kevin/baron-sso
1
0
Fork 0
forked from baron/baron-sso
Code Pull Requests Activity

환경변수 추가

Browse Source
This commit is contained in:
조찬영
2026-02-09 13:08:18 +09:00
parent eb34d387ad
commit 5d66e983cd
2 changed files with 59 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
.gitea/workflows/staging_release.yml
View File

@@ -57,19 +57,31 @@ jobs:
APP_ENV=stage
TZ=Asia/Seoul
IDP_PROVIDER=ory
# DB & Clickhouse
DB_PORT=${{ vars.DB_PORT }}
CLICKHOUSE_PORT_HTTP=${{ vars.CLICKHOUSE_PORT_HTTP }}
CLICKHOUSE_PORT_NATIVE=${{ vars.CLICKHOUSE_PORT_NATIVE }}
CLICKHOUSE_HOST=baron_clickhouse
CLICKHOUSE_USER=${{ vars.CLICKHOUSE_USER }}
CLICKHOUSE_PASSWORD=${{ vars.CLICKHOUSE_PASSWORD }}
BACKEND_PORT=${{ vars.BACKEND_PORT }}
ADMINFRONT_PORT=${{ vars.ADMINFRONT_PORT }}
DEVFRONT_PORT=${{ vars.DEVFRONT_PORT }}
USERFRONT_PORT=${{ vars.USERFRONT_PORT }}
# [추가] Oathkeeper 명시적 URL (컨테이너 이름 사용)
OATHKEEPER_API_URL=http://ory_oathkeeper:4456
DB_USER=${{ vars.DB_USER }}
DB_PASSWORD=${{ secrets.STG_DB_PASSWORD }}
DB_NAME=${{ vars.DB_NAME }}
COOKIE_SECRET=${{ secrets.STG_COOKIE_SECRET }}
JWT_SECRET=${{ secrets.STG_JWT_SECRET }}
REDIS_ADDR=${{ vars.REDIS_ADDR }}
REDIS_ADDR=$(echo "${{ vars.REDIS_ADDR }}" | tr -d '"')
CORS_ALLOWED_ORIGINS=${{ vars.CORS_ALLOWED_ORIGINS }}
AUDIT_WORKER_COUNT=5
AUDIT_QUEUE_SIZE=2000

85
docker/docker-compose.staging.template.yaml
View File

@@ -2,45 +2,52 @@ name: baron-sso-staging
services:
backend:
image: ${BACKEND_IMAGE_NAME}:${IMAGE_TAG}
container_name: baron_backend
restart: unless-stopped
env_file:
- .env
environment:
- APP_ENV=stage
- GO_ENV=stage
- COOKIE_SECRET="${COOKIE_SECRET}"
- DB_HOST=postgres
- CLICKHOUSE_HOST=clickhouse
- CLICKHOUSE_PORT="${CLICKHOUSE_PORT_NATIVE:-9000}"
- CLICKHOUSE_USER="${CLICKHOUSE_USER:-baron}"
- CLICKHOUSE_PASSWORD="${CLICKHOUSE_PASSWORD:-password}"
- USERFRONT_URL="${USERFRONT_URL:-https://sso.hmac.kr}"
- REDIS_ADDR="${REDIS_ADDR:-redis:6389}"
- IDP_PROVIDER=ory
- KRATOS_ADMIN_URL="${KRATOS_ADMIN_URL:-http://ory_kratos:4434}"
- HYDRA_ADMIN_URL="${HYDRA_ADMIN_URL:-http://ory_hydra:4445}"
- HYDRA_PUBLIC_URL="${HYDRA_PUBLIC_URL:-http://ory_hydra:4444}"
- PROFILE_CACHE_TTL="${PROFILE_CACHE_TTL:-30m}"
# Oathkeeper URL이 필요하다면 명시 (일반적으로 내부 DNS 사용시 불필요하나 확실히 하기 위해)
- OATHKEEPER_API_URL=http://ory_oathkeeper:4456
ports:
- "${BACKEND_PORT:-3000}:3000"
depends_on:
infra_check:
condition: service_started
networks:
- baron_net
- ory-net
# [수정됨] Healthcheck 시간을 넉넉하게 늘림
healthcheck:
test: ["CMD", "wget", "-qO-", "http://127.0.0.1:3000/health"]
interval: 10s
timeout: 5s
retries: 10 # 3회 -> 10회 (최대 10번 재시도)
start_period: 60s # 10초 -> 60초 (처음 1분간은 실패해도 봐줌)
image: ${BACKEND_IMAGE_NAME}:${IMAGE_TAG}
container_name: baron_backend
restart: unless-stopped
env_file:
- .env
environment:
- APP_ENV=stage
- GO_ENV=stage
- COOKIE_SECRET="${COOKIE_SECRET}"
# [수정] Infra Compose의 컨테이너 이름과 일치
- DB_HOST=baron_postgres
- CLICKHOUSE_HOST=baron_clickhouse
# [수정] 포트 변수 확실하게 매핑 (기본값 9000)
- CLICKHOUSE_PORT=${CLICKHOUSE_PORT_NATIVE:-9000}
- CLICKHOUSE_USER="${CLICKHOUSE_USER:-baron}"
- CLICKHOUSE_PASSWORD="${CLICKHOUSE_PASSWORD:-password}"
- USERFRONT_URL="${USERFRONT_URL:-https://sso.hmac.kr}"
- REDIS_ADDR="${REDIS_ADDR:-baron_redis:6389}"
- IDP_PROVIDER=ory
# Ory Service URLs
- KRATOS_ADMIN_URL="${KRATOS_ADMIN_URL:-http://ory_kratos:4434}"
- HYDRA_ADMIN_URL="${HYDRA_ADMIN_URL:-http://ory_hydra:4445}"
- HYDRA_PUBLIC_URL="${HYDRA_PUBLIC_URL:-http://ory_hydra:4444}"
# [추가] Oathkeeper URL 명시 (DNS 문제 해결)
- OATHKEEPER_API_URL=${OATHKEEPER_API_URL:-http://ory_oathkeeper:4456}
- PROFILE_CACHE_TTL="${PROFILE_CACHE_TTL:-30m}"
ports:
- "${BACKEND_PORT:-3000}:3000"
depends_on:
infra_check:
condition: service_started
networks:
- baron_net
- ory-net
healthcheck:
test: ["CMD", "wget", "-qO-", "http://127.0.0.1:3000/health"]
interval: 10s
timeout: 5s
retries: 10
start_period: 60s
adminfront:
image: ${ADMINFRONT_IMAGE_NAME}:${IMAGE_TAG}