feat(fullstack): Add docker-compose files, improve local development

2025-11-17 11:28:01 +01:00
parent 53b3e944b4
commit 3dcadc21ba
5 changed files with 226 additions and 51 deletions
--- a/deployment/.env.example
+++ b/deployment/.env.example
@@ -0,0 +1,28 @@
+# Database Configuration
+LEGALCONSENTHUB_POSTGRES_USER=legalconsenthub
+LEGALCONSENTHUB_POSTGRES_PASSWORD=legalconsenthub
+LEGALCONSENTHUB_POSTGRES_DB=legalconsenthub
+
+KEYCLOAK_POSTGRES_USER=keycloak
+KEYCLOAK_POSTGRES_PASSWORD=keycloak
+KEYCLOAK_POSTGRES_DB=keycloak
+
+# Keycloak Configuration
+KEYCLOAK_ADMIN=admin
+KEYCLOAK_ADMIN_PASSWORD=
+KEYCLOAK_HOSTNAME=keycloak.lugnas.de
+KEYCLOAK_REALM=legalconsenthub
+
+# Frontend Configuration (Nuxt)
+NUXT_PUBLIC_CLIENT_PROXY_BASE_PATH=/api
+NUXT_PUBLIC_SERVER_API_BASE_URL=http://backend:8080
+NUXT_PUBLIC_SERVER_API_BASE_PATH=/
+NUXT_PUBLIC_KEYCLOAK_TOKEN_URL=http://keycloak.lugnas.de/realms/legalconsenthub/protocol/openid-connect/token
+
+NUXT_OAUTH_KEYCLOAK_CLIENT_ID=legalconsenthub
+NUXT_OAUTH_KEYCLOAK_CLIENT_SECRET=
+NUXT_OAUTH_KEYCLOAK_REALM=legalconsenthub
+NUXT_OAUTH_KEYCLOAK_SERVER_URL=http://keycloak.lugnas.de
+NUXT_OAUTH_KEYCLOAK_REDIRECT_URL=https://legal.lugnas.de/auth/keycloak
+
+NUXT_SESSION_PASSWORD=
--- a/deployment/docker-compose-dev.yaml
+++ b/deployment/docker-compose-dev.yaml
@@ -0,0 +1,63 @@
+name: legalconsenthub-dev
+
+networks:
+  legalconsenthub-net:
+    driver: bridge
+
+volumes:
+  keycloak_postgres_data:
+
+services:
+  keycloak:
+    image: quay.io/keycloak/keycloak:26.4.0
+    container_name: legalconsenthub-keycloak
+    command: start-dev
+    environment:
+      KC_DB: postgres
+      KC_DB_URL_HOST: keycloak-db
+      KC_DB_USERNAME: ${KEYCLOAK_POSTGRES_USER}
+      KC_DB_PASSWORD: ${KEYCLOAK_POSTGRES_PASSWORD}
+      KC_DB_DATABASE: ${KEYCLOAK_POSTGRES_DB}
+      KC_DB_SCHEMA: public
+      KC_BOOTSTRAP_ADMIN_USERNAME: ${KEYCLOAK_ADMIN}
+      KC_BOOTSTRAP_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD}
+      KC_HOSTNAME: ${KEYCLOAK_HOSTNAME}
+      KC_HTTP_ENABLED: true
+      KC_HEALTH_ENABLED: true
+    env_file:
+      - .env.dev
+    ports:
+      - "7080:8080"
+    depends_on:
+      keycloak-db:
+        condition: service_healthy
+    networks:
+      - legalconsenthub-net
+    healthcheck:
+      test: ["CMD-SHELL", "curl --head -fsS http://localhost:9000/health/ready | echo $?"]
+      interval: 30s
+      timeout: 10s
+      retries: 5
+      start_period: 40s
+
+  keycloak-db:
+    image: postgres:latest
+    container_name: legalconsenthub-keycloak-postgres
+    environment:
+      POSTGRES_USER: ${KEYCLOAK_POSTGRES_USER}
+      POSTGRES_PASSWORD: ${KEYCLOAK_POSTGRES_PASSWORD}
+      POSTGRES_DB: ${KEYCLOAK_POSTGRES_DB}
+    env_file:
+      - .env.dev
+    ports:
+      - "5532:5432"
+    networks:
+      - legalconsenthub-net
+    volumes:
+      - keycloak_postgres_data:/var/lib/postgresql
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U $${KEYCLOAK_POSTGRES_USER} -d $${KEYCLOAK_POSTGRES_DB}"]
+      interval: 10s
+      retries: 5
+      start_period: 30s
+      timeout: 10s
--- a/deployment/docker-compose-prod.yaml
+++ b/deployment/docker-compose-prod.yaml
@@ -0,0 +1,129 @@
+networks:
+  legalconsenthub-net:
+    driver: bridge
+
+volumes:
+  legalconsenthub_postgres_data:
+  keycloak_postgres_data:
+
+services:
+  backend:
+    image: gitea.lugnas.de/denis/legalconsenthub-backend:latest
+    container_name: legalconsenthub-backend
+    environment:
+      LEGALCONSENTHUB_DB_URL: jdbc:postgresql://legalconsenthub-db:5432/${LEGALCONSENTHUB_POSTGRES_DB}
+      LEGALCONSENTHUB_DB_APP_USER: ${LEGALCONSENTHUB_POSTGRES_USER}
+      LEGALCONSENTHUB_DB_PASSWORD: ${LEGALCONSENTHUB_POSTGRES_PASSWORD}
+      SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUER_URI: http://keycloak:8080/realms/${KEYCLOAK_REALM}
+      SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_JWK_SET_URI: http://keycloak:8080/realms/${KEYCLOAK_REALM}/protocol/openid-connect/certs
+      SERVER_PORT: 8080
+    ports:
+      - "8080:8080"
+    depends_on:
+      legalconsenthub-db:
+        condition: service_healthy
+      keycloak:
+        condition: service_healthy
+    networks:
+      - legalconsenthub-net
+    # healthcheck:
+    #   test: ["CMD-SHELL", "wget --no-verbose --tries=1 --spider http://localhost:8080/actuator/health || exit 1"]
+    #   interval: 30s
+    #   timeout: 10s
+    #   retries: 3
+    #   start_period: 60s
+    env_file:
+      - .env.prod
+
+  frontend:
+    image: gitea.lugnas.de/denis/legalconsenthub:latest
+    container_name: legalconsenthub-frontend
+    ports:
+      - "3210:3000"
+    depends_on:
+      keycloak:
+        condition: service_healthy
+      # backend:
+      #   condition: service_healthy
+    networks:
+      - legalconsenthub-net
+    env_file:
+      - .env.prod
+
+  keycloak:
+    image: quay.io/keycloak/keycloak:26.4.0
+    container_name: legalconsenthub-keycloak
+    command: start-dev
+    environment:
+      KC_DB: postgres
+      KC_DB_URL_HOST: keycloak-db
+      KC_DB_URL_PORT: 5432
+      KC_DB_USERNAME: ${KEYCLOAK_POSTGRES_USER}
+      KC_DB_PASSWORD: ${KEYCLOAK_POSTGRES_PASSWORD}
+      KC_DB_DATABASE: ${KEYCLOAK_POSTGRES_DB}
+      KC_DB_SCHEMA: public
+      KC_BOOTSTRAP_ADMIN_USERNAME: ${KEYCLOAK_ADMIN}
+      KC_BOOTSTRAP_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD}
+      KC_HOSTNAME: ${KEYCLOAK_HOSTNAME}
+      KC_HOSTNAME_STRICT: false
+      KC_HTTP_ENABLED: true
+      KC_HEALTH_ENABLED: true
+    ports:
+      - "7080:8080"
+    depends_on:
+      keycloak-db:
+        condition: service_healthy
+    networks:
+      - legalconsenthub-net
+    env_file:
+      - .env.prod
+    healthcheck:
+      test: ["CMD-SHELL", "curl --head -fsS http://localhost:9000/health/ready | echo $?"]
+      interval: 30s
+      timeout: 10s
+      retries: 5
+      start_period: 40s
+
+  keycloak-db:
+    image: postgres:latest
+    container_name: legalconsenthub-keycloak-postgres
+    environment:
+      POSTGRES_USER: ${KEYCLOAK_POSTGRES_USER}
+      POSTGRES_PASSWORD: ${KEYCLOAK_POSTGRES_PASSWORD}
+      POSTGRES_DB: ${KEYCLOAK_POSTGRES_DB}
+    ports:
+      - "5445:5432"
+    networks:
+      - legalconsenthub-net
+    volumes:
+      - keycloak_postgres_data:/var/lib/postgresql
+    env_file:
+      - .env.prod
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U $${KEYCLOAK_POSTGRES_USER} -d $${KEYCLOAK_POSTGRES_DB}"]
+      interval: 10s
+      retries: 5
+      start_period: 30s
+      timeout: 10s
+
+  legalconsenthub-db:
+    image: postgres:latest
+    container_name: legalconsenthub-postgres
+    environment:
+      POSTGRES_USER: ${LEGALCONSENTHUB_POSTGRES_USER}
+      POSTGRES_PASSWORD: ${LEGALCONSENTHUB_POSTGRES_PASSWORD}
+      POSTGRES_DB: ${LEGALCONSENTHUB_POSTGRES_DB}
+    ports:
+      - "5444:5432"
+    networks:
+      - legalconsenthub-net
+    volumes:
+      - legalconsenthub_postgres_data:/var/lib/postgresql
+    env_file:
+      - .env.prod
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U $${LEGALCONSENTHUB_POSTGRES_USER} -d $${LEGALCONSENTHUB_POSTGRES_DB}"]
+      interval: 10s
+      retries: 5
+      start_period: 30s
+      timeout: 10s
--- a/legalconsenthub-backend/docker-compose.yaml
+++ b/legalconsenthub-backend/docker-compose.yaml
@@ -1,45 +0,0 @@
-networks:
-  net:
-    driver: bridge
-
-volumes:
-  postgres_data_testbed:
-
-services:
-  db:
-    image: postgres:latest
-    container_name: postgres-testbed
-    environment:
-      POSTGRES_USER: ${POSTGRES_USER}
-      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
-      POSTGRES_DB: ${POSTGRES_DB}
-    env_file:
-      - .env
-    ports:
-      - 5532:5432
-    networks:
-      - net
-    volumes:
-      - postgres_data_testbed:/var/lib/postgresql/data
-
-  keycloak:
-    image: quay.io/keycloak/keycloak:26.4.0
-    container_name: keycloak-testbed
-    command: start-dev
-    environment:
-      KC_DB: postgres
-      KC_DB_URL_HOST: db
-      KC_DB_USERNAME: ${POSTGRES_USER}
-      KC_DB_PASSWORD: ${POSTGRES_PASSWORD}
-      KC_DB_DATABASE: ${POSTGRES_DB}
-      KC_DB_SCHEMA: public
-      KC_BOOTSTRAP_ADMIN_USERNAME: ${KEYCLOAK_ADMIN}
-      KC_BOOTSTRAP_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD}
-    env_file:
-      - .env
-    ports:
-      - 7080:8080
-    depends_on:
-      - db
-    networks:
-      - net
--- a/legalconsenthub/nuxt.config.ts
+++ b/legalconsenthub/nuxt.config.ts
@@ -7,15 +7,15 @@ export default defineNuxtConfig({
      clientProxyBasePath: 'NOT_SET',
      serverApiBaseUrl: 'NOT_SET',
      serverApiBasePath: 'NOT_SET',
-      keycloakTokenUrl: 'http://localhost:7080/realms/legalconsenthub/protocol/openid-connect/token'
+      keycloakTokenUrl: 'NOT_SET'
    },
    oauth: {
      keycloak: {
-        clientId: 'legalconsenthub',
-        clientSecret: 'mROUAVlg3c0hepNt182FJgg6dEYsomc7',
-        realm: 'legalconsenthub',
-        serverUrl: 'http://localhost:7080',
-        redirectURL: 'http://localhost:3001/auth/keycloak',
+        clientId: 'NOT_SET',
+        clientSecret: 'NOT_SET',
+        realm: 'NOT_SET',
+        serverUrl: 'NOT_SET',
+        redirectURL: 'NOT_SET',
        scope: ['openid', 'organization']
      }
    }