diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index ddd740b..8edfd04 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -1,9 +1,10 @@ -name: Deploy to Prod via Bastion +name: Deploy to EC2 on main merge on: pull_request: types: [closed] - branches: [main] + branches: + - main jobs: deploy: @@ -11,46 +12,29 @@ jobs: runs-on: ubuntu-latest steps: - - name: Checkout + - name: Checkout code uses: actions/checkout@v3 - name: Build JAR run: ./gradlew clean build -x test - - name: Setup SSH known_hosts - run: | - mkdir -p ~/.ssh - ssh-keyscan -H ${{ secrets.BASTION_IP }} >> ~/.ssh/known_hosts || true - ssh-keyscan -H ${{ secrets.PROD_IP }} >> ~/.ssh/known_hosts || true - chmod 644 ~/.ssh/known_hosts - - - name: Setup SSH Agent (Bastion + Prod Key 등록) - uses: webfactory/ssh-agent@v0.7.0 + - name: Upload JAR to EC2 + uses: appleboy/scp-action@v0.1.5 with: - ssh-private-key: | - ${{ secrets.BASTION_SSH_PRIVATE_KEY }} - ${{ secrets.PROD_SSH_PRIVATE_KEY }} - - - name: Test SSH to Bastion - run: ssh -o StrictHostKeyChecking=no ${{ secrets.SSH_USER }}@${{ secrets.BASTION_IP }} hostname - - - name: Test SSH to Prod via Bastion - run: | - ssh -o "ProxyCommand=ssh -W %h:%p -o StrictHostKeyChecking=no ${{ secrets.SSH_USER }}@${{ secrets.BASTION_IP }}" \ - -o StrictHostKeyChecking=no \ - ${{ secrets.SSH_USER }}@${{ secrets.PROD_IP }} hostname - - - name: Transfer JAR to Prod via Bastion - run: | - scp -o "ProxyCommand=ssh -W %h:%p -o StrictHostKeyChecking=no ${{ secrets.SSH_USER }}@${{ secrets.BASTION_IP }}" \ - build/libs/busan-0.0.1-SNAPSHOT.jar \ - ${{ secrets.SSH_USER }}@${{ secrets.PROD_IP }}:/home/ubuntu/app/jar/app.jar - - - name: Trigger Deployment - run: | - ssh -o "ProxyCommand=ssh -W %h:%p -o StrictHostKeyChecking=no ${{ secrets.SSH_USER }}@${{ secrets.BASTION_IP }}" \ - -o StrictHostKeyChecking=no \ - ${{ secrets.SSH_USER }}@${{ secrets.PROD_IP }} << 'EOF' - cd /home/ubuntu/app - ./switch.sh - EOF + host: ${{ secrets.EC2_HOST }} + username: ubuntu + key: ${{ secrets.EC2_SSH_KEY }} + source: build/libs/*.jar + target: /home/ubuntu/app/app.jar + + - name: SSH and deploy Docker container + uses: appleboy/ssh-action@v0.1.7 + with: + host: ${{ secrets.EC2_HOST }} + username: ubuntu + key: ${{ secrets.EC2_SSH_KEY }} + script: | + docker pull your-docker-image:latest || true + docker stop myapp || true + docker rm myapp || true + docker run -d --name myapp --env-file /home/ubuntu/app/.env -p 8080:8080 openjdk:17-jdk java -jar /home/ubuntu/app/app.jar diff --git a/docker-compose.8081.yml b/docker-compose.8081.yml deleted file mode 100644 index 9ca2118..0000000 --- a/docker-compose.8081.yml +++ /dev/null @@ -1,15 +0,0 @@ -version: '3.8' -services: - app: - build: - context: . - dockerfile: Dockerfile - container_name: app_8081 - ports: - - "8081:8080" - volumes: - - ./jar:/app - env_file: - - .env - environment: - - SPRING_PROFILES_ACTIVE=prod \ No newline at end of file diff --git a/docker-compose.8082.yml b/docker-compose.8082.yml deleted file mode 100644 index b268d6e..0000000 --- a/docker-compose.8082.yml +++ /dev/null @@ -1,15 +0,0 @@ -version: '3.8' -services: - app: - build: - context: . - dockerfile: Dockerfile - container_name: app_8082 - ports: - - "8082:8080" - volumes: - - ./jar:/app - env_file: - - .env - environment: - - SPRING_PROFILES_ACTIVE=prod \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..dd5f187 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,25 @@ +version: "3.8" + +services: + app: + container_name: spring-app + build: + context: . + dockerfile: Dockerfile + ports: + - "8080:8080" + env_file: + - .env + restart: always + + nginx: + image: nginx:alpine + container_name: nginx-proxy + ports: + - "80:80" + - "443:443" + volumes: + - ./nginx/nginx.conf:/etc/nginx/nginx.conf + depends_on: + - app + restart: always diff --git a/nginx/app.conf b/nginx/app.conf index 58842ed..4ac2900 100644 --- a/nginx/app.conf +++ b/nginx/app.conf @@ -1,12 +1,27 @@ -upstream backend { - server 127.0.0.1:8081; # switch.sh에서 8082로 전환됨 -} - -server { - listen 80; - location / { - proxy_pass http://backend; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; +events {} + +http { + include mime.types; + default_type application/octet-stream; + sendfile on; + + server { + listen 80; + server_name _; + + location / { + proxy_pass http://spring-app:8080; + proxy_http_version 1.1; + + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + + # optional: for WebSocket or SSE + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + } + } } \ No newline at end of file diff --git a/switch.sh b/switch.sh deleted file mode 100644 index 2292d66..0000000 --- a/switch.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash - -APP_DIR="/home/ubuntu/app" -NGINX_CONF="$APP_DIR/nginx/app.conf" - -CURRENT_PORT=$(grep -oP 'server 127.0.0.1:\K\d+' "$NGINX_CONF") -NEXT_PORT=8082 -[ "$CURRENT_PORT" == "8082" ] && NEXT_PORT=8081 - -echo "🔁 현재 포트: $CURRENT_PORT → 새 포트: $NEXT_PORT" - -docker-compose -f "$APP_DIR/docker-compose.${NEXT_PORT}.yml" up -d --build - -# 헬스 체크 -until curl -s "http://localhost:${NEXT_PORT}/actuator/health" | grep '"status":"UP"' > /dev/null; do - echo "⏳ 헬스체크 대기중..." - sleep 2 -done - -# nginx 설정 변경 및 reload -sed -i "s/127.0.0.1:${CURRENT_PORT}/127.0.0.1:${NEXT_PORT}/" "$NGINX_CONF" -sudo systemctl reload nginx - -docker-compose -f "$APP_DIR/docker-compose.${CURRENT_PORT}.yml" down - -echo "✅ 배포 완료 (새 포트: $NEXT_PORT)" \ No newline at end of file