diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7bf1a0ddd..0dbdd061d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -63,15 +63,6 @@ jobs: key: ${{ secrets.PRIVATE_KEY }} source: "./docker-compose.yml" target: "/home/${{ secrets.USERNAME }}/solid-connect-server/" - - - name: Copy nginx configuration file to remote - uses: appleboy/scp-action@master - with: - host: ${{ secrets.HOST }} - username: ${{ secrets.USERNAME }} - key: ${{ secrets.PRIVATE_KEY }} - source: "./nginx.conf" - target: "/home/${{ secrets.USERNAME }}/solid-connect-server/" - name: Run docker compose uses: appleboy/ssh-action@master @@ -82,5 +73,5 @@ jobs: script_stop: true script: | cd /home/${{ secrets.USERNAME }}/solid-connect-server - docker-compose down - docker-compose up -d --build + docker compose down + docker compose up -d --build diff --git a/docker-compose.yml b/docker-compose.yml index e7358d2b2..8813a4e58 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -17,27 +17,15 @@ services: depends_on: - redis - solid-connect-server: + solid-connection-server: build: context: . dockerfile: Dockerfile - container_name: solid-connect-server + container_name: solid-connection-server ports: - "8080:8080" environment: - SPRING_DATA_REDIS_HOST=redis - SPRING_DATA_REDIS_PORT=6379 depends_on: - - redis - - nginx: - image: nginx:latest - container_name: nginx - ports: - - "80:80" - - "443:443" - volumes: - - ./nginx.conf:/etc/nginx/conf.d/default.conf - - /etc/letsencrypt:/etc/letsencrypt - depends_on: - - solid-connect-server + - redis \ No newline at end of file diff --git a/nginx.conf b/docs/nginx.conf similarity index 75% rename from nginx.conf rename to docs/nginx.conf index e94acb4e3..303463bce 100644 --- a/nginx.conf +++ b/docs/nginx.conf @@ -3,7 +3,7 @@ server { # http를 사용하는 경우 주석 해제 # location / { -# proxy_pass http://solid-connect-server:8080; +# proxy_pass http://solid-connection-server:8080; # proxy_set_header Host $host; # proxy_set_header X-Real-IP $remote_addr; # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; @@ -18,8 +18,8 @@ server { server { listen 443 ssl; - ssl_certificate /etc/letsencrypt/live/api.solid-connect.net/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/api.solid-connect.net/privkey.pem; + ssl_certificate /etc/letsencrypt/live/api.solid-connection.com/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/api.solid-connection.com/privkey.pem; client_max_body_size 10M; ssl_protocols TLSv1.2 TLSv1.3; @@ -31,14 +31,10 @@ server { ssl_stapling_verify on; location / { - proxy_pass http://solid-connect-server:8080; + proxy_pass http://solid-connection-server:8080; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } - - location ~ /.well-known/acme-challenge { # 인증서 갱신에 필요한 경로 설정 - allow all; - } } \ No newline at end of file diff --git a/src/main/java/com/example/solidconnection/config/cors/CorsPropertiesConfig.java b/src/main/java/com/example/solidconnection/config/cors/CorsPropertiesConfig.java new file mode 100644 index 000000000..55e47bd90 --- /dev/null +++ b/src/main/java/com/example/solidconnection/config/cors/CorsPropertiesConfig.java @@ -0,0 +1,17 @@ +package com.example.solidconnection.config.cors; + +import lombok.Getter; +import lombok.Setter; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.context.annotation.Configuration; + +import java.util.List; + +@Getter +@Setter +@ConfigurationProperties(prefix = "cors") +@Configuration +public class CorsPropertiesConfig { + + private List allowedOrigins; +} \ No newline at end of file diff --git a/src/main/java/com/example/solidconnection/config/cors/WebConfig.java b/src/main/java/com/example/solidconnection/config/cors/WebConfig.java index 9143d6558..00f3cf411 100644 --- a/src/main/java/com/example/solidconnection/config/cors/WebConfig.java +++ b/src/main/java/com/example/solidconnection/config/cors/WebConfig.java @@ -1,16 +1,20 @@ package com.example.solidconnection.config.cors; +import lombok.RequiredArgsConstructor; import org.springframework.context.annotation.Configuration; import org.springframework.web.servlet.config.annotation.CorsRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; @Configuration +@RequiredArgsConstructor public class WebConfig implements WebMvcConfigurer { + private final CorsPropertiesConfig corsProperties; + @Override public void addCorsMappings(CorsRegistry registry) { registry.addMapping("/**") - .allowedOrigins("http://localhost:8080", "http://localhost:3000", "https://www.solid-connect.net") + .allowedOrigins(corsProperties.getAllowedOrigins().toArray(new String[0])) .allowedMethods("*") .allowedHeaders("*") .allowCredentials(true); diff --git a/src/main/java/com/example/solidconnection/config/security/SecurityConfiguration.java b/src/main/java/com/example/solidconnection/config/security/SecurityConfiguration.java index 449bdd35c..70bcf6c37 100644 --- a/src/main/java/com/example/solidconnection/config/security/SecurityConfiguration.java +++ b/src/main/java/com/example/solidconnection/config/security/SecurityConfiguration.java @@ -1,5 +1,6 @@ package com.example.solidconnection.config.security; +import com.example.solidconnection.config.cors.CorsPropertiesConfig; import lombok.RequiredArgsConstructor; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @@ -23,11 +24,12 @@ public class SecurityConfiguration { private final JwtAuthenticationFilter jwtAuthenticationFilter; + private final CorsPropertiesConfig corsProperties; @Bean public CorsConfigurationSource corsConfigurationSource() { CorsConfiguration configuration = new CorsConfiguration(); - configuration.setAllowedOrigins(Arrays.asList("https://www.solid-connect.net", "http://localhost:8080", "https://www.api.solid-connect.net", "http://localhost:3000")); + configuration.setAllowedOrigins(corsProperties.getAllowedOrigins()); configuration.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS")); configuration.setAllowedHeaders(Arrays.asList("*")); configuration.setAllowCredentials(true);