solid-connection
diff --git a/‎.github/CODEOWNERS‎
Lines changed: 1 addition & 1 deletion b/‎.github/CODEOWNERS‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/dev-cd.yml‎
Lines changed: 16 additions & 2 deletions b/‎.github/workflows/dev-cd.yml‎
Lines changed: 16 additions & 2 deletions
diff --git a/‎.github/workflows/prod-cd.yml‎
Lines changed: 16 additions & 2 deletions b/‎.github/workflows/prod-cd.yml‎
Lines changed: 16 additions & 2 deletions
diff --git a/‎docker-compose.dev.yml‎
Lines changed: 1 addition & 1 deletion b/‎docker-compose.dev.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎docker-compose.prod.yml‎
Lines changed: 1 addition & 1 deletion b/‎docker-compose.prod.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs/infra-config/nginx.conf‎ ‎docs/infra-config/nginx.dev.conf‎docs/infra-config/nginx.conf renamed to docs/infra-config/nginx.dev.conf
Lines changed: 9 additions & 4 deletions b/‎docs/infra-config/nginx.conf‎ ‎docs/infra-config/nginx.dev.conf‎docs/infra-config/nginx.conf renamed to docs/infra-config/nginx.dev.conf
Lines changed: 9 additions & 4 deletions
diff --git a/‎docs/infra-config/nginx.prod.conf‎
Lines changed: 36 additions & 0 deletions b/‎docs/infra-config/nginx.prod.conf‎
Lines changed: 36 additions & 0 deletions
diff --git a/‎src/main/java/com/example/solidconnection/application/controller/ApplicationController.java‎
Lines changed: 1 addition & 3 deletions b/‎src/main/java/com/example/solidconnection/application/controller/ApplicationController.java‎
Lines changed: 1 addition & 3 deletions
diff --git a/‎src/main/java/com/example/solidconnection/auth/client/AppleOAuthClient.java‎
Lines changed: 3 additions & 2 deletions b/‎src/main/java/com/example/solidconnection/auth/client/AppleOAuthClient.java‎
Lines changed: 3 additions & 2 deletions
diff --git a/‎src/main/java/com/example/solidconnection/auth/client/KakaoOAuthClient.java‎
Lines changed: 5 additions & 4 deletions b/‎src/main/java/com/example/solidconnection/auth/client/KakaoOAuthClient.java‎
Lines changed: 5 additions & 4 deletions
@@ -1 +1 @@
-* @Gyuhyeok99 @nayonsoso @wibaek @whqtker @lsy1307
+* @Gyuhyeok99 @wibaek @whqtker @lsy1307 @Hexeong @JAEHEE25 @sukangpunch
@@ -71,14 +71,28 @@ jobs:
           source: "./docs/infra-config/config.alloy"
           target: "/home/${{ secrets.DEV_USERNAME }}/solid-connection-dev/"
 
-      - name: Run docker compose
+      - name: Copy nginx config to remote
+        uses: appleboy/scp-action@master
+        with:
+          host: ${{ secrets.DEV_HOST }}
+          username: ${{ secrets.DEV_USERNAME }}
+          key: ${{ secrets.DEV_PRIVATE_KEY }}
+          source: "./docs/infra-config/nginx.dev.conf"
+          target: "/home/${{ secrets.DEV_USERNAME }}/solid-connection-dev/nginx"
+          rename: "default.conf"
+
+      - name: Run docker compose and apply nginx config
         uses: appleboy/ssh-action@master
         with:
           host: ${{ secrets.DEV_HOST }}
           username: ${{ secrets.DEV_USERNAME }}
           key: ${{ secrets.DEV_PRIVATE_KEY }}
           script_stop: true
           script: |
+            sudo cp /home/${{ secrets.DEV_USERNAME }}/solid-connection-dev/nginx/default.conf /etc/nginx/conf.d/default.conf
+            sudo nginx -t
+            sudo nginx -s reload
+
             cd /home/${{ secrets.DEV_USERNAME }}/solid-connection-dev
-            docker compose down
+            docker compose -f docker-compose.dev.yml down
             docker compose -f docker-compose.dev.yml up -d --build
@@ -71,14 +71,28 @@ jobs:
         source: "./docs/infra-config/config.alloy"
         target: "/home/${{ secrets.USERNAME }}/solid-connect-server/"
 
-    - name: Run docker compose
+    - name: Copy nginx config to remote
+      uses: appleboy/scp-action@master
+      with:
+        host: ${{ secrets.HOST }}
+        username: ${{ secrets.USERNAME }}
+        key: ${{ secrets.PRIVATE_KEY }}
+        source: "./docs/infra-config/nginx.prod.conf"
+        target: "/home/${{ secrets.USERNAME }}/solid-connection-prod/nginx"
+        rename: "default.conf"
+
+    - name: Run docker compose and apply nginx config
       uses: appleboy/ssh-action@master
       with:
         host: ${{ secrets.HOST }}
         username: ${{ secrets.USERNAME }}
         key: ${{ secrets.PRIVATE_KEY }}
         script_stop: true
         script: |
+          sudo cp /home/${{ secrets.USERNAME }}/solid-connection-prod/nginx/default.conf /etc/nginx/conf.d/default.conf
+          sudo nginx -t
+          sudo nginx -s reload
+          
           cd /home/${{ secrets.USERNAME }}/solid-connect-server
-          docker compose down
+          docker compose -f docker-compose.prod.yml down
           docker compose -f docker-compose.prod.yml up -d --build
@@ -41,6 +41,6 @@ services:
       - "12345:12345"
     volumes:
       - ./logs:/var/log/spring
-      - ./docs/config.alloy:/etc/alloy/config.alloy:ro
+      - ./docs/infra-config/config.alloy:/etc/alloy/config.alloy:ro
     environment:
       - ALLOY_ENV=dev
@@ -40,6 +40,6 @@ services:
       - "12345:12345"
     volumes:
       - ./logs:/var/log/spring
-      - ./docs/config.alloy:/etc/alloy/config.alloy:ro
+      - ./docs/infra-config/config.alloy:/etc/alloy/config.alloy:ro
     environment:
       - ALLOY_ENV=production
@@ -1,5 +1,6 @@
 server {
     listen 80;
+    server_name api.stage.solid-connection.com;
 
 # http를 사용하는 경우 주석 해제
 #    location / {
@@ -17,9 +18,10 @@ server {
 
 server {
     listen 443 ssl;
+    server_name api.stage.solid-connection.com;
 
-    ssl_certificate /etc/letsencrypt/live/api.solid-connection.com/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/api.solid-connection.com/privkey.pem;
+    ssl_certificate /etc/letsencrypt/live/api.stage.solid-connection.com/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/api.stage.solid-connection.com/privkey.pem;
     client_max_body_size 10M;
 
     ssl_protocols TLSv1.2 TLSv1.3;
@@ -31,10 +33,13 @@ server {
     ssl_stapling_verify on;
 
     location / {
-        proxy_pass http://solid-connection-server:8080;
+        proxy_pass http://localhost:8080;
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
     }
-}
+}
@@ -0,0 +1,36 @@
+server {
+    listen 80;
+    server_name api.solid-connection.com;
+
+    location / {
+            return 301 https://$host$request_uri;
+    }
+}
+
+server {
+    listen 443 ssl;
+    server_name api.solid-connection.com;
+
+    ssl_certificate /etc/letsencrypt/live/api.solid-connection.com/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/api.solid-connection.com/privkey.pem;
+    client_max_body_size 10M;
+
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_prefer_server_ciphers on; # 클라이언트 보다 서버의 암호화 알고리즘을 우선하도록 설정
+    ssl_ciphers "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256";
+    ssl_session_cache shared:SSL:10m; # SSL 세션 캐시 설정
+    ssl_session_timeout 10m;
+    ssl_stapling on; # OCSP 스테이플링 활성화
+    ssl_stapling_verify on;
+
+    location / {
+        proxy_pass http://127.0.0.1:8080;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+    }
+}
@@ -6,8 +6,6 @@
 import com.example.solidconnection.application.service.ApplicationQueryService;
 import com.example.solidconnection.application.service.ApplicationSubmissionService;
 import com.example.solidconnection.common.resolver.AuthorizedUser;
-import com.example.solidconnection.security.annotation.RequireRoleAccess;
-import com.example.solidconnection.siteuser.domain.Role;
 import jakarta.validation.Valid;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.HttpStatus;
@@ -39,7 +37,7 @@ public ResponseEntity<ApplicationSubmissionResponse> apply(
                 .body(applicationSubmissionResponse);
     }
 
-    @RequireRoleAccess(roles = {Role.ADMIN})
+    // @RequireRoleAccess(roles = {Role.ADMIN}) // todo : 추후 어드민 페이지에서 권한 변경 기능 추가 필요
     @GetMapping
     public ResponseEntity<ApplicationsResponse> getApplicants(
             @AuthorizedUser long siteUserId,
 
@@ -25,8 +25,9 @@
 import org.springframework.web.client.RestTemplate;
 
 /*
- * 애플 인증을 위한 OAuth2 클라이언트
- * https://developer.apple.com/documentation/signinwithapplerestapi/generate_and_validate_tokens
+ * - 애플 인증을 위한 OAuth2 클라이언트
+ *   - https://developer.apple.com/documentation/signinwithapplerestapi/generate_and_validate_tokens
+ * - OAuthClient 인터페이스를 사용하는 전략 패턴으로 구현됨
  * */
 @Component
 @RequiredArgsConstructor
 
@@ -23,10 +23,11 @@
 import org.springframework.web.util.UriComponentsBuilder;
 
 /*
- * 카카오 인증을 위한 OAuth2 클라이언트
- * https://developers.kakao.com/docs/latest/ko/kakaologin/rest-api#request-code
- * https://developers.kakao.com/docs/latest/ko/kakaologin/rest-api#request-token
- * https://developers.kakao.com/docs/latest/ko/kakaologin/rest-api#req-user-info
+ * - 카카오 인증을 위한 OAuth2 클라이언트
+ *   - https://developers.kakao.com/docs/latest/ko/kakaologin/rest-api#request-code
+ *   - https://developers.kakao.com/docs/latest/ko/kakaologin/rest-api#request-token
+ *   - https://developers.kakao.com/docs/latest/ko/kakaologin/rest-api#req-user-info
+ * - OAuthClient 인터페이스를 사용하는 전략 패턴으로 구현됨
  * */
 @Component
 @RequiredArgsConstructor
Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-* @Gyuhyeok99 @nayonsoso @wibaek @whqtker @lsy1307`
	`1`	`+* @Gyuhyeok99 @wibaek @whqtker @lsy1307 @Hexeong @JAEHEE25 @sukangpunch`