rwadurian/backend/api-gateway/docker-compose.yml

# =============================================================================
# Kong API Gateway - Docker Compose
# =============================================================================
# Usage:
#   ./deploy.sh up         # 启动 Kong 网关
#   ./deploy.sh down       # 停止 Kong 网关
#   ./deploy.sh logs       # 查看日志
#   ./deploy.sh status     # 查看状态
# =============================================================================

services:
  # ===========================================================================
  # Kong Database
  # ===========================================================================
  kong-db:
    image: docker.io/library/postgres:16-alpine
    container_name: rwa-kong-db
    environment:
      POSTGRES_USER: kong
      POSTGRES_PASSWORD: ${KONG_PG_PASSWORD:-kong_password}
      POSTGRES_DB: kong
    volumes:
      - kong_db_data:/var/lib/postgresql/data
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U kong"]
      interval: 5s
      timeout: 5s
      retries: 10
    restart: unless-stopped
    networks:
      - rwa-network

  # ===========================================================================
  # Kong Migrations (只运行一次)
  # ===========================================================================
  kong-migrations:
    image: docker.io/kong/kong-gateway:3.5
    container_name: rwa-kong-migrations
    command: kong migrations bootstrap
    environment:
      KONG_DATABASE: postgres
      KONG_PG_HOST: kong-db
      KONG_PG_USER: kong
      KONG_PG_PASSWORD: ${KONG_PG_PASSWORD:-kong_password}
      KONG_PG_DATABASE: kong
    depends_on:
      kong-db:
        condition: service_healthy
    restart: on-failure
    networks:
      - rwa-network

  # ===========================================================================
  # Kong API Gateway
  # ===========================================================================
  kong:
    image: docker.io/kong/kong-gateway:3.5
    container_name: rwa-kong
    environment:
      KONG_DATABASE: postgres
      KONG_PG_HOST: kong-db
      KONG_PG_USER: kong
      KONG_PG_PASSWORD: ${KONG_PG_PASSWORD:-kong_password}
      KONG_PG_DATABASE: kong
      KONG_PROXY_ACCESS_LOG: /dev/stdout
      KONG_ADMIN_ACCESS_LOG: /dev/stdout
      KONG_PROXY_ERROR_LOG: /dev/stderr
      KONG_ADMIN_ERROR_LOG: /dev/stderr
      KONG_ADMIN_LISTEN: 0.0.0.0:8001
      KONG_ADMIN_GUI_URL: http://localhost:8002
    ports:
      - "8000:8000"   # Proxy HTTP
      - "8443:8443"   # Proxy HTTPS
      - "8001:8001"   # Admin API
      - "8002:8002"   # Admin GUI
    depends_on:
      kong-db:
        condition: service_healthy
      kong-migrations:
        condition: service_completed_successfully
    healthcheck:
      test: ["CMD", "kong", "health"]
      interval: 30s
      timeout: 10s
      retries: 5
      start_period: 30s
    restart: unless-stopped
    networks:
      - rwa-network

  # ===========================================================================
  # Kong Config Loader - 导入声明式配置到数据库
  # ===========================================================================
  kong-config:
    image: docker.io/kong/deck:latest
    container_name: rwa-kong-config
    command: >
      gateway sync /etc/kong/kong.yml
      --kong-addr http://kong:8001      
    environment:
      # 禁用代理，避免继承宿主机的代理设置
      http_proxy: ""
      https_proxy: ""
      HTTP_PROXY: ""
      HTTPS_PROXY: ""
      no_proxy: "*"
      NO_PROXY: "*"
    volumes:
      - ./kong.yml:/etc/kong/kong.yml:ro
    depends_on:
      kong:
        condition: service_healthy
    restart: on-failure
    networks:
      - rwa-network

# ===========================================================================
# Volumes
# ===========================================================================
volumes:
  kong_db_data:
    driver: local

# ===========================================================================
# Networks - 独立网络（分布式部署，Kong 通过外部 IP 访问后端服务）
# ===========================================================================
networks:
  rwa-network:
    driver: bridge