feat(deployments): Revise local environment configuration and Docker Compose for improved service integration

- Updated `.env` file to enhance shared environment variables, including detailed comments in both English and Vietnamese.
- Modified `docker-compose.yml` to disable the storage service and MinIO configuration, streamlining local development setup.
- Adjusted IAM service environment variables to align with the new `.env` structure, ensuring consistent configuration across services.
- Enhanced observability settings and added feature flags for better control over application behavior during development.
- Cleaned up commented-out sections in the Docker Compose file for clarity and maintainability.

deployments/local/.env

@@ -1,38 +1,105 @@
-# SHARED CONFIG
+# =============================================================================
+# GoodGo Platform - Shared Environment Variables
+# =============================================================================
+# EN: This file contains shared configuration for all services
+# VI: File này chứa cấu hình chung cho tất cả các services
+# =============================================================================
+
+# Environment / Môi Trường
+ASPNETCORE_ENVIRONMENT=Development
 NODE_ENV=development
-LOG_LEVEL=debug
-API_VERSION=v1
-CORS_ORIGIN=http://localhost:3000,http://localhost:3001,http://localhost,http://admin.localhost
 
-# AUTH
-JWT_SECRET='super-secret-jwt-key-for-local-dev-must-be-min-32-chars'
-JWT_REFRESH_SECRET='super-secret-refresh-key-for-local-dev-must-be-min-32-chars'
-JWT_EXPIRES_IN=15m
-JWT_REFRESH_EXPIRES_IN=7d
-JWT_ID_SECRET='super-secret-id-key-for-local-dev-must-be-min-32-chars'
-JWT_ID_EXPIRES_IN=1h
+# =============================================================================
+# DATABASE / CƠ SỞ DỮ LIỆU - Neon PostgreSQL
+# =============================================================================
+# EN: Each service can have its own database or share with schema isolation
+# VI: Mỗi service có thể có database riêng hoặc dùng chung với schema isolation
 
-# ENCRYPTION
-ENCRYPTION_KEY='460d261122522a6da8df4b9116a55d97432102a524cf055c04118265f0e51693'
+# IAM Service Database
+IAM_DATABASE_URL="Host=ep-holy-glitter-a4hongg7-pooler.us-east-1.aws.neon.tech;Port=5432;Database=iam_service;Username=neondb_owner;Password=npg_Ssfy6HKO0cXI;SSL Mode=Require"
+
+# Storage Service Database (if separate)
+STORAGE_DATABASE_URL="Host=ep-holy-glitter-a4hongg7-pooler.us-east-1.aws.neon.tech;Port=5432;Database=storage_service;Username=neondb_owner;Password=npg_Ssfy6HKO0cXI;SSL Mode=Require"
+
+# Social Service Database (if separate)
+SOCIAL_DATABASE_URL="Host=ep-holy-glitter-a4hongg7-pooler.us-east-1.aws.neon.tech;Port=5432;Database=social_service;Username=neondb_owner;Password=npg_Ssfy6HKO0cXI;SSL Mode=Require"
+
+# =============================================================================
+# REDIS CACHE / BỘ NHỚ ĐỆM REDIS
+# =============================================================================
+# EN: External Redis server shared by all services
+# VI: Redis server bên ngoài dùng chung cho tất cả services
 
-# INFRA - External Redis
 REDIS_HOST=167.114.174.113
 REDIS_PORT=6379
 REDIS_PASSWORD=Velik@2026
-DATABASE_URL='postgresql://neondb_owner:npg_Ssfy6HKO0cXI@ep-holy-glitter-a4hongg7-pooler.us-east-1.aws.neon.tech/iam-service?sslmode=require&channel_binding=require'
+REDIS_DATABASE=0
 
-# OBSERVABILITY
-TRACING_ENABLED=false
-JAEGER_ENDPOINT=http://jaeger:14268/api/traces
-METRICS_ENABLED=true
+# =============================================================================
+# JWT AUTHENTICATION / XÁC THỰC JWT
+# =============================================================================
+# EN: Shared JWT configuration - MUST be identical across all services
+# VI: Cấu hình JWT chung - PHẢI giống nhau trên tất cả services
 
-# IAM SERVICE .NET
-IAM_NET_DATABASE_URL='Host=ep-holy-glitter-a4hongg7-pooler.us-east-1.aws.neon.tech;Port=5432;Database=iam_service;Username=neondb_owner;Password=npg_Ssfy6HKO0cXI;SSL Mode=Require'
-REDIS_EXTERNAL_HOST=167.114.174.113
-REDIS_EXTERNAL_PORT=6379
-REDIS_EXTERNAL_PASSWORD=Velik@2026
-REDIS_EXTERNAL_DATABASE=0
+JWT_SECRET=goodgo-iam-service-secret-key-32chars!
 JWT_ISSUER=goodgo-platform
 JWT_AUDIENCE=goodgo-services
 JWT_ACCESS_TOKEN_EXPIRY_MINUTES=15
 JWT_REFRESH_TOKEN_EXPIRY_DAYS=7
+
+# Legacy format (for Node.js services)
+JWT_EXPIRES_IN=15m
+JWT_REFRESH_EXPIRES_IN=7d
+JWT_REFRESH_SECRET=goodgo-iam-service-secret-key-32chars!
+JWT_ID_SECRET=goodgo-iam-service-secret-key-32chars!
+JWT_ID_EXPIRES_IN=1h
+
+# =============================================================================
+# ENCRYPTION / MÃ HÓA
+# =============================================================================
+ENCRYPTION_KEY=460d261122522a6da8df4b9116a55d97432102a524cf055c04118265f0e51693
+
+# =============================================================================
+# API CONFIGURATION / CẤU HÌNH API
+# =============================================================================
+API_VERSION=v1
+CORS_ORIGIN=http://localhost:3000,http://localhost:3001,http://localhost,http://admin.localhost
+
+# =============================================================================
+# OBSERVABILITY / QUAN SÁT
+# =============================================================================
+OTEL_EXPORTER_OTLP_ENDPOINT=http://localhost:4317
+TRACING_ENABLED=false
+JAEGER_ENDPOINT=http://jaeger:14268/api/traces
+METRICS_ENABLED=true
+
+# Logging
+LOG_LEVEL=Information
+
+# Seq (optional)
+SEQ_URL=http://localhost:5341
+
+# =============================================================================
+# FEATURE FLAGS / CỜ TÍNH NĂNG
+# =============================================================================
+FEATURE_SWAGGER_ENABLED=true
+FEATURE_DETAILED_ERRORS=true
+
+# =============================================================================
+# RATE LIMITING / GIỚI HẠN TỐC ĐỘ
+# =============================================================================
+RATE_LIMIT_PERMITS_PER_MINUTE=100
+RATE_LIMIT_QUEUE_LIMIT=10
+
+# =============================================================================
+# HEALTH CHECKS / KIỂM TRA SỨC KHỎE
+# =============================================================================
+HEALTHCHECK_TIMEOUT_SECONDS=5
+
+# =============================================================================
+# MINIO / OBJECT STORAGE
+# =============================================================================
+MINIO_ACCESS_KEY=minioadmin
+MINIO_SECRET_KEY=minioadmin
+STORAGE_PROVIDER=minio
+STORAGE_DEFAULT_BUCKET=storage

deployments/local/docker-compose.yml

@@ -81,68 +81,47 @@ services:
   # BACKEND SERVICES
   # ===========================================================================
 
-  # Storage Service .NET - File Storage Management
-  storage-service:
-    build:
-      context: ../..
-      dockerfile: services/storage-service-net/Dockerfile
-    container_name: storage-service-local
-    environment:
-      - ASPNETCORE_ENVIRONMENT=Development
-      - ConnectionStrings__DefaultConnection=${STORAGE_DATABASE_URL:-Host=localhost;Port=5432;Database=storage_db;Username=postgres;Password=postgres}
-      - Storage__Provider=${STORAGE_PROVIDER:-minio}
-      - Storage__DefaultBucket=${STORAGE_DEFAULT_BUCKET:-storage}
-      - Storage__MinIO__Endpoint=minio:9000
-      - Storage__MinIO__AccessKey=${MINIO_ACCESS_KEY:-minioadmin}
-      - Storage__MinIO__SecretKey=${MINIO_SECRET_KEY:-minioadmin}
-      - Storage__MinIO__UseSSL=false
-      - IamService__BaseUrl=http://iam-service:5001
-      - IamService__ServiceName=storage-service
-    ports:
-      - "5002:8080"
-    depends_on:
-      minio:
-        condition: service_healthy
-      traefik:
-        condition: service_started
-    networks:
-      - microservices-network
-    restart: unless-stopped
-    healthcheck:
-      test: ["CMD", "curl", "-f", "http://localhost:8080/health/live"]
-      interval: 30s
-      timeout: 10s
-      retries: 3
-      start_period: 40s
-    labels:
-      - "traefik.enable=true"
-      - "traefik.http.routers.storage-service.rule=PathPrefix(`/api/v1/files`) || PathPrefix(`/api/v1/quota`)"
-      - "traefik.http.routers.storage-service.entrypoints=web"
-      - "traefik.http.services.storage-service.loadbalancer.server.port=8080"
-      - "traefik.http.services.storage-service.loadbalancer.healthcheck.path=/health/live"
-      - "traefik.http.services.storage-service.loadbalancer.healthcheck.interval=10s"
+  # Storage Service .NET - DISABLED (requires MinIO)
+  # storage-service:
+  #   build:
+  #     context: ../..
+  #     dockerfile: services/storage-service-net/Dockerfile
+  #   container_name: storage-service-local
+  #   environment:
+  #     - ASPNETCORE_ENVIRONMENT=Development
+  #     - ConnectionStrings__DefaultConnection=${STORAGE_DATABASE_URL:-Host=localhost;Port=5432;Database=storage_db;Username=postgres;Password=postgres}
+  #     - Storage__Provider=${STORAGE_PROVIDER:-minio}
+  #     - Storage__DefaultBucket=${STORAGE_DEFAULT_BUCKET:-storage}
+  #     - Storage__MinIO__Endpoint=minio:9000
+  #     - Storage__MinIO__AccessKey=${MINIO_ACCESS_KEY:-minioadmin}
+  #     - Storage__MinIO__SecretKey=${MINIO_SECRET_KEY:-minioadmin}
+  #     - Storage__MinIO__UseSSL=false
+  #     - IamService__BaseUrl=http://iam-service:5001
+  #     - IamService__ServiceName=storage-service
+  #   ports:
+  #     - "5002:8080"
+  #   depends_on:
+  #     minio:
+  #       condition: service_healthy
+  #     traefik:
+  #       condition: service_started
+  #   networks:
+  #     - microservices-network
+  #   restart: unless-stopped
+  #   healthcheck:
+  #     test: ["CMD", "curl", "-f", "http://localhost:8080/health/live"]
+  #     interval: 30s
+  #     timeout: 10s
+  #     retries: 3
+  #     start_period: 40s
+  #   labels:
+  #     - "traefik.enable=true"
+  #     - "traefik.http.routers.storage-service.rule=PathPrefix(`/api/v1/files`) || PathPrefix(`/api/v1/quota`)"
+  #     - "traefik.http.routers.storage-service.entrypoints=web"
+  #     - "traefik.http.services.storage-service.loadbalancer.server.port=8080"
+  #     - "traefik.http.services.storage-service.loadbalancer.healthcheck.path=/health/live"
+  #     - "traefik.http.services.storage-service.loadbalancer.healthcheck.interval=10s"
 
-  # MinIO - S3-compatible Object Storage
-  minio:
-    image: minio/minio:latest
-    container_name: minio-local
-    command: server /data --console-address ":9001"
-    environment:
-      MINIO_ROOT_USER: ${MINIO_ACCESS_KEY:-minioadmin}
-      MINIO_ROOT_PASSWORD: ${MINIO_SECRET_KEY:-minioadmin}
-    ports:
-      - "9000:9000"  # API port
-      - "9001:9001"  # Console port
-    volumes:
-      - minio_data:/data
-    networks:
-      - microservices-network
-    restart: unless-stopped
-    healthcheck:
-      test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
-      interval: 10s
-      timeout: 5s
-      retries: 5
 
   # Social Service .NET - Social Graph Management
   social-service:
@@ -182,30 +161,30 @@ services:
     image: goodgo/iam-service-net:latest
     container_name: iam-service-net-local
     env_file:
-      - .env.local
+      - .env
     environment:
-      - ASPNETCORE_ENVIRONMENT=Development
+      - ASPNETCORE_ENVIRONMENT=${ASPNETCORE_ENVIRONMENT:-Development}
       - ASPNETCORE_URLS=http://+:8080
-      # EN: Database - Neon PostgreSQL (from .env)
-      # VI: Cơ sở dữ liệu - Neon PostgreSQL (từ .env)
-      - ConnectionStrings__DefaultConnection=${IAM_NET_DATABASE_URL}
+      # EN: Database - Neon PostgreSQL
+      # VI: Cơ sở dữ liệu - Neon PostgreSQL
+      - ConnectionStrings__DefaultConnection=${IAM_DATABASE_URL}
       # EN: Redis Cache (external)
       # VI: Cache Redis (bên ngoài)
-      - Redis__Host=${REDIS_EXTERNAL_HOST}
-      - Redis__Port=${REDIS_EXTERNAL_PORT}
-      - Redis__Password=${REDIS_EXTERNAL_PASSWORD}
-      - Redis__Database=${REDIS_EXTERNAL_DATABASE}
+      - Redis__Host=${REDIS_HOST}
+      - Redis__Port=${REDIS_PORT}
+      - Redis__Password=${REDIS_PASSWORD}
+      - Redis__Database=${REDIS_DATABASE}
       # EN: JWT Configuration
       # VI: Cấu hình JWT
       - Jwt__Secret=${JWT_SECRET}
-      - Jwt__Issuer=${JWT_ISSUER:-goodgo-platform}
-      - Jwt__Audience=${JWT_AUDIENCE:-goodgo-services}
-      - Jwt__AccessTokenExpiryMinutes=${JWT_ACCESS_TOKEN_EXPIRY_MINUTES:-15}
-      - Jwt__RefreshTokenExpiryDays=${JWT_REFRESH_TOKEN_EXPIRY_DAYS:-7}
+      - Jwt__Issuer=${JWT_ISSUER}
+      - Jwt__Audience=${JWT_AUDIENCE}
+      - Jwt__AccessTokenExpiryMinutes=${JWT_ACCESS_TOKEN_EXPIRY_MINUTES}
+      - Jwt__RefreshTokenExpiryDays=${JWT_REFRESH_TOKEN_EXPIRY_DAYS}
       # EN: Features
       # VI: Tính năng
-      - Features__SwaggerEnabled=true
-      - Features__DetailedErrors=true
+      - Features__SwaggerEnabled=${FEATURE_SWAGGER_ENABLED}
+      - Features__DetailedErrors=${FEATURE_DETAILED_ERRORS}
     ports:
       - "5001:8080"
     depends_on:
@@ -228,58 +207,6 @@ services:
       - "traefik.http.services.iam-service-net.loadbalancer.healthcheck.path=/health/live"
       - "traefik.http.services.iam-service-net.loadbalancer.healthcheck.interval=10s"
 
-  # ===========================================================================
-  # FRONTEND APPLICATIONS (Temporarily disabled)
-  # ===========================================================================
-  # Uncomment when needed for development
-
-  # # Web Admin - Admin Dashboard (Next.js)
-  # web-admin:
-  #   build:
-  #     context: ../..
-  #     dockerfile: apps/web-admin/Dockerfile
-  #   container_name: web-admin-local
-  #   environment:
-  #     - NODE_ENV=${NODE_ENV:-development}
-  #     - NEXT_PUBLIC_API_URL=http://localhost/api/v1
-  #   ports:
-  #     - "3000:3000"
-  #   depends_on:
-  #     - iam-service
-  #     - traefik
-  #   networks:
-  #     - microservices-network
-  #   restart: unless-stopped
-  #   labels:
-  #     # Traefik service discovery
-  #     - "traefik.enable=true"
-  #     - "traefik.http.routers.web-admin.rule=Host(`admin.localhost`)"
-  #     - "traefik.http.routers.web-admin.entrypoints=web"
-  #     - "traefik.http.services.web-admin.loadbalancer.server.port=3000"
-
-  # # Web Client - Client Application (Next.js)
-  # web-client:
-  #   build:
-  #     context: ../..
-  #     dockerfile: apps/web-client/Dockerfile
-  #   container_name: web-client-local
-  #   environment:
-  #     - NODE_ENV=${NODE_ENV:-development}
-  #     - NEXT_PUBLIC_API_URL=http://localhost/api/v1
-  #   ports:
-  #     - "3001:3000"
-  #   depends_on:
-  #     - iam-service
-  #     - traefik
-  #   networks:
-  #     - microservices-network
-  #   restart: unless-stopped
-  #   labels:
-  #     # Traefik service discovery
-  #     - "traefik.enable=true"
-  #     - "traefik.http.routers.web-client.rule=Host(`localhost`)"
-  #     - "traefik.http.routers.web-client.entrypoints=web"
-  #     - "traefik.http.services.web-client.loadbalancer.server.port=3000"
 
   # ===========================================================================
   # OBSERVABILITY (Optional - Uncomment to enable)
@@ -328,16 +255,7 @@ services:
 # =============================================================================
 # VOLUMES
 # =============================================================================
-volumes:
-  # redis_data:
-  #   driver: local
-  minio_data:
-    driver: local
-  # prometheus_data:
-  #   driver: local
-  # grafana_data:
-  #   driver: local
-
+volumes: {}
 # =============================================================================
 # NETWORKS
 # =============================================================================