fix: deploy.sh 방화벽 초기화 + Nginx 강제 재시작

thingineeer · thingineeer · commit 03955a7a6f79 · 2026-02-24T08:46:20.000+09:00
diff --git a/scripts/deploy.sh b/scripts/deploy.sh
@@ -77,87 +77,34 @@ do
   sleep 10
 done
 
-echo "> Nginx 상태 확인"
-if ! sudo systemctl is-active --quiet nginx; then
-  echo "> Nginx가 중지되어 있습니다. 재시작합니다."
-  sudo systemctl start nginx
-  sleep 2
-  if sudo systemctl is-active --quiet nginx; then
-    echo "> Nginx 재시작 성공"
-  else
-    echo "> Nginx 재시작 실패. 상태:"
-    sudo systemctl status nginx
-  fi
+echo "> Nginx 상태 확인 및 복구"
+sudo systemctl stop nginx 2>/dev/null || true
+sleep 1
+sudo systemctl start nginx
+sleep 2
+if sudo systemctl is-active --quiet nginx; then
+  echo "> Nginx 시작 성공"
 else
-  echo "> Nginx 정상 구동 중"
+  echo "> Nginx 시작 실패. 강제 재시작 시도..."
+  sudo killall nginx 2>/dev/null || true
+  sleep 1
+  sudo nginx
+  sleep 2
 fi
 
+echo "> 방화벽 규칙 초기화 (인바운드 트래픽 허용)"
+# UFW 비활성화
+sudo ufw disable 2>/dev/null || true
+
+# iptables 초기화 - 모든 트래픽 허용
+sudo iptables -P INPUT ACCEPT 2>/dev/null || true
+sudo iptables -P FORWARD ACCEPT 2>/dev/null || true
+sudo iptables -P OUTPUT ACCEPT 2>/dev/null || true
+sudo iptables -F 2>/dev/null || true
+sudo iptables -X 2>/dev/null || true
+
 echo "> 스위칭"
 sleep 10
 /home/ubuntu/app/nonstop/switch.sh
 
-echo "> 배포 완료. 진단 정보 수집 중..."
-
-DIAG_FILE="/tmp/server-diagnostic-$(date +%Y%m%d-%H%M%S).txt"
-{
-  echo "========== SERVER DIAGNOSTIC =========="
-  echo "Date: $(date)"
-  echo ""
-
-  echo "=== Public IP (EC2 metadata) ==="
-  curl -s --connect-timeout 3 http://169.254.169.254/latest/meta-data/public-ipv4 2>/dev/null || echo "메타데이터 접근 불가"
-  echo ""
-
-  echo "=== Network Interfaces ==="
-  ip addr show 2>/dev/null || ifconfig 2>/dev/null
-  echo ""
-
-  echo "=== Nginx Status ==="
-  sudo systemctl status nginx 2>&1
-  echo ""
-
-  echo "=== Nginx Config ==="
-  sudo nginx -T 2>&1
-  echo ""
-
-  echo "=== Listening Ports ==="
-  sudo ss -tlnp 2>/dev/null || sudo netstat -tlnp 2>/dev/null
-  echo ""
-
-  echo "=== Java Processes ==="
-  pgrep -a java 2>/dev/null || echo "Java 프로세스 없음"
-  echo ""
-
-  echo "=== iptables Rules ==="
-  sudo iptables -L -n 2>/dev/null || echo "iptables 조회 실패"
-  echo ""
-
-  echo "=== Localhost Health Check ==="
-  curl -s http://localhost:8081/actuator/health 2>/dev/null
-  echo ""
-  curl -s http://localhost:8082/actuator/health 2>/dev/null
-  echo ""
-  curl -s http://localhost/actuator/health 2>/dev/null
-  echo ""
-  curl -s http://localhost/profile 2>/dev/null
-  echo ""
-
-  echo "=== Disk Usage ==="
-  df -h 2>/dev/null
-  echo ""
-
-  echo "=== Memory Usage ==="
-  free -h 2>/dev/null
-  echo ""
-
-  echo "=== nohup.out (last 50 lines) ==="
-  tail -50 /home/ubuntu/app/nohup.out 2>/dev/null || echo "nohup.out 없음"
-  echo ""
-
-  echo "========== END DIAGNOSTIC =========="
-} > "$DIAG_FILE" 2>&1
-
-echo "> 진단 결과를 S3에 업로드..."
-aws s3 cp "$DIAG_FILE" s3://runnect-prod-bucket/diagnostics/$(basename "$DIAG_FILE") 2>&1 || echo "> S3 업로드 실패"
-
-echo "> 진단 완료"
+echo "> 배포 완료"
