diff --git a/.gitignore b/.gitignore
index 0d192a31..1c7d7a1e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -67,3 +67,4 @@ npm-debug.log
*.sublime-workspace
sync-backend.ps1
sync-frontend.ps1
+config/kafka_data
\ No newline at end of file
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 00000000..21bcae4a
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,20 @@
+#Dockerfile for TeamCity build "run in docker"
+
+FROM repo.asd.center.cg:8082/alt/alt-tomcat:c10f1-9.0.59-20240917
+
+USER root
+
+COPY config/tomcat /
+
+RUN cat /etc/tomcat/webbpm.properties >> /etc/tomcat/catalina.properties \
+ && chown root:tomcat /var/lib/tomcat/webapps \
+ && chmod g+rw /var/lib/tomcat/webapps
+
+COPY frontend/target/frontend*.war /var/lib/tomcat/webapps/ROOT.war
+COPY backend/target/ul.war /var/lib/tomcat/webapps/ul.war
+
+USER tomcat
+
+EXPOSE 8080
+
+ENTRYPOINT ["/entrypoint.sh"]
diff --git a/config/ervu-lkrp-av.env b/config/ervu-lkrp-av.env
new file mode 100644
index 00000000..32699b7f
--- /dev/null
+++ b/config/ervu-lkrp-av.env
@@ -0,0 +1,43 @@
+AV_KAFKA_BOOTSTRAP_SERVERS=local-kafka:9094
+#AV_KAFKA_SECURITY_PROTOCOL=SASL_PLAINTEXT
+AV_KAFKA_SECURITY_PROTOCOL=PLAINTEXT
+#AV_KAFKA_SASL_MECHANISM=SCRAM-SHA-256
+AV_KAFKA_SASL_MECHANISM=PLAIN
+AV_KAFKA_USERNAME=user2
+AV_KAFKA_PASSWORD=Blfi9d2OFG
+AV_KAFKA_GROUP_ID=local-ervu-lkrp-av1
+AV_KAFKA_TOPIC_NAME=file-to-upload
+AV_KAFKA_STATUS_TOPIC_NAME=ervu.lkrp.av-fileupload-status
+AV_KAFKA_LOGIN_MODULE=org.apache.kafka.common.security.plain.PlainLoginModule
+
+ERVU_KAFKA_BOOTSTRAP_SERVERS=local-kafka:9094
+#ERVU_KAFKA_SECURITY_PROTOCOL=SASL_PLAINTEXT
+ERVU_KAFKA_SECURITY_PROTOCOL=PLAINTEXT
+#ERVU_KAFKA_SASL_MECHANISM=SCRAM-SHA-256
+ERVU_KAFKA_SASL_MECHANISM=PLAIN
+ERVU_KAFKA_USERNAME=user2
+ERVU_KAFKA_PASSWORD=Blfi9d2OFG
+ERVU_KAFKA_GROUP_ID=local-ervu-lkrp-av2
+ERVU_KAFKA_ERROR_TOPIC_NAME=ervu.lkrp.download.request
+ERVU_KAFKA_SUCCESS_TOPIC_NAME=ervu.lkrp.download.request
+ERVU_KAFKA_RESPONSE_TOPIC_NAME=ervu.lkrp.download.response
+ERVU_KAFKA_LOGIN_MODULE=org.apache.kafka.common.security.plain.PlainLoginModule
+
+AV_CHECK_ENABLED=true
+AV_REST_ADDRESS=http://10.10.30.120:8085/scans
+AV_FIRST_TIMEOUT_MILLISECONDS=1000
+AV_RETRY_MAX_ATTEMPTS_COUNT=10
+AV_RETRY_DELAY_MILLISECONDS=1000
+
+FILE_SAVING_PATH=/transfer/
+
+S3_ENDPOINT=http://ervu-minio.k8s.micord.ru:31900
+S3_ACCESS_KEY=rlTdTvkmSXu9FsLhfecw
+S3_SECRET_KEY=NUmY0wwRIEyAd98GCKd1cOgJWvLQYAcMMul5Ulu0
+S3_BUCKET_NAME=default-out-bucket
+S3_PATH_STYLE_ACCESS_ENABLED=true
+
+FILE_WEBDAV_UPLOAD_USERNAME=test
+FILE_WEBDAV_UPLOAD_PASSWORD=test
+WEBDAV_USERNAME=test
+WEBDAV_PASSWORD=test
\ No newline at end of file
diff --git a/config/ervu-organization-registry.env b/config/ervu-organization-registry.env
new file mode 100644
index 00000000..178c2299
--- /dev/null
+++ b/config/ervu-organization-registry.env
@@ -0,0 +1,35 @@
+PG_HOST=10.10.31.119
+PG_PORT=5432
+PG_DATABASE=ervu_organization_registry
+PG_USER=ervu_organization_registry
+PG_PASSWORD=ervu_organization_registry
+
+KAFKA_HOSTS=local-kafka:9094
+#KAFKA_AUTH_SASL_MODULE=org.apache.kafka.common.security.scram.ScramLoginModule
+KAFKA_AUTH_SASL_MODULE=org.apache.kafka.common.security.plain.PlainLoginModule
+#KAFKA_AUTH_SEC_PROTO=SASL_PLAINTEXT
+KAFKA_AUTH_SEC_PROTO=PLAINTEXT
+#KAFKA_AUTH_SASL_MECH=SCRAM-SHA-256
+KAFKA_AUTH_SASL_MECH=PLAIN
+KAFKA_USER=user2
+KAFKA_PASS=Blfi9d2OFG
+KAFKA_CONSUMER_GROUP_ID=ervu-organization-registry
+
+EXTERNAL_KAFKA_HOSTS=local-kafka:9094
+#EXTERNAL_KAFKA_AUTH_SASL_MODULE=org.apache.kafka.common.security.scram.ScramLoginModule
+EXTERNAL_KAFKA_AUTH_SASL_MODULE=org.apache.kafka.common.security.plain.PlainLoginModule
+#EXTERNAL_KAFKA_AUTH_SEC_PROTO=SASL_PLAINTEXT
+EXTERNAL_KAFKA_AUTH_SEC_PROTO=PLAINTEXT
+#EXTERNAL_KAFKA_AUTH_SASL_MECH=SCRAM-SHA-256
+EXTERNAL_KAFKA_AUTH_SASL_MECH=PLAIN
+EXTERNAL_KAFKA_USER=user2
+EXTERNAL_KAFKA_PASS=Blfi9d2OFG
+EXTERNAL_KAFKA_CONSUMER_GROUP_ID=ervu-organization-registry
+
+WEBDAV_UPLOAD_URL=https://ervu-webdav.k8s.micord.ru/excerpt/
+WEBDAV_UPLOAD_USERNAME=test
+WEBDAV_UPLOAD_PASSWORD=test
+
+AWS_ENDPOINT=http://ervu-minio.k8s.micord.ru:31900
+AWS_ACCESS_KEY_ID=rlTdTvkmSXu9FsLhfecw
+AWS_SECRET_ACCESS_KEY=NUmY0wwRIEyAd98GCKd1cOgJWvLQYAcMMul5Ulu0
diff --git a/config/ervu-validate-recruits.env b/config/ervu-validate-recruits.env
new file mode 100644
index 00000000..2bb67beb
--- /dev/null
+++ b/config/ervu-validate-recruits.env
@@ -0,0 +1,25 @@
+KAFKA_HOSTS=local-kafka:9094
+#KAFKA_AUTH_SASL_MODULE=org.apache.kafka.common.security.scram.ScramLoginModule
+KAFKA_AUTH_SASL_MODULE=org.apache.kafka.common.security.plain.PlainLoginModule
+#KAFKA_AUTH_SEC_PROTO=SASL_PLAINTEXT
+KAFKA_AUTH_SEC_PROTO=PLAINTEXT
+#KAFKA_AUTH_SASL_MECH=SCRAM-SHA-256
+KAFKA_AUTH_SASL_MECH=PLAIN
+KAFKA_USER=user2
+KAFKA_PASS=Blfi9d2OFG
+KAFKA_CONSUMER_GROUP_ID=ervu-validate-recruits
+
+EXTERNAL_KAFKA_HOSTS=local-kafka:9094
+#EXTERNAL_KAFKA_AUTH_SASL_MODULE=org.apache.kafka.common.security.scram.ScramLoginModule
+EXTERNAL_KAFKA_AUTH_SASL_MODULE=org.apache.kafka.common.security.plain.PlainLoginModule
+#EXTERNAL_KAFKA_AUTH_SEC_PROTO=SASL_PLAINTEXT
+EXTERNAL_KAFKA_AUTH_SEC_PROTO=PLAINTEXT
+#EXTERNAL_KAFKA_AUTH_SASL_MECH=SCRAM-SHA-256
+EXTERNAL_KAFKA_AUTH_SASL_MECH=PLAIN
+EXTERNAL_KAFKA_USER=user2
+EXTERNAL_KAFKA_PASS=Blfi9d2OFG
+EXTERNAL_KAFKA_CONSUMER_GROUP_ID=ervu-validate-recruits
+
+AWS_ENDPOINT=http://ervu-minio.k8s.micord.ru:31900
+AWS_ACCESS_KEY_ID=rlTdTvkmSXu9FsLhfecw
+AWS_SECRET_ACCESS_KEY=NUmY0wwRIEyAd98GCKd1cOgJWvLQYAcMMul5Ulu0
diff --git a/config/fl.txt b/config/fl.txt
deleted file mode 100644
index 7ce2eff4..00000000
--- a/config/fl.txt
+++ /dev/null
@@ -1,24 +0,0 @@
-#!/bin/bash
-set -e
-
-docker-compose -p %image_tag% build --build-arg env="%reverse.dep.*.build_mode%"
-docker-compose -p %image_tag% up -d
-container_id=$(docker-compose -p %image_tag% ps -q webbpm-app)
-addr=%teamcity.agent.hostname%
-port_web=$(docker-compose -p %image_tag% port webbpm-app 8080 | cut -d: -f2)
-port_mgmt=$(docker-compose -p %image_tag% port webbpm-app 9990| cut -d: -f2)
-port_debug=$(docker-compose -p %image_tag% port webbpm-app 8787| cut -d: -f2)
-
-
-echo "Started container $container_id"
-
-echo "Management URL: http://$addr:$port_mgmt/"
-echo "Webapp URL: http://$addr:$port_web/%APP_PATH%"
-echo "Debug URL: $addr:$port_debug"
-
-echo "##teamcity[setParameter name='container_id' value='$container_id']"
-echo "##teamcity[setParameter name='webapp_url' value='http://$addr:$port_web/%APP_PATH%']"
-
-echo "Waiting until the app is deployed..."
-# Wait until the app is deployed
-timeout 600 bash -c "until curl -s -o /dev/null --fail http://${addr}:${port_web}/%APP_PATH%/ ; do sleep 1; done"
\ No newline at end of file
diff --git a/config/kafdrop.env b/config/kafdrop.env
new file mode 100644
index 00000000..064b61a6
--- /dev/null
+++ b/config/kafdrop.env
@@ -0,0 +1,2 @@
+KAFKA_BROKERCONNECT=local-kafka:9094
+KAFKA_PROPERTIES=c2VjdXJpdHkucHJvdG9jb2w9UExBSU5URVhUDQpzYXNsLm1lY2hhbmlzbT1QTEFJTg0Kc2FzbC5qYWFzLmNvbmZpZz1vcmcuYXBhY2hlLmthZmthLmNvbW1vbi5zZWN1cml0eS5wbGFpbi5QbGFpbkxvZ2luTW9kdWxlIHJlcXVpcmVkIHVzZXJuYW1lPSd1c2VyMicgcGFzc3dvcmQ9J0JsZmk5ZDJPRkcnOw==
\ No newline at end of file
diff --git a/config/kafka.env b/config/kafka.env
new file mode 100644
index 00000000..6716ba13
--- /dev/null
+++ b/config/kafka.env
@@ -0,0 +1,23 @@
+KAFKA_CFG_NODE_ID=0
+KAFKA_CFG_PROCESS_ROLES=controller,broker
+KAFKA_CFG_LISTENERS=CLIENT://:9092,INTERNAL://:9094,CONTROLLER://:9093
+KAFKA_CFG_ADVERTISED_LISTENERS=CLIENT://local-kafka:9092,INTERNAL://local-kafka:9094,CONTROLLER://localhost:9093
+KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP=CLIENT:SASL_PLAINTEXT,INTERNAL:PLAINTEXT,CONTROLLER:SASL_PLAINTEXT,
+KAFKA_CFG_CONTROLLER_QUORUM_VOTERS=0@local-kafka:9093
+KAFKA_KRAFT_BOOTSTRAP_SCRAM_USERS=true
+
+# Controller
+KAFKA_CFG_CONTROLLER_LISTENER_NAMES=CONTROLLER
+#KAFKA_CONTROLLER_USER=controller_user
+#KAFKA_CONTROLLER_PASSWORD=Blfi9d2OFG
+KAFKA_CFG_SASL_MECHANISM_CONTROLLER_PROTOCOL=PLAIN
+
+# Client CLIENT
+KAFKA_CLIENT_USERS=user2
+KAFKA_CLIENT_PASSWORDS=Blfi9d2OFG
+KAFKA_CLIENT_LISTENER_NAME=CLIENT
+KAFKA_CFG_SASL_JAAS_CONFIG=org.apache.kafka.common.security.scram.ScramLoginModule required username="user2" password="Blfi9d2OFG";
+
+# Client internal
+KAFKA_INTER_BROKER_LISTENER_NAME=INTERNAL
+KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL=PLAIN
\ No newline at end of file
diff --git a/config/kafka.properties b/config/kafka.properties
new file mode 100644
index 00000000..538f3973
--- /dev/null
+++ b/config/kafka.properties
@@ -0,0 +1,3 @@
+security.protocol=PLAINTEXT
+sasl.mechanism=PLAIN
+sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule required username='user2' password='Blfi9d2OFG';
\ No newline at end of file
diff --git a/config/local.env b/config/local.env
new file mode 100644
index 00000000..b46bbf52
--- /dev/null
+++ b/config/local.env
@@ -0,0 +1,69 @@
+TZ=Europe/Moscow
+# App datasource
+DB_APP_USERNAME=ervu_lkrp_ul
+DB_APP_PASSWORD=ervu_lkrp_ul
+DB_APP_HOST=10.10.31.119
+DB_APP_PORT=5432
+DB_APP_NAME=ervu_lkrp_ul
+
+AV_KAFKA_MESSAGE_TOPIC_NAME=file-to-upload
+AV_KAFKA_BOOTSTRAP_SERVERS=http://local-kafka:9094
+#AV_KAFKA_SECURITY_PROTOCOL=SASL_PLAINTEXT
+AV_KAFKA_SECURITY_PROTOCOL=PLAINTEXT
+#AV_KAFKA_SASL_MECHANISM=SCRAM-SHA-256
+AV_KAFKA_SASL_MECHANISM=PLAIN
+AV_KAFKA_USERNAME=user2
+AV_KAFKA_PASSWORD=Blfi9d2OFG
+AV_KAFKA_GROUP_ID=local-ervu-lkrp-ul-backend
+AV_KAFKA_DOWNLOAD_RESPONSE=ervu.lkrp.av-fileupload-status
+
+ESIA_SCOPES=fullname, snils, id_doc, birthdate, usr_org, openid
+ESIA_ORG_SCOPES=org_fullname, org_shortname, org_brhs, org_brhs_ctts, org_brhs_addrs, org_type, org_ogrn, org_inn, org_leg, org_kpp, org_ctts, org_addrs, org_grps, org_emps
+ESIA_ORG_SCOPE_URL=http://esia.gosuslugi.ru/
+ESIA_BASE_URI=https://esia-portal1.test.gosuslugi.ru/
+ESIA_ISSUER_URL=http://esia-portal1.test.gosuslugi.ru/
+#ESIA_CLIENT_ID=MNSV89
+ESIA_CLIENT_ID=MNSV93
+ESIA_REDIRECT_URL=http://localhost:8080/
+ESIA_UPLOAD_DATA_ROLE=MNSV89_UPLOAD_DATA
+#ESIA_CLIENT_CERT_HASH=04508B4B0B58776A954A0E15F574B4E58799D74C61EE020B3330716C203E3BDD
+ESIA_CLIENT_CERT_HASH=CF35A98C48E48665EA73530537BAFBB51F911C434ADC89215C2F86DCD04E28C5
+ESIA_TOKEN_CLEAR_CRON=0 0 */1 * * *
+
+SIGN_URL=https://ervu-sign-dev.k8s.micord.ru/sign
+SIGN_VERIFY_URL=https://ervu-sign-dev.k8s.micord.ru/verify
+
+ERVU_KAFKA_BOOTSTRAP_SERVERS=local-kafka:9094
+ERVU_KAFKA_ORG_REPLY_TOPIC=ervu.organization.response
+ERVU_KAFKA_GROUP_ID=local-ervu-lkrp-ul-backend
+ERVU_KAFKA_ORG_REQUEST_TOPIC=ervu.organization.request
+ERVU_KAFKA_REPLY_TIMEOUT=5
+ERVU_KAFKA_JOURNAL_REQUEST_TOPIC=ervu.organization.journal.request
+ERVU_KAFKA_JOURNAL_REPLY_TOPIC=ervu.organization.journal.response
+#ERVU_KAFKA_SECURITY_PROTOCOL=SASL_PLAINTEXT
+ERVU_KAFKA_SECURITY_PROTOCOL=PLAINTEXT
+#ERVU_KAFKA_SASL_MECHANISM=SCRAM-SHA-256
+ERVU_KAFKA_SASL_MECHANISM=PLAIN
+ERVU_KAFKA_USERNAME=user2
+ERVU_KAFKA_PASSWORD=Blfi9d2OFG
+ERVU_KAFKA_EXCERPT_REPLY_TOPIC=ervu.lkrp.excerpt.response
+ERVU_KAFKA_EXCERPT_REQUEST_TOPIC=ervu.lkrp.excerpt.request
+
+ESNSI_OKOPF_URL=https://esnsi.gosuslugi.ru/rest/ext/v1/classifiers/11465/file?extension=JSON&encoding=UTF_8
+ESNSI_OKOPF_CRON_LOAD=0 0 */1 * * *
+ESNSI_OKOPF_RETRY_MAX_ATTEMPTS_LOAD=3
+ESNSI_OKOPF_RETRY_DELAY_LOAD=1000
+
+ERVU_FILE_UPLOAD_MAX_FILE_SIZE=5242880
+ERVU_FILE_UPLOAD_MAX_REQUEST_SIZE=6291456
+ERVU_FILE_UPLOAD_FILE_SIZE_THRESHOLD=0
+
+COOKIE_PATH=/ul
+
+WEBDAV_CLEANUP_CRON=0 0 0 * * *
+WEBDAV_RETRY_DELAY=500
+FILE_WEBDAV_UPLOAD_URL=https://ervu-webdav.k8s.micord.ru
+FILE_WEBDAV_UPLOAD_USERNAME=test
+FILE_WEBDAV_UPLOAD_PASSWORD=test
+FILE_WEBDAV_LIFETIME_SECONDS=300
+FILE_WEBDAV_EXTENSIONS=csv,xlsx
diff --git a/config/tomcat/etc/tomcat/conf.d/db.conf b/config/tomcat/etc/tomcat/conf.d/db.conf
index 8d7facd2..6ce4e96c 100644
--- a/config/tomcat/etc/tomcat/conf.d/db.conf
+++ b/config/tomcat/etc/tomcat/conf.d/db.conf
@@ -1,8 +1,8 @@
JDK_JAVA_OPTIONS="$JDK_JAVA_OPTIONS \
- -Ddb.app.host=${DB_APP_HOST:-db} \
- -Ddb.app.port=${DB_APP_PORT:-5432} \
- -Ddb.app.name=${DB_APP_NAME:-app} \
- -Ddb.app.username=${DB_APP_USERNAME:-app_user} \
- -Ddb.app.password=${DB_APP_PASSWORD:-apppassword} \
+ -Ddb.host=${DB_APP_HOST:-db} \
+ -Ddb.port=${DB_APP_PORT:-5432} \
+ -Ddb.name=${DB_APP_NAME:-app} \
+ -Ddb.username=${DB_APP_USERNAME:-app_user} \
+ -Ddb.password=${DB_APP_PASSWORD:-apppassword} \
"
export JDK_JAVA_OPTIONS
\ No newline at end of file
diff --git a/config/tomcat/etc/tomcat/context.xml b/config/tomcat/etc/tomcat/context.xml
index 9b2a765f..e6c6fc8a 100644
--- a/config/tomcat/etc/tomcat/context.xml
+++ b/config/tomcat/etc/tomcat/context.xml
@@ -31,6 +31,6 @@
+ url="jdbc:postgresql://${db.host}:${db.port}/${db.name}"
+ username="${db.username}" password="${db.password}" maxTotal="20" maxIdle="10" maxWaitMillis="-1"/>
diff --git a/config/tomcat/etc/tomcat/tomcat-users.xml b/config/tomcat/etc/tomcat/tomcat-users.xml
deleted file mode 100644
index 4a9631c8..00000000
--- a/config/tomcat/etc/tomcat/tomcat-users.xml
+++ /dev/null
@@ -1,39 +0,0 @@
-
-
-
-
-
-
diff --git a/config/tomcat/var/lib/tomcat/webapps/manager/META-INF/context.xml b/config/tomcat/var/lib/tomcat/webapps/manager/META-INF/context.xml
deleted file mode 100644
index 82a93f33..00000000
--- a/config/tomcat/var/lib/tomcat/webapps/manager/META-INF/context.xml
+++ /dev/null
@@ -1,26 +0,0 @@
-
-
-
-
-
-
-
diff --git a/docker-compose.yaml b/docker-compose.yaml
new file mode 100644
index 00000000..b76b542e
--- /dev/null
+++ b/docker-compose.yaml
@@ -0,0 +1,74 @@
+services:
+ local-kafka:
+ image: docker.io/bitnami/kafka:3.9.0
+ container_name: kafka
+ ports:
+ - 9092:9092
+ - 9094:9094
+ volumes:
+ - ./config/kafka_data:/bitnami/kafka
+ env_file:
+ - config/kafka.env
+ healthcheck:
+ test: ["CMD", "kafka-topics.sh", "--list", "--bootstrap-server", "localhost:9094"]
+ interval: 30s
+ timeout: 10s
+ retries: 4
+
+ kafdrop:
+ container_name: kafdrop
+ image: obsidiandynamics/kafdrop
+ restart: "no"
+ ports:
+ - 9000:9000
+ env_file:
+ config/kafdrop.env
+ depends_on:
+ local-kafka:
+ condition: service_healthy
+
+ ervu-validate-recruits:
+ image: registry-dev.pgs.rtlabs.ru/ervu/ervu-validate-recruits:0.0.1-sha51becef5
+ container_name: validate-recruits
+ depends_on:
+ local-kafka:
+ condition: service_healthy
+ env_file:
+ - config/ervu-validate-recruits.env
+
+ ervu-organization-registry:
+ image: registry-dev.pgs.rtlabs.ru/ervu/ervu-organization-registry:0.0.1-sha487d2691
+ container_name: organization-registry
+ depends_on:
+ local-kafka:
+ condition: service_healthy
+ env_file:
+ - config/ervu-organization-registry.env
+
+ lkrp-av:
+ image: registry-dev.pgs.rtlabs.ru/ervu/ervu-lkrp-av:0.0.1-sha071cf588
+ container_name: lkrp-av
+ depends_on:
+ local-kafka:
+ condition: service_healthy
+ env_file:
+ - config/ervu-lkrp-av.env
+
+ lkrp-ul:
+ container_name: lkrp-ul
+ depends_on:
+ local-kafka:
+ condition: service_healthy
+ ervu-validate-recruits:
+ condition: service_started
+ ervu-organization-registry:
+ condition: service_started
+ lkrp-av:
+ condition: service_started
+ build:
+ context: .
+ dockerfile: Dockerfile
+ ports:
+ - 8080:8080
+ env_file:
+ - config/local.env