Getting Started

Configuration

Configure LAREX for local and production environments.

Configuration

This page documents current configuration sources and the Nuxt BFF request pattern.

Configuration Sources

Frontend runtime: frontend/nuxt.config.ts and optional frontend/.env (see frontend/.env.example)
Backend runtime: backend/src/main/resources/application.yaml and backend/src/main/resources/application-prod.yaml
Deployment env files: deployment/env/.env*.example

Nuxt BFF Configuration

LAREX uses Nuxt server routes as a Backend-for-Frontend layer.

Browser requests use same-origin /api/* on the frontend service.
Nuxt server routes forward authenticated requests to the backend.
Forwarding target is configured via NUXT_API_BASE_INTERNAL (for example http://app:8080/api/v1).

This keeps backend service URLs internal to the server/container network for normal app usage.

Frontend Environment Variables

Example (frontend/.env.example):

NUXT_PUBLIC_SITE_URL=http://localhost:3000
NUXT_API_BASE_INTERNAL=http://app:8080/api/v1
NUXT_SESSION_PASSWORD=your-32-character-minimum-secret-here

# Optional OAuth overrides
# NUXT_OAUTH_KEYCLOAK_SERVER_URL=http://keycloak.localhost
# NUXT_OAUTH_KEYCLOAK_SERVER_URL_INTERNAL=http://keycloak.localhost
# NUXT_OAUTH_KEYCLOAK_REALM=larex-dev
# NUXT_OAUTH_KEYCLOAK_CLIENT_ID=larex-frontend
# NUXT_OAUTH_KEYCLOAK_CLIENT_SECRET=your-client-secret
# NUXT_OAUTH_KEYCLOAK_REDIRECT_URL=http://larex.localhost/auth/keycloak

Frontend Variable Reference

Variable	Description
`NUXT_API_BASE_INTERNAL`	Internal backend base URL used by Nuxt server routes
`NUXT_SESSION_PASSWORD`	Session encryption secret (required, 32+ chars)
`NUXT_OAUTH_KEYCLOAK_SERVER_URL`	Public Keycloak URL used in browser OAuth flow
`NUXT_OAUTH_KEYCLOAK_SERVER_URL_INTERNAL`	Keycloak URL used by server-side auth flows
`NUXT_OAUTH_KEYCLOAK_REALM`	Keycloak realm
`NUXT_OAUTH_KEYCLOAK_CLIENT_ID`	Frontend OAuth client ID
`NUXT_OAUTH_KEYCLOAK_CLIENT_SECRET`	Frontend OAuth client secret
`NUXT_OAUTH_KEYCLOAK_REDIRECT_URL`	OAuth callback URL

Backend Configuration

Backend API base path is configured in application*.yaml:

spring:
  mvc:
    servlet:
      path: /api/v1

Common production env overrides:

Variable	Description
`POSTGRES_USER` / `POSTGRES_PASSWORD`	Database credentials
`CORS_ALLOWED_ORIGIN`	Allowed frontend origin
`KEYCLOAK_ADMIN_CLIENT_SECRET`	Backend Keycloak service secret
`SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUER_URI`	JWT issuer URI
`SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_JWK_SET_URI`	JWK endpoint override

Deployment Variant Env Files

Production env examples are provided in:

deployment/env/.env.prod.example
deployment/env/.env.prod.external-keycloak.example
deployment/env/.env.prod.local.example
deployment/env/.env.prod.traefik.example

See Environment Variables for the full matrix.

Validation

# Validate compose config with env file
# (replace file names for your variant)
docker compose --env-file .env.prod -f compose.prod.yaml config

Next Steps

Edit this pageorReport an issue

Project Structure

Understand the organization of the LAREX repository.

Local Development Setup

Set up and run LAREX services locally for development.