첫 커밋: 로컬 프로젝트 업로드

baron-sso/docker-compose.yaml

@@ -0,0 +1,223 @@
+services:
+    backend:
+        build:
+            context: ./backend
+            dockerfile: Dockerfile
+        container_name: baron_backend
+        env_file:
+            - .env
+        environment:
+            - APP_ENV=${APP_ENV:-development}
+            - GO_ENV=${APP_ENV:-development}
+            - BACKEND_LOG_LEVEL=${BACKEND_LOG_LEVEL:-info}
+            - CLIENT_LOG_DEBUG=${CLIENT_LOG_DEBUG:-false}
+            - WORKS_ADMIN_API_BASE_URL=${WORKS_ADMIN_API_BASE_URL}
+            - WORKS_ADMIN_OAUTH_TOKEN_URL=${WORKS_ADMIN_OAUTH_TOKEN_URL}
+            - COOKIE_SECRET=${COOKIE_SECRET}
+            - JWT_SECRET=${JWT_SECRET}
+            - NAVER_CLOUD_ACCESS_KEY=${NAVER_CLOUD_ACCESS_KEY}
+            - NAVER_CLOUD_SECRET_KEY=${NAVER_CLOUD_SECRET_KEY}
+            - NAVER_CLOUD_SERVICE_ID=${NAVER_CLOUD_SERVICE_ID}
+            - NAVER_SENDER_PHONE_NUMBER=${NAVER_SENDER_PHONE_NUMBER}
+            - USERFRONT_URL=${USERFRONT_URL}
+            - REDIS_ADDR=${REDIS_ADDR}
+            - IDP_PROVIDER=${IDP_PROVIDER:-ory}
+            - KRATOS_ADMIN_URL=${KRATOS_ADMIN_URL:-http://kratos:4434}
+            - HYDRA_ADMIN_URL=${HYDRA_ADMIN_URL:-http://hydra:4445}
+            - HYDRA_PUBLIC_URL=${HYDRA_PUBLIC_URL:-http://hydra:4444}
+            - KETO_READ_URL=${KETO_READ_URL:-http://keto:4466}
+            - KETO_WRITE_URL=${KETO_WRITE_URL:-http://keto:4467}
+            - DB_HOST=postgres
+            - CLICKHOUSE_HOST=clickhouse
+            - CLICKHOUSE_PORT=${CLICKHOUSE_PORT_NATIVE:-9000}
+            - CLICKHOUSE_USER=${CLICKHOUSE_USER:-baron}
+            - CLICKHOUSE_PASSWORD=${CLICKHOUSE_PASSWORD:-password}
+            - SEED_TENANT_CSV_PATH=/app/seed-tenant.csv
+        depends_on:
+            - infra_check
+        networks:
+            - baron_net
+            - ory-net
+        volumes:
+            - ./backend:/app
+            - ./config:/app/config:ro
+            - ./adminfront/seed-tenant.csv:/app/seed-tenant.csv:ro
+        command: ["go", "run", "./cmd/server"]
+
+        healthcheck:
+            test: ["CMD", "wget", "-qO-", "http://127.0.0.1:3000/health"]
+            interval: 10s
+            timeout: 5s
+            retries: 3
+            start_period: 10s
+
+    adminfront:
+        build:
+            context: .
+            dockerfile: ./adminfront/Dockerfile
+            args:
+                VITE_ADMIN_PUBLIC_URL: ${ADMINFRONT_URL}
+                VITE_OIDC_AUTHORITY: ${VITE_OIDC_AUTHORITY}
+                VITE_OIDC_CLIENT_ID: adminfront
+        container_name: baron_adminfront
+        env_file:
+            - .env
+        environment:
+            - APP_ENV=${APP_ENV:-development}
+            - API_PROXY_TARGET=http://baron_backend:3000
+            - USERFRONT_URL=${USERFRONT_URL}
+            - VITE_CLIENT_LOG_DEBUG=${VITE_CLIENT_LOG_DEBUG:-false}
+        ports:
+            - "${ADMINFRONT_PORT:-5173}:5173"
+        volumes:
+            - ./adminfront:/workspace/adminfront
+            - ./common:/common
+            - ./common:/workspace/common
+            - /workspace/common/node_modules
+            - ./locales:/locales
+            - ./locales:/workspace/locales
+            - /workspace/adminfront/node_modules
+        networks:
+            - baron_net
+
+    devfront:
+        build:
+            context: .
+            dockerfile: ./devfront/Dockerfile
+            args:
+                VITE_DEVFRONT_PUBLIC_URL: ${DEVFRONT_URL}
+                VITE_OIDC_AUTHORITY: ${VITE_OIDC_AUTHORITY}
+                VITE_OIDC_CLIENT_ID: devfront
+        container_name: baron_devfront
+        env_file:
+            - .env
+        environment:
+            - APP_ENV=${APP_ENV:-development}
+            - API_PROXY_TARGET=http://baron_backend:3000
+            - USERFRONT_URL=${USERFRONT_URL}
+            - VITE_CLIENT_LOG_DEBUG=${VITE_CLIENT_LOG_DEBUG:-false}
+        ports:
+            - "${DEVFRONT_PORT:-5174}:5173"
+        volumes:
+            - ./devfront:/workspace/devfront
+            - ./common:/common
+            - ./common:/workspace/common
+            - /workspace/common/node_modules
+            - ./locales:/locales
+            - ./locales:/workspace/locales
+            - /workspace/devfront/node_modules
+        networks:
+            - baron_net
+
+    orgfront:
+        build:
+            context: .
+            dockerfile: ./orgfront/Dockerfile
+            args:
+                VITE_ORGFRONT_PUBLIC_URL: ${ORGFRONT_URL}
+                VITE_OIDC_AUTHORITY: ${VITE_OIDC_AUTHORITY}
+                VITE_OIDC_CLIENT_ID: orgfront
+        container_name: baron_orgfront
+        env_file:
+            - .env
+        environment:
+            - APP_ENV=${APP_ENV:-development}
+            - API_PROXY_TARGET=http://baron_backend:3000
+            - USERFRONT_URL=${USERFRONT_URL}
+            - VITE_CLIENT_LOG_DEBUG=${VITE_CLIENT_LOG_DEBUG:-false}
+        ports:
+            - "${ORGFRONT_PORT:-5175}:5175"
+        volumes:
+            - ./orgfront:/workspace/orgfront
+            - ./common:/common
+            - ./common:/workspace/common
+            - /workspace/common/node_modules
+            - ./locales:/locales
+            - ./locales:/workspace/locales
+            - /workspace/orgfront/node_modules
+        networks:
+            - baron_net
+
+
+    userfront:
+        build:
+            context: .
+            dockerfile: userfront/Dockerfile
+            target: ${USERFRONT_BUILD_TARGET:-dev}
+        container_name: baron_userfront
+        env_file:
+            - .env
+        environment:
+            - BACKEND_URL=${BACKEND_URL:-}
+            - USERFRONT_URL=${USERFRONT_URL}
+            - APP_ENV=${APP_ENV}
+            - CLIENT_LOG_DEBUG=${CLIENT_LOG_DEBUG:-false}
+            - USERFRONT_INTERNAL_PORT=5000
+            - USERFRONT_FLUTTER_RUN_FLAGS=${USERFRONT_FLUTTER_RUN_FLAGS:-}
+        volumes:
+            - ./userfront/lib:/workspace/userfront/lib
+            - ./userfront/assets:/workspace/userfront/assets
+            - ./userfront/web:/workspace/userfront/web
+            - ./userfront/scripts:/workspace/userfront/scripts:ro
+            - ./scripts:/workspace/scripts:ro
+            - ./locales:/workspace/locales:ro
+        networks:
+            - baron_net
+            - ory-net
+        depends_on:
+            backend:
+                condition: service_healthy
+        healthcheck:
+            test: ["CMD", "wget", "-qO-", "http://127.0.0.1:5000/"]
+            interval: 10s
+            timeout: 5s
+            retries: 3
+            start_period: 10s
+
+    # Dummy service to wait for infra network if needed,
+    # but essentially we assume infra is running.
+    # In a real unified stack, we might include infra here or use external links.
+    # Here we attach to the same network.
+    infra_check:
+        image: alpine
+        command: ["echo", "Infrastructure assumed running"]
+        networks:
+            - baron_net
+
+    promtail:
+        image: grafana/promtail:2.9.0
+        container_name: baron_promtail
+        restart: unless-stopped
+        volumes:
+            - /var/run/docker.sock:/var/run/docker.sock:ro
+            - /var/lib/docker/containers:/var/lib/docker/containers:ro
+            - ./docker/promtail-config.template.yaml:/etc/promtail/promtail-config.yaml:ro
+        command: -config.file=/etc/promtail/promtail-config.yaml -config.expand-env=true
+        environment:
+            - LOKI_URL=${LOKI_URL:-http://loki:3100/loki/api/v1/push}
+            - APP_ENV=${APP_ENV:-development}
+        networks:
+            - baron_net
+
+    blackbox-exporter:
+        image: prom/blackbox-exporter:v0.25.0
+        container_name: baron_blackbox_exporter
+        restart: unless-stopped
+        ports:
+            - "9115:9115"
+        volumes:
+            - ./docker/monitor/blackbox.yml:/etc/blackbox_exporter/config.yml:ro
+        networks:
+            - baron_net
+            - ory-net
+
+networks:
+    baron_net:
+        external: true
+        name: baron_net
+    ory-net:
+        external: true
+        name: ory-net
+    public_net:
+        external: true
+        name: public_net