[chore] 배포를 위한 설정 파일 추가

.github/workflows/deploy-to-ec2.yml

@@ -0,0 +1,80 @@
+name: Build and Deploy
+
+on:
+  push:
+    branches: ["release"]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+
+      - name: 현재 실행 환경에 JDK 17 설치하기
+        uses: actions/setup-java@v3
+        with:
+          java-version: '17'
+          distribution: 'temurin'
+          server-id: github
+          settings-path: ${{ github.workspace }}
+
+      - name: 현재 실행 환경에 Repository 불러오기
+        uses: actions/checkout@v3
+        with:
+          token: ${{ secrets.GIT_TOKEN }}
+          submodules: true
+
+      - name: App을 Gradle로 빌드하기
+        run: |
+          git submodule update --init --recursive
+          chmod +x gradlew
+          ./gradlew clean build
+
+      - name: Docker Buildx 설치하기
+        uses: docker/setup-buildx-action@v3
+
+      - name: GitHub Container Registry에 로그인 하기
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GIT_TOKEN }}
+
+      - name: Docker image로 build 후 GHCR에 push하기
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: ./Dockerfile
+          push: true
+          tags: ghcr.io/flytraphub/venus-planner-be:release
+
+      - name: AWS 자격 증명 설정하기
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCOUNT_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_ACCOUNT_SECRET_ACCESS_KEY }}
+          aws-region: ${{secrets.AWS_REGION}}
+
+      - name: 현재 실행 환경의 Public IP 주소 얻기
+        id: public-ip
+        run: |
+          response=$(curl -s canhazip.com)
+          echo "ip=$response" >> "$GITHUB_OUTPUT"
+
+      - name: AWS 보안 그룹에 Github Actions IP 추가
+        run: |
+          aws ec2 authorize-security-group-ingress --group-id ${{ secrets.AWS_SECURITY_GROUP_ID }} --protocol tcp --port 22 --cidr ${{ steps.public-ip.outputs.ip }}/32
+
+      - name: 원격 서버에 SSH로 접속 후 명령어 실행
+        uses: appleboy/ssh-action@master
+        with:
+          host: ${{ secrets.AWS_EC2_HOST_ADDRESS }}
+          username: ec2-user
+          key: ${{ secrets.AWS_EC2_SSH_PRIVATE_KEY }}
+          script: |
+            cd venus-planner-be/
+            chmod +x ./run.sh
+            ./run.sh
+
+      - name: AWS 보안 그룹에서 Github Actions IP 제거
+        run: |
+          aws ec2 revoke-security-group-ingress  --group-id ${{ secrets.AWS_SECURITY_GROUP_ID }} --protocol tcp --port 22 --cidr ${{ steps.public-ip.outputs.ip }}/32

.gitignore

@@ -35,6 +35,4 @@ out/
 
 ### VS Code ###
 .vscode/
-/gradle/wrapper/gradle-wrapper.jar
-/src/main/resources/application-auth.yml
-/src/main/resources/application-oauth-local.yml
+/src/main/resources/*

Dockerfile

@@ -0,0 +1,6 @@
+FROM openjdk:17
+
+ARG JAR_FILE=/build/libs/*-SNAPSHOT.jar
+COPY ${JAR_FILE} app.jar
+
+ENTRYPOINT ["java","-jar","/app.jar"]

docker-compose.yml

@@ -0,0 +1,43 @@
+version: "3"
+
+services:
+  balancer:
+    image: nginx:latest
+    container_name: balancer
+    restart: unless-stopped
+    ports:
+      - "80:80"
+      - "443:443"
+    volumes:
+      - ./nginx/conf.d:/etc/nginx/conf.d
+      - ./data/certbot/conf:/etc/letsencrypt
+      - ./data/certbot/www:/var/www/certbot
+    depends_on:
+      - was-dev
+    command: '/bin/sh -c ''while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g "daemon off;"'''
+
+
+  certbot:
+    image: certbot/certbot
+    restart: unless-stopped
+    volumes:
+      - ./data/certbot/conf:/etc/letsencrypt
+      - ./data/certbot/www:/var/www/certbot
+    entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
+
+  was-dev:
+    image: ghcr.io/flytraphub/venus-planner-be:release
+    ports:
+      - "8080:8080"
+    container_name: was-dev
+
+  redis:
+    image: redis:latest
+    restart: always
+    container_name: redis
+    ports:
+      - "6379:6379"
+    volumes:
+      - redis-data:/data/redis
+volumes:
+  redis-data:

nginx/conf.d/nginx.conf

@@ -0,0 +1,45 @@
+upstream back-server {
+    server was-dev:8080;
+}
+
+server {
+    listen 80;
+    server_name api.planner.flytraphub.net;
+    server_tokens off;
+
+    location /.well-known/acme-challenge/ {
+        root /var/www/certbot;
+    }
+
+
+    location / {
+    	  return 301 https://$host$request_uri;
+    }
+
+}
+
+server {
+    listen 443 ssl;
+    server_name api.planner.flytraphub.net;
+    server_tokens off;
+
+    ssl_certificate /etc/letsencrypt/live/api.planner.flytraphub.net/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/api.planner.flytraphub.net/privkey.pem;
+    include /etc/letsencrypt/options-ssl-nginx.conf;
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+
+    location /api/ {
+        proxy_pass http://back-server;
+
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "Upgrade";
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header Cookie $http_cookie;
+        proxy_read_timeout 21600000;
+        proxy_send_timeout 21600000;
+    }
+}

run.sh

@@ -0,0 +1,20 @@
+
+#!/bin/bash
+
+echo "🏁 Script Start."
+echo "👉 Pulling github repository..."
+git pull origin release
+
+echo "👉 Pulling backend Docker image..."
+cd ..
+cat github_token/github_token.txt | docker login ghcr.io -u crtEvent --password-stdin
+docker pull ghcr.io/flytraphub/venus-planner-be:release
+
+echo "👉 Starting Docker Compose..."
+cd venus-planner-be/
+sudo docker-compose up -d
+
+echo "👉 Cleaning up unused Docker images..."
+sudo docker image prune -a -f
+
+echo "🫡  Script execution completed."