chore: 호스팅 도메인 변경과 nginx 제거에 따른 전환 (#118)

* chore: nginx docker-compose에서 제거

* chore: cross-origin 허용 url 전환

* chore: nginx 제거와 docker-compose 명령 변경에 따른 workflow 수정

* feat: CorsPropertiesConfig 추가, cors allowed origins 정보를 yml로 분리한다

* style: 주석 삭제

Author: wibaek

.github/workflows/release.yml

@@ -63,15 +63,6 @@ jobs:
         key: ${{ secrets.PRIVATE_KEY }}
         source: "./docker-compose.yml"
         target: "/home/${{ secrets.USERNAME }}/solid-connect-server/"
-
-    - name: Copy nginx configuration file to remote
-      uses: appleboy/scp-action@master
-      with:
-        host: ${{ secrets.HOST }}
-        username: ${{ secrets.USERNAME }}
-        key: ${{ secrets.PRIVATE_KEY }}
-        source: "./nginx.conf"
-        target: "/home/${{ secrets.USERNAME }}/solid-connect-server/"
 
     - name: Run docker compose
       uses: appleboy/ssh-action@master
@@ -82,5 +73,5 @@ jobs:
         script_stop: true
         script: |
           cd /home/${{ secrets.USERNAME }}/solid-connect-server
-          docker-compose down
-          docker-compose up -d --build
+          docker compose down
+          docker compose up -d --build

docker-compose.yml

@@ -17,27 +17,15 @@ services:
     depends_on:
       - redis
 
-  solid-connect-server:
+  solid-connection-server:
     build:
       context: .
       dockerfile: Dockerfile
-    container_name: solid-connect-server
+    container_name: solid-connection-server
     ports:
       - "8080:8080"
     environment:
       - SPRING_DATA_REDIS_HOST=redis
       - SPRING_DATA_REDIS_PORT=6379
     depends_on:
-      - redis
-
-  nginx:
-    image: nginx:latest
-    container_name: nginx
-    ports:
-      - "80:80"
-      - "443:443"
-    volumes:
-      - ./nginx.conf:/etc/nginx/conf.d/default.conf
-      - /etc/letsencrypt:/etc/letsencrypt
-    depends_on:
-      - solid-connect-server
+      - redis

nginx.conf docs/nginx.confnginx.conf renamed to docs/nginx.conf

@@ -3,7 +3,7 @@ server {
 
 # http를 사용하는 경우 주석 해제
 #    location / {
-#        proxy_pass http://solid-connect-server:8080;
+#        proxy_pass http://solid-connection-server:8080;
 #        proxy_set_header Host $host;
 #        proxy_set_header X-Real-IP $remote_addr;
 #        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@@ -18,8 +18,8 @@ server {
 server {
     listen 443 ssl;
 
-    ssl_certificate /etc/letsencrypt/live/api.solid-connect.net/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/api.solid-connect.net/privkey.pem;
+    ssl_certificate /etc/letsencrypt/live/api.solid-connection.com/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/api.solid-connection.com/privkey.pem;
     client_max_body_size 10M;
 
     ssl_protocols TLSv1.2 TLSv1.3;
@@ -31,14 +31,10 @@ server {
     ssl_stapling_verify on;
 
     location / {
-        proxy_pass http://solid-connect-server:8080;
+        proxy_pass http://solid-connection-server:8080;
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Forwarded-Proto $scheme;
     }
-
-    location ~ /.well-known/acme-challenge { # 인증서 갱신에 필요한 경로 설정
-            allow all;
-        }
 }

src/main/java/com/example/solidconnection/config/cors/CorsPropertiesConfig.java

@@ -0,0 +1,17 @@
+package com.example.solidconnection.config.cors;
+
+import lombok.Getter;
+import lombok.Setter;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.context.annotation.Configuration;
+
+import java.util.List;
+
+@Getter
+@Setter
+@ConfigurationProperties(prefix = "cors")
+@Configuration
+public class CorsPropertiesConfig {
+
+    private List<String> allowedOrigins;
+}

src/main/java/com/example/solidconnection/config/cors/WebConfig.java

@@ -1,16 +1,20 @@
 package com.example.solidconnection.config.cors;
 
+import lombok.RequiredArgsConstructor;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.servlet.config.annotation.CorsRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
 @Configuration
+@RequiredArgsConstructor
 public class WebConfig implements WebMvcConfigurer {
 
+    private final CorsPropertiesConfig corsProperties;
+
     @Override
     public void addCorsMappings(CorsRegistry registry) {
         registry.addMapping("/**")
-                .allowedOrigins("http://localhost:8080", "http://localhost:3000", "https://www.solid-connect.net")
+                .allowedOrigins(corsProperties.getAllowedOrigins().toArray(new String[0]))
                 .allowedMethods("*")
                 .allowedHeaders("*")
                 .allowCredentials(true);

src/main/java/com/example/solidconnection/config/security/SecurityConfiguration.java

@@ -1,5 +1,6 @@
 package com.example.solidconnection.config.security;
 
+import com.example.solidconnection.config.cors.CorsPropertiesConfig;
 import lombok.RequiredArgsConstructor;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -23,11 +24,12 @@
 public class SecurityConfiguration {
 
     private final JwtAuthenticationFilter jwtAuthenticationFilter;
+    private final CorsPropertiesConfig corsProperties;
 
     @Bean
     public CorsConfigurationSource corsConfigurationSource() {
         CorsConfiguration configuration = new CorsConfiguration();
-        configuration.setAllowedOrigins(Arrays.asList("https://www.solid-connect.net", "http://localhost:8080", "https://www.api.solid-connect.net", "http://localhost:3000"));
+        configuration.setAllowedOrigins(corsProperties.getAllowedOrigins());
         configuration.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"));
         configuration.setAllowedHeaders(Arrays.asList("*"));
         configuration.setAllowCredentials(true);