About This Project
Fakestore is a fictional e-commerce platform built as a personal laboratory. The goal is to design and build a realistic, production-grade distributed system from scratch — end to end, without shortcuts — while using it as a test bed for AI-assisted development workflows.
The purpose of this project is to demonstrate end-to-end system design and integration, not to deliver a polished feature set. Some services are further along than others, and several features are incomplete — that is intentional. What matters here is that the pieces connect: the services communicate, authentication flows through the stack, events move over Kafka, and the whole thing runs in production over HTTPS.
Services are intentionally written in different languages and frameworks to stay sharp across the stack and evaluate technologies outside my daily work. More details and all source code are available on GitHub:
github.com/fake-store →Services
| Service | Stack | Role |
|---|---|---|
| website | Kotlin / Spring Boot / Thymeleaf | Server-rendered frontend; only externally exposed service |
| users | Kotlin / Spring Boot | Registration, authentication, JWT issuance |
| payments | Kotlin / Spring Boot | Payment method management and order payment processing |
| orders | Java / Spring Boot | Order intake and payment request dispatch via Kafka |
| shipping | C# / .NET 8 | Address management, shipment label generation, tracking |
| notifications | Rust | Consumes shipped events, delivers customer notifications |
| catalog | TypeScript / Node.js / Express | Product catalog — search, browse, and manage products |
What's Done
- Microservices architecture with Kafka async messaging
- JWT authentication with refresh token rotation
- Multi-language services (Kotlin, Java, C#, Rust)
- Self-hosted k3s cluster on Raspberry Pi (arm64)
- GCE VM deployment with HTTPS (nginx + Let's Encrypt TLS)
- CI/CD pipeline: GitHub Actions → ghcr.io → auto-deploy
- Distributed trace ID propagation across all services
- Stateless architecture (HttpOnly cookies, no server-side session)
- Secure cookies: HttpOnly, Secure (HTTPS-only), SameSite=Lax (CSRF protection)
- Shopping cart (cookie-based for guests, server-side for logged-in users)
- Payment method management, order placement, shipping address management
- JavaScript frontend interactions (cart, dynamic UI)
Known Missing / In Progress
- Unit and integration tests
- Circuit breakers / resilience patterns (Resilience4j)
- Login with Google (OAuth2/OIDC)
- Product catalog fully wired end-to-end, real product images
- Order status updates via Kafka (shipping events → orders)
- Notification delivery (Rust service — ARM64 image not yet in GCE deployment)