# [B104] Aucation
Aucation 프로젝트는 Docker, Docker Compose, 그리고 Jenkins Pipeline을 활용한
CI/CD 자동화 환경을 구성하고 있습니다.
Gitlab의 Webhook 설정으로 인해 back / front branch에 나누어 구분하였고
Merge 이벤트 발생 시, Jenkins Pipeline을 통해 자동 빌드와 배포가 이루어집니다.
프론트엔드 부분은 npm 환경에서 빌드하고 배포합니다.
백엔드는 Gradle을 사용하여 빌드하며, Docker Compose를 통해 컨테이너를 관리하고 배포합니다.
## Version
### Frontend
| Type | Version |
| ---------------- | ------- |
| next.js |16.18.50 |
| React.js | 18.2.21 |
| Axios | 1.5.0 |
### Backend
| Type | Version |
| ----------------- | ------------- |
| Java | openjdk : 11.0.20 |
| Spring Boot | 2.7.17 |
| Gradle | 8.3.0 |
| Spring Security | 5.7.11 |
| JPA | 2.2.3 |
| Hibernate | 5.6.15 |
| IntelliJ Ultimate | - |
| JWT | 4.2.1 |
| sockjs | 1.1.2 |
| websocket | 2.3.3-1 |
| FCM | 9.1.1 |
| QueryDsl | 5.0.0 |
| lombok | 1.18.30 |
### Database
| Type | Version |
| --------------- | ---------|
| MySQL | 8.0.32 |
| MySQL Workbench | 8.0 CE |
| Redis | 7.2.2 |
| AWS-S3 | 1.12.385 |
## ufw allow status
| Port | Content |
| ------ | ----------- |
| 22 | SSH |
| 80 | HTTP |
| 443 | HTTPS |
| 3306 | MySQL |
ec2에 docker 설치
sudo apt-get update
sudo apt-get install ca-certificates curl gnupg
sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL <https://download.docker.com/linux/ubuntu/gpg> | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.gpg
echo \\
"deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] <https://download.docker.com/linux/ubuntu> \\
"$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \\
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
docker engine과 그에 따른 plugin설치
sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
sudo apt install docker-compose
#정상 설치 되엇는지 확인
sudo docker -v
sudo docker compose version
서버의 패키지 목록 업데이트
Nginx 설치
실행
환경 설정
# Main-server
server {
listen 80; # 80포트로 받을 때
server_name aucation.co.kr; # 도메인주소
return 301 https://$host$request_uri;
}
server {
listen 443 ssl ;
server_name aucation.co.kr;
# ssl 인증서 적용하기
ssl_certificate /etc/letsencrypt/live/aucation.co.kr/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/aucation.co.kr/privkey.pem;
## include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
## ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
location / {
# React 프로젝트
proxy_pass <http://localhost:3000>;
add_header 'Access-Control-Allow-Origin' '*'; # CORS 에러를 위한 처리
add_header 'Access-Control-Expose-Headers' 'Authorization, Authorization-refresh'; # JWT 토큰 확인을 위한 헤더 추가
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
}
location /api/v1/ {
# Springboot 프로젝트
proxy_pass <https://localhost:8001>;
charset utf-8;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-NginX-Proxy true;
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
# 사진이나 큰 용량 보낼 시 지정해줘야함
client_max_body_size 50M;
}
location /auc-server {
# websocket
proxy_pass <https://localhost:8001>;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection upgrade;
proxy_set_header Host $host;
proxy_intercept_errors on;
}
}
# sub-server
server {
listen 80; # 80포트로 받을 때
server_name k9b104a.p.ssafy.io; # 도메인주소
return 301 https://$host$request_uri;
}
server {
listen 443 ssl ;
server_name k9b104a.p.ssafy.io;
# ssl 인증서 적용하기
ssl_certificate /etc/letsencrypt/live/k9b104a.p.ssafy.io/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/k9b104a.p.ssafy.io/privkey.pem;
## include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
## ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
location /chat-server {
# websocket
proxy_pass <https://localhost:9001>;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection upgrade;
proxy_set_header Host $host;
proxy_intercept_errors on;
}
location /api/v2/ {
proxy_pass <https://localhost:9001>;
charset utf-8;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-NginX-Proxy true;
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
proxy_read_timeout 3600;
client_max_body_size 50M;
}
}
실제 사용되는 site-enabled에 nginx.conf 연결
<aside> 💡 sudo ln -s /etc/nginx/sites-available/nginx.conf /etc/nginx/sites-enabled
$ sudo apt-get install letsencrypt
$ sudo apt-get install certbot python3-certbot-nginx