsignon.qq.client.secret=8577d75e0eb4a91ac549cc8be3371bfd
-maxkey.socialsignon.qq.account.id=openid
-maxkey.socialsignon.qq.hidden=false
-maxkey.socialsignon.qq.sortorder=6
+maxkey.socialsignon.qq.provider                 =qq
+maxkey.socialsignon.qq.provider.name            =QQ
+maxkey.socialsignon.qq.icon                     =images/social/qq.png
+maxkey.socialsignon.qq.client.id                =${SOCIAL_QQ_CLIENTID:101225363}
+maxkey.socialsignon.qq.client.secret            =${SOCIAL_QQ_CLIENTSECRET:8577d75e0eb4a91ac549cc8be3371bfd}
+maxkey.socialsignon.qq.account.id               =openid
+maxkey.socialsignon.qq.hidden                   =false
+maxkey.socialsignon.qq.sortorder                =6
 #Microsoft
-maxkey.socialsignon.microsoft.provider=microsoft
-maxkey.socialsignon.microsoft.provider.name=Microsoft
-maxkey.socialsignon.microsoft.icon=images/social/microsoft.png
-maxkey.socialsignon.microsoft.client.id=24aa73b6-7928-4e64-bd64-d8682e650f95
-maxkey.socialsignon.microsoft.client.secret=PF[_AthtjVrtWVO2mNy@CJxY1@Z8FNf5
-maxkey.socialsignon.microsoft.account.id=id
-maxkey.socialsignon.microsoft.hidden=false
-maxkey.socialsignon.microsoft.sortorder=7
+maxkey.socialsignon.microsoft.provider          =microsoft
+maxkey.socialsignon.microsoft.provider.name     =Microsoft
+maxkey.socialsignon.microsoft.icon              =images/social/microsoft.png
+maxkey.socialsignon.microsoft.client.id         =${SOCIAL_MICROSOFT_CLIENTID:24aa73b6-7928-4e64-bd64-d8682e650f95}
+maxkey.socialsignon.microsoft.client.secret     =${SOCIAL_MICROSOFT_CLIENTSECRET:PF[_AthtjVrtWVO2mNy@CJxY1@Z8FNf5}
+maxkey.socialsignon.microsoft.account.id        =id
+maxkey.socialsignon.microsoft.hidden            =false
+maxkey.socialsignon.microsoft.sortorder         =7
 #facebook
-maxkey.socialsignon.facebook.provider=facebook
-maxkey.socialsignon.facebook.provider.name=facebook
-maxkey.socialsignon.facebook.icon=images/social/facebook.png
-maxkey.socialsignon.facebook.client.id=appKey
-maxkey.socialsignon.facebook.client.secret=appSecret
-maxkey.socialsignon.facebook.account.id=id
-maxkey.socialsignon.facebook.hidden=false
-maxkey.socialsignon.facebook.sortorder=8
+maxkey.socialsignon.facebook.provider           =facebook
+maxkey.socialsignon.facebook.provider.name      =facebook
+maxkey.socialsignon.facebook.icon               =images/social/facebook.png
+maxkey.socialsignon.facebook.client.id          =${SOCIAL_FACEBOOK_CLIENTID:appKey}
+maxkey.socialsignon.facebook.client.secret      =${SOCIAL_FACEBOOK_CLIENTSECRET:appSecret}
+maxkey.socialsignon.facebook.account.id         =id
+maxkey.socialsignon.facebook.hidden             =false
+maxkey.socialsignon.facebook.sortorder          =8

 ############################################################################
 #Management endpoints configuration                                        #
 ############################################################################
-management.security.enabled=false
+management.security.enabled                     =false
 #management.endpoints.jmx.exposure.include=health,info
 #management.endpoints.web.exposure.include=metrics,health,info,env
-management.endpoints.web.exposure.include=*
-management.endpoint.health.show-details=ALWAYS
+management.endpoints.web.exposure.include       =*
+management.endpoint.health.show-details         =ALWAYS
 #Spring Boot Admin Client
-spring.application.name=maxkey
-spring.boot.admin.client.url=http://127.0.0.1:9528
-management.health.redis.enabled: false
+spring.application.name                         =maxkey
+spring.boot.admin.client.url                    =${SPRING_BOOT_ADMIN_URL:http://127.0.0.1:9528}
+management.health.redis.enabled                 =false

 ############################################################################
 #springfox.documentation.swagger.v2.path=/api-docs                         #
 #Swagger Configure Properties                                              #
 ############################################################################
-maxkey.swagger.enable=true
-maxkey.swagger.title=MaxKey\u5355\u70b9\u767b\u5f55\u8ba4\u8bc1\u7cfb\u7edfapi\u6587\u6863
-maxkey.swagger.description=MaxKey\u5355\u70b9\u767b\u5f55\u8ba4\u8bc1\u7cfb\u7edfapi\u6587\u6863
-maxkey.swagger.version=${application.formatted-version}
+maxkey.swagger.enable                           =true
+maxkey.swagger.title                            =MaxKey\u5355\u70b9\u767b\u5f55\u8ba4\u8bc1\u7cfb\u7edfapi\u6587\u6863
+maxkey.swagger.description                      =MaxKey\u5355\u70b9\u767b\u5f55\u8ba4\u8bc1\u7cfb\u7edfapi\u6587\u6863
+maxkey.swagger.version                          =${application.formatted-version}

 ############################################################################
 #freemarker configuration                                                  #
 ############################################################################
-spring.freemarker.template-loader-path=classpath:/templates/views
-spring.freemarker.cache=false
-spring.freemarker.charset=UTF-8
-spring.freemarker.check-template-location=true
-spring.freemarker.content-type=text/html
-spring.freemarker.expose-request-attributes=false
-spring.freemarker.expose-session-attributes=false
-spring.freemarker.request-context-attribute=request
-spring.freemarker.suffix=.ftl
+spring.freemarker.template-loader-path          =classpath:/templates/views
+spring.freemarker.cache                         =false
+spring.freemarker.charset                       =UTF-8
+spring.freemarker.check-template-location       =true
+spring.freemarker.content-type                  =text/html
+spring.freemarker.expose-request-attributes     =false
+spring.freemarker.expose-session-attributes     =false
+spring.freemarker.request-context-attribute     =request
+spring.freemarker.suffix                        =.ftl

 ############################################################################
 #static resources configuration                                            #
 ############################################################################
-spring.mvc.static-path-pattern=/static/**
-spring.messages.basename=classpath:messages/message
-spring.messages.encoding=UTF-8
+spring.mvc.static-path-pattern                  =/static/**
+spring.messages.basename                        =classpath:messages/message
+spring.messages.encoding                        =UTF-8

 ############################################################################
 #server servlet encoding configuration                                     #
@@ -455,11 +448,5 @@ spring.messages.encoding=UTF-8
 ############################################################################
 #Servlet multipart configuration                                           #
 ############################################################################
-spring.servlet.multipart.enabled=true
-spring.servlet.multipart.max-file-size=4194304
-
-############################################################################
-#Main.banner-mode configuration                                            #
-############################################################################
-spring.main.banner-mode=log
-spring.main.allow-bean-definition-overriding=true
+spring.servlet.multipart.enabled                =true
+spring.servlet.multipart.max-file-size          =4194304
--- a/maxkey-webs/maxkey-web-maxkey/src/main/resources/application-https.properties
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/resources/application-https.properties
@@ -16,72 +16,72 @@
 #spring.profiles.active=http                                               #
 ############################################################################
 #server port
-server.port=443
+server.port                                     =443
 #session default 1800
 #1800s =30m
 #28800s=8h
-server.servlet.session.timeout=1800
+server.servlet.session.timeout                  =1800
 #server context path
-server.servlet.context-path=/maxkey
+server.servlet.context-path                     =/maxkey
 #nacos
-spring.cloud.nacos.discovery.enabled=false
-spring.cloud.nacos.discovery.instance-enabled=false
-spring.cloud.nacos.discovery.server-addr=127.0.0.1:8848
+spring.cloud.nacos.discovery.enabled            =${NACOS_DISCOVERY_ENABLED:false}
+spring.cloud.nacos.discovery.instance-enabled   =false
+spring.cloud.nacos.discovery.server-addr        =${NACOS_DISCOVERY_SERVER_ADDR:127.0.0.1:8848}
 ############################################################################
 #domain name configuration                                                 #
 ############################################################################
-maxkey.server.scheme=https
-maxkey.server.basedomain=maxkey.top
-maxkey.server.domain=sso.${maxkey.server.basedomain}
-maxkey.server.name=${maxkey.server.scheme}://${maxkey.server.domain}
-maxkey.server.uri=${maxkey.server.name}/maxkey
-#default.uri
-maxkey.server.default.uri=${maxkey.server.uri}/maxkey/appList
-maxkey.server.mgt.uri=${maxkey.server.name}:9527/maxkey-mgt/login
-maxkey.server.authz.uri=${maxkey.server.name}/maxkey
-#InMemory 0 , Redis 2 
-maxkey.server.persistence=0
-#identity
-maxkey.identity.kafkasupport=false
-#issuer name
-maxkey.app.issuer=CN=ConSec,CN=COM,CN=SH
+maxkey.server.scheme                            =https
+maxkey.server.basedomain                        =${SERVER_DOMAIN:maxkey.top}
+maxkey.server.domain                            =sso.${maxkey.server.basedomain}
+maxkey.server.name                              =${maxkey.server.scheme}://${maxkey.server.domain}
+maxkey.server.uri                               =${maxkey.server.name}/maxkey
+#default.uri                
+maxkey.server.default.uri                       =${maxkey.server.uri}/maxkey/appList
+maxkey.server.mgt.uri                           =${maxkey.server.name}:9527/maxkey-mgt/login
+maxkey.server.authz.uri                         =${maxkey.server.name}/maxkey
+#InMemory 0 , Redis 2               
+maxkey.server.persistence                       =${SERVER_PERSISTENCE:0}
+#identity               
+maxkey.identity.kafkasupport                    =${SERVER_KAFKA_SUPPORT:false}
+#issuer name                
+maxkey.app.issuer                               =CN=ConSec,CN=COM,CN=SH

 ############################################################################
 #Login configuration                                                       #
 ############################################################################
 #enable captcha
-maxkey.login.captcha=true
+maxkey.login.captcha                            =${LOGIN_CAPTCHA:true}
 #text or arithmetic
-maxkey.login.captcha.type=text
+maxkey.login.captcha.type                       =${LOGIN_CAPTCHA_TYPE:text}
 #enable two factor,use one time password
-maxkey.login.mfa=true
+maxkey.login.mfa                                =${LOGIN_MFA_ENABLED:true}
 #TimeBasedOtpAuthn MailOtpAuthn SmsOtpAuthnYunxin SmsOtpAuthnAliyun SmsOtpAuthnTencentCloud
-maxkey.login.mfa.type=TimeBasedOtpAuthn
-#enable social sign on
-maxkey.login.socialsignon=true
-#social sign on providers
-maxkey.login.socialsignon.providers=gitee,wechatopen,sinaweibo,google,qq,dingtalk,microsoft,facebook,workweixin
-#Enable kerberos/SPNEGO
-maxkey.login.kerberos=true
-#wsFederation
-maxkey.login.wsfederation=false
-#remeberme
-maxkey.login.remeberme=true
-#validity
-maxkey.login.remeberme.validity=0
-#to default application web site
-maxkey.login.default.uri=appList
-maxkey.ipaddress.whitelist=false
-maxkey.notices.visible=false
+maxkey.login.mfa.type                           =${LOGIN_MFA_TYPE:TimeBasedOtpAuthn}
+#enable social sign on          
+maxkey.login.socialsignon                       =${LOGIN_SOCIAL_ENABLED:true}
+#social sign on providers           
+maxkey.login.socialsignon.providers             =${LOGIN_SOCIAL_PROVIDERS:gitee,wechatopen,sinaweibo,google,qq,dingtalk,microsoft,facebook,workweixin}
+#Enable kerberos/SPNEGO         
+maxkey.login.kerberos                           =false
+#wsFederation           
+maxkey.login.wsfederation                       =false
+#remeberme          
+maxkey.login.remeberme                          =${LOGIN_REMEBERME:true}
+#validity           
+maxkey.login.remeberme.validity                 =0
+#to default application web site            
+maxkey.login.default.uri                        =appList
+maxkey.ipaddress.whitelist                      =false
+maxkey.notices.visible                          =false

 ############################################################################
 #ssl configuration                                                         #
 ############################################################################
-server.ssl.key-store=classpath:maxkeyserver.keystore
-server.ssl.key-alias=maxkey
-server.ssl.enabled=true
-server.ssl.key-store-password=maxkey
-server.ssl.key-store-type=JKS
+server.ssl.key-store                            =${SSL_KEY_STORE:classpath:maxkeyserver.keystore}
+server.ssl.key-alias                            =${SSL_KEY_ALIAS:maxkey}
+server.ssl.enabled                              =${SSL_ENABLED:true}
+server.ssl.key-store-password                   =${SSL_KEY_PASSWORD:maxkey}
+server.ssl.key-store-type                       =${SSL_KEY_STORE_TYPE:JKS}

 ############################################################################
 #database configuration 
@@ -90,64 +90,64 @@ server.ssl.key-store-type=JKS
 #       highgo
 #       postgresql
 ############################################################################
-spring.datasource.type=com.alibaba.druid.pool.DruidDataSource
+spring.datasource.type                          =com.alibaba.druid.pool.DruidDataSource
 #mysql
-spring.datasource.username=root
-spring.datasource.password=maxkey
-spring.datasource.url=jdbc:mysql://localhost/maxkey?autoReconnect=true&characterEncoding=UTF-8&serverTimezone=UTC
-spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
+spring.datasource.driver-class-name             =com.mysql.cj.jdbc.Driver
+spring.datasource.username                      =${DATABASE_USER:root}
+spring.datasource.password                      =${DATABASE_PWD:maxkey}
+spring.datasource.url                           =jdbc:mysql://${DATABASE_HOST:localhost}:${DATABASE_PORT:3306}/${DATABASE_NAME:maxkey}?autoReconnect=true&characterEncoding=UTF-8&serverTimezone=UTC
 #highgo
+#spring.datasource.driver-class-name=com.highgo.jdbc.Driver
 #spring.datasource.username=highgo
 #spring.datasource.password=High@123
 #spring.datasource.url=jdbc:highgo://192.168.56.107:5866/highgo?characterEncoding=UTF-8&useUnicode=true&useSSL=false&tinyInt1isBit=false&allowPublicKeyRetrieval=true&serverTimezone=Asia/Shanghai
-#spring.datasource.driver-class-name=com.highgo.jdbc.Driver
 #postgresql
+#spring.datasource.driver-class-name=org.postgresql.Driver
 #spring.datasource.username=root
 #spring.datasource.password=maxkey!
 #spring.datasource.url=jdbc:postgresql://localhost/maxkey?characterEncoding=UTF-8&useUnicode=true&useSSL=false&tinyInt1isBit=false&allowPublicKeyRetrieval=true&serverTimezone=Asia/Shanghai
-#spring.datasource.driver-class-name=org.postgresql.Driver
 #mybatis
-mybatis.dialect=mysql
-mybatis.type-aliases-package=org.maxkey.entity,org.maxkey.entity.apps,
-mybatis.mapper-locations=classpath*:/org/maxkey/persistence/mapper/xml/${mybatis.dialect}/*.xml
-mybatis.table-column-snowflake-datacenter-id=1
-mybatis.table-column-snowflake-machine-id=1
-mybatis.table-column-escape=false
-mybatis.table-column-case=lowercase
+mybatis.dialect                                 =mysql
+mybatis.type-aliases-package                    =org.maxkey.entity,org.maxkey.entity.apps,
+mybatis.mapper-locations                        =classpath*:/org/maxkey/persistence/mapper/xml/${mybatis.dialect}/*.xml
+mybatis.table-column-snowflake-datacenter-id    =1
+mybatis.table-column-snowflake-machine-id       =1
+mybatis.table-column-escape                     =false
+mybatis.table-column-case                       =lowercase

 ############################################################################
 #redis server  configuration                                               #
 ############################################################################
-spring.redis.host=127.0.0.1
-spring.redis.port=6379
-spring.redis.password=password
-spring.redis.timeout=10000
-spring.redis.jedis.pool.max-wait=1000
-spring.redis.jedis.pool.max-idle=200
-spring.redis.lettuce.pool.max-active=-1
-spring.redis.lettuce.pool.min-idle=0
+spring.redis.host                               =${REDIS_HOST:127.0.0.1}
+spring.redis.port                               =${REDIS_PORT:6379}
+spring.redis.password                           =${REDIS_PWD:password}
+spring.redis.timeout                            =10000
+spring.redis.jedis.pool.max-wait                =1000
+spring.redis.jedis.pool.max-idle                =200
+spring.redis.lettuce.pool.max-active            =-1
+spring.redis.lettuce.pool.min-idle              =0

 ############################################################################
 #mail configuration                                                        #
 ############################################################################
-spring.mail.default-encoding=utf-8
-spring.mail.host=smtp.163.com
-spring.mail.port=465
-spring.mail.username=maxkey@163.com
-spring.mail.password=password
-spring.mail.protocol=smtp
-spring.mail.properties.ssl=true
-spring.mail.properties.sender=maxkey@163.com
-spring.mail.properties.mailotp.message.subject=MaxKey One Time PassWord
-spring.mail.properties.mailotp.message.template={0} You Token is {1} , it validity in {2}  minutes.
-spring.mail.properties.mailotp.message.type=html
-spring.mail.properties.mailotp.message.validity=300
+spring.mail.default-encoding                    =utf-8
+spring.mail.host                                =${MAIL_HOST:smtp.163.com}
+spring.mail.port                                =${MAIL_PORT:465}
+spring.mail.username                            =${MAIL_USER:maxkey@163.com}
+spring.mail.password                            =${MAIL_PWD:password}
+spring.mail.protocol                            =smtp
+spring.mail.properties.ssl                      =true
+spring.mail.properties.sender                   =${MAIL_SENDER:maxkey@163.com}
+spring.mail.properties.mailotp.message.subject  =MaxKey One Time PassWord
+spring.mail.properties.mailotp.message.template ={0} You Token is {1} , it validity in {2}  minutes.
+spring.mail.properties.mailotp.message.type     =html
+spring.mail.properties.mailotp.message.validity =300

 ############################################################################
 #Spring Session for Cluster configuration                                  #
 ############################################################################
 # Session store type.
-spring.session.store-type=none
+spring.session.store-type                       =none
 #spring.session.store-type=redis
 # Session timeout. If a duration suffix is not specified, seconds is used.
 #server.servlet.session.timeout=1800
@@ -159,20 +159,20 @@ spring.session.store-type=none
 ############################################################################
 #Kafka for connectors configuration                                        #
 ############################################################################
-spring.kafka.bootstrap-servers=localhost:9092
-# retries
-spring.kafka.producer.retries=0
-# acks
-spring.kafka.producer.acks=1
-# batch-size
-spring.kafka.producer.batch-size=16384
-# linger.ms
-spring.kafka.producer.properties.linger.ms=0
-# buffer-memory
-spring.kafka.producer.buffer-memory = 33554432
-# serializer
-spring.kafka.producer.key-serializer=org.apache.kafka.common.serialization.StringSerializer
-spring.kafka.producer.value-serializer=org.apache.kafka.common.serialization.StringSerializer
+spring.kafka.bootstrap-servers                  =${KAFKA_SERVERS:localhost:9092}
+# retries   
+spring.kafka.producer.retries                   =0
+# acks  
+spring.kafka.producer.acks                      =1
+# batch-size    
+spring.kafka.producer.batch-size                =16384
+# linger.ms 
+spring.kafka.producer.properties.linger.ms      =0
+# buffer-memory 
+spring.kafka.producer.buffer-memory             =33554432
+# serializer    
+spring.kafka.producer.key-serializer            =org.apache.kafka.common.serialization.StringSerializer
+spring.kafka.producer.value-serializer          =org.apache.kafka.common.serialization.StringSerializer
 # partitioner
 #spring.kafka.producer.properties.partitioner.class=com.felix.kafka.producer.CustomizePartitioner

@@ -181,74 +181,74 @@ spring.kafka.producer.value-serializer=org.apache.kafka.common.serialization.Str
 #SmsOtpAuthnYunxin SmsOtpAuthnAliyun SmsOtpAuthnTencentCloud               #
 ############################################################################
 #default
-maxkey.otp.sms=SmsOtpAuthnYunxin
-#aliyun
-maxkey.otp.sms.aliyun.accesskeyid=94395d754eb55693043f5d6a2b772ef4
-maxkey.otp.sms.aliyun.accesssecret=05d5485357bc
-maxkey.otp.sms.aliyun.templatecode=14860095
-maxkey.otp.sms.aliyun.signname=maxkey
-#yunxin
-maxkey.otp.sms.yunxin.appkey=94395d754eb55693043f5d6a2b772ef3
-maxkey.otp.sms.yunxin.appsecret=05d5485357bc
-maxkey.otp.sms.yunxin.templateid=14860099
-#tencentcloud
-maxkey.otp.sms.tencentcloud.secretid=94395d754eb55693043f5d6a2b772ef4
-maxkey.otp.sms.tencentcloud.secretkey=05d5485357bc
-maxkey.otp.sms.tencentcloud.smssdkappid=1486220095
-maxkey.otp.sms.tencentcloud.templateid=14860095
-maxkey.otp.sms.tencentcloud.sign=1486009522
+maxkey.otp.sms                                  =${SMS_IMPL:SmsOtpAuthnYunxin}
+#aliyun     
+maxkey.otp.sms.aliyun.accesskeyid               =${SMS_ALIYUN_ACCESSKEYID:94395d754eb55693043f5d6a2b772ef4}
+maxkey.otp.sms.aliyun.accesssecret              =${SMS_ALIYUN_ACCESSSECRET:05d5485357bc}
+maxkey.otp.sms.aliyun.templatecode              =${SMS_ALIYUN_TEMPLATECODE:14860095}
+maxkey.otp.sms.aliyun.signname                  =${SMS_ALIYUN_SIGNNAME:maxkey}
+#yunxin     
+maxkey.otp.sms.yunxin.appkey                    =${SMS_YUNXIN_APPKEY:94395d754eb55693043f5d6a2b772ef3}
+maxkey.otp.sms.yunxin.appsecret                 =${SMS_YUNXIN_APPSECRET:05d5485357bc}
+maxkey.otp.sms.yunxin.templateid                =${SMS_YUNXIN_TEMPLATEID:14860099}
+#tencentcloud       
+maxkey.otp.sms.tencentcloud.secretid            =${SMS_TENCENTCLOUD_SECRETID:94395d754eb55693043f5d6a2b772ef4}
+maxkey.otp.sms.tencentcloud.secretkey           =${SMS_TENCENTCLOUD_SECRETKEY:05d5485357bc}
+maxkey.otp.sms.tencentcloud.smssdkappid         =${SMS_TENCENTCLOUD_SMSSDKAPPID:1486220095}
+maxkey.otp.sms.tencentcloud.templateid          =${SMS_TENCENTCLOUD_TEMPLATEID:14860095}
+maxkey.otp.sms.tencentcloud.sign                =${SMS_TENCENTCLOUD_SIGN:1486009522}

 ############################################################################ 
 #Time-based One-Time Password configuration                                #
 ############################################################################
-maxkey.otp.keyuri.format.type=totp
-maxkey.otp.keyuri.format.digits=6
-maxkey.otp.keyuri.format.issuer=MaxKey
-maxkey.otp.keyuri.format.domain=${maxkey.server.domain}
-maxkey.otp.keyuri.format.period=30
+maxkey.otp.keyuri.format.type                   =totp
+maxkey.otp.keyuri.format.digits                 =6
+maxkey.otp.keyuri.format.issuer                 =${OTP_KEYURI_ISSUER:MaxKey}
+maxkey.otp.keyuri.format.domain                 =${maxkey.server.domain}
+maxkey.otp.keyuri.format.period                 =30

 ############################################################################ 
 #LDAP Login support configuration                                          #
 ############################################################################
-maxkey.support.ldap.enable=false
-maxkey.support.ldap.jit=false
-#openldap,activedirectory,normal
-maxkey.support.ldap.product=openldap
-maxkey.support.ldap.ssl=false
-maxkey.support.ldap.providerurl=ldap://localhost:389
-maxkey.support.ldap.principal=cn=Manager,dc=maxcrc,dc=com
-maxkey.support.ldap.credentials=secret
-maxkey.support.ldap.basedn=dc=maxcrc,dc=com
-maxkey.support.ldap.filter=(uid=%s)
-maxkey.support.ldap.truststore=maxkey
-maxkey.support.ldap.truststorepassword=maxkey
-#activedirectory effective
-maxkey.support.ldap.activedirectory.domain=MAXKEY.ORG
+maxkey.support.ldap.enable                      =${LDAP_ENABLE:false}
+maxkey.support.ldap.jit                         =false
+#openldap,activedirectory,normal    
+maxkey.support.ldap.product                     =${LDAP_PRODUCT:openldap}
+maxkey.support.ldap.ssl                         =${LDAP_SSL:false}
+maxkey.support.ldap.providerurl                 =${LDAP_PROVIDERURL:ldap://localhost:389}
+maxkey.support.ldap.principal                   =${LDAP_PRINCIPAL:cn=Manager,dc=maxcrc,dc=com}
+maxkey.support.ldap.credentials                 =${LDAP_CREDENTIALS:secret}
+maxkey.support.ldap.basedn                      =${LDAP_BASEDN:dc=maxcrc,dc=com}
+maxkey.support.ldap.filter                      =(uid=%s)
+maxkey.support.ldap.truststore                  =${LDAP_TRUSTSTORE:maxkey}
+maxkey.support.ldap.truststorepassword          =${LDAP_TRUSTSTORE_PASSWORD:maxkey}
+#activedirectory effective  
+maxkey.support.ldap.activedirectory.domain      =${LDAP_AD_DOMAIN:MAXKEY.ORG}

 ############################################################################ 
 #Kerberos Login configuration                                              #
 #short name of user domain must be in upper case,eg:MAXKEY                 #
 ############################################################################
-maxkey.support.kerberos.default.userdomain=MAXKEY
+maxkey.support.kerberos.default.userdomain      =MAXKEY
 #short name of user domain must be in upper case,eg:MAXKEY.ORG
-maxkey.support.kerberos.default.fulluserdomain=MAXKEY.ORG
+maxkey.support.kerberos.default.fulluserdomain  =MAXKEY.ORG
 #last 8Bit crypto for Kerberos web Authentication 
-maxkey.support.kerberos.default.crypto=846KZSzYq56M6d5o
+maxkey.support.kerberos.default.crypto          =846KZSzYq56M6d5o
 #Kerberos Authentication server RUL
-maxkey.support.kerberos.default.redirecturi=http://sso.maxkey.top/kerberos/authn/
+maxkey.support.kerberos.default.redirecturi     =http://sso.maxkey.top/kerberos/authn/

 ############################################################################ 
 #HTTPHEADER Login configuration                                            #
 ############################################################################
-maxkey.support.httpheader.enable=false
-maxkey.support.httpheader.headername=header-user
+maxkey.support.httpheader.enable                =false
+maxkey.support.httpheader.headername            =header-user
 # iv-user is for IBM Security Access Manager
 #config.httpheader.headername=iv-user

 ############################################################################ 
 #BASIC Login support configuration                                         #
 ############################################################################
-maxkey.support.basic.enable=false
+maxkey.support.basic.enable                     =false

 #############################################################################
 #WsFederation Login support configuration
@@ -260,184 +260,184 @@ maxkey.support.basic.enable=false
 #attributeMutator: (optional) a class (defined by you) that can modify the attributes/assertions returned by the ADFS server
 #signingCertificate: ADFS's signing certificate used to validate the token/assertions issued by ADFS.
 ############################################################################
-maxkey.support.wsfederation.identifier=http://adfs.maxkey.top/adfs/services/trust
-maxkey.support.wsfederation.url=https://adfs.maxkey.top/adfs/ls/
-maxkey.support.wsfederation.principal=upn
-maxkey.support.wsfederation.relyingParty=urn:federation:connsec
-maxkey.support.wsfederation.signingCertificate=adfs-signing.crt
-maxkey.support.wsfederation.tolerance=10000
-maxkey.support.wsfederation.upn.suffix=maxkey.org
-maxkey.support.wsfederation.logoutUrl=https://adfs.maxkey.top/adfs/ls/?wa=wsignout1.0
+maxkey.support.wsfederation.identifier          =http://adfs.maxkey.top/adfs/services/trust
+maxkey.support.wsfederation.url                 =https://adfs.maxkey.top/adfs/ls/
+maxkey.support.wsfederation.principal           =upn
+maxkey.support.wsfederation.relyingParty        =urn:federation:connsec
+maxkey.support.wsfederation.signingCertificate  =adfs-signing.crt
+maxkey.support.wsfederation.tolerance           =10000
+maxkey.support.wsfederation.upn.suffix          =maxkey.org
+maxkey.support.wsfederation.logoutUrl           =https://adfs.maxkey.top/adfs/ls/?wa=wsignout1.0

 #############################################################################
 #OIDC V1.0 METADATA configuration                                           #
 #############################################################################
-maxkey.oidc.metadata.issuer=${maxkey.server.name}/maxkey
-maxkey.oidc.metadata.authorizationEndpoint=${maxkey.server.name}/maxkey/authz/oauth/v20/authorize
-maxkey.oidc.metadata.tokenEndpoint=${maxkey.server.name}/maxkey/authz/oauth/v20/token
-maxkey.oidc.metadata.userinfoEndpoint=${maxkey.server.name}/maxkey/api/connect/userinfo
+maxkey.oidc.metadata.issuer                     =${maxkey.server.name}/maxkey
+maxkey.oidc.metadata.authorizationEndpoint      =${maxkey.server.name}/maxkey/authz/oauth/v20/authorize
+maxkey.oidc.metadata.tokenEndpoint              =${maxkey.server.name}/maxkey/authz/oauth/v20/token
+maxkey.oidc.metadata.userinfoEndpoint           =${maxkey.server.name}/maxkey/api/connect/userinfo

 #############################################################################
 #SAML V2.0 configuration                                                    #
 #############################################################################
 #saml common
-maxkey.saml.v20.max.parser.pool.size=2
-maxkey.saml.v20.assertion.validity.time.ins.seconds=90
-maxkey.saml.v20.replay.cache.life.in.millis=14400000
-maxkey.saml.v20.issue.instant.check.clock.skew.in.seconds=90
-maxkey.saml.v20.issue.instant.check.validity.time.in.seconds=300
+maxkey.saml.v20.max.parser.pool.size                            =2
+maxkey.saml.v20.assertion.validity.time.ins.seconds             =90
+maxkey.saml.v20.replay.cache.life.in.millis                     =14400000
+maxkey.saml.v20.issue.instant.check.clock.skew.in.seconds       =90
+maxkey.saml.v20.issue.instant.check.validity.time.in.seconds    =300
 #saml idp keystore
-maxkey.saml.v20.idp.keystore.password=maxkey
-maxkey.saml.v20.idp.keystore.private.key.password=maxkey
-maxkey.saml.v20.idp.keystore=classpath\:config/samlServerKeystore.jks
+maxkey.saml.v20.idp.keystore.password                           =maxkey
+maxkey.saml.v20.idp.keystore.private.key.password               =maxkey
+maxkey.saml.v20.idp.keystore                                    =classpath\:config/samlServerKeystore.jks
 #keystore id for sec
-maxkey.saml.v20.idp.issuing.entity.id=maxkey.top
-maxkey.saml.v20.idp.issuer=https://sso.maxkey.top/maxkey/saml
-maxkey.saml.v20.idp.receiver.endpoint=https\://sso.maxkey.top/
+maxkey.saml.v20.idp.issuing.entity.id                           =maxkey.top
+maxkey.saml.v20.idp.issuer                                      =https://sso.maxkey.top/maxkey/saml
+maxkey.saml.v20.idp.receiver.endpoint                           =https\://sso.maxkey.top/
 #saml sp keystore
-maxkey.saml.v20.sp.keystore.password=maxkey
-maxkey.saml.v20.sp.keystore.private.key.password=maxkey
-maxkey.saml.v20.sp.keystore=classpath\:config/samlClientKeystore.jks
-maxkey.saml.v20.sp.issuing.entity.id=client.maxkey.org
+maxkey.saml.v20.sp.keystore.password                            =maxkey
+maxkey.saml.v20.sp.keystore.private.key.password                =maxkey
+maxkey.saml.v20.sp.keystore                                     =classpath\:config/samlClientKeystore.jks
+maxkey.saml.v20.sp.issuing.entity.id                            =client.maxkey.org
 #Saml v20 METADATA
-maxkey.saml.v20.metadata.orgName=MaxKeyTop
-maxkey.saml.v20.metadata.orgDisplayName=MaxKeyTop
-maxkey.saml.v20.metadata.orgURL=https://www.maxkey.top
-maxkey.saml.v20.metadata.contactType=technical
-maxkey.saml.v20.metadata.company=MaxKeyTop
-maxkey.saml.v20.metadata.givenName=maxkey
-maxkey.saml.v20.metadata.surName=maxkey
-maxkey.saml.v20.metadata.emailAddress=maxkeysupport@163.com
-maxkey.saml.v20.metadata.telephoneNumber=4008981111
+maxkey.saml.v20.metadata.orgName                =MaxKeyTop
+maxkey.saml.v20.metadata.orgDisplayName         =MaxKeyTop
+maxkey.saml.v20.metadata.orgURL                 =https://www.maxkey.top
+maxkey.saml.v20.metadata.contactType            =technical
+maxkey.saml.v20.metadata.company                =MaxKeyTop
+maxkey.saml.v20.metadata.givenName              =maxkey
+maxkey.saml.v20.metadata.surName                =maxkey
+maxkey.saml.v20.metadata.emailAddress           =maxkeysupport@163.com
+maxkey.saml.v20.metadata.telephoneNumber        =4008981111

 ############################################################################
 #              Social Sign On Configuration                                #
 #you config client.id & client.secret only                                 #
 ############################################################################
 #gitee
-maxkey.socialsignon.gitee.provider=gitee
-maxkey.socialsignon.gitee.provider.name=Gitee
-maxkey.socialsignon.gitee.icon=images/social/gitee.png
-maxkey.socialsignon.gitee.client.id=ee6fdc484b3398d17e77d6ff37fd8b9fe502106398c7b22bf5522d3c01303f45
-maxkey.socialsignon.gitee.client.secret=d6c3558f295f044df538c966a9084166f9a877c7a7392543184007a5faccdbad
-maxkey.socialsignon.gitee.account.id=id
-maxkey.socialsignon.gitee.hidden=false
-maxkey.socialsignon.gitee.sortorder=1
+maxkey.socialsignon.gitee.provider              =gitee
+maxkey.socialsignon.gitee.provider.name         =Gitee
+maxkey.socialsignon.gitee.icon                  =images/social/gitee.png
+maxkey.socialsignon.gitee.client.id             =${SOCIAL_GITEE_CLIENTID:ee6fdc484b3398d17e77d6ff37fd8b9fe502106398c7b22bf5522d3c01303f45}
+maxkey.socialsignon.gitee.client.secret         =${SOCIAL_GITEE_CLIENTSECRET:d6c3558f295f044df538c966a9084166f9a877c7a7392543184007a5faccdbad}
+maxkey.socialsignon.gitee.account.id            =id
+maxkey.socialsignon.gitee.hidden                =false
+maxkey.socialsignon.gitee.sortorder             =1
 #wechat
-maxkey.socialsignon.wechatopen.provider=wechatopen
-maxkey.socialsignon.wechatopen.provider.name=\u5fae\u4fe1
-maxkey.socialsignon.wechatopen.icon=images/social/wechat.png
-maxkey.socialsignon.wechatopen.client.id=ee6fdc484b3398d17e7
-maxkey.socialsignon.wechatopen.client.secret=7a5faccdbad
-maxkey.socialsignon.wechatopen.account.id=id
-maxkey.socialsignon.wechatopen.hidden=false
-maxkey.socialsignon.wechatopen.sortorder=2
+maxkey.socialsignon.wechatopen.provider         =wechatopen
+maxkey.socialsignon.wechatopen.provider.name    =\u5fae\u4fe1
+maxkey.socialsignon.wechatopen.icon             =images/social/wechat.png
+maxkey.socialsignon.wechatopen.client.id        =${SOCIAL_WECHATOPEN_CLIENTID:ee6fdc484b3398d17e7}
+maxkey.socialsignon.wechatopen.client.secret    =${SOCIAL_WECHATOPEN_CLIENTSECRET:7a5faccdbad}
+maxkey.socialsignon.wechatopen.account.id       =id
+maxkey.socialsignon.wechatopen.hidden           =false
+maxkey.socialsignon.wechatopen.sortorder        =2
 #work weixin
-maxkey.socialsignon.workweixin.provider=workweixin
-maxkey.socialsignon.workweixin.provider.name=\u4F01\u4E1A\u5fae\u4fe1
-maxkey.socialsignon.workweixin.icon=images/social/wechat_enterprise.png
-maxkey.socialsignon.workweixin.client.id=ww61ca142e1fe5b8ca
-maxkey.socialsignon.workweixin.client.secret=CfWEoALuKdSKzXiV-QWXeGSD5zPd6Svze3GR_gB5eFs
-maxkey.socialsignon.workweixin.agent.id=1000002
-maxkey.socialsignon.workweixin.account.id=id
-maxkey.socialsignon.workweixin.hidden=true
-maxkey.socialsignon.workweixin.sortorder=2
+maxkey.socialsignon.workweixin.provider         =workweixin
+maxkey.socialsignon.workweixin.provider.name    =\u4F01\u4E1A\u5fae\u4fe1
+maxkey.socialsignon.workweixin.icon             =images/social/wechat_enterprise.png
+maxkey.socialsignon.workweixin.client.id        =${SOCIAL_WORKWEIXIN_CLIENTID:ww61ca142e1fe5b8ca}
+maxkey.socialsignon.workweixin.client.secret    =${SOCIAL_WORKWEIXIN_CLIENTSECRET:CfWEoALuKdSKzXiV-QWXeGSD5zPd6Svze3GR_gB5eFs}
+maxkey.socialsignon.workweixin.agent.id         =${SOCIAL_WORKWEIXIN_AGENTID:1000002}
+maxkey.socialsignon.workweixin.account.id       =id
+maxkey.socialsignon.workweixin.hidden           =true
+maxkey.socialsignon.workweixin.sortorder        =2
 #sina weibo
-maxkey.socialsignon.sinaweibo.provider=sinaweibo
-maxkey.socialsignon.sinaweibo.provider.name=\u65b0\u6d6a\u5fae\u535a
-maxkey.socialsignon.sinaweibo.icon=images/social/weibo.png
-maxkey.socialsignon.sinaweibo.client.id=3379757634
-maxkey.socialsignon.sinaweibo.client.secret=1adfdf9800299037bcab9d1c238664ba
-maxkey.socialsignon.sinaweibo.account.id=id
-maxkey.socialsignon.sinaweibo.hidden=false
-maxkey.socialsignon.sinaweibo.sortorder=3
+maxkey.socialsignon.sinaweibo.provider          =sinaweibo
+maxkey.socialsignon.sinaweibo.provider.name     =\u65b0\u6d6a\u5fae\u535a
+maxkey.socialsignon.sinaweibo.icon              =images/social/weibo.png
+maxkey.socialsignon.sinaweibo.client.id         =${SOCIAL_SINAWEIBO_CLIENTID:3379757634}
+maxkey.socialsignon.sinaweibo.client.secret     =${SOCIAL_SINAWEIBO_CLIENTSECRET:1adfdf9800299037bcab9d1c238664ba}
+maxkey.socialsignon.sinaweibo.account.id        =id
+maxkey.socialsignon.sinaweibo.hidden            =false
+maxkey.socialsignon.sinaweibo.sortorder         =3
 #Google
-maxkey.socialsignon.google.provider=google
-maxkey.socialsignon.google.provider.name=Google
-maxkey.socialsignon.google.icon=images/social/google.png
-maxkey.socialsignon.google.client.id=519914515488.apps.googleusercontent.com
-maxkey.socialsignon.google.client.secret=3aTW3Iw7e11QqMnHxciCaXTt
-maxkey.socialsignon.google.account.id=id
-maxkey.socialsignon.google.hidden=false
-maxkey.socialsignon.google.sortorder=4
+maxkey.socialsignon.google.provider             =google
+maxkey.socialsignon.google.provider.name        =Google
+maxkey.socialsignon.google.icon                 =images/social/google.png
+maxkey.socialsignon.google.client.id            =${SOCIAL_GOOGLE_CLIENTID:519914515488.apps.googleusercontent.com}
+maxkey.socialsignon.google.client.secret        =${SOCIAL_GOOGLE_CLIENTSECRET:3aTW3Iw7e11QqMnHxciCaXTt}
+maxkey.socialsignon.google.account.id           =id
+maxkey.socialsignon.google.hidden               =false
+maxkey.socialsignon.google.sortorder            =4
 #dingtalk
-maxkey.socialsignon.dingtalk.provider=dingtalk
-maxkey.socialsignon.dingtalk.provider.name=dingtalk
-maxkey.socialsignon.dingtalk.icon=images/social/dingtalk.png
-maxkey.socialsignon.dingtalk.client.id=dingoawf2jyiwh2uzqnphg
-maxkey.socialsignon.dingtalk.client.secret=Crm7YJbMKfRlvG2i1SHpg4GHVpqF_oXiEjhmRQyiSiuzNRWpbFh9i0UjDTfhOoN9
-maxkey.socialsignon.dingtalk.account.id=openid
-maxkey.socialsignon.dingtalk.hidden=false
-maxkey.socialsignon.dingtalk.sortorder=5
+maxkey.socialsignon.dingtalk.provider           =dingtalk
+maxkey.socialsignon.dingtalk.provider.name      =dingtalk
+maxkey.socialsignon.dingtalk.icon               =images/social/dingtalk.png
+maxkey.socialsignon.dingtalk.client.id          =${SOCIAL_DINGTALK_CLIENTID:dingoawf2jyiwh2uzqnphg}
+maxkey.socialsignon.dingtalk.client.secret      =${SOCIAL_DINGTALK_CLIENTSECRET:Crm7YJbMKfRlvG2i1SHpg4GHVpqF_oXiEjhmRQyiSiuzNRWpbFh9i0UjDTfhOoN9}
+maxkey.socialsignon.dingtalk.account.id         =openid
+maxkey.socialsignon.dingtalk.hidden             =false
+maxkey.socialsignon.dingtalk.sortorder          =5
 #QQ
-maxkey.socialsignon.qq.provider=qq
-maxkey.socialsignon.qq.provider.name=QQ
-maxkey.socialsignon.qq.icon=images/social/qq.png
-maxkey.socialsignon.qq.client.id=101225363
-maxkey.socialsignon.qq.client.secret=8577d75e0eb4a91ac549cc8be3371bfd
-maxkey.socialsignon.qq.account.id=openid
-maxkey.socialsignon.qq.hidden=false
-maxkey.socialsignon.qq.sortorder=6
+maxkey.socialsignon.qq.provider                 =qq
+maxkey.socialsignon.qq.provider.name            =QQ
+maxkey.socialsignon.qq.icon                     =images/social/qq.png
+maxkey.socialsignon.qq.client.id                =${SOCIAL_QQ_CLIENTID:101225363}
+maxkey.socialsignon.qq.client.secret            =${SOCIAL_QQ_CLIENTSECRET:8577d75e0eb4a91ac549cc8be3371bfd}
+maxkey.socialsignon.qq.account.id               =openid
+maxkey.socialsignon.qq.hidden                   =false
+maxkey.socialsignon.qq.sortorder                =6
 #Microsoft
-maxkey.socialsignon.microsoft.provider=microsoft
-maxkey.socialsignon.microsoft.provider.name=Microsoft
-maxkey.socialsignon.microsoft.icon=images/social/microsoft.png
-maxkey.socialsignon.microsoft.client.id=24aa73b6-7928-4e64-bd64-d8682e650f95
-maxkey.socialsignon.microsoft.client.secret=PF[_AthtjVrtWVO2mNy@CJxY1@Z8FNf5
-maxkey.socialsignon.microsoft.account.id=id
-maxkey.socialsignon.microsoft.hidden=false
-maxkey.socialsignon.microsoft.sortorder=7
+maxkey.socialsignon.microsoft.provider          =microsoft
+maxkey.socialsignon.microsoft.provider.name     =Microsoft
+maxkey.socialsignon.microsoft.icon              =images/social/microsoft.png
+maxkey.socialsignon.microsoft.client.id         =${SOCIAL_MICROSOFT_CLIENTID:24aa73b6-7928-4e64-bd64-d8682e650f95}
+maxkey.socialsignon.microsoft.client.secret     =${SOCIAL_MICROSOFT_CLIENTSECRET:PF[_AthtjVrtWVO2mNy@CJxY1@Z8FNf5}
+maxkey.socialsignon.microsoft.account.id        =id
+maxkey.socialsignon.microsoft.hidden            =false
+maxkey.socialsignon.microsoft.sortorder         =7
 #facebook
-maxkey.socialsignon.facebook.provider=facebook
-maxkey.socialsignon.facebook.provider.name=facebook
-maxkey.socialsignon.facebook.icon=images/social/facebook.png
-maxkey.socialsignon.facebook.client.id=appKey
-maxkey.socialsignon.facebook.client.secret=appSecret
-maxkey.socialsignon.facebook.account.id=id
-maxkey.socialsignon.facebook.hidden=false
-maxkey.socialsignon.facebook.sortorder=8
+maxkey.socialsignon.facebook.provider           =facebook
+maxkey.socialsignon.facebook.provider.name      =facebook
+maxkey.socialsignon.facebook.icon               =images/social/facebook.png
+maxkey.socialsignon.facebook.client.id          =${SOCIAL_FACEBOOK_CLIENTID:appKey}
+maxkey.socialsignon.facebook.client.secret      =${SOCIAL_FACEBOOK_CLIENTSECRET:appSecret}
+maxkey.socialsignon.facebook.account.id         =id
+maxkey.socialsignon.facebook.hidden             =false
+maxkey.socialsignon.facebook.sortorder          =8

 ############################################################################
 #Management endpoints configuration                                        #
 ############################################################################
-management.security.enabled=false
+management.security.enabled                     =false
 #management.endpoints.jmx.exposure.include=health,info
 #management.endpoints.web.exposure.include=metrics,health,info,env
-management.endpoints.web.exposure.include=*
-management.endpoint.health.show-details=ALWAYS
+management.endpoints.web.exposure.include       =*
+management.endpoint.health.show-details         =ALWAYS
 #Spring Boot Admin Client
-spring.application.name=maxkey
-spring.boot.admin.client.url=http://127.0.0.1:9528
-management.health.redis.enabled: false
+spring.application.name                         =maxkey
+spring.boot.admin.client.url                    =${SPRING_BOOT_ADMIN_URL:http://127.0.0.1:9528}
+management.health.redis.enabled                 =false

 ############################################################################
 #springfox.documentation.swagger.v2.path=/api-docs                         #
 #Swagger Configure Properties                                              #
 ############################################################################
-maxkey.swagger.enable=true
-maxkey.swagger.title=MaxKey\u5355\u70b9\u767b\u5f55\u8ba4\u8bc1\u7cfb\u7edfapi\u6587\u6863
-maxkey.swagger.description=MaxKey\u5355\u70b9\u767b\u5f55\u8ba4\u8bc1\u7cfb\u7edfapi\u6587\u6863
-maxkey.swagger.version=${application.formatted-version}
+maxkey.swagger.enable                           =true
+maxkey.swagger.title                            =MaxKey\u5355\u70b9\u767b\u5f55\u8ba4\u8bc1\u7cfb\u7edfapi\u6587\u6863
+maxkey.swagger.description                      =MaxKey\u5355\u70b9\u767b\u5f55\u8ba4\u8bc1\u7cfb\u7edfapi\u6587\u6863
+maxkey.swagger.version                          =${application.formatted-version}

 ############################################################################
 #freemarker configuration                                                  #
 ############################################################################
-spring.freemarker.template-loader-path=classpath:/templates/views
-spring.freemarker.cache=false
-spring.freemarker.charset=UTF-8
-spring.freemarker.check-template-location=true
-spring.freemarker.content-type=text/html
-spring.freemarker.expose-request-attributes=false
-spring.freemarker.expose-session-attributes=false
-spring.freemarker.request-context-attribute=request
-spring.freemarker.suffix=.ftl
+spring.freemarker.template-loader-path          =classpath:/templates/views
+spring.freemarker.cache                         =false
+spring.freemarker.charset                       =UTF-8
+spring.freemarker.check-template-location       =true
+spring.freemarker.content-type                  =text/html
+spring.freemarker.expose-request-attributes     =false
+spring.freemarker.expose-session-attributes     =false
+spring.freemarker.request-context-attribute     =request
+spring.freemarker.suffix                        =.ftl

 ############################################################################
 #static resources configuration                                            #
 ############################################################################
-spring.mvc.static-path-pattern=/static/**
-spring.messages.basename=classpath:messages/message
-spring.messages.encoding=UTF-8
+spring.mvc.static-path-pattern                  =/static/**
+spring.messages.basename                        =classpath:messages/message
+spring.messages.encoding                        =UTF-8

 ############################################################################
 #server servlet encoding configuration                                     #
@@ -450,11 +450,5 @@ spring.messages.encoding=UTF-8
 ############################################################################
 #Servlet multipart configuration                                           #
 ############################################################################
-spring.servlet.multipart.enabled=true
-spring.servlet.multipart.max-file-size=4194304
-
-############################################################################
-#Main.banner-mode configuration                                            #
-############################################################################
-spring.main.banner-mode=log
-spring.main.allow-bean-definition-overriding=true
+spring.servlet.multipart.enabled                =true
+spring.servlet.multipart.max-file-size          =4194304
--- a/maxkey-webs/maxkey-web-maxkey/src/main/resources/application.properties
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/resources/application.properties
@@ -15,18 +15,18 @@
 ############################################################################
 #MaxKey Title and Version                                                  #
 ############################################################################
-application.title=MaxKey
-application.name=MaxKey
-application.formatted-version=v2.9.0 GA
+application.title                           =MaxKey
+application.name                            =MaxKey
+application.formatted-version               =v2.9.0 GA
 #for dynamic service discovery
-spring.application.name=maxkey
+spring.application.name                     =maxkey
 ############################################################################
 #Main.banner-mode configuration                                            #
 ############################################################################
-spring.main.banner-mode=log
+spring.main.banner-mode                     =log
 spring.main.allow-bean-definition-overriding=true
 ############################################################################
 #spring.profiles.active https/http; default https                          #
 ############################################################################
-spring.profiles.active=https
+spring.profiles.active                      =http

--- a/maxkey-webs/maxkey-web-maxkey/src/main/resources/bootstrap.properties
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/resources/bootstrap.properties
-spring.cloud.nacos.config.server-addr=127.0.0.1:8848
+spring.cloud.nacos.config.server-addr           =${NACOS_CONFIG_SERVER_ADDR:127.0.0.1:8848}

 # Nacos \u63A7\u5236\u53F0\u6DFB\u52A0\u914D\u7F6E\uFF1A
 # Data ID\uFF1Amaxkey.properties
 # Group\uFF1ADEFAULT_GROUP
 # \u914D\u7F6E\u5185\u5BB9\uFF1AuseLocalCache=true
-spring.application.name=maxkey
+spring.application.name                         =maxkey
 # \u6307\u5B9A\u914D\u7F6E\u7684\u540E\u7F00\uFF0C\u652F\u6301 properties\u3001yaml\u3001yml\uFF0C\u9ED8\u8BA4\u4E3A properties
-spring.cloud.nacos.config.file-extension=properties
+spring.cloud.nacos.config.file-extension        =properties
 #spring.cloud.nacos.config.file-extension=yaml
 #\u662F\u5426\u542F\u7528nacos\u914D\u7F6E
-spring.cloud.nacos.config.enabled=false
\ No newline at end of file
+spring.cloud.nacos.config.enabled               =${NACOS_CONFIG_ENABLED:false}
\ No newline at end of file
--- a/maxkey-webs/maxkey-web-mgt/src/main/resources/application-http.properties
+++ b/maxkey-webs/maxkey-web-mgt/src/main/resources/application-http.properties
@@ -16,54 +16,54 @@
 #MaxKey Server  configuration                                              #
 ############################################################################
 #server port
-server.port=9527
+server.port                                     =9527
 #server context path
-server.servlet.context-path=/maxkey-mgt
+server.servlet.context-path                     =/maxkey-mgt
 #nacos
-spring.cloud.nacos.discovery.enabled=false
-spring.cloud.nacos.discovery.instance-enabled=false
-spring.cloud.nacos.discovery.server-addr=127.0.0.1:8848
+spring.cloud.nacos.discovery.enabled            =${NACOS_DISCOVERY_ENABLED:false}
+spring.cloud.nacos.discovery.instance-enabled   =false
+spring.cloud.nacos.discovery.server-addr        =${NACOS_DISCOVERY_SERVER_ADDR:127.0.0.1:8848}
 ############################################################################
 #domain name configuration                                                 #
 ############################################################################
-maxkey.server.scheme=http
-maxkey.server.basedomain=maxkey.top
-maxkey.server.domain=sso.${maxkey.server.basedomain}
-maxkey.server.name=${maxkey.server.scheme}://${maxkey.server.domain}
-maxkey.server.uri=${maxkey.server.name}:9527/maxkey-mgt
+maxkey.server.scheme                            =http
+maxkey.server.basedomain                        =${SERVER_DOMAIN:maxkey.top}
+maxkey.server.domain                            =sso.${maxkey.server.basedomain}
+maxkey.server.name                              =${maxkey.server.scheme}://${maxkey.server.domain}
+maxkey.server.uri                               =${maxkey.server.name}:9527/maxkey-mgt
 #default.uri
-maxkey.server.default.uri=${maxkey.server.uri}/main
-maxkey.server.mgt.uri=${maxkey.server.name}:9527/maxkey-mgt
-maxkey.server.authz.uri=https://${maxkey.server.domain}/maxkey
+maxkey.server.default.uri                       =${maxkey.server.uri}/main
+maxkey.server.mgt.uri                           =${maxkey.server.name}:9527/maxkey-mgt
+maxkey.server.authz.uri                         =https://${maxkey.server.domain}/maxkey
 #InMemory 0 , Redis 2 
-maxkey.server.persistence=0
+maxkey.server.persistence                       =0
 #identity
-maxkey.identity.kafkasupport=false
+maxkey.identity.kafkasupport                    =${SERVER_KAFKA_SUPPORT:false}

 ############################################################################
 #Login configuration                                                       #
 ############################################################################
 #enable captcha
-maxkey.login.captcha=true
+maxkey.login.captcha                            =${LOGIN_CAPTCHA:true}
 #text or arithmetic
-maxkey.login.captcha.type=text
+maxkey.login.captcha.type                       =${LOGIN_CAPTCHA_TYPE:text}
 #enable two factor,use one time password
-maxkey.login.mfa=false
+maxkey.login.mfa                                =false
 #enable social sign on
-maxkey.login.socialsignon=false
+maxkey.login.socialsignon                       =false
 #Enable kerberos/SPNEGO
-maxkey.login.kerberos=false
+maxkey.login.kerberos                           =false
 #wsFederation
-maxkey.login.wsfederation=false
+maxkey.login.wsfederation                       =false
 #remeberme
-maxkey.login.remeberme=false
+maxkey.login.remeberme                          =false
 #validity
-maxkey.login.remeberme.validity=0
+maxkey.login.remeberme.validity                 =0
 #default.uri
 #to appList page
-maxkey.login.default.uri=appList
+maxkey.login.default.uri                        =appList
 #ipaddress whitelist
-maxkey.ipaddress.whitelist=false
+maxkey.ipaddress.whitelist                      =false

 ############################################################################
 #database configuration 
@@ -72,60 +72,64 @@ maxkey.ipaddress.whitelist=false
 #       highgo
 #       postgresql
 ############################################################################
-spring.datasource.type=com.alibaba.druid.pool.DruidDataSource
+spring.datasource.type                          =com.alibaba.druid.pool.DruidDataSource
 #mysql
-spring.datasource.username=root
-spring.datasource.password=maxkey
-spring.datasource.url=jdbc:mysql://localhost/maxkey?autoReconnect=true&characterEncoding=UTF-8&serverTimezone=UTC
-spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
+spring.datasource.driver-class-name             =com.mysql.cj.jdbc.Driver
+spring.datasource.username                      =${DATABASE_USER:root}
+spring.datasource.password                      =${DATABASE_PWD:maxkey}
+spring.datasource.url                           =jdbc:mysql://${DATABASE_HOST:localhost}:${DATABASE_PORT:3306}/${DATABASE_NAME:maxkey}?autoReconnect=true&characterEncoding=UTF-8&serverTimezone=UTC
 #highgo
+#spring.datasource.driver-class-name=com.highgo.jdbc.Driver
 #spring.datasource.username=highgo
 #spring.datasource.password=High@123
 #spring.datasource.url=jdbc:highgo://192.168.56.107:5866/highgo?characterEncoding=UTF-8&useUnicode=true&useSSL=false&tinyInt1isBit=false&allowPublicKeyRetrieval=true&serverTimezone=Asia/Shanghai
-#spring.datasource.driver-class-name=com.highgo.jdbc.Driver
 #postgresql
+#spring.datasource.driver-class-name=org.postgresql.Driver
 #spring.datasource.username=root
 #spring.datasource.password=maxkey!
 #spring.datasource.url=jdbc:postgresql://localhost/maxkey?characterEncoding=UTF-8&useUnicode=true&useSSL=false&tinyInt1isBit=false&allowPublicKeyRetrieval=true&serverTimezone=Asia/Shanghai
-#spring.datasource.driver-class-name=org.postgresql.Driver
 #mybatis
-mybatis.dialect=mysql
-mybatis.type-aliases-package=org.maxkey.entity,org.maxkey.entity.apps,
-mybatis.mapper-locations=classpath*:/org/maxkey/persistence/mapper/xml/${mybatis.dialect}/*.xml
-mybatis.table-column-snowflake-datacenter-id=1
-mybatis.table-column-snowflake-machine-id=1
-mybatis.table-column-escape=false
-mybatis.table-column-case=lowercase
+mybatis.dialect                                 =mysql
+mybatis.type-aliases-package                    =org.maxkey.entity,org.maxkey.entity.apps,
+mybatis.mapper-locations                        =classpath*:/org/maxkey/persistence/mapper/xml/${mybatis.dialect}/*.xml
+mybatis.table-column-snowflake-datacenter-id    =1
+mybatis.table-column-snowflake-machine-id       =1
+mybatis.table-column-escape                     =false
+mybatis.table-column-case                       =lowercase

 ############################################################################
 #redis server  configuration                                               #
 ############################################################################
-spring.redis.host=127.0.0.1
-spring.redis.port=6379
-spring.redis.password=password
-spring.redis.timeout=10000
-spring.redis.jedis.pool.max-wait=1000
-spring.redis.jedis.pool.max-idle=200
-spring.redis.lettuce.pool.max-active=-1
-spring.redis.lettuce.pool.min-idle=0
+spring.redis.host                               =${REDIS_HOST:127.0.0.1}
+spring.redis.port                               =${REDIS_PORT:6379}
+spring.redis.password                           =${REDIS_PWD:password}
+spring.redis.timeout                            =10000
+spring.redis.jedis.pool.max-wait                =1000
+spring.redis.jedis.pool.max-idle                =200
+spring.redis.lettuce.pool.max-active            =-1
+spring.redis.lettuce.pool.min-idle              =0

 ############################################################################
 #mail configuration                                                        #
 ############################################################################
-spring.mail.default-encoding=utf-8
-spring.mail.host=smtp.163.com
-spring.mail.port=465
-spring.mail.username=maxkey@163.com
-spring.mail.password=password
-spring.mail.protocol=smtp
-spring.mail.properties.ssl=true
-spring.mail.properties.sender=maxkey@163.com
+spring.mail.default-encoding                    =utf-8
+spring.mail.host                                =${MAIL_HOST:smtp.163.com}
+spring.mail.port                                =${MAIL_PORT:465}
+spring.mail.username                            =${MAIL_USER:maxkey@163.com}
+spring.mail.password                            =${MAIL_PWD:password}
+spring.mail.protocol                            =smtp
+spring.mail.properties.ssl                      =true
+spring.mail.properties.sender                   =${MAIL_SENDER:maxkey@163.com}
+spring.mail.properties.mailotp.message.subject  =MaxKey One Time PassWord
+spring.mail.properties.mailotp.message.template ={0} You Token is {1} , it validity in {2}  minutes.
+spring.mail.properties.mailotp.message.type     =html
+spring.mail.properties.mailotp.message.validity =300

 ############################################################################
-#Spring Session  configuration                                             #
+#Spring Session for Cluster configuration                                  #
 ############################################################################
-#Session store type.
-spring.session.store-type=none
+# Session store type.
+spring.session.store-type                       =none
 #spring.session.store-type=redis
 # Session timeout. If a duration suffix is not specified, seconds is used.
 #server.servlet.session.timeout=1800
@@ -137,102 +141,113 @@ spring.session.store-type=none
 ############################################################################
 #Kafka for connectors configuration                                        #
 ############################################################################
-spring.kafka.bootstrap-servers=localhost:9092
-# retries
-spring.kafka.producer.retries=0
-# acks
-spring.kafka.producer.acks=1
-# batch-size
-spring.kafka.producer.batch-size=16384
-# linger.ms
-spring.kafka.producer.properties.linger.ms=0
-# buffer-memory
-spring.kafka.producer.buffer-memory = 33554432
-# serializer
-spring.kafka.producer.key-serializer=org.apache.kafka.common.serialization.StringSerializer
-spring.kafka.producer.value-serializer=org.apache.kafka.common.serialization.StringSerializer
+spring.kafka.bootstrap-servers                  =${KAFKA_SERVERS:localhost:9092}
+# retries   
+spring.kafka.producer.retries                   =0
+# acks  
+spring.kafka.producer.acks                      =1
+# batch-size    
+spring.kafka.producer.batch-size                =16384
+# linger.ms 
+spring.kafka.producer.properties.linger.ms      =0
+# buffer-memory 
+spring.kafka.producer.buffer-memory             =33554432
+# serializer    
+spring.kafka.producer.key-serializer            =org.apache.kafka.common.serialization.StringSerializer
+spring.kafka.producer.value-serializer          =org.apache.kafka.common.serialization.StringSerializer
 # partitioner
-# spring.kafka.producer.properties.partitioner.class=com.felix.kafka.producer.CustomizePartitioner
+#spring.kafka.producer.properties.partitioner.class=com.felix.kafka.producer.CustomizePartitioner

 #############################################################################
 #SAML V2.0 configuration                                                    #
 #############################################################################
-#			saml common
-maxkey.saml.v20.max.parser.pool.size=2
-maxkey.saml.v20.assertion.validity.time.ins.seconds=90
-maxkey.saml.v20.replay.cache.life.in.millis=14400000
-maxkey.saml.v20.issue.instant.check.clock.skew.in.seconds=90
-maxkey.saml.v20.issue.instant.check.validity.time.in.seconds=300
+#saml common
+maxkey.saml.v20.max.parser.pool.size                            =2
+maxkey.saml.v20.assertion.validity.time.ins.seconds             =90
+maxkey.saml.v20.replay.cache.life.in.millis                     =14400000
+maxkey.saml.v20.issue.instant.check.clock.skew.in.seconds       =90
+maxkey.saml.v20.issue.instant.check.validity.time.in.seconds    =300
 #saml idp keystore
-maxkey.saml.v20.idp.keystore.password=maxkey
-maxkey.saml.v20.idp.keystore.private.key.password=maxkey
-maxkey.saml.v20.idp.keystore=classpath\:config/samlServerKeystore.jks
+maxkey.saml.v20.idp.keystore.password                           =maxkey
+maxkey.saml.v20.idp.keystore.private.key.password               =maxkey
+maxkey.saml.v20.idp.keystore                                    =classpath\:config/samlServerKeystore.jks
 #keystore id for sec
-maxkey.saml.v20.idp.issuing.entity.id=maxkey.top
-maxkey.saml.v20.idp.issuer=https://sso.maxkey.top/maxkey/saml
-maxkey.saml.v20.idp.receiver.endpoint=https\://sso.maxkey.top/
+maxkey.saml.v20.idp.issuing.entity.id                           =maxkey.top
+maxkey.saml.v20.idp.issuer                                      =https://sso.maxkey.top/maxkey/saml
+maxkey.saml.v20.idp.receiver.endpoint                           =https\://sso.maxkey.top/
 #saml sp keystore
-maxkey.saml.v20.sp.keystore.password=maxkey
-maxkey.saml.v20.sp.keystore.private.key.password=maxkey
-maxkey.saml.v20.sp.keystore=classpath\:config/samlClientKeystore.jks
-maxkey.saml.v20.sp.issuing.entity.id=client.maxkey.org
+maxkey.saml.v20.sp.keystore.password                            =maxkey
+maxkey.saml.v20.sp.keystore.private.key.password                =maxkey
+maxkey.saml.v20.sp.keystore                                     =classpath\:config/samlClientKeystore.jks
+maxkey.saml.v20.sp.issuing.entity.id                            =client.maxkey.org
+#Saml v20 METADATA
+maxkey.saml.v20.metadata.orgName                =MaxKeyTop
+maxkey.saml.v20.metadata.orgDisplayName         =MaxKeyTop
+maxkey.saml.v20.metadata.orgURL                 =https://www.maxkey.top
+maxkey.saml.v20.metadata.contactType            =technical
+maxkey.saml.v20.metadata.company                =MaxKeyTop
+maxkey.saml.v20.metadata.givenName              =maxkey
+maxkey.saml.v20.metadata.surName                =maxkey
+maxkey.saml.v20.metadata.emailAddress           =maxkeysupport@163.com
+maxkey.saml.v20.metadata.telephoneNumber        =4008981111
+

 #############################################################################
 #OIDC V1.0 METADATA configuration                                           #
 #############################################################################
-maxkey.oidc.metadata.issuer=https://${maxkey.server.domain}/maxkey
-maxkey.oidc.metadata.authorizationEndpoint=${maxkey.server.name}/maxkey/authz/oauth/v20/authorize
-maxkey.oidc.metadata.tokenEndpoint=${maxkey.server.name}/maxkey/authz/oauth/v20/token
-maxkey.oidc.metadata.userinfoEndpoint=${maxkey.server.name}/maxkey/api/connect/userinfo
+maxkey.oidc.metadata.issuer                     =https://${maxkey.server.domain}/maxkey
+maxkey.oidc.metadata.authorizationEndpoint      =${maxkey.server.name}/maxkey/authz/oauth/v20/authorize
+maxkey.oidc.metadata.tokenEndpoint              =${maxkey.server.name}/maxkey/authz/oauth/v20/token
+maxkey.oidc.metadata.userinfoEndpoint           =${maxkey.server.name}/maxkey/api/connect/userinfo

 #############################################################################
 #Job Scheduler                                                              #
 #############################################################################
 #one hour for refresh dynamic groups  
-maxkey.job.cron.dynamicgroups=0 0 0/1 * * ?
-maxkey.job.cron.enable=true
+maxkey.job.cron.dynamicgroups                   =0 0 0/1 * * ?
+maxkey.job.cron.enable                          =true

 ############################################################################
 #Management endpoints configuration                                        #
 ############################################################################
-management.security.enabled=false
+management.security.enabled                     =false
 #management.endpoints.jmx.exposure.include=health,info
 #management.endpoints.web.exposure.include=metrics,health,info,env
-management.endpoints.web.exposure.include=*
-management.endpoint.health.show-details=ALWAYS
+management.endpoints.web.exposure.include       =*
+management.endpoint.health.show-details         =ALWAYS
 #Spring Boot Admin Client
-spring.application.name=maxkey-mgt
-spring.boot.admin.client.url=http://127.0.0.1:9528
-management.health.redis.enabled: false
+spring.application.name                         =maxkey
+spring.boot.admin.client.url                    =${SPRING_BOOT_ADMIN_URL:http://127.0.0.1:9528}
+management.health.redis.enabled                 =false

 ############################################################################
 #springfox.documentation.swagger.v2.path=/api-docs                         #
 #Swagger Configure Properties                                              #
 ############################################################################
-maxkey.swagger.enable=true
-maxkey.swagger.title=MaxKey\u5355\u70b9\u767b\u5f55\u8ba4\u8bc1\u7cfb\u7edfapi\u6587\u6863
-maxkey.swagger.description=MaxKey\u5355\u70b9\u767b\u5f55\u8ba4\u8bc1\u7cfb\u7edfapi\u6587\u6863
-maxkey.swagger.version=${application.formatted-version}
+maxkey.swagger.enable                           =true
+maxkey.swagger.title                            =MaxKey\u5355\u70b9\u767b\u5f55\u8ba4\u8bc1\u7cfb\u7edfapi\u6587\u6863
+maxkey.swagger.description                      =MaxKey\u5355\u70b9\u767b\u5f55\u8ba4\u8bc1\u7cfb\u7edfapi\u6587\u6863
+maxkey.swagger.version                          =${application.formatted-version}

 ############################################################################
 #freemarker configuration                                                  #
 ############################################################################
-spring.freemarker.template-loader-path=classpath:/templates/views
-spring.freemarker.cache=false
-spring.freemarker.charset=UTF-8
-spring.freemarker.check-template-location=true
-spring.freemarker.content-type=text/html
-spring.freemarker.expose-request-attributes=false
-spring.freemarker.expose-session-attributes=false
-spring.freemarker.request-context-attribute=request
-spring.freemarker.suffix=.ftl
+spring.freemarker.template-loader-path          =classpath:/templates/views
+spring.freemarker.cache                         =false
+spring.freemarker.charset                       =UTF-8
+spring.freemarker.check-template-location       =true
+spring.freemarker.content-type                  =text/html
+spring.freemarker.expose-request-attributes     =false
+spring.freemarker.expose-session-attributes     =false
+spring.freemarker.request-context-attribute     =request
+spring.freemarker.suffix                        =.ftl

 ############################################################################
 #static resources configuration                                            #
 ############################################################################
-spring.mvc.static-path-pattern=/static/**
-spring.messages.basename=classpath:messages/message
-spring.messages.encoding=UTF-8
+spring.mvc.static-path-pattern                  =/static/**
+spring.messages.basename                        =classpath:messages/message
+spring.messages.encoding                        =UTF-8

 ############################################################################
 #server servlet encoding configuration                                     #
@@ -245,11 +260,5 @@ spring.messages.encoding=UTF-8
 ############################################################################
 #Servlet multipart configuration                                           #
 ############################################################################
-spring.servlet.multipart.enabled=true
-spring.servlet.multipart.max-file-size=4194304
-
-############################################################################
-#Main.banner-mode configuration                                            #
-############################################################################
-spring.main.banner-mode=log
-spring.main.allow-bean-definition-overriding=true
+spring.servlet.multipart.enabled                =true
+spring.servlet.multipart.max-file-size          =4194304
\ No newline at end of file
--- a/maxkey-webs/maxkey-web-mgt/src/main/resources/application.properties
+++ b/maxkey-webs/maxkey-web-mgt/src/main/resources/application.properties
@@ -15,17 +15,17 @@
 ############################################################################
 #MaxKey Title and Version                                                  #
 ############################################################################
-application.title=MaxKey
-application.name=MaxKey-Mgt
-application.formatted-version=v2.9.0 GA
+application.title                               =MaxKey
+application.name                                =MaxKey-Mgt
+application.formatted-version                   =v2.9.0 GA
 #for dynamic service discovery
-spring.application.name=maxkey-mgt
+spring.application.name                         =maxkey-mgt
 ############################################################################
 #Main.banner-mode configuration                                            #
 ############################################################################
-spring.main.banner-mode=log
-spring.main.allow-bean-definition-overriding=true
+spring.main.banner-mode                         =log
+spring.main.allow-bean-definition-overriding    =true
 ############################################################################
 #spring.profiles.active http; default http                                 #
 ############################################################################
-spring.profiles.active=http
+spring.profiles.active                          =http
--- a/maxkey-webs/maxkey-web-mgt/src/main/resources/bootstrap.properties
+++ b/maxkey-webs/maxkey-web-mgt/src/main/resources/bootstrap.properties
-spring.cloud.nacos.config.server-addr=127.0.0.1:8848
+spring.cloud.nacos.config.server-addr       =${NACOS_CONFIG_SERVER_ADDR:127.0.0.1:8848}

 # Nacos \u63A7\u5236\u53F0\u6DFB\u52A0\u914D\u7F6E\uFF1A
 # Data ID\uFF1Amaxkey-mgt.properties
 # Group\uFF1ADEFAULT_GROUP
 # \u914D\u7F6E\u5185\u5BB9\uFF1A
-spring.application.name=maxkey-mgt
+spring.application.name                     =maxkey-mgt
 # \u6307\u5B9A\u914D\u7F6E\u7684\u540E\u7F00\uFF0C\u652F\u6301 properties\u3001yaml\u3001yml\uFF0C\u9ED8\u8BA4\u4E3A properties
-spring.cloud.nacos.config.file-extension=properties
+spring.cloud.nacos.config.file-extension    =properties
 #spring.cloud.nacos.config.file-extension=yaml
 #\u662F\u5426\u542F\u7528nacos\u914D\u7F6E
-spring.cloud.nacos.config.enabled=false
\ No newline at end of file
+spring.cloud.nacos.config.enabled           =${NACOS_CONFIG_ENABLED:false}
\ No newline at end of file