Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/astrxnomo/shop-microservers/llms.txt

Use this file to discover all available pages before exploring further.

All configuration in Shop Microservers is driven by environment variables. At startup, Docker Compose reads a .env file from the project root and injects the relevant variables into each container — no service reads .env directly at runtime. This means a single file controls every aspect of the stack: database credentials, JWT signing, the public gateway port, and the URL the frontend uses to reach the API.

Getting Started

Before running the stack for the first time, copy the example file and fill in your values:
1

Copy the example file

cp .env.example .env
2

Review the defaults

The example ships with safe placeholder values so the stack starts without any changes. Open .env and, at minimum, set a strong JWT_SECRET before exposing the application publicly.
# Database
POSTGRES_USER=shop
POSTGRES_PASSWORD=shop
CATALOG_DB_NAME=catalog
ORDERS_DB_NAME=orders

# JWT
JWT_SECRET=

# Gateway
GATEWAY_PORT=80

# Frontend
NEXT_PUBLIC_API_URL=http://localhost
3

Generate a strong JWT secret

openssl rand -hex 32
Paste the output as the value of JWT_SECRET in your .env file.
Never commit a real JWT_SECRET to version control. If this secret leaks, an attacker can forge tokens for any user. Always generate a fresh value with openssl rand -hex 32 and keep it out of git by ensuring .env is listed in .gitignore.

Variable Reference

Database

These four variables are shared across all three PostgreSQL instances (catalog_db, auth_db, orders_db). Docker Compose interpolates them into each container’s POSTGRES_USER, POSTGRES_PASSWORD, and POSTGRES_DB environment variables, as well as the DATABASE_URL connection strings passed to each microservice.
POSTGRES_USER
string
default:"shop"
Shared PostgreSQL username created in every database instance on first boot. All three Postgres containers and all Prisma connection strings use this same user.
POSTGRES_PASSWORD
string
default:"shop"
Shared PostgreSQL password for POSTGRES_USER. The default value shop is intentionally weak — change this before any public deployment.
CATALOG_DB_NAME
string
default:"catalog"
Name of the database created inside the catalog_db Postgres container. The catalog microservice’s DATABASE_URL is constructed from this value.
ORDERS_DB_NAME
string
default:"orders"
Name of the database created inside the orders_db Postgres container. The orders microservice’s DATABASE_URL is constructed from this value.

Authentication

JWT_SECRET
string
required
Secret key used to sign and verify JSON Web Tokens across all services that need authentication — auth, cart, and orders all read this value. There is no safe built-in default; if left empty the auth service will start but token operations will fail unpredictably. Tokens issued by the auth service carry a 7-day expiry. Rotate this secret to immediately invalidate all active sessions.

Gateway

GATEWAY_PORT
number
default:"80"
The host port mapped to the Nginx gateway container’s internal port 80. Change this if port 80 is already in use on your machine (e.g., GATEWAY_PORT=8080). In production, set this to 443 and add TLS termination in front of Nginx.

Frontend

NEXT_PUBLIC_API_URL
string
default:"http://localhost"
Base URL the Next.js frontend uses to build API request paths. Because it is prefixed with NEXT_PUBLIC_, it is embedded into the browser bundle at build time. When GATEWAY_PORT is not 80, update this to http://localhost:${GATEWAY_PORT}. In production, set this to your real domain (e.g., https://shop.example.com).

Service-Internal Variables

The following variables are set directly inside docker-compose.yml and are not part of .env.example. They are documented here for completeness when developing or debugging individual services outside of Docker.
You do not need to set these manually when using docker compose up. They are injected automatically and are only relevant if you run a service with npm run dev outside of Docker.
VariableService(s)ValuePurpose
PORTauth3004Internal HTTP port the service listens on
PORTcatalog3001Internal HTTP port the service listens on
PORTcart3002Internal HTTP port the service listens on
PORTorders3003Internal HTTP port the service listens on
AUTH_DB_NAMEauth_dbauthName of the database created inside the auth_db Postgres container. Defaults to auth when not set in .env.
DATABASE_URLauthpostgresql://<user>:<pass>@auth_db:5432/${AUTH_DB_NAME:-auth}Full Prisma connection string for the auth database
DATABASE_URLcatalogpostgresql://<user>:<pass>@catalog_db:5432/${CATALOG_DB_NAME:-catalog}Full Prisma connection string for the catalog database
DATABASE_URLorderspostgresql://<user>:<pass>@orders_db:5432/${ORDERS_DB_NAME:-orders}Full Prisma connection string for the orders database
REDIS_URLcartredis://redis:6379Redis connection string for cart storage
CATALOG_URLordershttp://catalog:3001URL the orders service uses to verify and decrement stock via the catalog service
CART_URLordershttp://cart:3002URL the orders service uses to clear the user’s cart after a successful checkout
All inter-service URLs use Docker Compose service names as hostnames, which resolve automatically on the internal shop bridge network.

Production Checklist

Before going live, work through the following checklist to harden your configuration:
  • Set a strong JWT_SECRET — run openssl rand -hex 32 and paste the output into .env. Never reuse a development secret in production.
  • Change POSTGRES_PASSWORD — the default shop password is publicly known and must be replaced with a long random string.
  • Set NEXT_PUBLIC_API_URL to your real domain (e.g., https://shop.example.com) so the frontend points to the correct gateway address.
  • Consider GATEWAY_PORT=443 — pair this with TLS termination (e.g., a Caddy or Traefik sidecar, or a cloud load balancer) in front of Nginx to serve traffic over HTTPS.
  • Restrict database access — the Postgres containers are not exposed on any host port by default, which is correct. Do not add ports: mappings to database services in production.

Build docs developers (and LLMs) love