Production-ready NestJS backend template with CQRS, three API layers, and enterprise infrastructure.
- CQRS — Command/Query separation with
@nestjs/cqrs - GraphQL — Yoga Federation v2, code-first, GraphiQL
- REST API — Swagger/OpenAPI documentation
- MCP — Model Context Protocol for AI agent integration
- OAuth — PKCE authorization code flow (for MCP clients)
- Auth — JWT + Passport + CASL ability-based permissions
- Prisma — PostgreSQL with type-safe ORM
- Caching — In-memory with TTL (upgradeable to BentoCache L1+L2)
- Logging — Pino with trace ID propagation (CLS)
- Metrics — Prometheus with custom counters/histograms
- Health — Terminus health checks
- Docker — Multi-stage build, non-root user
- CI/CD — GitHub Actions (lint, tsc, test, SonarQube, Docker build)
- ESLint — Strict config with sonarjs plugin
- TypeScript — Strict mode with
noUncheckedIndexedAccess
See docs/after-fork.md — step-by-step guide: rename project, replace example domain, set up Docker Hub, SonarCloud, and other integrations. Delete the file when done.
# 1. Install dependencies
npm install
# 2. Start PostgreSQL + Redis
docker compose -f docker/docker-compose.yml up -d
# 3. Configure environment
cp .env.example .env
# 4. Generate Prisma client
npm run prisma:generate
# 5. Create database schema
npm run prisma:migrate:dev
# 6. Seed roles, permissions, admin user
npm run seed
# 7. Start development server
npm run start:devAfter startup:
- GraphQL: http://localhost:8080/graphql (GraphiQL)
- REST API: http://localhost:8080/api (Swagger UI)
- Health: http://localhost:8080/health
Login: admin@example.com / admin123 (or set NO_AUTH=true in .env for dev mode)
See docs/getting-started.md for detailed setup and first requests.
| Doc | Description |
|---|---|
| Getting Started | Prerequisites, setup, first request |
| Architecture | Layers, data flow, module organization |
| CQRS | Commands, queries, events, API service facade |
| GraphQL | Yoga Federation setup, resolvers, models, inputs |
| REST API | Swagger, controllers, DTOs, validation |
| MCP | MCP tools, Zod schemas, auth flow |
| OAuth | PKCE flow, token types, security |
| Auth & Permissions | JWT, CASL, guards, roles |
| JWT Lifecycle | Token rotation, cookies, refresh, revocation |
| Prisma | Schema, migrations, seed, transactions |
| Caching | In-memory cache, BentoCache upgrade path |
| Logging & Tracing | Pino, trace IDs, structured logs |
| Metrics | Prometheus, custom metrics |
| Health Checks | Terminus, K8s probes |
| Testing | Jest, SWC, mocking, coverage |
| Docker | Dev compose, production build |
| CI/CD | GitHub Actions workflows |
| SonarQube | SonarCloud setup, quality gates |
| Environment Variables | Complete env var reference (root file) |
| Adding a New Domain | Step-by-step guide |
| Dictionary Service | Revisium integration, migrations, standalone |
| Adding MCP Tools | Tool creation guide |
| Deployment | K8s manifests, production checklist |
| Code Review | Architecture, SOLID, testing, authorization checklist |
| URL | Description |
|---|---|
/graphql |
GraphiQL |
/api |
Swagger UI (REST API) |
/mcp |
MCP endpoint (POST) |
/health |
Health check |
/metrics |
Prometheus metrics |
| Category | Technology |
|---|---|
| Framework | NestJS 11 |
| Language | TypeScript 5.9 (strict) |
| GraphQL | Yoga Federation v2 + @nestjs/graphql |
| Database | PostgreSQL 17 + Prisma 7 |
| Auth | JWT + Passport + CASL |
| Cache | In-memory (BentoCache-ready) |
| Logging | Pino + nestjs-cls |
| Metrics | Prometheus (prom-client) |
| Testing | Jest + @swc/jest |
| Linting | ESLint + sonarjs + Prettier |
| CI | GitHub Actions |
| Container | Docker (multi-stage) |
MIT