Runtime, container, health, JWKS và local compose wiring của Go Identity Service.

Runtime Identity

Container

Item	Giá trị
Repo/folder	`identity-service`
Container	`centeros-identity-service`
Image	`dorrissdang/centeros-identity-service:main`
Host/container port	`8081:8081`
Container listen port	`8081`
App name	`identity-service`

Trong centeros-ops/compose.yaml, image được build từ:

${CENTEROS_DOCKERHUB_ORG:-dorrissdang}/centeros-identity-service:${IDENTITY_IMAGE_TAG:-${CENTEROS_IMAGE_TAG:-main}}

Endpoint	Trạng thái
`GET /healthz`	Đã đóng
`GET /.well-known/jwks.json`	Đã đóng

Code cũng expose readiness/actuator/internal readiness endpoints. Checkpoint hiện tại chỉ đóng GET /healthz và GET /.well-known/jwks.json.

Identity chạy trong profile app và depends on postgres.

Gateway gọi Identity qua Docker network:

http://centeros-identity-service:8081

Gateway JWKS URL:

http://centeros-identity-service:8081/.well-known/jwks.json

Confirmed từ centeros-ops/compose.yaml:

Context	Host/port
Host machine	`localhost:5433`
Container network	`postgres:5432`

Identity container dùng:

Không copy secret hoặc giá trị private từ .env vào docs.

Các env var runtime chính, chỉ ghi tên:

Env var	Dùng cho
`APP_NAME`	app name
`APP_ENV`	environment
`HTTP_HOST`	bind host
`HTTP_PORT`	bind port
`CENTEROS_HTTP_ACCESS_LOG_ENABLED`	access log on/off
`CENTEROS_DB_MIGRATE_ON_START`	migration on startup
`CENTEROS_DB_SEED_ON_START`	seed local data
`CENTEROS_JWT_ISSUER`	JWT issuer
`CENTEROS_JWT_KEY_ID`	JWKS key id
`CENTEROS_JWT_PRIVATE_KEY_BASE64`	signing private key
`CENTEROS_JWT_PUBLIC_KEY_BASE64`	JWKS public key
`CENTEROS_JWT_ACCESS_TOKEN_TTL`	access token TTL
`CENTEROS_JWT_REFRESH_TOKEN_TTL`	refresh token TTL
`CENTEROS_AUTH_REFRESH_COOKIE_NAME`	refresh cookie name
`CENTEROS_AUTH_COOKIE_PATH`	refresh cookie path
`CENTEROS_AUTH_COOKIE_SECURE`	cookie Secure flag
`CENTEROS_AUTH_COOKIE_SAME_SITE`	cookie SameSite