KasarLabs
diff --git a/‎.gitignore‎
Lines changed: 18 additions & 0 deletions b/‎.gitignore‎
Lines changed: 18 additions & 0 deletions
diff --git a/‎Makefile‎
Lines changed: 59 additions & 0 deletions b/‎Makefile‎
Lines changed: 59 additions & 0 deletions
diff --git a/‎docker-compose.yml‎
Lines changed: 117 additions & 15 deletions b/‎docker-compose.yml‎
Lines changed: 117 additions & 15 deletions
@@ -56,3 +56,21 @@ packages/database/data/pg_wal/
 
 # LangGraph API
 .langgraph_api
+
+keycloak/.env.keycloak
+keycloak/realm.json
+
+# Data
+kc_postgres_data/
+postgres_data/
+redis_data/
+
+# Docker 
+**/.docker
+
+# Certs
+**/certs/*.crt
+**/certs/*.key
+
+.env.snak-bff
+.env.snak-frontend
@@ -0,0 +1,59 @@
+ENV_FILE=keycloak/.env.keycloak
+REALM_TEMPLATE=keycloak/realm-template.json
+REALM_OUTPUT=keycloak/realm.json
+
+all: certs realms up
+
+certs:
+	@cd keycloak/traefik/certs && \
+	./certs.sh
+	@printf "%b\n" "→ Ensuring hosts entries"
+	@grep -q "mysnakagent.com" /etc/hosts || \
+		echo "127.0.0.1 mysnakagent.com auth.mysnakagent.com" | sudo tee -a /etc/hosts >/dev/null
+	@printf "%b\n" "✔ Hosts updated"
+	@printf "%b\n" "→ /etc/hosts content:"
+	@cat /etc/hosts
+
+up:
+	@printf "%b\n" "$(_BLUE)→ Starting snak + keycloak stack$(_NO)"
+	@docker compose up -d
+	@printf "%b\n" "$(_GREEN)✔ Snak + Keycloak running$(_NO)"
+
+realms: 
+	@printf "%b\n" "$(_STARLIGHT_BLUE)→ Generating realm.json from template$(_NO)"
+	@export $$(grep -v '^#' $(ENV_FILE) | xargs) && \
+	envsubst < $(REALM_TEMPLATE) > $(REALM_OUTPUT)
+	@printf "%b\n" "$(_GREEN)✔ Realm file generated: $(REALM_OUTPUT)$(_NO)"
+
+down:
+	@printf "%b\n" "$(_STARLIGHT_BLUE)→ Stopping all stacks$(_NO)"
+	@docker compose down
+	@printf "%b\n" "$(_GREEN)✔ All stacks stopped$(_NO)"
+
+clean:
+	@printf "%b\n" "$(_STARLIGHT_BLUE)→ Cleaning all (stacks + realm.json)$(_NO)"
+	@docker compose down -v
+	@docker volume prune -af
+	@docker system prune -af
+	rm -f $(REALM_OUTPUT)
+	rm -f keycloak/traefik/certs/mysnakagent.crt
+	rm -f keycloak/traefik/certs/mysnakagent.key
+	@printf "%b\n" "$(_GREEN)✔ Clean done$(_NO)"
+
+.PHONY: all certs up realms down clean
+
+# -------------- Syntaxing -------------- #
+_NO                    = \033[0m
+_BOLD                  = \033[1m
+_BLUE                  = \033[34m
+_CYAN                  = \033[36m
+_RED                   = \033[31m
+_PURPLE                = \033[35m
+_PINK_ORANGE           = \033[38;5;215m
+_GREY                  = \033[38;5;234m
+_STARLIGHT_BLUE        = \033[38;5;158m
+_STARLIGHT_GREEN       = \033[38;5;157m
+_DEEP_BLUE             = \033[38;5;69m
+_YELLOW                = \033[38;5;226m
+_ORANGE                = \033[38;5;209m\e[1m
+# ------------------------------------- #
@@ -1,17 +1,26 @@
+volumes:
+  redis_data:
+    driver: local
+  kc_postgres_data: {}
+
+networks:
+  snaknet:
+    driver: bridge
+
 services:
+
   postgres:
     image: pgvector/pgvector:pg17
     container_name: 'postgresql'
-    networks:
-      - network
+    networks: [snaknet]
     ports:
       - '5432:5432'
     env_file:
       - .env
     volumes:
       - ./packages/database/initdb:/docker-entrypoint-initdb.d
     healthcheck:
-      test: ['CMD-SHELL', 'pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}']
+      test: ['CMD-SHELL', 'pg_isready -U $${POSTGRES_USER}']
       interval: 10s
       timeout: 5s
       retries: 5
@@ -26,8 +35,7 @@ services:
   redis:
     image: redis:7-alpine
     container_name: 'snak_redis'
-    networks:
-      - network
+    networks: [snaknet]
     ports:
       - '127.0.0.1:6379:6379'
     volumes:
@@ -42,13 +50,12 @@ services:
       retries: 5
     restart: unless-stopped
 
-  server:
+  snak-api:
     build:
       context: .
       dockerfile: packages/server/Dockerfile
-    container_name: 'snak_server'
-    networks:
-      - network
+    container_name: 'snak-api'
+    networks: [snaknet]
     ports:
       - '3002:3002'
     env_file:
@@ -60,10 +67,105 @@ services:
         condition: service_healthy
     restart: on-failure
 
-volumes:
-  redis_data:
-    driver: local
+  traefik:
+    image: traefik:v3.1
+    container_name: traefik
+    restart: always
+    command:
+      - --entrypoints.websecure.address=:443
+      - --providers.file.directory=/etc/traefik/dynamic
+      - --api.dashboard=true
+      - --log.level="DEBUG"
+    ports:
+      - "443:443"
+      - "8081:8080" # dashboard
+    volumes:
+      - ./keycloak/traefik/dynamic.yml:/etc/traefik/dynamic/dynamic.yml:ro
+      - ./keycloak/traefik/certs:/certs:ro
+    networks: [snaknet]
+
+  kc_postgres:
+    image: postgres:15
+    container_name: kc_postgres
+    restart: always
+    env_file:
+      - keycloak/.env.keycloak
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}"]
+      interval: 5s
+      timeout: 3s
+      retries: 30
+    volumes:
+      - kc_postgres_data:/var/lib/postgresql/data
+    networks: [snaknet]
+
+  keycloak:
+    image: quay.io/keycloak/keycloak:26.0.2
+    container_name: keycloak
+    command: ["start", "--import-realm"]
+    restart: always
+    depends_on:
+      kc_postgres:
+        condition: service_healthy
+    volumes:
+      - ./keycloak/realm.json:/opt/keycloak/data/import/realm.json:ro
+    env_file:
+      - keycloak/.env.keycloak
+    networks: [snaknet]
+    ports: 
+      - "8080:8080"
+      - "9000:9000"
+
+  oauth2-proxy:
+    image: quay.io/oauth2-proxy/oauth2-proxy:v7.6.0
+    container_name: oauth2_proxy
+    restart: always
+    depends_on:
+      - keycloak
+    env_file:
+      - keycloak/.env.keycloak
+    networks: [snaknet]
+    ports: 
+      - "4180:4180"
+      - "44180:44180"
+
+  # snak-frontend:
+  #   build:
+  #     context: ../snak-app/frontend
+  #     dockerfile: Dockerfile
+  #   container_name: 'snak-frontend'
+  #   env_file:
+  #     - ../snak-app/frontend/.env
+  #   networks: [snaknet]
+  #   ports:
+  #     - '3000:3000'
+
+  # snak-bff:
+  #   build:
+  #     context: ../snak-app/backend
+  #     dockerfile: Dockerfile
+  #   container_name: 'snak-bff'
+  #   env_file:
+  #     - ../snak-app/backend/.env
+  #   networks: [snaknet]
+  #   ports:
+  #     - '3001:3001'
+
+  snak-frontend:
+    image: ghcr.io/kasarlabs/snak-app/snak-frontend:latest
+    container_name: 'snak-frontend'
+    env_file:
+      - .env.snak-frontend
+    networks: [snaknet]
+    ports:
+      - '3000:3000'
+
+  snak-bff:
+    image: ghcr.io/kasarlabs/snak-app/snak-bff:latest
+    container_name: 'snak-bff'
+    env_file:
+      - .env.snak-bff
+    networks: [snaknet]
+    ports:
+      - '3001:3001'
 
-networks:
-  network:
-    driver: bridge