1467766f3d
- OAuth 2.0 서비스 구현 * Authorization Code, Client Credentials, Refresh Token 플로우 지원 * 애플리케이션 등록 및 관리 기능 * 토큰 introspection 및 revocation * SSO 설정 지원 (Google, GitHub, SAML) * 실용적인 스코프 시스템 (user, app, org, api 관리) - 사용자 프로필 기능 확장 * 프로필 사진 및 썸네일 필드 추가 * bio, location, website 등 추가 프로필 정보 * 이메일 인증 및 계정 활성화 상태 관리 * UserPublicResponse 모델 추가 - OAuth 스코프 관리 * picture 스코프 추가 (프로필 사진 접근 제어) * 카테고리별 스코프 정리 (기본 인증, 사용자 데이터, 앱 관리, 조직, API) * 스코프별 승인 필요 여부 설정 - 인프라 개선 * Users 서비스 포트 매핑 추가 (8001) * OAuth 서비스 Docker 구성 (포트 8003) * Kafka 이벤트 통합 (USER_CREATED, USER_UPDATED, USER_DELETED) 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
206 lines
5.2 KiB
YAML
206 lines
5.2 KiB
YAML
version: '3.8'
|
|
|
|
services:
|
|
console-frontend:
|
|
build:
|
|
context: ./console/frontend
|
|
dockerfile: Dockerfile
|
|
container_name: ${COMPOSE_PROJECT_NAME}_console_frontend
|
|
ports:
|
|
- "${CONSOLE_FRONTEND_PORT}:80"
|
|
networks:
|
|
- site11_network
|
|
restart: unless-stopped
|
|
depends_on:
|
|
- console-backend
|
|
|
|
console-backend:
|
|
build:
|
|
context: ./console/backend
|
|
dockerfile: Dockerfile
|
|
container_name: ${COMPOSE_PROJECT_NAME}_console_backend
|
|
ports:
|
|
- "${CONSOLE_BACKEND_PORT}:8000"
|
|
environment:
|
|
- ENV=${ENV}
|
|
- PORT=8000
|
|
- USERS_SERVICE_URL=${USERS_SERVICE_URL}
|
|
- JWT_SECRET_KEY=${JWT_SECRET_KEY}
|
|
- JWT_ALGORITHM=${JWT_ALGORITHM}
|
|
- ACCESS_TOKEN_EXPIRE_MINUTES=${ACCESS_TOKEN_EXPIRE_MINUTES}
|
|
volumes:
|
|
- ./console/backend:/app
|
|
networks:
|
|
- site11_network
|
|
restart: unless-stopped
|
|
depends_on:
|
|
- users-backend
|
|
|
|
users-backend:
|
|
build:
|
|
context: ./services/users/backend
|
|
dockerfile: Dockerfile
|
|
container_name: ${COMPOSE_PROJECT_NAME}_users_backend
|
|
ports:
|
|
- "${USERS_BACKEND_PORT}:8000"
|
|
environment:
|
|
- ENV=${ENV}
|
|
- PORT=8000
|
|
- MONGODB_URL=${MONGODB_URL}
|
|
- DB_NAME=${USERS_DB_NAME}
|
|
- KAFKA_BOOTSTRAP_SERVERS=${KAFKA_BOOTSTRAP_SERVERS}
|
|
- KAFKA_GROUP_ID=${KAFKA_GROUP_ID}
|
|
volumes:
|
|
- ./services/users/backend:/app
|
|
- ./shared:/app/shared
|
|
networks:
|
|
- site11_network
|
|
restart: unless-stopped
|
|
depends_on:
|
|
- mongodb
|
|
- kafka
|
|
|
|
images-backend:
|
|
build:
|
|
context: ./services/images/backend
|
|
dockerfile: Dockerfile
|
|
container_name: ${COMPOSE_PROJECT_NAME}_images_backend
|
|
ports:
|
|
- "${IMAGES_SERVICE_PORT}:8000"
|
|
environment:
|
|
- ENV=${ENV}
|
|
- PORT=8000
|
|
- REDIS_URL=${REDIS_URL}
|
|
- MONGODB_URL=${MONGODB_URL}
|
|
- CACHE_DIR=/app/cache
|
|
- CONVERT_TO_WEBP=true
|
|
volumes:
|
|
- ./services/images/backend:/app
|
|
- images_cache:/app/cache
|
|
networks:
|
|
- site11_network
|
|
restart: unless-stopped
|
|
depends_on:
|
|
- redis
|
|
- mongodb
|
|
|
|
oauth-backend:
|
|
build:
|
|
context: ./services/oauth/backend
|
|
dockerfile: Dockerfile
|
|
container_name: ${COMPOSE_PROJECT_NAME}_oauth_backend
|
|
ports:
|
|
- "${OAUTH_SERVICE_PORT}:8000"
|
|
environment:
|
|
- ENV=${ENV}
|
|
- PORT=8000
|
|
- MONGODB_URL=${MONGODB_URL}
|
|
- OAUTH_DB_NAME=${OAUTH_DB_NAME}
|
|
- JWT_SECRET_KEY=${JWT_SECRET_KEY}
|
|
- JWT_ALGORITHM=${JWT_ALGORITHM}
|
|
- KAFKA_BOOTSTRAP_SERVERS=${KAFKA_BOOTSTRAP_SERVERS}
|
|
- KAFKA_GROUP_ID=${KAFKA_GROUP_ID}
|
|
volumes:
|
|
- ./services/oauth/backend:/app
|
|
- ./shared:/app/shared
|
|
networks:
|
|
- site11_network
|
|
restart: unless-stopped
|
|
depends_on:
|
|
- mongodb
|
|
- kafka
|
|
|
|
mongodb:
|
|
image: mongo:7.0
|
|
container_name: ${COMPOSE_PROJECT_NAME}_mongodb
|
|
environment:
|
|
- MONGO_INITDB_DATABASE=${MONGODB_DATABASE}
|
|
ports:
|
|
- "${MONGODB_PORT}:27017"
|
|
volumes:
|
|
- mongodb_data:/data/db
|
|
- mongodb_config:/data/configdb
|
|
networks:
|
|
- site11_network
|
|
restart: unless-stopped
|
|
healthcheck:
|
|
test: echo 'db.runCommand("ping").ok' | mongosh localhost:27017/test --quiet
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 5
|
|
|
|
redis:
|
|
image: redis:7-alpine
|
|
container_name: ${COMPOSE_PROJECT_NAME}_redis
|
|
ports:
|
|
- "${REDIS_PORT}:6379"
|
|
volumes:
|
|
- redis_data:/data
|
|
networks:
|
|
- site11_network
|
|
restart: unless-stopped
|
|
healthcheck:
|
|
test: ["CMD", "redis-cli", "ping"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 5
|
|
|
|
zookeeper:
|
|
image: confluentinc/cp-zookeeper:7.5.0
|
|
container_name: ${COMPOSE_PROJECT_NAME}_zookeeper
|
|
environment:
|
|
ZOOKEEPER_CLIENT_PORT: 2181
|
|
ZOOKEEPER_TICK_TIME: 2000
|
|
ports:
|
|
- "${KAFKA_ZOOKEEPER_PORT}:2181"
|
|
volumes:
|
|
- zookeeper_data:/var/lib/zookeeper/data
|
|
- zookeeper_logs:/var/lib/zookeeper/log
|
|
networks:
|
|
- site11_network
|
|
restart: unless-stopped
|
|
|
|
kafka:
|
|
image: confluentinc/cp-kafka:7.5.0
|
|
container_name: ${COMPOSE_PROJECT_NAME}_kafka
|
|
depends_on:
|
|
- zookeeper
|
|
ports:
|
|
- "${KAFKA_PORT}:9092"
|
|
- "9101:9101"
|
|
environment:
|
|
KAFKA_BROKER_ID: 1
|
|
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
|
|
KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: PLAINTEXT:PLAINTEXT,PLAINTEXT_HOST:PLAINTEXT
|
|
KAFKA_ADVERTISED_LISTENERS: PLAINTEXT://kafka:29092,PLAINTEXT_HOST://localhost:9092
|
|
KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
|
|
KAFKA_TRANSACTION_STATE_LOG_MIN_ISR: 1
|
|
KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR: 1
|
|
KAFKA_GROUP_INITIAL_REBALANCE_DELAY_MS: 0
|
|
KAFKA_JMX_PORT: 9101
|
|
KAFKA_JMX_HOSTNAME: localhost
|
|
KAFKA_AUTO_CREATE_TOPICS_ENABLE: 'true'
|
|
volumes:
|
|
- kafka_data:/var/lib/kafka/data
|
|
networks:
|
|
- site11_network
|
|
restart: unless-stopped
|
|
healthcheck:
|
|
test: ["CMD", "kafka-broker-api-versions", "--bootstrap-server", "localhost:9092"]
|
|
interval: 10s
|
|
timeout: 5s
|
|
retries: 5
|
|
|
|
networks:
|
|
site11_network:
|
|
driver: bridge
|
|
name: site11_network
|
|
|
|
volumes:
|
|
mongodb_data:
|
|
mongodb_config:
|
|
redis_data:
|
|
images_cache:
|
|
zookeeper_data:
|
|
zookeeper_logs:
|
|
kafka_data: |