Merge pull request #34 from heesane/server

Auto stash before revert of "devops Traefik & NginxProxyManager"

Author: heesane

back/home_server/api-module/src/main/java/hhs/server/api/util/PictureManager.java

@@ -0,0 +1,165 @@
+package hhs.server.api.util;
+
+import com.amazonaws.services.s3.AmazonS3;
+import com.amazonaws.services.s3.model.CannedAccessControlList;
+import com.amazonaws.services.s3.model.GetObjectRequest;
+import com.amazonaws.services.s3.model.PutObjectRequest;
+import com.amazonaws.services.s3.model.S3Object;
+import com.amazonaws.services.s3.model.S3ObjectInputStream;
+import hhs.server.domain.model.type.PictureType;
+import java.io.File;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.net.URLEncoder;
+import java.nio.charset.StandardCharsets;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.util.Base64;
+import java.util.Objects;
+import java.util.Optional;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
+import org.springframework.stereotype.Component;
+import org.springframework.web.multipart.MultipartFile;
+
+@Component
+@RequiredArgsConstructor
+@Slf4j
+public class PictureManager {
+
+  @Value("${cloud.aws.s3.bucket}")
+  private String bucket;
+
+  private final AmazonS3 amazonS3;
+
+  public String upload(
+      Long userId,
+      String projectName,
+      MultipartFile multipartFile,
+      PictureType pictureType
+  ) throws IOException {
+
+    // system_architecture/1_1.jpg
+    // erd/1_1.jpg
+    String newFileName =
+        pictureType.getFolderPrefix() +
+            "/" + userId + "_" + projectName + "." +
+            Objects.requireNonNull(multipartFile.getOriginalFilename()).split("\\.")[1];
+
+    File uploadFile = convert(multipartFile).orElseThrow(
+        () -> new IllegalArgumentException("MultipartFile -> File 전환 실패")
+    );
+
+    // 업로드한 사진의 URL 반환
+    return upload(newFileName, uploadFile);
+
+  }
+
+  private String upload(
+      String newFileName,
+      File uploadFile
+  ) {
+
+    String uploadImageUrl = putS3(uploadFile, newFileName);
+
+    // convert()함수로 인해서 로컬에 생성된 File 삭제 (MultipartFile -> File 전환 하며 로컬에 파일 생성됨)
+    removeNewFile(uploadFile);
+
+    return uploadImageUrl;      // 업로드된 파일의 S3 URL 주소 반환
+
+  }
+
+  private String putS3(
+      File uploadFile,
+      String fileName
+  ) {
+
+    amazonS3.putObject(
+        new PutObjectRequest(bucket, fileName, uploadFile)
+            .withCannedAcl(CannedAccessControlList.PublicRead)  // PublicRead 권한으로 업로드 됨
+    );
+    return amazonS3.getUrl(bucket, fileName).toString();
+
+  }
+
+  private void removeNewFile(
+      File targetFile
+  ) {
+
+    if (targetFile.delete()) {
+      log.debug("파일이 삭제되었습니다.");
+    } else {
+      log.error("{} 파일이 삭제되지 못했습니다.", targetFile.getName());
+    }
+  }
+
+  private Optional<File> convert(
+      MultipartFile file
+  ) throws IOException {
+
+    String fileOriginalName = file.getOriginalFilename();
+    File convertFile = new File(Objects.requireNonNull(fileOriginalName)); // 업로드한 파일의 이름
+
+    if (convertFile.createNewFile()) {
+      try (FileOutputStream fos = new FileOutputStream(convertFile)) {
+        fos.write(file.getBytes());
+      }
+      return Optional.of(convertFile);
+    }
+
+    // 새로 만들어진 파일이 아닌 경우,
+    return Optional.empty();
+  }
+
+  public ResponseEntity<byte[]> download(
+      String fileName,
+      PictureType pictureType
+  ) throws IOException {
+
+    S3Object awsS3Object = amazonS3.getObject(
+        new GetObjectRequest(bucket, pictureType.getFolderPrefix() + "/" + fileName));
+
+    S3ObjectInputStream s3is = awsS3Object.getObjectContent();
+
+    byte[] bytes = s3is.readAllBytes();
+
+    String downloadedFileName = URLEncoder.encode(fileName, StandardCharsets.UTF_8)
+        .replace("+", "%20");
+
+    HttpHeaders httpHeaders = new HttpHeaders();
+    httpHeaders.setContentType(MediaType.IMAGE_JPEG);
+    httpHeaders.setContentLength(bytes.length);
+    httpHeaders.setContentDispositionFormData("attachment", downloadedFileName);
+
+    return new ResponseEntity<>(bytes, httpHeaders, HttpStatus.OK);
+  }
+
+  public boolean diff(
+      String originalHashValue,
+      MultipartFile newFile
+  ) {
+    try {
+      String newHashValue = calculateSHA256Base64(newFile);
+      return !originalHashValue.equals(newHashValue);
+    } catch (NoSuchAlgorithmException | IOException e) {
+      log.info("Fail to calculate hash value");
+    }
+    return false;
+  }
+
+  public String calculateSHA256Base64(
+      MultipartFile file
+  ) throws NoSuchAlgorithmException, IOException {
+    MessageDigest digest = MessageDigest.getInstance("SHA-256");
+    byte[] hashBytes = digest.digest(file.getBytes());
+
+    // Base64 인코딩으로 해시 값을 문자열로 변환
+    return Base64.getEncoder().encodeToString(hashBytes);
+  }
+
+}

back/home_server/api-module/src/main/java/hhs/server/api/util/UpdateManager.java

@@ -0,0 +1,25 @@
+package hhs.server.api.util;
+
+
+import hhs.server.domain.aop.lock.DistributedLock;
+import hhs.server.domain.persistence.Comments;
+import hhs.server.domain.persistence.Projects;
+import hhs.server.domain.persistence.elasticsearch.ProjectDocuments;
+
+public class UpdateManager {
+
+  @DistributedLock
+  public static void incrementProjectCommentCount(ProjectDocuments projectDocuments, Projects projects) {
+    projectDocuments.update(projects);
+  }
+
+  @DistributedLock
+  public static void updateProjectLikeCount(Projects project, Long likeCount) {
+    project.updateLikeCounts(likeCount);
+  }
+
+  @DistributedLock
+  public static void updateCommentLikeCount(Comments comments, Long likeCount) {
+    comments.updateLikes(likeCount);
+  }
+}

back/home_server/common-module/src/main/java/hhs/server/common/config/JpaConfig.java

@@ -0,0 +1,9 @@
+package hhs.server.common.config;
+
+import org.springframework.context.annotation.Configuration;
+
+@EnableJpaRepositories(basePackages = "hhs.server.domain.repository.jpa")
+@Configuration
+public class JpaConfig {
+
+}

back/home_server/common-module/src/main/java/hhs/server/common/validator/Validator.java

@@ -0,0 +1,60 @@
+package hhs.server.common.validator;
+
+import hhs.server.common.exceptions.ExceptionCode;
+import hhs.server.common.exceptions.exception.NotFoundException;
+import hhs.server.domain.persistence.Comments;
+import hhs.server.domain.persistence.Projects;
+import hhs.server.domain.persistence.User;
+import hhs.server.domain.repository.jpa.CommentsRepository;
+import hhs.server.domain.repository.jpa.ProjectRepository;
+import hhs.server.domain.repository.jpa.UserRepository;
+import lombok.RequiredArgsConstructor;
+import org.springframework.stereotype.Component;
+
+@Component
+@RequiredArgsConstructor
+public class Validator {
+
+  private final CommentsRepository commentsRepository;
+
+  private final ProjectRepository projectRepository;
+
+  private final UserRepository userRepository;
+
+  public Comments validateAndGetComment(Long commentId) {
+    return commentsRepository.findById(commentId).orElseThrow(
+        () -> new NotFoundException(ExceptionCode.COMMENTS_NOT_FOUND)
+    );
+  }
+
+  public void isCommentExist(Long commentId) {
+    if (!commentsRepository.existsById(commentId)) {
+      throw new NotFoundException(ExceptionCode.COMMENTS_NOT_FOUND);
+    }
+  }
+
+  public Projects validateAndGetProject(Long projectId) {
+    // 프로젝트 정보 검증
+    return projectRepository.findByIdWithDetail(projectId).orElseThrow(
+        () -> new NotFoundException(ExceptionCode.PROJECT_NOT_FOUND));
+  }
+
+  public void isProjectExist(Long projectId) {
+    if (!projectRepository.existsById(projectId)) {
+      throw new NotFoundException(ExceptionCode.PROJECT_NOT_FOUND);
+    }
+  }
+
+  public User validateAndGetUser(Long userId) {
+    return userRepository.findById(userId)
+        .orElseThrow(
+            () -> new NotFoundException(ExceptionCode.USER_NOT_FOUND)
+        );
+  }
+
+  public void isUserExist(Long userId) {
+    if (!userRepository.existsById(userId)) {
+      throw new NotFoundException(ExceptionCode.USER_NOT_FOUND);
+    }
+  }
+}

devops/command.yml

@@ -0,0 +1,27 @@
+# command:
+    #   - "--api.insecure=false"
+    #   - "--providers.docker=true"
+    #   - "--providers.docker.exposedbydefault=false"
+    #   - "--providers.docker.network=home_network"
+    #   - "--entrypoints.web.address=:80"
+    #   - "--entrypoints.websecure.address=:443"
+    #   - "--entrypoints.web.http.redirections.entrypoint.to=websecure"
+    #   - "--entryPoints.web.http.redirections.entrypoint.scheme=https"
+    #   - "--certificatesresolvers.letsencrypt.acme.tlschallenge=true"
+    #   - "--certificatesresolvers.letsencrypt.acme.email=tees3359@gmail.com"
+    #   - "--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json"
+    #   - "--log.level=DEBUG"
+    #   - "--accesslog=true"
+    #   - "--accesslog.filepath=/traefik/logs/access.log"
+    #   - "--accesslog.bufferingsize=100"
+    #   - "--accesslog.format=json"
+    #   - "--accesslog.fields.defaultmode=keep"
+    #   - "--accesslog.fields.headers.defaultmode=keep"
+    #   - "--accesslog.fields.headers.names.X-Forwarded-For=keep"
+    #   - "--api.dashboard=true"
+    #   - "--metrics.prometheus=true"
+    #   - "--metrics.prometheus.buckets=0.100000, 0.300000, 1.200000, 5.000000"
+    #   - "--metrics.prometheus.addEntryPointsLabels=true"
+    #   - "--metrics.prometheus.addServicesLabels=true"
+    #   - "--entryPoints.metrics.address=:8091"
+    #   - "--metrics.prometheus.entryPoint=metrics"

devops/traefik.yml

@@ -0,0 +1,55 @@
+global:
+  checkNewVersion: true
+  sendAnonymousUsage: true
+
+api:
+  dashboard: true
+  insecure: false
+
+entryPoints:
+  web:
+    address: ":80"
+    http:
+      redirections:
+        entryPoint:
+          to: websecure
+          scheme: https
+  websecure:
+    address: ":443"
+  metrics:
+    address: ":8091"
+
+providers:
+  docker:
+    endpoint: "unix:///var/run/docker.sock"
+    exposedByDefault: false
+    network: home_network
+
+certificatesResolvers:
+  letsencrypt:
+    acme:
+      email: [email protected]
+      storage: "/letsencrypt/acme.json"
+      httpChallenge:
+        entryPoint: web
+
+log:
+  level: DEBUG
+
+accessLog:
+  filePath: /traefik/logs/access.log
+  bufferingSize: 100
+  format: json
+  fields:
+    defaultMode: keep
+    headers:
+      defaultMode: keep
+      names:
+        X-Forwarded-For: keep
+
+metrics:
+  prometheus:
+    buckets: [ 0.100000, 0.300000, 1.200000, 5.000000 ]
+    entryPoint: metrics
+    addEntryPointsLabels: true
+    addServicesLabels: true

k3s/traefik-config.yml

@@ -0,0 +1,20 @@
+apiVersion: helm.cattle.io/v1
+kind: HelmChartConfig
+metadata:
+  name: traefik
+  namespace: kube-system
+spec:
+  valuesContent: |-
+    ports:
+      web:
+        port: 80
+        exposedPort: 80
+      websecure:
+        port: 443
+        exposedPort: 443
+      custom-8000:
+        port: 8000
+        exposedPort: 8000
+        protocol: TCP
+    additionalArguments:
+      - "--entryPoints.custom-8000.address=:8000"

k3s/traefik-dashboard.yaml

@@ -0,0 +1,17 @@
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: traefik-dashboard
+  namespace: kube-system
+spec:
+  entryPoints:
+  - web
+  routes:
+  - match: Host(`192.168.55.139`) && (PathPrefix(`/dashboard`) || PathPrefix(`/api`))
+    kind: Rule
+    services:
+    - name: api@internal
+      kind: TraefikService
+      port: 9000
+    - name: dashboard2@internal
+      port: 9000