The infra/docker/docker-compose.yaml file defines the shared RabbitMQ infrastructure that every microservice can join. It boots rabbitmq:management, exposes the management UI on 15672, the AMQP port on 5672, persists data in the rabbitmq-data volume, and creates the auction-rabbitmq-network Docker network so that service-level compose files can opt in.
The infra/docker/docker-compose.yaml file now also runs a Traefik-based API gateway that is fully configured through YAML.
Traefik reads two files:
docker/traefik/traefik.yaml– static configuration (entrypoints, dashboard, providers).docker/traefik/gateway.yaml– dynamic HTTP routers, services, and middlewares.
The dynamic file contains a reusable identity-jwt-validate middleware that forwards every request to the Identity service's JWT validation endpoint before other services are called. Any headers returned by Identity (e.g. X-User-Id, X-User-Email, X-User-Name, X-User-Roles) are automatically injected into the downstream request headers so other microservices can consume them.
The HTTP entrypoint named web is bound to host port 9191, so all client traffic should target http://localhost:9191. The Traefik dashboard remains available via http://localhost:18080.
Routers that should be publicly reachable reference both the HTTP entrypoint (web) and the destination service. Services are simple load-balancers pointing to the containers running on the shared auction-traefik-network so any microservice docker-compose file must join this network:
networks:
traefik-shared:
external: true
name: auction-traefik-networkTo require JWT validation on a new service:
- Add the container hosting the service to
auction-traefik-network. - Add a service definition inside
docker/traefik/gateway.yamlthat points to the container's port. - Add a router with a rule (e.g.
PathPrefix(/auction)) that references the service and includesidentity-jwt-validatein themiddlewareslist.
The Identity router intentionally skips this middleware so that token issuance/validation endpoints stay directly accessible. Update the forwardAuth.address to match the actual Identity validation URL.
docker compose -f infra/docker/docker-compose.yaml up -dService compose files should then declare:
networks:
rabbitmq-shared:
external: true
name: auction-rabbitmq-network| Component | Format | Purpose |
|---|---|---|
| Exchange | auction.{domain} |
Topic exchanges per bounded context (e.g., auction.identity). |
| Routing key | {domain}.{event}.{version} |
Example: identity.user.created.v1. |
| Queue | {service}.{event}.{version} |
Describes the consumer (payment.user.created.v1). |
| Dead-letter | {queue}.dlq |
Dedicated DLQ per consumer queue. |
Payloads are JSON documents that include event, version, timestamp, and payload fields. Shared headers such as x-trace-id, x-correlation-id, and x-service improve observability and should be present on every message.