Merge branch 'chore/ignore-and-delete-configurations' into 'development'

chore(CI): ignore and delete configurations See merge request mbugroup/lti-api!55
2026-05-20 13:31:56 +00:00 · 2025-11-06 14:36:55 +07:00
parent 54cb1cf3da 4129c36f9e
commit 28dcae5865
13 changed files with 105 additions and 647 deletions
@@ -1,59 +0,0 @@
-# .env.lti-api (Development Server with Domain)
-# =============================================
-
-# Server configuration
-VERSION=0.0.1
-APP_ENV=dev
-APP_HOST=0.0.0.0
-APP_PORT=8081
-APP_URL=https://dev-api-lti.mbugroup.id
-
-# Database configuration (pakai PostgreSQL milik SSO)
-DB_HOST=dev-postgres-lti
-DB_USER=app_lti_user
-DB_PASSWORD=AppLti@Secure2025!
-DB_NAME=db_lti_erp
-DB_PORT=5432
-
-# JWT configuration
-JWT_SECRET=changeme
-JWT_ACCESS_EXP_MINUTES=30
-JWT_REFRESH_EXP_DAYS=30
-JWT_RESET_PASSWORD_EXP_MINUTES=10
-JWT_VERIFY_EMAIL_EXP_MINUTES=10
-
-# Redis (pakai Redis milik SSO)
-REDIS_URL=redis://sso-redis:6379/0
-
-# CORS configuration
-CORS_ALLOW_ORIGINS=https://dev-api-sso.mbugroup.id,https://dev-lti.mbugroup.id,https://dev-api-lti.mbugroup.id,http://localhost:3000
-CORS_ALLOW_METHODS=GET,POST,PUT,PATCH,DELETE,OPTIONS
-CORS_ALLOW_HEADERS=Authorization,Content-Type,X-Requested-With
-CORS_EXPOSE_HEADERS=Link,Location
-CORS_ALLOW_CREDENTIALS=true
-CORS_MAX_AGE=600
-
-# SSO Integration (Gunakan domain backend SSO)
-SSO_ISSUER=https://dev-api-sso.mbugroup.id
-SSO_JWKS_URL=https://dev-api-sso.mbugroup.id/api/.well-known/jwks.json
-SSO_ALLOWED_AUDIENCES=
-SSO_AUTHORIZE_URL=https://dev-api-sso.mbugroup.id/api/sso/authorize
-SSO_TOKEN_URL=https://dev-api-sso.mbugroup.id/api/sso/token
-SSO_GETME_URL=https://dev-api-sso.mbugroup.id/api/auth/get-me
-
-# Cookie & session configuration
-SSO_ACCESS_COOKIE_NAME=sso_access
-SSO_REFRESH_COOKIE_NAME=sso_refresh
-SSO_COOKIE_DOMAIN=.mbugroup.id
-SSO_COOKIE_SECURE=true
-SSO_COOKIE_SAMESITE=Lax
-SSO_PKCE_TTL_SECONDS=300
-
-# SSO webhook / user sync settings
-SSO_USER_SYNC_SIGNATURE_DRIFT_SECONDS=120
-SSO_USER_SYNC_NONCE_TTL_SECONDS=600
-SSO_USER_SYNC_MAX_BODY_BYTES=32768
-
-# Client registration for SSO
-#SSO_CLIENTS={"Lumbung-Telur-Indonesia":{"public_id":"Lumbung-Telur-Indonesia","redirect_uri":"https://dev-api-lti.mbugroup.id/api/sso/callback","scope":"openid profile","default_return_uri":"https://dev-lti.mbugroup.id","allowed_return_origins":["https://dev-lti.mbugroup.id","http://localhost:3000"],"sync_secret":"onUyfODIMHOh4TgGLgyWLmsNeVNxFRHqoLJFLPjr"}}
-SSO_CLIENTS="{\"Lumbung-Telur-Indonesia\":{\"public_id\":\"Lumbung-Telur-Indonesia\",\"redirect_uri\":\"https://dev-api-lti.mbugroup.id/api/sso/callback\",\"scope\":\"openid profile\",\"default_return_uri\":\"https://dev-lti.mbugroup.id\",\"allowed_return_origins\":[\"https://dev-lti.mbugroup.id\",\"http://localhost:3000\"],\"sync_secret\":\"onUyfODIMHOh4TgGLgyWLmsNeVNxFRHqoLJFLPjr\"}}"
@@ -1,56 +0,0 @@
-# server configuration
-# Env value : prod || dev
-VERSION=0.0.1
-APP_ENV=dev
-APP_HOST=0.0.0.0
-APP_PORT=8081
-APP_URL=http://localhost:8081
-
-# database configuration
-DB_HOST=postgresdb
-DB_USER=postgres
-DB_PASSWORD=changeme
-DB_NAME=db_lti_erp
-DB_PORT=5432
-DB_PORT_HOST=5542
-
-# JWT
-JWT_SECRET=changeme
-JWT_ACCESS_EXP_MINUTES=30
-JWT_REFRESH_EXP_DAYS=30
-JWT_RESET_PASSWORD_EXP_MINUTES=10
-JWT_VERIFY_EMAIL_EXP_MINUTES=10
-
-# CORS
-CORS_ALLOW_ORIGINS=changeme
-CORS_ALLOW_METHODS=GET,POST,PUT,PATCH,DELETE,OPTIONS
-CORS_ALLOW_HEADERS=Authorization,Content-Type,X-Requested-With
-CORS_EXPOSE_HEADERS=Link,Location
-CORS_ALLOW_CREDENTIALS=true
-CORS_MAX_AGE=600
-
-# Redis
-REDIS_URL=redis://redis:6379/0
-REDIS_PORT_HOST=6381
-
-# SSO Integration
-SSO_ISSUER=http://localhost:8080/api
-# SSO_JWKS_URL=http://localhost:8080/api/.well-known/jwks.json
-SSO_JWKS_URL=http://host.docker.internal:8080/api/.well-known/jwks.json
-SSO_ALLOWED_AUDIENCES=client:lti-api
-SSO_AUTHORIZE_URL=http://localhost:8080/sso/authorize
-SSO_TOKEN_URL=http://localhost:8080/sso/token
-SSO_GETME_URL=http://localhost:8080/api/auth/get-me
-SSO_ACCESS_COOKIE_NAME=sso_access
-SSO_REFRESH_COOKIE_NAME=sso_refresh
-SSO_COOKIE_DOMAIN=
-SSO_COOKIE_SECURE=false
-SSO_COOKIE_SAMESITE=Lax
-SSO_TOKEN_BLACKLIST_PREFIX=sso:blacklist
-SSO_PKCE_TTL_SECONDS=300
-# Security window and payload limits for SSO user sync webhook
-SSO_USER_SYNC_SIGNATURE_DRIFT_SECONDS=120
-SSO_USER_SYNC_NONCE_TTL_SECONDS=600
-SSO_USER_SYNC_MAX_BODY_BYTES=32768
-# Example JSON (single-line) of client configs (each client requires a unique sync_secret)
-SSO_CLIENTS={"LTI":{"public_id":"Lumbung-Telur-Indonesia","redirect_uri":"http://localhost:8081/api/sso/callback","scope":"openid profile","default_return_uri":"http://localhost:3000","allowed_return_origins":["http://localhost:3000"],"sync_secret":"onUyfODIMHOh4TgGLgyWLmsNeVNxFRHqoLJFLPjr"}}
@@ -1,58 +0,0 @@
-# .env.lti-api (Development Server with Domain)
-# =============================================
-
-# Server configuration
-VERSION=0.0.1
-APP_ENV=dev
-APP_HOST=0.0.0.0
-APP_PORT=8081
-APP_URL=https://dev-api-lti.mbugroup.id
-
-# Database configuration (pakai PostgreSQL milik SSO)
-DB_HOST=sso-postgres
-DB_USER=postgres
-DB_PASSWORD=postgres
-DB_NAME=db_lti_erp
-DB_PORT=5432
-
-# JWT configuration
-JWT_SECRET=changeme
-JWT_ACCESS_EXP_MINUTES=30
-JWT_REFRESH_EXP_DAYS=30
-JWT_RESET_PASSWORD_EXP_MINUTES=10
-JWT_VERIFY_EMAIL_EXP_MINUTES=10
-
-# Redis (pakai Redis milik SSO)
-REDIS_URL=redis://sso-redis:6379/0
-
-# CORS configuration
-CORS_ALLOW_ORIGINS=https://dev-api-sso.mbugroup.id,https://dev-lti.mbugroup.id,https://dev-api-lti.mbugroup.id,http://localhost:3000
-CORS_ALLOW_METHODS=GET,POST,PUT,PATCH,DELETE,OPTIONS
-CORS_ALLOW_HEADERS=Authorization,Content-Type,X-Requested-With
-CORS_EXPOSE_HEADERS=Link,Location
-CORS_ALLOW_CREDENTIALS=true
-CORS_MAX_AGE=600
-
-# SSO Integration (Gunakan domain backend SSO)
-SSO_ISSUER=https://dev-api-sso.mbugroup.id
-SSO_JWKS_URL=https://dev-api-sso.mbugroup.id/api/.well-known/jwks.json
-SSO_ALLOWED_AUDIENCES=
-SSO_AUTHORIZE_URL=https://dev-api-sso.mbugroup.id/api/sso/authorize
-SSO_TOKEN_URL=https://dev-api-sso.mbugroup.id/api/sso/token
-SSO_GETME_URL=https://dev-api-sso.mbugroup.id/api/auth/get-me
-
-# Cookie & session configuration
-SSO_ACCESS_COOKIE_NAME=sso_access
-SSO_REFRESH_COOKIE_NAME=sso_refresh
-SSO_COOKIE_DOMAIN=.mbugroup.id
-SSO_COOKIE_SECURE=true
-SSO_COOKIE_SAMESITE=Lax
-SSO_PKCE_TTL_SECONDS=300
-
-# SSO webhook / user sync settings
-SSO_USER_SYNC_SIGNATURE_DRIFT_SECONDS=120
-SSO_USER_SYNC_NONCE_TTL_SECONDS=600
-SSO_USER_SYNC_MAX_BODY_BYTES=32768
-
-# Client registration for SSO
-SSO_CLIENTS={"Lumbung-Telur-Indonesia":{"public_id":"Lumbung-Telur-Indonesia","redirect_uri":"https://dev-api-lti.mbugroup.id/api/sso/callback","scope":"openid profile","default_return_uri":"https://dev-lti.mbugroup.id","allowed_return_origins":["https://dev-lti.mbugroup.id","http://localhost:3000"],"sync_secret":"onUyfODIMHOh4TgGLgyWLmsNeVNxFRHqoLJFLPjr"}}
@@ -1,20 +0,0 @@
-FROM golang:1.23-alpine
-
-# Install dependensi dasar
-RUN apk add --no-cache git curl bash build-base
-
-# Install Air (pakai repo baru air-verse)
-RUN go install github.com/air-verse/air@v1.52.3
-
-WORKDIR /lti-api
-
-# Cache dependencies
-COPY go.mod go.sum ./
-RUN go mod download
-
-# Copy source code
-COPY . .
-
-EXPOSE 8081
-
-CMD ["air", "-c", ".air.toml"]
@@ -1,139 +0,0 @@
-# ============================================================
-# 🧠 MAKEFILE — DEV ENVIRONMENT (SSO-MBUGROUP)
-# ============================================================
-
-# --- Load environment ---
-ifneq (,$(wildcard .env.dev))
-include .env.dev
-export
-endif
-
-# --- Configuration ---
-COMPOSE        ?= docker compose -f docker-compose.dev.yaml
-NETWORK        ?= lti-api_lti-network
-APP_CONTAINER  ?= dev-api-sso
-DB_CONTAINER   ?= dev-postgres-sso
-REDIS_CONTAINER?= dev-redis-sso
-MIGRATE_IMAGE  ?= migrate/migrate:v4.15.2
-MIGRATIONS_DIR := $(PWD)/internal/database/migrations
-
-DB_USER        ?= postgres
-DB_PASSWORD    ?= Postgres@Secure2025!
-DB_NAME        ?= db_lti_erp
-DB_PORT        ?= 5432
-DB_HOST        ?= dev-postgres-lti
-
-DB_URL := postgres://$(DB_USER):$(DB_PASSWORD)@$(DB_HOST):$(DB_PORT)/$(DB_NAME)?sslmode=disable
-
-# ============================================================
-# 🧱 DATABASE MIGRATION COMMANDS
-# ============================================================
-
-migrate-up:
-	@echo "🧱 Running database migrations..."
-	@docker run --rm \
-		--network $(NETWORK) \
-		-v $(MIGRATIONS_DIR):/migrations \
-		$(MIGRATE_IMAGE) \
-		-path=/migrations/ -database "$(DB_URL)" up
-
-migrate-down:
-	@echo "⬇️ Rolling back last migration..."
-	@docker run --rm \
-		--network $(NETWORK) \
-		-v $(MIGRATIONS_DIR):/migrations \
-		$(MIGRATE_IMAGE) \
-		-path=/migrations/ -database "$(DB_URL)" down 1
-
-migrate-fresh:
-	@echo "🧱 Rebuilding database from scratch..."
-	@echo "🔹 Terminating active connections..."
-	@docker exec -i $(DB_CONTAINER) psql -U $(DB_USER) -d postgres -c \
-	"SELECT pg_terminate_backend(pid) FROM pg_stat_activity WHERE datname='$(DB_NAME)' AND pid <> pg_backend_pid();" || true
-	@echo "🔹 Dropping and recreating database..."
-	@docker exec -i $(DB_CONTAINER) psql -U $(DB_USER) -d postgres -c "DROP DATABASE IF EXISTS $(DB_NAME);" || true
-	@docker exec -i $(DB_CONTAINER) psql -U $(DB_USER) -d postgres -c "CREATE DATABASE $(DB_NAME);" || true
-	@sleep 3
-	@make -f Makefile.dev migrate-up
-	@make -f Makefile.dev seed
-	@echo "✅ Fresh migration complete!"
-
-# ==========================================
-# 🧹 FIX DIRTY MIGRATION / FORCE VERSION
-# ==========================================
-
-# Pakai: make migrate-force v=20250825071938
-migrate-force:
-	@if [ -z "$(v)" ]; then \
-		echo "❌ Error: versi migrasi belum ditentukan!"; \
-		echo "Gunakan contoh: make migrate-force v=20250825071938"; \
-		exit 1; \
-	fi; \
-	echo "⚙️ Forcing migration version $(v)..."; \
-	docker run --rm \
-		-v $(PWD)/internal/database/migrations:/migrations \
-		--network $(NETWORK) \
-		$(MIGRATE_IMAGE) \
-		-path=/migrations/ -database "$(DB_URL)" force $(v); \
-	echo "✅ Migration forced to version $(v)"
-
-
-migrate-super:
-	@echo "🚀 Running migration as superuser..."
-	@docker cp internal/database/migrations/superuser_migrations.sql $(DB_CONTAINER):/tmp/superuser_migrations.sql
-	@docker exec -it $(DB_CONTAINER) psql -U $(DB_USER) -d $(DB_NAME) -f /tmp/superuser_migrations.sql
-	@echo "✅ Superuser migrations complete!"
-	
-# ============================================================
-# 🌱 SEEDER
-# ============================================================
-
-seed:
-	@echo "🌱 Running Go-based seeder..."
-	@docker run --rm \
-		--network $(NETWORK) \
-		--env-file .env.dev \
-		-v $(PWD):/app \
-		-w /app \
-		golang:1.23-alpine \
-		sh -c "apk add --no-cache git && go run cmd/seed/main.go"
-	@echo "✅ Seeder completed successfully!"
-
-# ============================================================
-# 🐳 DOCKER MANAGEMENT
-# ============================================================
-
-up:
-	@echo "🚀 Starting all containers..."
-	@$(COMPOSE) up -d
-
-down:
-	@echo "🧹 Stopping all containers..."
-	@$(COMPOSE) down --remove-orphans
-
-restart:
-	@echo "♻️ Restarting application container..."
-	@docker restart $(APP_CONTAINER)
-
-ps:
-	@$(COMPOSE) ps
-
-logs:
-	@docker logs -f $(APP_CONTAINER)
-
-psql:
-	@docker exec -it $(DB_CONTAINER) psql -U $(DB_USER) -d $(DB_NAME)
-
-# ============================================================
-# ⚙️ UTILITIES
-# ============================================================
-
-fix-db:
-	@echo "🔧 Checking if database exists..."
-	@docker exec -i $(DB_CONTAINER) psql -U $(DB_USER) -tc "SELECT 1 FROM pg_database WHERE datname='$(DB_NAME)';" | grep -q 1 \
-		&& echo "✅ Database exists: $(DB_NAME)" \
-		|| (echo "⚠️  Creating database..." && docker exec -i $(DB_CONTAINER) psql -U $(DB_USER) -c "CREATE DATABASE $(DB_NAME);")
-
-clean:
-	@echo "🧹 Removing dangling images and cache..."
-	@docker builder prune -f
@@ -1,120 +0,0 @@
-# --- Load .env kalau ada, dan export ke shell child ---
-ifneq (,$(wildcard .env))
-include .env
-export
-endif
-
-# --- Konfigurasi umum ---
-COMPOSE          ?= docker compose -f docker-compose.local.yml
-NETWORK          ?= lti-api_go-network
-MIGRATE_IMAGE    ?= migrate/migrate
-MIGRATIONS_DIR   := $(PWD)/internal/database/migrations
-
-# Fallback agar tetap jalan meski .env kosong
-DB_HOST          ?= postgresdb
-DB_PORT          ?= 5432
-DB_USER          ?= postgres
-DB_PASSWORD      ?= postgres
-DB_NAME          ?= db_lti_erp
-
-DB_URL           := postgres://$(DB_USER):$(DB_PASSWORD)@$(DB_HOST):$(DB_PORT)/$(DB_NAME)?sslmode=disable
-
-# Tunggu DB ready memakai pg_isready dari image postgres
-WAIT_DB          := docker run --rm --network $(NETWORK) postgres:alpine \
-	sh -c 'until pg_isready -h $(DB_HOST) -p $(DB_PORT) -U $(DB_USER) -d $(DB_NAME); do echo "waiting for postgres..."; sleep 1; done'
-
-# Default target
-.DEFAULT_GOAL := start
-
-# --- Daftar phony targets ---
-.PHONY: start build test lint gen \
-        db-up wait-db \
-        migration-% migrate-up migrate-down migrate-fresh \
-        seed \
-        docker-local docker-down docker-nuke docker-cache psql
-
-# --- Go workflow ---
-start:
-	@go run cmd/api/main.go
-
-build:
-	@go build -o tmp/app ./cmd/api
-
-test:
-	@go test ./test/...
-
-lint:
-	@golangci-lint run
-
-# --- Compose / DB helpers ---
-db-up:
-	@$(COMPOSE) up -d postgresdb
-
-wait-db:
-	@$(WAIT_DB)
-
-# --- Migration (pembuatan file) ---
-# Contoh: make migration-create_users_table
-# ":" akan diubah ke "_" (biar aman untuk nama file)
-migration-%:
-	@migrate create -ext sql -dir $(MIGRATIONS_DIR) $(subst :,_,$*)
-
-# --- Migration (apply via docker image 'migrate') ---
-migrate-up: db-up wait-db
-	@docker run --rm -v $(MIGRATIONS_DIR):/migrations --network $(NETWORK) \
-		$(MIGRATE_IMAGE) -path=/migrations/ -database "$(DB_URL)" up
-
-# Contoh:
-#   make migrate-down step=2   → rollback 2 step
-#   make migrate-down          → rollback semua
-
-migrate-down: db-up wait-db
-	@if [ -n "$(step)" ]; then \
-		echo "⬇️  Migrating down $(step) step(s)..."; \
-		docker run --rm -v $(MIGRATIONS_DIR):/migrations --network $(NETWORK) \
-			$(MIGRATE_IMAGE) -path=/migrations/ -database "$(DB_URL)" down $(step); \
-	else \
-		echo "⬇️  Migrating down ALL steps..."; \
-		docker run --rm -v $(MIGRATIONS_DIR):/migrations --network $(NETWORK) \
-			$(MIGRATE_IMAGE) -path=/migrations/ -database "$(DB_URL)" down -all; \
-	fi
-
-migrate-fresh: migrate-down migrate-up
-	@true
-
-# Pakai: make migrate-force v=20250917120000
-migrate-force:
-	@docker run --rm -v $(MIGRATIONS_DIR):/migrations --network $(NETWORK) \
-		$(MIGRATE_IMAGE) -path=/migrations/ -database "$(DB_URL)" force $(v)
-
-
-# --- Seeder ---
-seed: db-up wait-db
-	@$(COMPOSE) run --rm app go run cmd/seed/main.go
-
-# --- Docker orchestration convenience ---
-docker-local:
-	@$(COMPOSE) up --build -d
-
-docker-down:
-	@$(COMPOSE) down --remove-orphans
-
-# ⚠️ Akan menghapus container, images dan volumes.
-docker-nuke:
-	@$(COMPOSE) down --rmi all --volumes --remove-orphans
-
-docker-cache:
-	@docker builder prune -f
-
-# --- PSQL shell ke DB di container ---
-psql: db-up
-	@$(COMPOSE) exec -it postgresdb psql -U $(DB_USER) -d $(DB_NAME)
-
-# Single feature
-# example: make gen feat=product-category
-
-# Sub feature
-# make gen feat=master/area
-gen:
-	@go run tools/gen.go $(feat)
-# 	@goimports -w internal
@@ -0,0 +1,3 @@
+POSTGRES_USER=postgres
+POSTGRES_PASSWORD=Postgres@Secure2025!
+POSTGRES_DB=db_lti_erp
@@ -0,0 +1,47 @@
+-- ============================================================
+-- 🧩 INIT SCRIPT: CREATE LIMITED APP USER FOR LTI API
+-- ============================================================
+
+-- Buat user aplikasi jika belum ada
+DO
+$$
+BEGIN
+    IF NOT EXISTS (SELECT FROM pg_catalog.pg_roles WHERE rolname = 'app_lti_user') THEN
+        CREATE ROLE app_lti_user WITH LOGIN PASSWORD 'AppLti@Secure2025!' NOINHERIT NOCREATEROLE NOCREATEDB NOSUPERUSER;
+        RAISE NOTICE '✅ Role app_lti_user created successfully.';
+    ELSE
+        RAISE NOTICE 'ℹ️ Role app_lti_user already exists.';
+    END IF;
+END
+$$;
+
+-- Buat database jika belum ada
+DO
+$$
+BEGIN
+    IF NOT EXISTS (SELECT FROM pg_database WHERE datname = 'db_lti_erp') THEN
+        CREATE DATABASE db_lti_erp OWNER app_lti_user;
+        RAISE NOTICE '✅ Database db_lti_erp created and owned by app_lti_user.';
+    ELSE
+        RAISE NOTICE 'ℹ️ Database db_lti_erp already exists.';
+    END IF;
+END
+$$;
+
+\connect db_lti_erp
+
+-- Beri hak CRUD untuk app_lti_user
+GRANT CONNECT ON DATABASE db_lti_erp TO app_lti_user;
+GRANT USAGE ON SCHEMA public TO app_lti_user;
+GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public TO app_lti_user;
+GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA public TO app_lti_user;
+
+-- Set default privileges agar tabel baru juga bisa diakses
+ALTER DEFAULT PRIVILEGES IN SCHEMA public
+GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES TO app_lti_user;
+
+ALTER DEFAULT PRIVILEGES IN SCHEMA public
+GRANT USAGE, SELECT ON SEQUENCES TO app_lti_user;
+
+-- Tampilkan hasil
+\du app_lti_user
@@ -1,98 +0,0 @@
-services:
-  dev-api-lti:
-    build:
-      context: .
-      dockerfile: Dockerfile.dev
-    container_name: dev-api-lti
-    working_dir: /lti-api
-    command: ["/bin/sh", "credential/entrypoint.sh"]
-    ports:
-      - "8081:8081"
-    env_file:
-      - .env.dev
-    environment:
-      # override agar koneksi ke container internal
-      DB_HOST: dev-postgres-lti
-      DB_PORT: 5432
-      REDIS_URL: redis://dev-redis-lti:6379/0
-    volumes:
-      - .:/lti-api
-      - ./.air.toml:/lti-api/.air.toml:ro
-      - ./internal/config/jwtRS256.key:/run/keys/jwtRS256.key
-      - ./internal/config/jwtRS256.key.pub:/run/keys/jwtRS256.key.pub
-    depends_on:
-      - dev-postgres-lti
-      - dev-redis-lti
-    networks:
-      - lti-network
-    healthcheck:
-      test: ["CMD-SHELL", "wget -qO- http://localhost:8081/healthz || exit 1"]
-      interval: 10s
-      timeout: 3s
-      retries: 10
-      start_period: 10s
-    deploy:
-      resources:
-        limits:
-          cpus: "2.0"
-          memory: 2G
-        reservations:
-          cpus: "1.0"
-          memory: 512M
-
-  dev-postgres-lti:
-    image: postgres:15-alpine
-    container_name: dev-postgres-lti
-    restart: always
-    env_file:
-      - credential/.env.db
-    ports:
-      - "5433:5432"
-    volumes:
-      - dev-postgres-lti-data:/var/lib/postgresql/data
-      - ./credential:/docker-entrypoint-initdb.d:ro
-    networks:
-      - lti-network
-    healthcheck:
-      test: ["CMD-SHELL", "pg_isready -U ${DB_USER:-postgres} -d ${DB_NAME:-db_lti_erp}"]
-      interval: 10s
-      timeout: 5s
-      retries: 5
-      start_period: 5s
-    deploy:
-      resources:
-        limits:
-          cpus: "1.0"
-          memory: 2G
-        reservations:
-          cpus: "0.5"
-          memory: 512M
-
-  dev-redis-lti:
-    image: redis:7-alpine
-    container_name: dev-redis-lti
-    restart: always
-    ports:
-      - "6380:6379"
-    networks:
-      - lti-network
-    healthcheck:
-      test: ["CMD", "redis-cli", "ping"]
-      interval: 10s
-      timeout: 3s
-      retries: 10
-    deploy:
-      resources:
-        limits:
-          cpus: "0.5"
-          memory: 512M
-        reservations:
-          cpus: "0.2"
-          memory: 256M
-
-networks:
-  lti-network:
-    driver: bridge
-
-volumes:
-  dev-postgres-lti-data:
@@ -1,75 +0,0 @@
-services:
-  postgresdb:
-    image: postgres:alpine
-    restart: always
-    ports:
-      - "${DB_PORT_HOST:-5542}:5432"
-    environment:
-      POSTGRES_USER: ${DB_USER:-postgres}
-      POSTGRES_PASSWORD: ${DB_PASSWORD:-postgres}
-      POSTGRES_DB: ${DB_NAME:-db_lti_erp}
-    volumes:
-      - dbdata:/var/lib/postgresql/data
-      - ./internal/database/init:/docker-entrypoint-initdb.d
-    networks: [go-network]
-    healthcheck:
-      test:
-        [
-          "CMD-SHELL",
-          "pg_isready -U ${DB_USER:-postgres} -d ${DB_NAME:-db_lti_erp}",
-        ]
-      interval: 10s
-      timeout: 5s
-      retries: 5
-  redis:
-    image: redis:7-alpine
-    restart: unless-stopped
-    ports:
-      - "${REDIS_PORT_HOST:-6381}:6379"
-    healthcheck:
-      test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
-      interval: 5s
-      timeout: 3s
-      retries: 10
-    networks: [go-network]
-
-  app:
-    build:
-      context: .
-      dockerfile: Dockerfile.local
-    image: cosmtrek/air:v1.52.3
-    working_dir: /lti-api
-    volumes:
-      - .:/lti-api
-    command: air -c .air.toml
-    env_file:
-      - .env
-    environment:
-      DB_HOST: postgresdb
-      DB_PORT: 5432
-      DB_USER: ${DB_USER:-postgres}
-      DB_PASSWORD: ${DB_PASSWORD:-postgres}
-      DB_NAME: ${DB_NAME:-db_lti_erp}
-      REDIS_URL: ${REDIS_URL:-redis://redis:6379/0}
-    ports:
-      - "${APP_PORT:-8081}:8081"
-    depends_on:
-      postgresdb:
-        condition: service_healthy
-    networks: [go-network]
-    healthcheck:
-      test: ["CMD-SHELL", "wget -qO- http://localhost:8081/healthz || exit 1"]
-      interval: 10s
-      timeout: 3s
-      retries: 10
-      start_period: 10s
-
-volumes:
-  dbdata:
-  go-mod-cache:
-  go-build-cache:
-
-networks:
-  go-network:
-    name: lti-api_go-network
-    driver: bridge
@@ -1,30 +1,28 @@
-version: "3.9"
-
 services:
-  dev-lti-api:
-    container_name: dev-lti-api
+  dev-api-lti:
    build:
      context: .
-      dockerfile: Dockerfile.local
-    image: dev-lti-api:latest
+      dockerfile: Dockerfile.dev
+    container_name: dev-api-lti
    working_dir: /lti-api
-    command: air -c .air.toml
+    command: ["/bin/sh", "credential/entrypoint.sh"]
    ports:
      - "8081:8081"
    env_file:
-      - .env.lti-api
+      - .env.dev
    environment:
      # override agar koneksi ke container internal
-      DB_HOST: dev-lti-postgres
+      DB_HOST: dev-postgres-lti
      DB_PORT: 5432
-      REDIS_URL: redis://dev-lti-redis:6379/0
+      REDIS_URL: redis://dev-redis-lti:6379/0
    volumes:
      - .:/lti-api
+      - ./.air.toml:/lti-api/.air.toml:ro
      - ./internal/config/jwtRS256.key:/run/keys/jwtRS256.key
      - ./internal/config/jwtRS256.key.pub:/run/keys/jwtRS256.key.pub
    depends_on:
-      - dev-lti-postgres
-      - dev-lti-redis
+      - dev-postgres-lti
+      - dev-redis-lti
    networks:
      - lti-network
    healthcheck:
@@ -33,19 +31,26 @@ services:
      timeout: 3s
      retries: 10
      start_period: 10s
+    deploy:
+      resources:
+        limits:
+          cpus: "2.0"
+          memory: 2G
+        reservations:
+          cpus: "1.0"
+          memory: 512M

-  dev-lti-postgres:
+  dev-postgres-lti:
    image: postgres:15-alpine
-    container_name: dev-lti-postgres
+    container_name: dev-postgres-lti
    restart: always
-    environment:
-      POSTGRES_USER: ${DB_USER:-postgres}
-      POSTGRES_PASSWORD: ${DB_PASSWORD:-postgres}
-      POSTGRES_DB: ${DB_NAME:-db_lti_erp}
+    env_file:
+      - credential/.env.db
    ports:
      - "5433:5432"
    volumes:
-      - dev-lti-postgres-data:/var/lib/postgresql/data
+      - dev-postgres-lti-data:/var/lib/postgresql/data
+      - ./credential:/docker-entrypoint-initdb.d:ro
    networks:
      - lti-network
    healthcheck:
@@ -54,10 +59,18 @@ services:
      timeout: 5s
      retries: 5
      start_period: 5s
+    deploy:
+      resources:
+        limits:
+          cpus: "1.0"
+          memory: 2G
+        reservations:
+          cpus: "0.5"
+          memory: 512M

-  dev-lti-redis:
+  dev-redis-lti:
    image: redis:7-alpine
-    container_name: dev-lti-redis
+    container_name: dev-redis-lti
    restart: always
    ports:
      - "6380:6379"
@@ -68,10 +81,18 @@ services:
      interval: 10s
      timeout: 3s
      retries: 10
+    deploy:
+      resources:
+        limits:
+          cpus: "0.5"
+          memory: 512M
+        reservations:
+          cpus: "0.2"
+          memory: 256M

 networks:
  lti-network:
    driver: bridge

 volumes:
-  dev-lti-postgres-data:
+  dev-postgres-lti-data:
@@ -0,0 +1,12 @@
+#!/bin/sh
+set -e
+
+echo "🔍 Waiting for PostgreSQL at $DB_HOST:$DB_PORT..."
+until nc -z "$DB_HOST" "$DB_PORT"; do
+  echo "⏳ PostgreSQL is not ready yet..."
+  sleep 2
+done
+echo "✅ PostgreSQL is ready!"
+
+echo "🏁 Starting LTI API (with Air hot reload)..."
+exec air -c .air.toml