Update & Refactor

Makefile

@@ -8,13 +8,16 @@ down:
 	- docker stack rm egommerce
 
 k8s-up:
-	- sh ${DEPLOY_DIR}/scripts/start-k8s.sh
+	- sh ${DEPLOY_DIR}/start-k8s.sh
 
 k8s-down:
-	- kubectl... TODO :D
+	- kubectl delete -f deploy/k8s/stack.yml
 
 # GENERATING CERTS
-
 certs:
 	- bash ${DEPLOY_DIR}/scripts/gen-certs.sh
 
+volumes-restart:
+	- docker stack rm egommerce
+	- docker volume prune -af
+	- sh ${DEPLOY_DIR}/start-stack.sh

deploy/.env.dist

@@ -0,0 +1,6 @@
+API_GATEWAY_ADDR=gw.service.ego.io
+API_GATEWAY_PORT=443
+
+# API_REGISTRY_ADDR=registry.service.ego.io
+API_REGISTRY_ADDR=api-registry
+API_REGISTRY_PORT=8501

deploy/.env.local

@@ -1,4 +1,6 @@
-API_GATEWAY_PORT=48443
-API_GATEWAY_UI_PORT=48444
-API_REGISTRY_UI_PORT=48445
-API_EVENTBUS_UI_PORT=48446
+API_GATEWAY_ADDR=gw.service.ego.io
+API_GATEWAY_PORT=443
+
+# API_REGISTRY_ADDR=registry.service.ego.io
+#API_REGISTRY_ADDR=api-registry
+API_REGISTRY_PORT=8501

deploy/db_migrations/basket-svc/0001_create_base_tables.up.sql

@@ -1,7 +1,7 @@
 CREATE TABLE IF NOT EXISTS basket.basket
 (
     id uuid NOT NULL DEFAULT gen_random_uuid(),
-    state character varying NOT NULL DEFAULT 'new',
+    "state" character varying NOT NULL DEFAULT 'new',
     created_at timestamp without time zone NOT NULL DEFAULT now(),
     updated_at timestamp without time zone,
     PRIMARY KEY (id)
@@ -13,7 +13,7 @@ CREATE TABLE IF NOT EXISTS basket.basket_item
     basket_id uuid NOT NULL,
     product_id integer NOT NULL,
     quantity integer NOT NULL DEFAULT 1,
-    price double precision NOT NULL DEFAULT 0.00;
+    price double precision NOT NULL DEFAULT 0.00,
     created_at timestamp without time zone NOT NULL DEFAULT now(),
     updated_at timestamp without time zone,
     PRIMARY KEY (id)

deploy/db_migrations/basket-svc/0002_add_price_to_basket_item.down.sql

@@ -1,2 +0,0 @@
-ALTER TABLE IF EXISTS basket.basket_item
-	DROP COLUMN price;

deploy/db_migrations/basket-svc/0002_add_price_to_basket_item.up.sql

@@ -1,2 +0,0 @@
-ALTER TABLE IF EXISTS basket.basket_item
-    ADD COLUMN price double precision NOT NULL DEFAULT 0.00;

deploy/db_migrations/catalog-svc/0001_create_base_tables.up.sql

@@ -1,8 +1,8 @@
 CREATE TABLE catalog.product
 (
     id integer NOT NULL GENERATED ALWAYS AS IDENTITY,
-    pid character varying NOT NULL,
-    name character varying NOT NULL,
+    pid uuid NOT NULL DEFAULT gen_random_uuid(),
+    "name" character varying NOT NULL,
     price double precision NOT NULL,
     created_at timestamp without time zone NOT NULL DEFAULT now(),
     updated_at timestamp without time zone,

deploy/db_migrations/init/init.sql

@@ -1,3 +1,6 @@
 CREATE USER egommerce;
 CREATE DATABASE egommerce;
+
 GRANT ALL PRIVILEGES ON DATABASE egommerce TO egommerce;
+
+CREATE EXTENSION IF NOT EXISTS "pgcrypto";

deploy/db_migrations/order-svc/0001_create_base_tables.down.sql

@@ -1,2 +1,2 @@
-DROP TABLE IF EXISTS ordering.order_item;
-DROP TABLE IF EXISTS ordering."order";
+DROP TABLE IF EXISTS "ordering".order_item;
+DROP TABLE IF EXISTS "ordering"."order";

deploy/db_migrations/order-svc/0001_create_base_tables.up.sql

@@ -1,25 +1,25 @@
-CREATE TABLE IF NOT EXISTS ordering."order"
+CREATE TABLE IF NOT EXISTS "ordering"."order"
 (
     id uuid NOT NULL DEFAULT gen_random_uuid(),
-    state character varying NOT NULL DEFAULT 'new',
+    "state" character varying NOT NULL DEFAULT 'new',
     created_at timestamp without time zone NOT NULL DEFAULT now(),
     updated_at timestamp without time zone,
     PRIMARY KEY (id)
 );
 
-CREATE TABLE IF NOT EXISTS ordering.order_item
+CREATE TABLE IF NOT EXISTS "ordering".order_item
 (
     id uuid NOT NULL DEFAULT gen_random_uuid(),
     order_id uuid NOT NULL,
     product_id integer NOT NULL,
     quantity integer NOT NULL DEFAULT 1,
-    price double precision NOT NULL DEFAULT 0.00;
+    price double precision NOT NULL DEFAULT 0.00,
     created_at timestamp without time zone NOT NULL DEFAULT now(),
     updated_at timestamp without time zone,
     PRIMARY KEY (id)
 );
 
-ALTER TABLE IF EXISTS ordering.order_item
+ALTER TABLE IF EXISTS "ordering".order_item
     ADD CONSTRAINT order_item_order_fkey FOREIGN KEY (order_id)
     REFERENCES "ordering"."order" (id) MATCH SIMPLE
     ON UPDATE NO ACTION

deploy/etc/nginx/nginx-vhost.dev.conf

@@ -16,10 +16,10 @@ upstream egommerce-api-eventbus-mngmt {
 
 server {
         listen 443 ssl;
-        ssl_certificate     /etc/letsencrypt/live/admin.egommerce.pbiernat.dev/fullchain.pem;
-        ssl_certificate_key /etc/letsencrypt/live/admin.egommerce.pbiernat.dev/privkey.pem;
+        ssl_certificate     /etc/letsencrypt/live/admin.egommerce.pbiernat.io/fullchain.pem;
+        ssl_certificate_key /etc/letsencrypt/live/admin.egommerce.pbiernat.io/privkey.pem;
 
-        server_name admin.egommerce.pbiernat.dev;
+        server_name admin.egommerce.pbiernat.io;
 
 	# Traefik redirects
         location /dashboard {
@@ -91,16 +91,16 @@ server {
                 proxy_set_header X-Forwarded-Proto $scheme;
         }
 
-        error_log /var/log/nginx/admin-egommerce.pbiernat.dev-error.log;
-        access_log /var/log/nginx/admin-egommerce.pbiernat.dev-access.log combined;
+        error_log /var/log/nginx/admin-egommerce.pbiernat.io-error.log;
+        access_log /var/log/nginx/admin-egommerce.pbiernat.io-access.log combined;
 }
 
 #server {
 #        listen 443 ssl;
-#        ssl_certificate     /etc/letsencrypt/live/egommerce.pbiernat.dev/fullchain.pem;
-#        ssl_certificate_key /etc/letsencrypt/live/egommerce.pbiernat.dev/privkey.pem;
+#        ssl_certificate     /etc/letsencrypt/live/egommerce.pbiernat.io/fullchain.pem;
+#        ssl_certificate_key /etc/letsencrypt/live/egommerce.pbiernat.io/privkey.pem;
 #
-#        server_name egommerce.pbiernat.dev;
+#        server_name egommerce.pbiernat.io;
 #
 #	# Pass all requests to the API Gateway
 #	location / {
@@ -114,7 +114,7 @@ server {
 #                client_max_body_size 0;
 #	}
 #
-#	error_log /var/log/nginx/egommerce.pbiernat.dev-error.log;
-#	access_log /var/log/nginx/egommerce.pbiernat.dev-access.log combined;
+#	error_log /var/log/nginx/egommerce.pbiernat.io-error.log;
+#	access_log /var/log/nginx/egommerce.pbiernat.io-access.log combined;
 #}
 

deploy/etc/nginx/nginx-vhost.local.conf

@@ -16,8 +16,8 @@ upstream egommerce-api-eventbus-mngmt {
 
 server {
         listen 443 ssl;
-        ssl_certificate     /home/keedosn/workspace/golang/src/git.ego.cloudns.be/egommerce/stack/deploy/certs/api-gateway/localhost.cert;
-        ssl_certificate_key /home/keedosn/workspace/golang/src/git.ego.cloudns.be/egommerce/stack/deploy/certs/api-gateway/localhost.key;
+        ssl_certificate     /home/keedosn/workspace/golang/src/git.pbiernat.io/egommerce/stack/deploy/certs/api-gateway/localhost.cert;
+        ssl_certificate_key /home/keedosn/workspace/golang/src/git.pbiernat.io/egommerce/stack/deploy/certs/api-gateway/localhost.key;
 
         server_name egommerce.local;
 

deploy/etc/prometheus/prometheus.yml

@@ -47,7 +47,7 @@ scrape_configs:
 
   # - job_name: consul
   #   consul_sd_configs:
-  #   - server: api-registry:8500
+  #   - server: api-registry:8501
   #     services:
   #       - consul
   #       - basket-server
@@ -59,7 +59,7 @@ scrape_configs:
 
   # - job_name: rabbitmq
   #   consul_sd_configs:
-  #   - server: api-registry:8500
+  #   - server: api-registry:8501
   #     services:
   #       - api-eventbus
   #   relabel_configs:

deploy/make-cert.sh

@@ -0,0 +1,156 @@
+#!/bin/bash
+
+cd deploy/certs
+
+mkdir -p ca 
+mkdir -p api-gateway api-registry api-gateway api-eventbus api-vault
+mkdir -p basket-svc catalog-svc identity-svc order-svc pricing-svc 
+
+# # Generate ROOT Key
+# openssl genrsa -out ca/internalCA.key 4096
+
+# # Generate ROOT Cert
+# openssl req -x509 -new -nodes -key ca/internalCA.key -subj "/C=PL/ST=Slask/L=Gliwice/O=Egommerce.io CA/CN=egommerce.io" \
+#     -sha256 -days 3650 -out ca/internalCA.crt
+
+
+# # MANAGING SERVICES
+
+# # Generate Key for API-REGISTRY
+# openssl genrsa -out api-registry/registry.key 2048
+
+# # Generate Cert for API-REGISTRY
+openssl req -new -sha256 -key api-registry/registry.key -subj "/C=PL/ST=Slask/L=Gliwice/O=Egommerce.io/CN=api-registry" \
+    -out api-registry/registry.internal.csr
+openssl req -new -sha256 -key api-registry/registry.key -subj "/C=PL/ST=Slask/L=Gliwice/O=Egommerce.io/CN=api-registry" \
+    -out api-registry/registry.local.csr
+
+openssl x509 -req -in api-registry/registry.internal.csr -CA ca/internalCA.crt -CAkey ca/internalCA.key -CAcreateserial \
+    -extensions SAN \
+    -extfile <(cat /etc/ssl/openssl.cnf <(printf '[SAN]\nsubjectAltName=DNS:api-registry,DNS:consul.service.ego.io,DNS:consul.service.dc.ego.io,IP:127.0.0.1')) \
+    -out api-registry/registry.internal.crt -days 365 -sha256
+openssl x509 -req -in api-registry/registry.local.csr -CA ca/internalCA.crt -CAkey ca/internalCA.key -CAcreateserial \
+    -extensions SAN \
+    -extfile <(cat /etc/ssl/openssl.cnf <(printf '[SAN]\nsubjectAltName=DNS:api-registry,DNS:registry.egommerce.local,DNS:host.docker.internal,DNS:localhost,IP:127.0.0.1')) \
+    -out api-registry/registry.local.crt -days 365 -sha256
+
+# # Generate Key for API-GATEWAY
+# openssl genrsa -out api-gateway/gateway.key 2048
+
+# # Generate Cert for API-GATEWAY
+openssl req -new -sha256 -key api-gateway/gateway.key -subj "/C=PL/ST=Slask/L=Gliwice/O=Egommerce.io/CN=api-gateway" \
+    -out api-gateway/gateway.internal.csr
+openssl req -new -sha256 -key api-gateway/gateway.key -subj "/C=PL/ST=Slask/L=Gliwice/O=Egommerce.io/CN=api-gateway" \
+    -out api-gateway/gateway.local.csr
+
+openssl x509 -req -in api-gateway/gateway.internal.csr -CA ca/internalCA.crt -CAkey ca/internalCA.key -CAcreateserial \
+    -extensions SAN \
+    -extfile <(cat /etc/ssl/openssl.cnf <(printf '[SAN]\nsubjectAltName=DNS:api-gateway,DNS:gateway.service.ego.io,DNS:gateway.service.dc.ego.io,IP:127.0.0.1')) \
+    -out api-gateway/gateway.internal.crt -days 365 -sha256
+openssl x509 -req -in api-gateway/gateway.local.csr -CA ca/internalCA.crt -CAkey ca/internalCA.key -CAcreateserial \
+    -extensions SAN \
+    -extfile <(cat /etc/ssl/openssl.cnf <(printf '[SAN]\nsubjectAltName=DNS:api-gateway,DNS:gateway.egommerce.local,DNS:host.docker.internal,DNS:localhost,IP:127.0.0.1')) \
+    -out api-gateway/gateway.local.crt -days 365 -sha256
+
+# Generate Key for API-VAULT
+# openssl genrsa -out api-vault/vault.key 2048
+
+# Generate Cert for API-VAULT
+openssl req -new -sha256 -key api-vault/vault.key -subj "/C=PL/ST=Slask/L=Gliwice/O=Egommerce.io/CN=api-vault" \
+    -out api-vault/vault.internal.csr
+openssl req -new -sha256 -key api-vault/vault.key -subj "/C=PL/ST=Slask/L=Gliwice/O=Egommerce.io/CN=api-vault" \
+    -out api-vault/vault.local.csr
+
+openssl x509 -req -in api-vault/vault.internal.csr -CA ca/internalCA.crt -CAkey ca/internalCA.key -CAcreateserial \
+    -extensions SAN \
+    -extfile <(cat /etc/ssl/openssl.cnf <(printf '[SAN]\nsubjectAltName=DNS:api-vault,DNS:vault.service.ego.io,DNS:localhost,IP:127.0.0.1')) \
+    -out api-vault/vault.internal.crt -days 365 -sha256
+openssl x509 -req -in api-vault/vault.local.csr -CA ca/internalCA.crt -CAkey ca/internalCA.key -CAcreateserial \
+    -extensions SAN \
+    -extfile <(cat /etc/ssl/openssl.cnf <(printf '[SAN]\nsubjectAltName=DNS:api-vault,DNS:vault.egommerce.local,DNS:host.docker.internal,DNS:localhost,IP:127.0.0.1')) \
+    -out api-vault/vault.local.crt -days 365 -sha256
+
+
+# Generate Key for API-EVENTBUS
+# openssl genrsa -out api-eventbus/eventbus.key 2048
+
+# Generate Cert for API-EVENTBUS
+openssl req -new -sha256 -key api-eventbus/eventbus.key -subj "/C=PL/ST=Slask/L=Gliwice/O=Egommerce.io/CN=api-eventbus" \
+    -out api-eventbus/eventbus.internal.csr
+openssl req -new -sha256 -key api-eventbus/eventbus.key -subj "/C=PL/ST=Slask/L=Gliwice/O=Egommerce.io/CN=api-eventbus" \
+    -out api-eventbus/eventbus.local.csr
+
+openssl x509 -req -in api-eventbus/eventbus.internal.csr -CA ca/internalCA.crt -CAkey ca/internalCA.key -CAcreateserial \
+    -extensions SAN \
+    -extfile <(cat /etc/ssl/openssl.cnf <(printf '[SAN]\nsubjectAltName=DNS:api-eventbus,DNS:esb.service.ego.io,DNS:localhost,IP:127.0.0.1')) \
+    -out api-eventbus/eventbus.internal.crt -days 365 -sha256
+openssl x509 -req -in api-eventbus/eventbus.local.csr -CA ca/internalCA.crt -CAkey ca/internalCA.key -CAcreateserial \
+    -extensions SAN \
+    -extfile <(cat /etc/ssl/openssl.cnf <(printf '[SAN]\nsubjectAltName=DNS:api-eventbus,DNS:eventbus.egommerce.local,DNS:host.docker.internal,DNS:localhost,IP:127.0.0.1')) \
+    -out api-eventbus/eventbus.local.crt -days 365 -sha256
+
+
+# API MICROSERVICES
+# Generate Key for domain (service) - BASKET-SVC
+# openssl genrsa -out basket-svc/basket-svc.key 2048
+
+# Generate Cert for domain (service) - BASKET-SVC
+openssl req -new -sha256 -key basket-svc/basket-svc.key -subj "/C=PL/ST=Slask/L=Gliwice/O=Egommerce.io/CN=basket-svc" \
+    -out basket-svc/basket-svc.csr
+
+openssl x509 -req -in basket-svc/basket-svc.csr -CA ca/internalCA.crt -CAkey ca/internalCA.key -CAcreateserial \
+    -extensions SAN \
+    -extfile <(cat /etc/ssl/openssl.cnf <(printf '[SAN]\nsubjectAltName=DNS:basket-svc,DNS:basket.service.ego.io,DNS:host.docker.internal,DNS:localhost,IP:127.0.0.1')) \
+    -out basket-svc/basket-svc.crt -days 365 -sha256
+
+
+# Generate Key for domain (service) - CATALOG-SVC
+# openssl genrsa -out catalog-svc/catalog-svc.key 2048
+
+# Generate Cert for domain (service) - CATALOG-SVC
+openssl req -new -sha256 -key catalog-svc/catalog-svc.key -subj "/C=PL/ST=Slask/L=Gliwice/O=Egommerce.io/CN=catalog-svc" \
+    -out catalog-svc/catalog-svc.csr
+
+openssl x509 -req -in catalog-svc/catalog-svc.csr -CA ca/internalCA.crt -CAkey ca/internalCA.key -CAcreateserial \
+    -extensions SAN \
+    -extfile <(cat /etc/ssl/openssl.cnf <(printf '[SAN]\nsubjectAltName=DNS:catalog-svc,DNS:catalog.service.ego.io,DNS:host.docker.internal,DNS:localhost,IP:127.0.0.1')) \
+    -out catalog-svc/catalog-svc.crt -days 365 -sha256
+
+
+# Generate Key for domain (service) - IDENTITY-SVC
+# openssl genrsa -out identity-svc/identity-svc.key 2048
+
+# Generate Cert for domain (service) - IDENTITY-SVC
+openssl req -new -sha256 -key identity-svc/identity-svc.key -subj "/C=PL/ST=Slask/L=Gliwice/O=Egommerce.io/CN=identity-svc" \
+    -out identity-svc/identity-svc.csr
+
+openssl x509 -req -in identity-svc/identity-svc.csr -CA ca/internalCA.crt -CAkey ca/internalCA.key -CAcreateserial \
+    -extensions SAN \
+    -extfile <(cat /etc/ssl/openssl.cnf <(printf '[SAN]\nsubjectAltName=DNS:identity-svc,DNS:identity.service.ego.io,DNS:host.docker.internal,DNS:localhost,IP:127.0.0.1')) \
+    -out identity-svc/identity-svc.crt -days 365 -sha256
+
+
+# Generate Key for domain (service) - ORDER-SVC
+# openssl genrsa -out order-svc/order-svc.key 2048
+
+# Generate Cert for domain (service) - ORDER-SVC
+openssl req -new -sha256 -key order-svc/order-svc.key -subj "/C=PL/ST=Slask/L=Gliwice/O=Egommerce.io/CN=order-svc" \
+    -out order-svc/order-svc.csr
+
+openssl x509 -req -in order-svc/order-svc.csr -CA ca/internalCA.crt -CAkey ca/internalCA.key -CAcreateserial \
+    -extensions SAN \
+    -extfile <(cat /etc/ssl/openssl.cnf <(printf '[SAN]\nsubjectAltName=DNS:order-svc,DNS:order.service.ego.io,DNS:host.docker.internal,DNS:localhost,IP:127.0.0.1')) \
+    -out order-svc/order-svc.crt -days 365 -sha256
+
+
+# Generate Key for domain (service) - PRICING-SVC
+# openssl genrsa -out pricing-svc/pricing-svc.key 2048
+
+# Generate Cert for domain (service) - PRICING-SVC
+openssl req -new -sha256 -key pricing-svc/pricing-svc.key -subj "/C=PL/ST=Slask/L=Gliwice/O=Egommerce.io/CN=pricing-svc" \
+    -out pricing-svc/pricing-svc.csr
+
+openssl x509 -req -in pricing-svc/pricing-svc.csr -CA ca/internalCA.crt -CAkey ca/internalCA.key -CAcreateserial \
+    -extensions SAN \
+    -extfile <(cat /etc/ssl/openssl.cnf <(printf '[SAN]\nsubjectAltName=DNS:pricing-svc,DNS:pricing.service.ego.io,DNS:host.docker.internal,DNS:localhost,IP:127.0.0.1')) \
+    -out pricing-svc/pricing-svc.crt -days 365 -sha256