feat(docker): Add Docker support for all services

- Create Dockerfiles for all four services (auth, identity, authz, audit)
  - Multi-stage builds using golang:1.25-alpine
  - Minimal runtime images using alpine:latest
  - Copy config files to runtime image

- Create docker-compose.dev.yml for development
  - Only PostgreSQL and Consul
  - Use when running services locally with 'go run'

- Update docker-compose.yml for full deployment
  - All services + infrastructure
  - Services build from Dockerfiles
  - Health checks and dependencies configured
  - Environment variables for service configuration

- Add .dockerignore to optimize build context
  - Excludes docs, tests, IDE files, build artifacts

- Update SUMMARY.md
  - Document both docker-compose files
  - Add Docker deployment section
  - Update file structure to include Dockerfiles

.dockerignore

@@ -1,14 +1,64 @@
-# Docker ignore file for MkDocs build
-site/
-.mkdocs_cache/
-__pycache__/
-*.pyc
-*.pyo
-*.pyd
-.Python
-venv/
-env/
-ENV/
-.git/
+# Git files
+.git
 .gitignore
+.gitattributes
 
+# Documentation
+docs/
+*.md
+!README.md
+
+# Development files
+.envrc
+shell.nix
+.direnv/
+
+# Build artifacts
+bin/
+*.exe
+*.exe~
+*.dll
+*.so
+*.dylib
+*.test
+*.out
+auth-service
+identity-service
+authz-service
+audit-service
+platform
+api-gateway
+
+# Test files
+*_test.go
+test/
+*.test
+
+# IDE files
+.vscode/
+.idea/
+*.swp
+*.swo
+*~
+.DS_Store
+
+# Logs
+*.log
+
+# Temporary files
+tmp/
+temp/
+*.tmp
+
+# Docker files (don't copy into Docker)
+docker-compose*.yml
+Dockerfile*
+
+# CI/CD
+.github/
+.gitlab-ci.yml
+.circleci/
+
+# Coverage
+coverage.out
+coverage.html

docker-compose.dev.yml

@@ -0,0 +1,49 @@
+# Development docker-compose: Only infrastructure services (PostgreSQL and Consul)
+# Use this for local development when running services directly with `go run`
+
+services:
+  postgres:
+    image: postgres:16-alpine
+    container_name: goplt-postgres
+    environment:
+      POSTGRES_USER: goplt
+      POSTGRES_PASSWORD: goplt_password
+      POSTGRES_DB: goplt
+    ports:
+      - "5432:5432"
+    volumes:
+      - postgres_data:/var/lib/postgresql/data
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U goplt"]
+      interval: 5s
+      timeout: 5s
+      retries: 5
+    networks:
+      - goplt-network
+
+  consul:
+    image: consul:latest
+    container_name: goplt-consul
+    command: consul agent -dev -client=0.0.0.0
+    ports:
+      - "8500:8500"
+    volumes:
+      - consul_data:/consul/data
+    healthcheck:
+      test: ["CMD-SHELL", "consul members"]
+      interval: 10s
+      timeout: 3s
+      retries: 5
+    networks:
+      - goplt-network
+
+volumes:
+  postgres_data:
+    driver: local
+  consul_data:
+    driver: local
+
+networks:
+  goplt-network:
+    driver: bridge
+

docker-compose.yml

@@ -1,3 +1,6 @@
+# Full docker-compose: All services + infrastructure
+# Use this to run the complete platform with all services in Docker
+
 services:
   postgres:
     image: postgres:16-alpine
@@ -34,6 +37,90 @@ services:
     networks:
       - goplt-network
 
+  auth-service:
+    build:
+      context: .
+      dockerfile: cmd/auth-service/Dockerfile
+    container_name: goplt-auth-service
+    environment:
+      ENVIRONMENT: production
+      DATABASE_DSN: "postgres://goplt:goplt_password@postgres:5432/goplt?sslmode=disable"
+      REGISTRY_TYPE: consul
+      REGISTRY_CONSUL_ADDRESS: "consul:8500"
+    ports:
+      - "8081:8081"
+    depends_on:
+      postgres:
+        condition: service_healthy
+      consul:
+        condition: service_healthy
+    networks:
+      - goplt-network
+    restart: unless-stopped
+
+  identity-service:
+    build:
+      context: .
+      dockerfile: cmd/identity-service/Dockerfile
+    container_name: goplt-identity-service
+    environment:
+      ENVIRONMENT: production
+      DATABASE_DSN: "postgres://goplt:goplt_password@postgres:5432/goplt?sslmode=disable"
+      REGISTRY_TYPE: consul
+      REGISTRY_CONSUL_ADDRESS: "consul:8500"
+    ports:
+      - "8082:8082"
+    depends_on:
+      postgres:
+        condition: service_healthy
+      consul:
+        condition: service_healthy
+    networks:
+      - goplt-network
+    restart: unless-stopped
+
+  authz-service:
+    build:
+      context: .
+      dockerfile: cmd/authz-service/Dockerfile
+    container_name: goplt-authz-service
+    environment:
+      ENVIRONMENT: production
+      DATABASE_DSN: "postgres://goplt:goplt_password@postgres:5432/goplt?sslmode=disable"
+      REGISTRY_TYPE: consul
+      REGISTRY_CONSUL_ADDRESS: "consul:8500"
+    ports:
+      - "8083:8083"
+    depends_on:
+      postgres:
+        condition: service_healthy
+      consul:
+        condition: service_healthy
+    networks:
+      - goplt-network
+    restart: unless-stopped
+
+  audit-service:
+    build:
+      context: .
+      dockerfile: cmd/audit-service/Dockerfile
+    container_name: goplt-audit-service
+    environment:
+      ENVIRONMENT: production
+      DATABASE_DSN: "postgres://goplt:goplt_password@postgres:5432/goplt?sslmode=disable"
+      REGISTRY_TYPE: consul
+      REGISTRY_CONSUL_ADDRESS: "consul:8500"
+    ports:
+      - "8084:8084"
+    depends_on:
+      postgres:
+        condition: service_healthy
+      consul:
+        condition: service_healthy
+    networks:
+      - goplt-network
+    restart: unless-stopped
+
 volumes:
   postgres_data:
     driver: local
@@ -43,4 +130,3 @@ volumes:
 networks:
   goplt-network:
     driver: bridge
-

docs/content/stories/epic2/SUMMARY.md

@@ -176,20 +176,64 @@ go build ./cmd/audit-service
 
 ## Running the Services
 
-### 1. Start PostgreSQL and Consul
+### Option 1: Development Mode (Recommended for Development)
+
+Use `docker-compose.dev.yml` for infrastructure only, run services locally:
+
 ```bash
-# Using docker-compose (recommended)
-docker-compose up -d postgres consul
+# Start only PostgreSQL and Consul
+docker-compose -f docker-compose.dev.yml up -d
 
 # Verify containers are running
-docker-compose ps
+docker-compose -f docker-compose.dev.yml ps
 
 # Check logs
-docker-compose logs postgres
-docker-compose logs consul
+docker-compose -f docker-compose.dev.yml logs postgres
+docker-compose -f docker-compose.dev.yml logs consul
 ```
 
-The docker-compose.yml includes:
+Then start services locally:
+
+```bash
+# Terminal 1: Auth Service
+go run ./cmd/auth-service/main.go
+
+# Terminal 2: Identity Service
+go run ./cmd/identity-service/main.go
+
+# Terminal 3: Authz Service
+go run ./cmd/authz-service/main.go
+
+# Terminal 4: Audit Service
+go run ./cmd/audit-service/main.go
+```
+
+### Option 2: Full Docker Compose (All Services in Docker)
+
+Use `docker-compose.yml` to run everything in Docker:
+
+```bash
+# Build and start all services
+docker-compose up -d --build
+
+# View logs
+docker-compose logs -f
+
+# Stop all services
+docker-compose down
+```
+
+This will start:
+- PostgreSQL (port 5432)
+- Consul (port 8500)
+- Auth Service (port 8081)
+- Identity Service (port 8082)
+- Authz Service (port 8083)
+- Audit Service (port 8084)
+
+### Infrastructure Services
+
+Both docker-compose files include:
 - **PostgreSQL**: Available at `localhost:5432`
   - Database: `goplt`
   - User: `goplt`
@@ -208,24 +252,6 @@ The docker-compose.yml includes:
 consul agent -dev
 ```
 
-### 3. Start Services
-
-Each service can be started independently:
-
-```bash
-# Terminal 1: Auth Service
-go run ./cmd/auth-service/main.go
-
-# Terminal 2: Identity Service
-go run ./cmd/identity-service/main.go
-
-# Terminal 3: Authz Service
-go run ./cmd/authz-service/main.go
-
-# Terminal 4: Audit Service
-go run ./cmd/audit-service/main.go
-```
-
 ### 4. Verify Services
 
 Check service logs for:
@@ -387,16 +413,23 @@ goplt/
 ├── cmd/
 │   ├── auth-service/
 │   │   ├── main.go
-│   │   └── auth_service_fx.go
+│   │   ├── auth_service_fx.go
+│   │   └── Dockerfile
 │   ├── identity-service/
 │   │   ├── main.go
-│   │   └── identity_service_fx.go
+│   │   ├── identity_service_fx.go
+│   │   └── Dockerfile
 │   ├── authz-service/
 │   │   ├── main.go
-│   │   └── authz_service_fx.go
+│   │   ├── authz_service_fx.go
+│   │   └── Dockerfile
 │   └── audit-service/
 │       ├── main.go
-│       └── audit_service_fx.go
+│       ├── audit_service_fx.go
+│       └── Dockerfile
+├── docker-compose.yml
+├── docker-compose.dev.yml
+├── .dockerignore
 ├── services/
 │   └── identity/
 │       └── internal/
@@ -428,6 +461,38 @@ goplt/
     └── default.yaml
 ```
 
+## Docker Deployment
+
+### Building Docker Images
+
+Each service has its own Dockerfile:
+
+```bash
+# Build individual service images
+docker build -f cmd/auth-service/Dockerfile -t goplt-auth-service:latest .
+docker build -f cmd/identity-service/Dockerfile -t goplt-identity-service:latest .
+docker build -f cmd/authz-service/Dockerfile -t goplt-authz-service:latest .
+docker build -f cmd/audit-service/Dockerfile -t goplt-audit-service:latest .
+```
+
+### Docker Compose Files
+
+- **`docker-compose.dev.yml`**: Development setup (PostgreSQL + Consul only)
+  - Use when running services locally with `go run`
+  - Start with: `docker-compose -f docker-compose.dev.yml up -d`
+
+- **`docker-compose.yml`**: Full production-like setup (all services + infrastructure)
+  - All services run in Docker containers
+  - Start with: `docker-compose up -d --build`
+
+### Environment Variables
+
+Services can be configured via environment variables:
+- `ENVIRONMENT`: `development` or `production`
+- `DATABASE_DSN`: PostgreSQL connection string
+- `REGISTRY_TYPE`: Service registry type (default: `consul`)
+- `REGISTRY_CONSUL_ADDRESS`: Consul address (default: `localhost:8500`)
+
 ## Next Steps
 
 1. **Complete RefreshToken Implementation**