From 56143ae66918c4058c515d98e87f5f62a77a67f9 Mon Sep 17 00:00:00 2001 From: Ho Ngoc Hai Date: Tue, 13 Jan 2026 01:08:47 +0700 Subject: [PATCH] feat(deployments): Revise local environment configuration and Docker Compose for improved service integration - Updated `.env` file to enhance shared environment variables, including detailed comments in both English and Vietnamese. - Modified `docker-compose.yml` to disable the storage service and MinIO configuration, streamlining local development setup. - Adjusted IAM service environment variables to align with the new `.env` structure, ensuring consistent configuration across services. - Enhanced observability settings and added feature flags for better control over application behavior during development. - Cleaned up commented-out sections in the Docker Compose file for clarity and maintainability. --- deployments/local/.env | 117 ++++++++++++---- deployments/local/docker-compose.yml | 194 ++++++++------------------- 2 files changed, 148 insertions(+), 163 deletions(-) diff --git a/deployments/local/.env b/deployments/local/.env index fe26c622..98f01e18 100644 --- a/deployments/local/.env +++ b/deployments/local/.env @@ -1,38 +1,105 @@ -# SHARED CONFIG +# ============================================================================= +# GoodGo Platform - Shared Environment Variables +# ============================================================================= +# EN: This file contains shared configuration for all services +# VI: File này chứa cấu hình chung cho tất cả các services +# ============================================================================= + +# Environment / Môi Trường +ASPNETCORE_ENVIRONMENT=Development NODE_ENV=development -LOG_LEVEL=debug -API_VERSION=v1 -CORS_ORIGIN=http://localhost:3000,http://localhost:3001,http://localhost,http://admin.localhost -# AUTH -JWT_SECRET='super-secret-jwt-key-for-local-dev-must-be-min-32-chars' -JWT_REFRESH_SECRET='super-secret-refresh-key-for-local-dev-must-be-min-32-chars' -JWT_EXPIRES_IN=15m -JWT_REFRESH_EXPIRES_IN=7d -JWT_ID_SECRET='super-secret-id-key-for-local-dev-must-be-min-32-chars' -JWT_ID_EXPIRES_IN=1h +# ============================================================================= +# DATABASE / CƠ SỞ DỮ LIỆU - Neon PostgreSQL +# ============================================================================= +# EN: Each service can have its own database or share with schema isolation +# VI: Mỗi service có thể có database riêng hoặc dùng chung với schema isolation -# ENCRYPTION -ENCRYPTION_KEY='460d261122522a6da8df4b9116a55d97432102a524cf055c04118265f0e51693' +# IAM Service Database +IAM_DATABASE_URL="Host=ep-holy-glitter-a4hongg7-pooler.us-east-1.aws.neon.tech;Port=5432;Database=iam_service;Username=neondb_owner;Password=npg_Ssfy6HKO0cXI;SSL Mode=Require" + +# Storage Service Database (if separate) +STORAGE_DATABASE_URL="Host=ep-holy-glitter-a4hongg7-pooler.us-east-1.aws.neon.tech;Port=5432;Database=storage_service;Username=neondb_owner;Password=npg_Ssfy6HKO0cXI;SSL Mode=Require" + +# Social Service Database (if separate) +SOCIAL_DATABASE_URL="Host=ep-holy-glitter-a4hongg7-pooler.us-east-1.aws.neon.tech;Port=5432;Database=social_service;Username=neondb_owner;Password=npg_Ssfy6HKO0cXI;SSL Mode=Require" + +# ============================================================================= +# REDIS CACHE / BỘ NHỚ ĐỆM REDIS +# ============================================================================= +# EN: External Redis server shared by all services +# VI: Redis server bên ngoài dùng chung cho tất cả services -# INFRA - External Redis REDIS_HOST=167.114.174.113 REDIS_PORT=6379 REDIS_PASSWORD=Velik@2026 -DATABASE_URL='postgresql://neondb_owner:npg_Ssfy6HKO0cXI@ep-holy-glitter-a4hongg7-pooler.us-east-1.aws.neon.tech/iam-service?sslmode=require&channel_binding=require' +REDIS_DATABASE=0 -# OBSERVABILITY -TRACING_ENABLED=false -JAEGER_ENDPOINT=http://jaeger:14268/api/traces -METRICS_ENABLED=true +# ============================================================================= +# JWT AUTHENTICATION / XÁC THỰC JWT +# ============================================================================= +# EN: Shared JWT configuration - MUST be identical across all services +# VI: Cấu hình JWT chung - PHẢI giống nhau trên tất cả services -# IAM SERVICE .NET -IAM_NET_DATABASE_URL='Host=ep-holy-glitter-a4hongg7-pooler.us-east-1.aws.neon.tech;Port=5432;Database=iam_service;Username=neondb_owner;Password=npg_Ssfy6HKO0cXI;SSL Mode=Require' -REDIS_EXTERNAL_HOST=167.114.174.113 -REDIS_EXTERNAL_PORT=6379 -REDIS_EXTERNAL_PASSWORD=Velik@2026 -REDIS_EXTERNAL_DATABASE=0 +JWT_SECRET=goodgo-iam-service-secret-key-32chars! JWT_ISSUER=goodgo-platform JWT_AUDIENCE=goodgo-services JWT_ACCESS_TOKEN_EXPIRY_MINUTES=15 JWT_REFRESH_TOKEN_EXPIRY_DAYS=7 + +# Legacy format (for Node.js services) +JWT_EXPIRES_IN=15m +JWT_REFRESH_EXPIRES_IN=7d +JWT_REFRESH_SECRET=goodgo-iam-service-secret-key-32chars! +JWT_ID_SECRET=goodgo-iam-service-secret-key-32chars! +JWT_ID_EXPIRES_IN=1h + +# ============================================================================= +# ENCRYPTION / MÃ HÓA +# ============================================================================= +ENCRYPTION_KEY=460d261122522a6da8df4b9116a55d97432102a524cf055c04118265f0e51693 + +# ============================================================================= +# API CONFIGURATION / CẤU HÌNH API +# ============================================================================= +API_VERSION=v1 +CORS_ORIGIN=http://localhost:3000,http://localhost:3001,http://localhost,http://admin.localhost + +# ============================================================================= +# OBSERVABILITY / QUAN SÁT +# ============================================================================= +OTEL_EXPORTER_OTLP_ENDPOINT=http://localhost:4317 +TRACING_ENABLED=false +JAEGER_ENDPOINT=http://jaeger:14268/api/traces +METRICS_ENABLED=true + +# Logging +LOG_LEVEL=Information + +# Seq (optional) +SEQ_URL=http://localhost:5341 + +# ============================================================================= +# FEATURE FLAGS / CỜ TÍNH NĂNG +# ============================================================================= +FEATURE_SWAGGER_ENABLED=true +FEATURE_DETAILED_ERRORS=true + +# ============================================================================= +# RATE LIMITING / GIỚI HẠN TỐC ĐỘ +# ============================================================================= +RATE_LIMIT_PERMITS_PER_MINUTE=100 +RATE_LIMIT_QUEUE_LIMIT=10 + +# ============================================================================= +# HEALTH CHECKS / KIỂM TRA SỨC KHỎE +# ============================================================================= +HEALTHCHECK_TIMEOUT_SECONDS=5 + +# ============================================================================= +# MINIO / OBJECT STORAGE +# ============================================================================= +MINIO_ACCESS_KEY=minioadmin +MINIO_SECRET_KEY=minioadmin +STORAGE_PROVIDER=minio +STORAGE_DEFAULT_BUCKET=storage diff --git a/deployments/local/docker-compose.yml b/deployments/local/docker-compose.yml index 92348811..a516ee57 100644 --- a/deployments/local/docker-compose.yml +++ b/deployments/local/docker-compose.yml @@ -81,68 +81,47 @@ services: # BACKEND SERVICES # =========================================================================== - # Storage Service .NET - File Storage Management - storage-service: - build: - context: ../.. - dockerfile: services/storage-service-net/Dockerfile - container_name: storage-service-local - environment: - - ASPNETCORE_ENVIRONMENT=Development - - ConnectionStrings__DefaultConnection=${STORAGE_DATABASE_URL:-Host=localhost;Port=5432;Database=storage_db;Username=postgres;Password=postgres} - - Storage__Provider=${STORAGE_PROVIDER:-minio} - - Storage__DefaultBucket=${STORAGE_DEFAULT_BUCKET:-storage} - - Storage__MinIO__Endpoint=minio:9000 - - Storage__MinIO__AccessKey=${MINIO_ACCESS_KEY:-minioadmin} - - Storage__MinIO__SecretKey=${MINIO_SECRET_KEY:-minioadmin} - - Storage__MinIO__UseSSL=false - - IamService__BaseUrl=http://iam-service:5001 - - IamService__ServiceName=storage-service - ports: - - "5002:8080" - depends_on: - minio: - condition: service_healthy - traefik: - condition: service_started - networks: - - microservices-network - restart: unless-stopped - healthcheck: - test: ["CMD", "curl", "-f", "http://localhost:8080/health/live"] - interval: 30s - timeout: 10s - retries: 3 - start_period: 40s - labels: - - "traefik.enable=true" - - "traefik.http.routers.storage-service.rule=PathPrefix(`/api/v1/files`) || PathPrefix(`/api/v1/quota`)" - - "traefik.http.routers.storage-service.entrypoints=web" - - "traefik.http.services.storage-service.loadbalancer.server.port=8080" - - "traefik.http.services.storage-service.loadbalancer.healthcheck.path=/health/live" - - "traefik.http.services.storage-service.loadbalancer.healthcheck.interval=10s" + # Storage Service .NET - DISABLED (requires MinIO) + # storage-service: + # build: + # context: ../.. + # dockerfile: services/storage-service-net/Dockerfile + # container_name: storage-service-local + # environment: + # - ASPNETCORE_ENVIRONMENT=Development + # - ConnectionStrings__DefaultConnection=${STORAGE_DATABASE_URL:-Host=localhost;Port=5432;Database=storage_db;Username=postgres;Password=postgres} + # - Storage__Provider=${STORAGE_PROVIDER:-minio} + # - Storage__DefaultBucket=${STORAGE_DEFAULT_BUCKET:-storage} + # - Storage__MinIO__Endpoint=minio:9000 + # - Storage__MinIO__AccessKey=${MINIO_ACCESS_KEY:-minioadmin} + # - Storage__MinIO__SecretKey=${MINIO_SECRET_KEY:-minioadmin} + # - Storage__MinIO__UseSSL=false + # - IamService__BaseUrl=http://iam-service:5001 + # - IamService__ServiceName=storage-service + # ports: + # - "5002:8080" + # depends_on: + # minio: + # condition: service_healthy + # traefik: + # condition: service_started + # networks: + # - microservices-network + # restart: unless-stopped + # healthcheck: + # test: ["CMD", "curl", "-f", "http://localhost:8080/health/live"] + # interval: 30s + # timeout: 10s + # retries: 3 + # start_period: 40s + # labels: + # - "traefik.enable=true" + # - "traefik.http.routers.storage-service.rule=PathPrefix(`/api/v1/files`) || PathPrefix(`/api/v1/quota`)" + # - "traefik.http.routers.storage-service.entrypoints=web" + # - "traefik.http.services.storage-service.loadbalancer.server.port=8080" + # - "traefik.http.services.storage-service.loadbalancer.healthcheck.path=/health/live" + # - "traefik.http.services.storage-service.loadbalancer.healthcheck.interval=10s" - # MinIO - S3-compatible Object Storage - minio: - image: minio/minio:latest - container_name: minio-local - command: server /data --console-address ":9001" - environment: - MINIO_ROOT_USER: ${MINIO_ACCESS_KEY:-minioadmin} - MINIO_ROOT_PASSWORD: ${MINIO_SECRET_KEY:-minioadmin} - ports: - - "9000:9000" # API port - - "9001:9001" # Console port - volumes: - - minio_data:/data - networks: - - microservices-network - restart: unless-stopped - healthcheck: - test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"] - interval: 10s - timeout: 5s - retries: 5 # Social Service .NET - Social Graph Management social-service: @@ -182,30 +161,30 @@ services: image: goodgo/iam-service-net:latest container_name: iam-service-net-local env_file: - - .env.local + - .env environment: - - ASPNETCORE_ENVIRONMENT=Development + - ASPNETCORE_ENVIRONMENT=${ASPNETCORE_ENVIRONMENT:-Development} - ASPNETCORE_URLS=http://+:8080 - # EN: Database - Neon PostgreSQL (from .env) - # VI: Cơ sở dữ liệu - Neon PostgreSQL (từ .env) - - ConnectionStrings__DefaultConnection=${IAM_NET_DATABASE_URL} + # EN: Database - Neon PostgreSQL + # VI: Cơ sở dữ liệu - Neon PostgreSQL + - ConnectionStrings__DefaultConnection=${IAM_DATABASE_URL} # EN: Redis Cache (external) # VI: Cache Redis (bên ngoài) - - Redis__Host=${REDIS_EXTERNAL_HOST} - - Redis__Port=${REDIS_EXTERNAL_PORT} - - Redis__Password=${REDIS_EXTERNAL_PASSWORD} - - Redis__Database=${REDIS_EXTERNAL_DATABASE} + - Redis__Host=${REDIS_HOST} + - Redis__Port=${REDIS_PORT} + - Redis__Password=${REDIS_PASSWORD} + - Redis__Database=${REDIS_DATABASE} # EN: JWT Configuration # VI: Cấu hình JWT - Jwt__Secret=${JWT_SECRET} - - Jwt__Issuer=${JWT_ISSUER:-goodgo-platform} - - Jwt__Audience=${JWT_AUDIENCE:-goodgo-services} - - Jwt__AccessTokenExpiryMinutes=${JWT_ACCESS_TOKEN_EXPIRY_MINUTES:-15} - - Jwt__RefreshTokenExpiryDays=${JWT_REFRESH_TOKEN_EXPIRY_DAYS:-7} + - Jwt__Issuer=${JWT_ISSUER} + - Jwt__Audience=${JWT_AUDIENCE} + - Jwt__AccessTokenExpiryMinutes=${JWT_ACCESS_TOKEN_EXPIRY_MINUTES} + - Jwt__RefreshTokenExpiryDays=${JWT_REFRESH_TOKEN_EXPIRY_DAYS} # EN: Features # VI: Tính năng - - Features__SwaggerEnabled=true - - Features__DetailedErrors=true + - Features__SwaggerEnabled=${FEATURE_SWAGGER_ENABLED} + - Features__DetailedErrors=${FEATURE_DETAILED_ERRORS} ports: - "5001:8080" depends_on: @@ -228,58 +207,6 @@ services: - "traefik.http.services.iam-service-net.loadbalancer.healthcheck.path=/health/live" - "traefik.http.services.iam-service-net.loadbalancer.healthcheck.interval=10s" - # =========================================================================== - # FRONTEND APPLICATIONS (Temporarily disabled) - # =========================================================================== - # Uncomment when needed for development - - # # Web Admin - Admin Dashboard (Next.js) - # web-admin: - # build: - # context: ../.. - # dockerfile: apps/web-admin/Dockerfile - # container_name: web-admin-local - # environment: - # - NODE_ENV=${NODE_ENV:-development} - # - NEXT_PUBLIC_API_URL=http://localhost/api/v1 - # ports: - # - "3000:3000" - # depends_on: - # - iam-service - # - traefik - # networks: - # - microservices-network - # restart: unless-stopped - # labels: - # # Traefik service discovery - # - "traefik.enable=true" - # - "traefik.http.routers.web-admin.rule=Host(`admin.localhost`)" - # - "traefik.http.routers.web-admin.entrypoints=web" - # - "traefik.http.services.web-admin.loadbalancer.server.port=3000" - - # # Web Client - Client Application (Next.js) - # web-client: - # build: - # context: ../.. - # dockerfile: apps/web-client/Dockerfile - # container_name: web-client-local - # environment: - # - NODE_ENV=${NODE_ENV:-development} - # - NEXT_PUBLIC_API_URL=http://localhost/api/v1 - # ports: - # - "3001:3000" - # depends_on: - # - iam-service - # - traefik - # networks: - # - microservices-network - # restart: unless-stopped - # labels: - # # Traefik service discovery - # - "traefik.enable=true" - # - "traefik.http.routers.web-client.rule=Host(`localhost`)" - # - "traefik.http.routers.web-client.entrypoints=web" - # - "traefik.http.services.web-client.loadbalancer.server.port=3000" # =========================================================================== # OBSERVABILITY (Optional - Uncomment to enable) @@ -328,16 +255,7 @@ services: # ============================================================================= # VOLUMES # ============================================================================= -volumes: - # redis_data: - # driver: local - minio_data: - driver: local - # prometheus_data: - # driver: local - # grafana_data: - # driver: local - +volumes: {} # ============================================================================= # NETWORKS # =============================================================================