mocode-software/meldestelle
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feature Keycloak Auth

Browse Source
This commit is contained in:
Stefan Mogeritsch
2025-10-06 01:07:16 +02:00
parent 82b1a2679d
commit a2ffb1e076
24 changed files with 3089 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files
logs/gateway.log
+27
View File
@@ -0,0 +1,27 @@
2025-10-05 21:49:40.525 [background-preinit] INFO [] o.h.validator.internal.util.Version - HV000001: Hibernate Validator 8.0.3.Final
2025-10-05 21:49:40.564 [main] INFO [] a.m.i.gateway.GatewayApplicationKt - Starting GatewayApplicationKt using Java 21.0.8 with PID 783949 (/home/stefan-mo/WsMeldestelle/Meldestelle/infrastructure/gateway/build/classes/kotlin/main started by stefan-mo in /home/stefan-mo/WsMeldestelle/Meldestelle)
2025-10-05 21:49:40.565 [main] DEBUG [] a.m.i.gateway.GatewayApplicationKt - Running with Spring Boot v3.5.5, Spring v6.2.10
2025-10-05 21:49:40.565 [main] INFO [] a.m.i.gateway.GatewayApplicationKt - The following 1 profile is active: "dev"
2025-10-05 21:49:41.913 [main] INFO [] o.s.cloud.context.scope.GenericScope - BeanFactory id=548af07a-4d4c-30b3-8388-eaf5c0d95d23
2025-10-05 21:49:44.188 [main] INFO [] o.s.c.g.r.RouteDefinitionRouteLocator - Loaded RoutePredicateFactory [After]
2025-10-05 21:49:44.188 [main] INFO [] o.s.c.g.r.RouteDefinitionRouteLocator - Loaded RoutePredicateFactory [Before]
2025-10-05 21:49:44.188 [main] INFO [] o.s.c.g.r.RouteDefinitionRouteLocator - Loaded RoutePredicateFactory [Between]
2025-10-05 21:49:44.189 [main] INFO [] o.s.c.g.r.RouteDefinitionRouteLocator - Loaded RoutePredicateFactory [Cookie]
2025-10-05 21:49:44.189 [main] INFO [] o.s.c.g.r.RouteDefinitionRouteLocator - Loaded RoutePredicateFactory [Header]
2025-10-05 21:49:44.189 [main] INFO [] o.s.c.g.r.RouteDefinitionRouteLocator - Loaded RoutePredicateFactory [Host]
2025-10-05 21:49:44.189 [main] INFO [] o.s.c.g.r.RouteDefinitionRouteLocator - Loaded RoutePredicateFactory [Method]
2025-10-05 21:49:44.189 [main] INFO [] o.s.c.g.r.RouteDefinitionRouteLocator - Loaded RoutePredicateFactory [Path]
2025-10-05 21:49:44.189 [main] INFO [] o.s.c.g.r.RouteDefinitionRouteLocator - Loaded RoutePredicateFactory [Query]
2025-10-05 21:49:44.189 [main] INFO [] o.s.c.g.r.RouteDefinitionRouteLocator - Loaded RoutePredicateFactory [ReadBody]
2025-10-05 21:49:44.189 [main] INFO [] o.s.c.g.r.RouteDefinitionRouteLocator - Loaded RoutePredicateFactory [RemoteAddr]
2025-10-05 21:49:44.189 [main] INFO [] o.s.c.g.r.RouteDefinitionRouteLocator - Loaded RoutePredicateFactory [XForwardedRemoteAddr]
2025-10-05 21:49:44.189 [main] INFO [] o.s.c.g.r.RouteDefinitionRouteLocator - Loaded RoutePredicateFactory [Weight]
2025-10-05 21:49:44.189 [main] INFO [] o.s.c.g.r.RouteDefinitionRouteLocator - Loaded RoutePredicateFactory [CloudFoundryRouteService]
2025-10-05 21:49:44.880 [main] INFO [] o.s.b.a.e.web.EndpointLinksResolver - Exposing 6 endpoints beneath base path '/actuator'
2025-10-05 21:49:45.585 [main] WARN [] o.s.c.l.c.LoadBalancerCacheAutoConfiguration$LoadBalancerCaffeineWarnLogger - Spring Cloud LoadBalancer is currently working with the default cache. While this cache implementation is useful for development and tests, it's recommended to use Caffeine cache in production.You can switch to using Caffeine cache, by adding it and org.springframework.cache.caffeine.CaffeineCacheManager to the classpath.
2025-10-05 21:49:45.714 [main] INFO [] o.s.b.w.e.netty.NettyWebServer - Netty started on port 8080 (http)
2025-10-05 21:49:45.716 [main] INFO [] o.s.c.c.s.ConsulServiceRegistry - Registering service with consul: NewService{id='meldestelle-8080-2567c504-f48c-4f6e-918e-23b80c37675e', name='meldestelle', tags=[], address='10.0.0.18', meta={secure=false}, port=8080, enableTagOverride=null, check=Check{script='null', dockerContainerID='null', shell='null', interval='10s', ttl='null', http='http://10.0.0.18:8080/actuator/health', method='null', header={}, tcp='null', timeout='null', deregisterCriticalServiceAfter='null', tlsSkipVerify=null, status='null', grpc='null', grpcUseTLS=null}, checks=null}
2025-10-05 21:49:45.865 [main] INFO [] a.m.i.gateway.GatewayApplicationKt - Started GatewayApplicationKt in 5.753 seconds (process running for 6.365)
2025-10-05 21:53:53.365 [SpringApplicationShutdownHook] INFO [] o.s.b.w.e.netty.GracefulShutdown - Commencing graceful shutdown. Waiting for active requests to complete
2025-10-05 21:53:53.367 [netty-shutdown] INFO [] o.s.b.w.e.netty.GracefulShutdown - Graceful shutdown complete
2025-10-05 21:53:55.378 [SpringApplicationShutdownHook] INFO [] o.s.c.c.s.ConsulServiceRegistry - Deregistering service with consul: meldestelle-8080-2567c504-f48c-4f6e-918e-23b80c37675e
logs/troubleshooting/compose-config.txt
+371
View File
@@ -0,0 +1,371 @@
# docker compose config output
name: meldestelle
services:
api-gateway:
build:
context: /home/stefan-mo/WsMeldestelle/Meldestelle
dockerfile: dockerfiles/infrastructure/gateway/Dockerfile
args:
BUILD_DATE: unknown
GRADLE_VERSION: 9.0.0
JAVA_VERSION: "21"
SPRING_PROFILES_ACTIVE: default
VERSION: 1.0.0
container_name: meldestelle-api-gateway
depends_on:
consul:
condition: service_healthy
required: true
keycloak:
condition: service_healthy
required: true
postgres:
condition: service_healthy
required: true
redis:
condition: service_healthy
required: true
environment:
CONSUL_ENABLED: "true"
CONSUL_HOST: consul
CONSUL_PORT: "8500"
GATEWAY_PORT: "8081"
GATEWAY_SECURITY_KEYCLOAK_ENABLED: "false"
KEYCLOAK_CLIENT_ID: api-gateway
KEYCLOAK_ISSUER_URI: http://keycloak:8080/realms/meldestelle
KEYCLOAK_JWK_SET_URI: http://keycloak:8080/realms/meldestelle/protocol/openid-connect/certs
KEYCLOAK_REALM: meldestelle
KEYCLOAK_SERVER_URL: http://keycloak:8080
SPRING_PROFILES_ACTIVE: dev,keycloak
healthcheck:
test:
- CMD
- curl
- --fail
- http://localhost:8081/actuator/health
timeout: 5s
interval: 15s
retries: 3
start_period: 30s
networks:
meldestelle-network: null
ports:
- mode: ingress
target: 8081
published: "8081"
protocol: tcp
restart: unless-stopped
volumes:
- type: volume
source: api-gateway-gradle-cache
target: /home/gradle/.gradle
volume: {}
consul:
command:
- agent
- -server
- -ui
- -node=server-1
- -bootstrap-expect=1
- -client=0.0.0.0
container_name: meldestelle-consul
healthcheck:
test:
- CMD
- curl
- -f
- http://localhost:8500/v1/status/leader
timeout: 5s
interval: 10s
retries: 3
start_period: 20s
image: hashicorp/consul:1.15
networks:
meldestelle-network: null
ports:
- mode: ingress
target: 8500
published: "8500"
protocol: tcp
restart: unless-stopped
grafana:
container_name: meldestelle-grafana
depends_on:
prometheus:
condition: service_started
required: true
environment:
GF_INSTALL_PLUGINS: grafana-piechart-panel
GF_SECURITY_ADMIN_PASSWORD: admin
GF_SECURITY_ADMIN_USER: admin
GF_USERS_ALLOW_SIGN_UP: "false"
healthcheck:
test:
- CMD
- curl
- --fail
- http://localhost:3000/api/health
timeout: 5s
interval: 10s
retries: 3
start_period: 20s
image: grafana/grafana:11.3.0
networks:
meldestelle-network: null
ports:
- mode: ingress
target: 3000
published: "3000"
protocol: tcp
restart: unless-stopped
volumes:
- type: volume
source: grafana-data
target: /var/lib/grafana
volume: {}
- type: bind
source: /home/stefan-mo/WsMeldestelle/Meldestelle/docker/monitoring/grafana
target: /etc/grafana/provisioning
read_only: true
bind:
create_host_path: true
kafka:
container_name: meldestelle-kafka
depends_on:
zookeeper:
condition: service_healthy
required: true
environment:
KAFKA_ADVERTISED_LISTENERS: PLAINTEXT://kafka:29092,PLAINTEXT_HOST://localhost:9092
KAFKA_BROKER_ID: "1"
KAFKA_INTER_BROKER_LISTENER_NAME: PLAINTEXT
KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: PLAINTEXT:PLAINTEXT,PLAINTEXT_HOST:PLAINTEXT
KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: "1"
KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
healthcheck:
test:
- CMD
- kafka-broker-api-versions
- --bootstrap-server
- localhost:9092
timeout: 5s
interval: 10s
retries: 3
start_period: 20s
image: confluentinc/cp-kafka:7.4.0
networks:
meldestelle-network: null
ports:
- mode: ingress
target: 9092
published: "9092"
protocol: tcp
restart: unless-stopped
keycloak:
command:
- start-dev
- --import-realm
container_name: meldestelle-keycloak
depends_on:
postgres:
condition: service_healthy
required: true
environment:
JAVA_OPTS_APPEND: -XX:MaxRAMPercentage=75.0 -XX:+UseG1GC -XX:+UseStringDeduplication -XX:+DisableExplicitGC -Djava.net.preferIPv4Stack=true -Duser.timezone=Europe/Vienna
KC_CACHE: ispn
KC_DB: postgres
KC_DB_PASSWORD: meldestelle
KC_DB_POOL_INITIAL_SIZE: "5"
KC_DB_POOL_MAX_SIZE: "20"
KC_DB_POOL_MIN_SIZE: "5"
KC_DB_SCHEMA: keycloak
KC_DB_URL: jdbc:postgresql://postgres:5432/meldestelle
KC_DB_USERNAME: meldestelle
KC_HEALTH_ENABLED: "true"
KC_HOSTNAME_STRICT: "false"
KC_HTTP_ENABLED: "true"
KC_HTTP_PORT: "8080"
KC_LOG_CONSOLE_COLOR: "false"
KC_LOG_CONSOLE_FORMAT: plain
KC_LOG_LEVEL: info
KC_METRICS_ENABLED: "true"
KC_PROXY_HEADERS: xforwarded
KEYCLOAK_ADMIN: admin
KEYCLOAK_ADMIN_PASSWORD: admin
healthcheck:
test:
- CMD-SHELL
- 'if command -v curl >/dev/null 2>&1; then curl -fsS http://localhost:8080/health/ready | grep -q "\"status\":\"UP\""; elif command -v wget >/dev/null 2>&1; then wget -q -O - http://localhost:8080/health/ready | grep -q "\"status\":\"UP\""; else echo "Healthcheck: curl/wget not found, using bash /dev/tcp fallback" >&2; timeout 25 bash -lc "exec 3<>/dev/tcp/127.0.0.1/8080 && printf \"GET /health/ready HTTP/1.1\\r\\nHost: localhost\\r\\nConnection: close\\r\\n\\r\\n\" >&3 && head -n 1 <&3 | grep -q \"200 OK\""; fi'
timeout: 30s
interval: 15s
retries: 10
start_period: 3m0s
image: quay.io/keycloak/keycloak:26.4.0
networks:
meldestelle-network: null
ports:
- mode: ingress
target: 8080
published: "8180"
protocol: tcp
restart: unless-stopped
volumes:
- type: bind
source: /home/stefan-mo/WsMeldestelle/Meldestelle/docker/services/keycloak
target: /opt/keycloak/data/import
bind:
create_host_path: true
- type: volume
source: keycloak-data
target: /opt/keycloak/data
volume: {}
postgres:
container_name: meldestelle-postgres
environment:
POSTGRES_DB: meldestelle
POSTGRES_PASSWORD: meldestelle
POSTGRES_USER: meldestelle
healthcheck:
test:
- CMD-SHELL
- pg_isready -U meldestelle -d meldestelle
timeout: 5s
interval: 10s
retries: 3
start_period: 20s
image: postgres:16-alpine
networks:
meldestelle-network: null
ports:
- mode: ingress
target: 5432
published: "5432"
protocol: tcp
restart: unless-stopped
volumes:
- type: volume
source: postgres-data
target: /var/lib/postgresql/data
volume: {}
- type: bind
source: /home/stefan-mo/WsMeldestelle/Meldestelle/docker/services/postgres
target: /docker-entrypoint-initdb.d
bind:
create_host_path: true
prometheus:
command:
- --config.file=/etc/prometheus/prometheus.yml
- --storage.tsdb.path=/prometheus
- --web.console.libraries=/etc/prometheus/console_libraries
- --web.console.templates=/etc/prometheus/consoles
- --storage.tsdb.retention.time=200h
- --web.enable-lifecycle
container_name: meldestelle-prometheus
healthcheck:
test:
- CMD
- wget
- --no-verbose
- --tries=1
- --spider
- http://localhost:9090/-/healthy
timeout: 5s
interval: 10s
retries: 3
start_period: 20s
image: prom/prometheus:v2.54.1
networks:
meldestelle-network: null
ports:
- mode: ingress
target: 9090
published: "9090"
protocol: tcp
restart: unless-stopped
volumes:
- type: volume
source: prometheus-data
target: /prometheus
volume: {}
- type: bind
source: /home/stefan-mo/WsMeldestelle/Meldestelle/docker/monitoring/prometheus
target: /etc/prometheus
read_only: true
bind:
create_host_path: true
redis:
command:
- redis-server
- --appendonly
- "yes"
container_name: meldestelle-redis
healthcheck:
test:
- CMD
- redis-cli
- ping
timeout: 5s
interval: 10s
retries: 3
start_period: 20s
image: redis:7-alpine
networks:
meldestelle-network: null
ports:
- mode: ingress
target: 6379
published: "6379"
protocol: tcp
restart: unless-stopped
volumes:
- type: volume
source: redis-data
target: /data
volume: {}
zookeeper:
container_name: meldestelle-zookeeper
environment:
ZOOKEEPER_CLIENT_PORT: "2181"
ZOOKEEPER_TICK_TIME: "2000"
healthcheck:
test:
- CMD
- bash
- -c
- echo 'ruok' | nc localhost 2181
timeout: 5s
interval: 10s
retries: 3
start_period: 20s
image: confluentinc/cp-zookeeper:7.4.0
networks:
meldestelle-network: null
ports:
- mode: ingress
target: 2181
published: "2181"
protocol: tcp
restart: unless-stopped
networks:
meldestelle-network:
name: meldestelle_meldestelle-network
driver: bridge
volumes:
api-gateway-gradle-cache:
name: meldestelle_api-gateway-gradle-cache
driver: local
grafana-data:
name: meldestelle_grafana-data
driver: local
keycloak-data:
name: meldestelle_keycloak-data
driver: local
postgres-data:
name: meldestelle_postgres-data
driver: local
prometheus-data:
name: meldestelle_prometheus-data
driver: local
redis-data:
name: meldestelle_redis-data
driver: local