team-moabam · Shin-Jae-Yoon · Nov 14, 2023 · Nov 14, 2023 · Nov 14, 2023 · Nov 14, 2023
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -23,7 +23,7 @@ jobs:
 
       - name: environment 세팅
         run: |
-          echo "${{secrets.DEV_ENV_FILE }}" > ./.env
+          echo src/main/resources/config/dev.env > ./.env
 
       - name: Gradle 캐싱
         uses: actions/cache@v3
@@ -38,10 +38,6 @@ jobs:
       - name: Gradle Grant 권한 부여
         run: chmod +x gradlew
 
-      - name: 테스트용 MySQL 도커 컨테이너 실행
-        run: |
-          sudo docker run -d -p 3306:3306 --env MYSQL_DATABASE=test --env MYSQL_ROOT_PASSWORD=test mysql:8.0.33
-
       - name: SonarCloud 캐싱
         uses: actions/cache@v3
         with:

diff --git a/.github/workflows/develop-cd.yml b/.github/workflows/develop-cd.yml
@@ -40,11 +40,12 @@ jobs:
           username: ubuntu
           key: ${{ secrets.EC2_INSTANCE_PRIVATE_KEY }}
           script: |
-            mkdir -p /home/ubuntu/moabam/nginx
+            mkdir -p /home/ubuntu/moabam/nginx/conf.d
+            mkdir -p /home/ubuntu/moabam/nginx/templates
 
       - name: Docker env 파일 생성
         run:
-          echo "${{secrets.DEV_ENV_FILE }}" > ./.env
+          echo src/main/resources/config/dev.env > ./.env
 
       - name: 서버로 전송 기본 파일들 전송
         uses: appleboy/scp-action@master
@@ -53,17 +54,7 @@ jobs:
           port: 22
           username: ${{ secrets.EC2_INSTANCE_USERNAME }}
           key: ${{ secrets.EC2_INSTANCE_PRIVATE_KEY }}
-          source: "./.env, ./docker-compose-dev.yml, init-letsencrypt.sh, ./scripts/*"
-          target: "/home/ubuntu/moabam"
-
-      - name: 서버로 전송 "nginx conf 파일들"
-        uses: appleboy/scp-action@master
-        with:
-          host: ${{ secrets.EC2_INSTANCE_HOST }}
-          port: 22
-          username: ${{ secrets.EC2_INSTANCE_USERNAME }}
-          key: ${{ secrets.EC2_INSTANCE_PRIVATE_KEY }}
-          source: "./nginx/*"
+          source: "./.env, ./docker-compose-dev.yml, ./scripts/* ./nginx/*"
           target: "/home/ubuntu/moabam"
 
       - name: 파일 세팅
@@ -113,10 +104,6 @@ jobs:
       - name: Gradle Grant 권한 부여
         run: chmod +x gradlew
 
-      - name: 테스트용 MySQL 도커 컨테이너 실행
-        run: |
-          sudo docker run -d -p 3306:3306 --env MYSQL_DATABASE=test --env MYSQL_ROOT_PASSWORD=test mysql:8.0.33
-
       - name: Gradle 빌드
         uses: gradle/gradle-build-action@bd5760595778326ba7f1441bcf7e88b49de61a25 # v2.6.0
         with:
@@ -171,7 +158,6 @@ jobs:
           script: |
             cd /home/ubuntu/moabam
             echo ${{ secrets.DOCKER_HUB_TOKEN }} | docker login -u ${{ secrets.DOCKER_HUB_USERNAME }} --password-stdin
-            sudo docker pull ${{ secrets.DOCKER_HUB_USERNAME }}/${{ secrets.DOCKER_HUB_REPOSITORY }}:${{ secrets.DOCKER_HUB_DEV_TAG }}
             ./scripts/deploy-dev.sh
             docker rm `docker ps -a -q`
             docker rmi $(docker images -aq)

diff --git a/docker-compose-dev.yml b/docker-compose-dev.yml
@@ -1,73 +1,74 @@
 version: '3.7'
 
 services:
-    nginx:
-        image: nginx:latest
-        container_name: nginx
-        platform: linux/arm64/v8
-        restart: always
-        ports:
-            - "80:80"
-            - "443:443"
-        volumes:
-            - /home/ubuntu/moabam/nginx/certbot/conf:/etc/letsencrypt
-            - /home/ubuntu/moabam/nginx/certbot/www:/var/www/certbot
-            - /home/ubuntu/moabam/nginx/nginx.conf:/etc/nginx/nginx.conf
-        command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"
-    certbot:
-        image: certbot/certbot:latest
-        container_name: certbot
-        platform: linux/arm64
-        restart: unless-stopped
-        volumes:
-            - /home/ubuntu/moabam/nginx/certbot/conf:/etc/letsencrypt
-            - /home/ubuntu/moabam/nginx/certbot/www:/var/www/certbot
-        entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
-    moabam-blue:
-        image: ${DOCKER_HUB_USERNAME}/${DOCKER_HUB_REPOSITORY}:${DOCKER_HUB_TAG}
-        container_name: ${BLUE_CONTAINER}
-        restart: always
-        expose:
-            - ${SERVER_PORT}
-        depends_on:
-            - redis
-            - mysql
-        environment:
-            SPRING_ACTIVE_PROFILES: ${SPRING_ACTIVE_PROFILES}
-    moabam-green:
-        image: ${DOCKER_HUB_USERNAME}/${DOCKER_HUB_REPOSITORY}:${DOCKER_HUB_TAG}
-        container_name: ${GREEN_CONTAINER}
-        expose:
-            - ${SERVER_PORT}
-        depends_on:
-            - redis
-            - mysql
-        environment:
-            SPRING_ACTIVE_PROFILES: ${SPRING_ACTIVE_PROFILES}
-    redis:
-        image: redis:alpine
-        container_name: redis
-        platform: linux/arm64
-        restart: always
-        command: redis-server
-        ports:
-            - "6379:6379"
-        volumes:
-            - /home/ubuntu/moabam/data/redis:/data
-    mysql:
-        image: mysql:8.0.33
-        container_name: mysql
-        platform: linux/arm64/v8
-        restart: always
-        ports:
-            - "3306:3306"
-        environment:
-            MYSQL_DATABASE: ${DEV_MYSQL_DATABASE}
-            MYSQL_USERNAME: ${DEV_MYSQL_USERNAME}
-            MYSQL_ROOT_PASSWORD: ${DEV_MYSQL_PASSWORD}
-            TZ: Asia/Seoul
-        command:
-            - --character-set-server=utf8mb4
-            - --collation-server=utf8mb4_unicode_ci
-        volumes:
-            - /home/ubuntu/moabam/data/mysql:/var/lib/mysql
+  nginx:
+    image: nginx:latest
+    container_name: nginx
+    platform: linux/arm64/v8
+    restart: always
+    ports:
+      - "80:80"
+      - "443:443"
+    volumes:
+      - /home/ubuntu/moabam/nginx/nginx.conf:/etc/nginx/nginx.conf
+      - /home/ubuntu/moabam/nginx/conf.d:/etc/nginx/conf.d
+      - /home/ubuntu/moabam/nginx/certbot/conf:/etc/letsencrypt
+      - /home/ubuntu/moabam/nginx/certbot/www:/var/www/certbot
+  certbot:
+    image: certbot/certbot:latest
+    container_name: certbot
+    platform: linux/arm64
+    restart: unless-stopped
+    volumes:
+      - /home/ubuntu/moabam/nginx/certbot/conf:/etc/letsencrypt
+      - /home/ubuntu/moabam/nginx/certbot/www:/var/www/certbot
+    entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
+  moabam-blue:
+    image: ${DOCKER_HUB_USERNAME}/${DOCKER_HUB_REPOSITORY}:${DOCKER_HUB_TAG}
+    container_name: ${BLUE_CONTAINER}
+    restart: unless-stopped
+    expose:
+      - ${SERVER_PORT}
+    depends_on:
+      - redis
+      - mysql
+    environment:
+      SPRING_ACTIVE_PROFILES: ${SPRING_ACTIVE_PROFILES}
+  moabam-green:
+    image: ${DOCKER_HUB_USERNAME}/${DOCKER_HUB_REPOSITORY}:${DOCKER_HUB_TAG}
+    container_name: ${GREEN_CONTAINER}
+    restart: unless-stopped
+    expose:
+      - ${SERVER_PORT}
+    depends_on:
+      - redis
+      - mysql
+    environment:
+      SPRING_ACTIVE_PROFILES: ${SPRING_ACTIVE_PROFILES}
+  redis:
+    image: redis:alpine
+    container_name: redis
+    platform: linux/arm64
+    restart: always
+    command: redis-server
+    ports:
+      - "6379:6379"
+    volumes:
+      - /home/ubuntu/moabam/data/redis:/data
+  mysql:
+    image: mysql:8.0.33
+    container_name: mysql
+    platform: linux/arm64/v8
+    restart: always
+    ports:
+      - "3306:3306"
+    environment:
+      MYSQL_DATABASE: ${DEV_MYSQL_DATABASE}
+      MYSQL_USERNAME: ${DEV_MYSQL_USERNAME}
+      MYSQL_ROOT_PASSWORD: ${DEV_MYSQL_PASSWORD}
+      TZ: Asia/Seoul
+    command:
+      - --character-set-server=utf8mb4
+      - --collation-server=utf8mb4_unicode_ci
+    volumes:
+      - /home/ubuntu/moabam/data/mysql:/var/lib/mysql
diff --git a/nginx/conf.d/header.conf b/nginx/conf.d/header.conf
@@ -0,0 +1,9 @@
+proxy_pass_header Server;
+proxy_http_version  1.1;
+proxy_set_header    Host                $http_host;
+proxy_set_header    Connection		    $connection_upgrade;
+proxy_set_header    Upgrade		        $http_upgrade;
+
+proxy_set_header    X-Real-IP           $remote_addr;
+proxy_set_header    X-Forwarded-For	    $proxy_add_x_forwarded_for;
+proxy_set_header    X-Forwarded-Proto	$scheme;
diff --git a/nginx/mime.types b/nginx/mime.types
@@ -0,0 +1,96 @@
+types {
+    text/html                                        html htm shtml;
+    text/css                                         css;
+    text/xml                                         xml;
+    image/gif                                        gif;
+    image/jpeg                                       jpeg jpg;
+    application/javascript                           js;
+    application/atom+xml                             atom;
+    application/rss+xml                              rss;
+
+    text/mathml                                      mml;
+    text/plain                                       txt;
+    text/vnd.sun.j2me.app-descriptor                 jad;
+    text/vnd.wap.wml                                 wml;
+    text/x-component                                 htc;
+
+    image/png                                        png;
+    image/svg+xml                                    svg svgz;
+    image/tiff                                       tif tiff;
+    image/vnd.wap.wbmp                               wbmp;
+    image/webp                                       webp;
+    image/x-icon                                     ico;
+    image/x-jng                                      jng;
+    image/x-ms-bmp                                   bmp;
+
+    font/woff                                        woff;
+    font/woff2                                       woff2;
+
+    application/java-archive                         jar war ear;
+    application/json                                 json;
+    application/mac-binhex40                         hqx;
+    application/msword                               doc;
+    application/pdf                                  pdf;
+    application/postscript                           ps eps ai;
+    application/rtf                                  rtf;
+    application/vnd.apple.mpegurl                    m3u8;
+    application/vnd.google-earth.kml+xml             kml;
+    application/vnd.google-earth.kmz                 kmz;
+    application/vnd.ms-excel                         xls;
+    application/vnd.ms-fontobject                    eot;
+    application/vnd.ms-powerpoint                    ppt;
+    application/vnd.oasis.opendocument.graphics      odg;
+    application/vnd.oasis.opendocument.presentation  odp;
+    application/vnd.oasis.opendocument.spreadsheet   ods;
+    application/vnd.oasis.opendocument.text          odt;
+    application/vnd.openxmlformats-officedocument.presentationml.presentation
+                                                     pptx;
+    application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
+                                                     xlsx;
+    application/vnd.openxmlformats-officedocument.wordprocessingml.document
+                                                     docx;
+    application/vnd.wap.wmlc                         wmlc;
+    application/x-7z-compressed                      7z;
+    application/x-cocoa                              cco;
+    application/x-java-archive-diff                  jardiff;
+    application/x-java-jnlp-file                     jnlp;
+    application/x-makeself                           run;
+    application/x-perl                               pl pm;
+    application/x-pilot                              prc pdb;
+    application/x-rar-compressed                     rar;
+    application/x-redhat-package-manager             rpm;
+    application/x-sea                                sea;
+    application/x-shockwave-flash                    swf;
+    application/x-stuffit                            sit;
+    application/x-tcl                                tcl tk;
+    application/x-x509-ca-cert                       der pem crt;
+    application/x-xpinstall                          xpi;
+    application/xhtml+xml                            xhtml;
+    application/xspf+xml                             xspf;
+    application/zip                                  zip;
+
+    application/octet-stream                         bin exe dll;
+    application/octet-stream                         deb;
+    application/octet-stream                         dmg;
+    application/octet-stream                         iso img;
+    application/octet-stream                         msi msp msm;
+
+    audio/midi                                       mid midi kar;
+    audio/mpeg                                       mp3;
+    audio/ogg                                        ogg;
+    audio/x-m4a                                      m4a;
+    audio/x-realaudio                                ra;
+
+    video/3gpp                                       3gpp 3gp;
+    video/mp2t                                       ts;
+    video/mp4                                        mp4;
+    video/mpeg                                       mpeg mpg;
+    video/quicktime                                  mov;
+    video/webm                                       webm;
+    video/x-flv                                      flv;
+    video/x-m4v                                      m4v;
+    video/x-mng                                      mng;
+    video/x-ms-asf                                   asx asf;
+    video/x-ms-wmv                                   wmv;
+    video/x-msvideo                                  avi;
+}
diff --git a/nginx/nginx.conf b/nginx/nginx.conf
@@ -0,0 +1,27 @@
+worker_processes auto;
+
+events {
+    use epoll;
+    worker_connections 1024;
+}
+
+http {
+    include mime.types;
+    default_type  application/octet-stream;
+    sendfile on;
+
+    send_timeout       15s;
+    resolver_timeout    5s;
+
+    server_tokens off;
+
+    include ./conf.d/header.conf
+
+    log_format  main  '$remote_addr $remote_user "$request" '
+                       '$status $body_bytes_sent "$http_referer" "$request_time" '
+                       '"$http_user_agent" ';
+
+    include ./conf.d/upstream.conf
+    include ./conf.d/http-server.conf
+    include ./conf.d/ssl-server.conf;
+}