운영서버 브랜치 -> 개발서버 브랜치와 merge

.github/workflows/dev-deploy.yml

@@ -86,26 +86,26 @@ jobs:
       - name: create remote directory
         uses: appleboy/ssh-action@master
         with:
-          host: ${{ secrets.HOST_PROD }}
+          host: ${{ secrets.HOST_DEV }}
           username: ubuntu
-          key: ${{ secrets.KEY_PROD }}
+          key: ${{ secrets.KEY_DEV }}
           script: mkdir -p ~/srv/ubuntu/gifty-dev
 
       - name: copy source via ssh key
         uses: burnett01/[email protected]
         with:
           switches: -avzr --delete
           remote_path: ~/srv/ubuntu/gifty-dev
-          remote_host: ${{ secrets.HOST_PROD }}
+          remote_host: ${{ secrets.HOST_DEV }}
           remote_user: ubuntu
-          remote_key: ${{ secrets.KEY_PROD }}
+          remote_key: ${{ secrets.KEY_DEV }}
 
       - name: executing remote ssh commands using password
         uses: appleboy/ssh-action@master
         with:
-          host: ${{ secrets.HOST_PROD }}
+          host: ${{ secrets.HOST_DEV }}
           username: ubuntu
-          key: ${{ secrets.KEY_PROD }}
+          key: ${{ secrets.KEY_DEV }}
           script: |
             sh ~/srv/ubuntu/gifty-dev/config/scripts/deploy.sh
             sudo docker stop backend-dev
@@ -116,4 +116,6 @@ jobs:
             sudo docker rm gifty-redis-dev
             sudo docker rmi -f $(sudo docker images -q)
             sudo docker-compose -f ~/srv/ubuntu/gifty-dev/docker-compose.yml pull
-            sudo docker-compose -f ~/srv/ubuntu/gifty-dev/docker-compose.yml up --build -d
+            sudo docker-compose -f ~/srv/ubuntu/gifty-dev/docker-compose.yml up --build -d
+
+

.github/workflows/prod-deploy.yml

@@ -46,6 +46,14 @@ jobs:
         env:
           PROPERTIES_PROD: ${{ secrets.PROPERTIES_PROD }}
 
+      - name: Make firebase.json #firebase 키값 주입
+        run: |
+          mkdir -p ./src/main/resources/firebase
+          touch ./src/main/resources/firebase/zenefit-dbf19-firebase-adminsdk-iaour-b20189de47.json
+          echo "$FIREBASE_JSON" > ./src/main/resources/firebase/zenefit-dbf19-firebase-adminsdk-iaour-b20189de47.json
+        env:
+          FIREBASE_JSON: ${{ secrets.FIREBASE_JSON }}
+
       - name: Build with Gradle
         run: ./gradlew build -x test  #test 코드 빼고 돌리기
 

Dockerfile.prod

@@ -1,5 +1,5 @@
 FROM openjdk:11
-EXPOSE 8080
+EXPOSE 8081
 ARG JAR_FILE=/build/libs/app.jar
 COPY ${JAR_FILE} app.jar
 ENV TZ=Asia/Seoul

config/nginx/prod/nginx.conf

@@ -1,23 +1,46 @@
-server {
-    listen 80;
-    server_name giftyyy.shop www.giftyyy.shop;
-    return 301 https://$host$request_uri;   # http로 들어오면 https로 redirect 해주는 부분
+# 사용자 정의 nginx.conf 파일
+events {
+    worker_connections 1024;
 }
 
-server {
-    listen 443 ssl;
-    server_name giftyyy.shop www.giftyyy.shop;
-    # Certificate
-    ssl_certificate /etc/letsencrypt/live/giftyyy.shop/fullchain.pem;
-    # Private Key
-    ssl_certificate_key /etc/letsencrypt/live/giftyyy.shop/privkey.pem;
-
-    location / {
-        proxy_pass http://backend-dev:8080; # 자신의 springboot app이 사용하는 포트
-
-        proxy_set_header Host $host;
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header X-Forwarded-Proto $scheme;
+http {
+    # MIME 타입 설정
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
+    # 로그 설정
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /var/log/nginx/access.log  main;
+    error_log  /var/log/nginx/error.log warn;
+
+    # SSL 설정을 여기에 추가할 수 있음 (예: ssl_protocols, ssl_ciphers 등)
+
+    # HTTP 요청을 HTTPS로 리다이렉트
+    server {
+        listen 80;
+        server_name zenefit.shop www.zenefit.shop;
+        return 301 https://$host$request_uri;
+    }
+
+    # HTTPS 서버 구성
+    server {
+        listen 443 ssl;
+        server_name zenefit.shop www.zenefit.shop;
+
+        # SSL 인증서 설정
+        ssl_certificate /etc/letsencrypt/live/zenefit.shop/fullchain.pem;
+        ssl_certificate_key /etc/letsencrypt/live/zenefit.shop/privkey.pem;
+
+        # Spring Boot 애플리케이션으로의 프록시
+        location / {
+            proxy_pass http://backend-prod:8081;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+        }
     }
 }

docker-compose-prod.yml

@@ -11,13 +11,14 @@ services:
       - "6379:6379"
 
   backend-prod:
+    container_name: backend-prod
     image: limhwasup/gifty-server-prod
     build:
       dockerfile: Dockerfile.prod
-    container_name: backend-prod
+      context: .
     hostname: backend-prod
     ports:
-      - "8080:8080"
+      - "8081:8081"
     depends_on:
       - redis
     restart: always
@@ -32,8 +33,17 @@ services:
       - backend-prod
     ports:
       - "80:80"
-      - "443:443" # HTTPS를 위한 포트를 추가합니다.
+      - "443:443" # Add port for HTTPS
     volumes:
-      - /etc/letsencrypt:/etc/letsencrypt:ro # SSL 인증서를 공유합니다.
-      - /var/lib/letsencrypt:/var/lib/letsencrypt:ro # SSL 인증서를 공유합니다.
+      - ./config/nginx/prod/nginx.conf:/etc/nginx/nginx.conf
+      - /etc/letsencrypt:/etc/letsencrypt:ro # Share SSL certification
     restart: always
+
+#  fastapi:
+#    container_name: fastapi-dev
+#    build:
+#      dockerfile: Dockerfile
+#      context: ./config/fastapi/dev
+#    ports:
+#      - "8000:8000"
+

src/main/resources/application.yml

@@ -1,9 +1,9 @@
 server:
-  port: 8080
+  port: 8081
 
 spring:
   profiles:
-    active: dev
+    active: prod
   mvc:
     pathmatch:
       matching-strategy: ant_path_matcher