diff --git a/.github/workflows/chat-deploy.yml b/.github/workflows/chat-deploy.yml index 5cf78b7b..34884337 100644 --- a/.github/workflows/chat-deploy.yml +++ b/.github/workflows/chat-deploy.yml @@ -3,9 +3,10 @@ name: Chat Server CI/CD on: push: branches: + - Fix/295 - develop - paths: - - 'apps/chat/**' +# paths: +# - 'apps/chat/**' jobs: build-and-push: @@ -48,6 +49,16 @@ jobs: steps: - name: Checkout for docker-compose uses: actions/checkout@v2 + env: + IMAGE_NAME: chat-camon + CHAT_PORT: ${{ secrets.CHAT_PORT }} + REDIS_HOST: ${{ secrets.REDIS_HOST }} + REDIS_PORT: ${{ secrets.REDIS_PORT }} + REDIS_CHAT: ${{ secrets.REDIS_CHAT }} + JWT_SECRET: ${{ secrets.JWT_SECRET }} + NCLOUD_REGISTRY_URL: ${{ secrets.NCLOUD_REGISTRY_URL }} + NCLOUD_ACCESS_KEY: ${{ secrets.NCLOUD_ACCESS_KEY }} + NCLOUD_SECRET_KEY: ${{ secrets.NCLOUD_SECRET_KEY }} - name: Copy docker-compose file uses: appleboy/scp-action@master @@ -65,16 +76,26 @@ jobs: username: ${{ secrets.SERVER_USER }} key: ${{ secrets.SSH_SERVER_KEY }} port: 22 - envs: CHAT_PORT,REDIS_HOST,REDIS_PORT,REDIS_CHAT,JWT_SECRET + envs: CHAT_PORT,REDIS_HOST,REDIS_PORT,REDIS_CHAT,JWT_SECRET,NCLOUD_REGISTRY_URL,NCLOUD_ACCESS_KEY,NCLOUD_SECRET_KEY script: | cd /home/${{ secrets.SERVER_USER }}/camon - sudo docker login -u ${{secrets.NCLOUD_ACCESS_KEY}} -p ${{ secrets.NCLOUD_SECRET_KEY }} ${{ secrets.NCLOUD_REGISTRY_URL }} + + echo "NCLOUD_REGISTRY_URL=$NCLOUD_REGISTRY_URL" > .env + echo "NCLOUD_ACCESS_KEY=$NCLOUD_ACCESS_KEY" >> .env + echo "NCLOUD_SECRET_KEY=$NCLOUD_SECRET_KEY" >> .env + echo "CHAT_PORT=$CHAT_PORT" >> .env + echo "REDIS_HOST=$REDIS_HOST" >> .env + echo "REDIS_PORT=$REDIS_PORT" >> .env + echo "REDIS_CHAT=$REDIS_CHAT" >> .env + echo "JWT_SECRET=$JWT_SECRET" >> .env + + # Docker 로그인 sudo docker stop chat-camon || true sudo docker rm chat-camon || true - sudo docker rmi ${{ secrets.NCLOUD_REGISTRY_URL }}/chat-camon:latest || true + sudo docker rmi $NCLOUD_REGISTRY_URL/chat-camon:latest || true - sudo docker pull ${{ secrets.NCLOUD_REGISTRY_URL }}/chat-camon:latest + sudo docker pull $NCLOUD_REGISTRY_URL/chat-camon:latest sudo docker-compose up -d chat sudo docker image prune -f diff --git a/.github/workflows/media-deploy.yml b/.github/workflows/media-deploy.yml index f5115829..42adb7ac 100644 --- a/.github/workflows/media-deploy.yml +++ b/.github/workflows/media-deploy.yml @@ -62,6 +62,23 @@ jobs: deploy-and-run: runs-on: ubuntu-latest needs: build-and-push + env: + IMAGE_NAME: media-camon + MEDIA_PORT: 3001 + REDIS_HOST: ${{ secrets.REDIS_HOST }} + REDIS_PORT: ${{ secrets.REDIS_PORT }} + REDIS_MEDIA: ${{ secrets.REDIS_MEDIA }} + ANNOUNCED_IP: ${{ secrets.ANNOUNCED_IP }} + API_SERVER_URL: ${{ secrets.API_SERVER_URL }} + HTTP_TIMEOUT: ${{ secrets.HTTP_TIMEOUT }} + RECORD_SERVER_URL: ${{ secrets.RECORD_SERVER_URL }} + SERVER_PRIVATE_IP: ${{ secrets.SERVER_PRIVATE_IP }} + PUBLIC_RECORD_SERVER_URL: ${{ secrets.PUBLIC_RECORD_SERVER_URL }} + JWT_SECRET: ${{ secrets.JWT_SECRET }} + NCLOUD_REGISTRY_URL: ${{ secrets.NCLOUD_REGISTRY_URL }} + NCLOUD_ACCESS_KEY: ${{ secrets.NCLOUD_ACCESS_KEY }} + NCLOUD_SECRET_KEY: ${{ secrets.NCLOUD_SECRET_KEY }} + steps: - name: Checkout for docker-compose uses: actions/checkout@v2 @@ -82,24 +99,32 @@ jobs: username: ${{ secrets.SERVER_USER }} key: ${{ secrets.SSH_SERVER_KEY }} port: 22 - envs: MEDIA_PORT,REDIS_HOST,REDIS_PORT,REDIS_MEDIA,ANNOUNCED_IP,API_SERVER_URL,HTTP_TIMEOUT,RECORD_SERVER_URL,SERVER_PRIVATE_IP,PUBLIC_RECORD_SERVER_URL + envs: MEDIA_PORT,REDIS_HOST,REDIS_PORT,REDIS_MEDIA,ANNOUNCED_IP,API_SERVER_URL,HTTP_TIMEOUT,RECORD_SERVER_URL,SERVER_PRIVATE_IP,PUBLIC_RECORD_SERVER_URL,NCLOUD_REGISTRY_URL,NCLOUD_ACCESS_KEY,NCLOUD_SECRET_KEY script: | cd /home/${{ secrets.SERVER_USER }}/camon - sudo lsof -i :3001 - sudo lsof -i :30000-31000 - sudo docker login -u ${{secrets.NCLOUD_ACCESS_KEY}} -p ${{ secrets.NCLOUD_SECRET_KEY }} ${{ secrets.NCLOUD_REGISTRY_URL }} - - echo "API_SERVER_URL=http://api:3000" >> .env - echo "HTTP_TIMEOUT=5000" >> .env - echo "RECORD_SERVER_URL=http://record:3003" >> .env - echo "SERVER_PRIVATE_IP=record" >> .env - echo "PUBLIC_RECORD_SERVER_URL=https://record.cam-on.site" >> .env + + echo "MEDIA_PORT=$MEDIA_PORT" > .env + echo "REDIS_HOST=$REDIS_HOST" >> .env + echo "REDIS_PORT=$REDIS_PORT" >> .env + echo "REDIS_MEDIA=$REDIS_MEDIA" >> .env + echo "ANNOUNCED_IP=$ANNOUNCED_IP" >> .env + echo "API_SERVER_URL=$API_SERVER_URL" >> .env + echo "HTTP_TIMEOUT=$HTTP_TIMEOUT" >> .env + echo "RECORD_SERVER_URL=$RECORD_SERVER_URL" >> .env + echo "SERVER_PRIVATE_IP=$SERVER_PRIVATE_IP" >> .env + echo "PUBLIC_RECORD_SERVER_URL=$PUBLIC_RECORD_SERVER_URL" >> .env + echo "NCLOUD_REGISTRY_URL=$NCLOUD_REGISTRY_URL" >> .env + echo "NCLOUD_ACCESS_KEY=$NCLOUD_ACCESS_KEY" >> .env + echo "NCLOUD_SECRET_KEY=$NCLOUD_SECRET_KEY" >> .env + echo "JWT_SECRET=$JWT_SECRET" >> .env + + sudo docker login -u $NCLOUD_ACCESS_KEY -p $NCLOUD_SECRET_KEY $NCLOUD_REGISTRY_URL sudo docker stop media-camon || true sudo docker rm media-camon || true - sudo docker rmi ${{ secrets.NCLOUD_REGISTRY_URL }}/media-camon:latest || true + sudo docker rmi $NCLOUD_REGISTRY_URL/media-camon:latest || true - sudo docker pull ${{ secrets.NCLOUD_REGISTRY_URL }}/media-camon:latest + sudo docker pull $NCLOUD_REGISTRY_URL/media-camon:latest sudo docker-compose up -d media sudo docker image prune -f diff --git a/.github/workflows/record-deploy.yml b/.github/workflows/record-deploy.yml index bc8186d8..e7df26d7 100644 --- a/.github/workflows/record-deploy.yml +++ b/.github/workflows/record-deploy.yml @@ -13,8 +13,8 @@ jobs: IMAGE_NAME: record-camon RECORD_PORT: ${{ secrets.RECORD_PORT }} NCLOUD_ACCESS_KEY: ${{ secrets.NCLOUD_ACCESS_KEY }} - NCLOUD_SECRET_KEY=: ${{ secrets.NCLOUD_SECRET_KEY }} - NCLOUD_BUCKET_NAME=: ${{ secrets.NCLOUD_BUCKET_NAME }} + NCLOUD_SECRET_KEY: ${{ secrets.NCLOUD_SECRET_KEY }} + NCLOUD_BUCKET_NAME: ${{ secrets.NCLOUD_BUCKET_NAME }} steps: - name: Checkout code @@ -33,7 +33,7 @@ jobs: docker build -f ./apps/record/Dockerfile -t ${{ secrets.NCLOUD_REGISTRY_URL }}/$IMAGE_NAME:latest \ --build-arg RECORD_PORT=$RECORD_PORT \ --build-arg NCLOUD_ACCESS_KEY=$NCLOUD_ACCESS_KEY \ - --build-arg NCLOUD_SECRET_KEY=$NCLOUD_ACCESS_KEY \ + --build-arg NCLOUD_SECRET_KEY=$NCLOUD_SECRET_KEY \ --build-arg NCLOUD_BUCKET_NAME=$NCLOUD_BUCKET_NAME \ . @@ -44,6 +44,13 @@ jobs: deploy-and-run: runs-on: ubuntu-latest needs: build-and-push + env: + IMAGE_NAME: record-camon + RECORD_PORT: ${{ secrets.RECORD_PORT }} + NCLOUD_ACCESS_KEY: ${{ secrets.NCLOUD_ACCESS_KEY }} + NCLOUD_SECRET_KEY: ${{ secrets.NCLOUD_SECRET_KEY }} + NCLOUD_BUCKET_NAME: ${{ secrets.NCLOUD_BUCKET_NAME }} + NCLOUD_REGISTRY_URL: ${{ secrets.NCLOUD_REGISTRY_URL }} steps: - name: Checkout for docker-compose uses: actions/checkout@v2 @@ -64,19 +71,29 @@ jobs: username: ${{ secrets.SERVER_USER }} key: ${{ secrets.SSH_SERVER_KEY }} port: 22 - envs: RECORD_PORT,NCLOUD_ACCESS_KEY,NCLOUD_SECRET_KEY,NCLOUD_BUCKET_NAME + envs: RECORD_PORT,NCLOUD_ACCESS_KEY,NCLOUD_SECRET_KEY,NCLOUD_BUCKET_NAME,NCLOUD_REGISTRY_URL script: | cd /home/${{ secrets.SERVER_USER }}/camon - sudo docker login -u ${{secrets.NCLOUD_ACCESS_KEY}} -p ${{ secrets.NCLOUD_SECRET_KEY }} ${{ secrets.NCLOUD_REGISTRY_URL }} + + echo "RECORD_PORT=$RECORD_PORT" > .env + echo "NCLOUD_ACCESS_KEY=$NCLOUD_ACCESS_KEY" >> .env + echo "NCLOUD_SECRET_KEY=$NCLOUD_SECRET_KEY" >> .env + echo "NCLOUD_BUCKET_NAME=$NCLOUD_BUCKET_NAME" >> .env + echo "NCLOUD_REGISTRY_URL=$NCLOUD_REGISTRY_URL" >> .env + + sudo docker login -u $NCLOUD_ACCESS_KEY -p $NCLOUD_SECRET_KEY $NCLOUD_REGISTRY_URL sudo docker stop record-camon || true sudo docker rm record-camon || true - sudo docker rmi ${{ secrets.NCLOUD_REGISTRY_URL }}/record-camon:latest || true - - sudo docker pull ${{ secrets.NCLOUD_REGISTRY_URL }}/$IMAGE_NAME:latest + sudo docker rmi $NCLOUD_REGISTRY_URL/record-camon:latest || true + + sudo docker pull $NCLOUD_REGISTRY_URL/record-camon:latest + sudo docker tag $NCLOUD_REGISTRY_URL/record-camon:latest record-camon + + sudo docker-compose down sudo docker-compose up -d record + sudo docker image prune -f - - name: Check container status uses: appleboy/ssh-action@v0.1.6 with: diff --git a/apps/chat/src/auth/jwt-auth.strategy.ts b/apps/chat/src/auth/jwt-auth.strategy.ts index 2a38be1e..e0d8a617 100644 --- a/apps/chat/src/auth/jwt-auth.strategy.ts +++ b/apps/chat/src/auth/jwt-auth.strategy.ts @@ -2,7 +2,7 @@ import { Injectable } from '@nestjs/common'; import { ConfigService } from '@nestjs/config'; import { PassportStrategy } from '@nestjs/passport'; import { ExtractJwt, Strategy } from 'passport-jwt'; -import { IPayLoad } from './\bpayload.interface'; +import { IPayLoad } from './payload.interface'; @Injectable() export class JWTAuthStrategy extends PassportStrategy(Strategy) { diff --git a/apps/media/Dockerfile b/apps/media/Dockerfile index 7035a021..49891e53 100644 --- a/apps/media/Dockerfile +++ b/apps/media/Dockerfile @@ -52,22 +52,22 @@ ARG SERVER_PRIVATE_IP ARG PUBLIC_RECORD_SERVER_URL ARG JWT_SECRET -ENV MEDIA_PORT=$MEDIA_PORT -ENV REDIS_HOST=$REDIS_HOST -ENV REDIS_PORT=$REDIS_PORT -ENV REDIS_MEDIA=$REDIS_MEDIA +ENV MEDIA_PORT=3001 +ENV REDIS_HOST=host.docker.internal +ENV REDIS_PORT=6379 +ENV REDIS_MEDIA=0 ENV DB_HOST=$DB_HOST ENV DB_PORT=$DB_PORT ENV DB_USERNAME=$DB_USERNAME ENV DB_PASSWORD=$DB_PASSWORD ENV DB_NAME=$DB_NAME ENV ANNOUNCED_IP=$ANNOUNCED_IP -ENV API_SERVER_URL=$API_SERVER_URL -ENV HTTP_TIMEOUT=$HTTP_TIMEOUT -ENV RECORD_SERVER_URL=$RECORD_SERVER_URL -ENV SERVER_PRIVATE_IP=$SERVER_PRIVATE_IP +ENV API_SERVER_URL=http://api:3000 +ENV HTTP_TIMEOUT=300 +ENV RECORD_SERVER_URL=http://record:3003 +ENV SERVER_PRIVATE_IP=172.19.0.10 ENV PUBLIC_RECORD_SERVER_URL=$PUBLIC_RECORD_SERVER_URL -ENV JWT_SECRET=$JWT_SECRET +ENV JWT_SECRET=798ade5ddc3418ad8bf3468f995d08dc239de025a0f545512118be4f6e3b8971a918e062a50f3ac36e48bdde95c06bc6af99d94782bfccf19a83b94329d1fe21 # Media 서버 빌드 결과물 복사 COPY --from=base /app/apps/media/dist ./apps/media/dist diff --git a/apps/record/Dockerfile b/apps/record/Dockerfile index 028d95a6..a746037c 100644 --- a/apps/record/Dockerfile +++ b/apps/record/Dockerfile @@ -16,11 +16,10 @@ ARG NCLOUD_ACCESS_KEY ARG NCLOUD_SECRET_KEY ARG NCLOUD_BUCKET_NAME -ENV RECORD_PORT=$RECORD_PORT -ENV NCLOUD_ACCESS_KEY=$NCLOUD_ACCESS_KEY -ENV NCLOUD_SECRET_KEY=$NCLOUD_SECRET_KEY -ENV NCLOUD_BUCKET_NAME=$NCLOUD_BUCKET_NAME - +ENV RECORD_PORT=3003 +ENV NCLOUD_ACCESS_KEY=ncp_iam_BPASKR3lGQIBXJoeniEF +ENV NCLOUD_SECRET_KEY=ncp_iam_BPKSKR6pvrB5ZgK6bCtisjbgdKQtdbuhEF +ENV NCLOUD_BUCKET_NAME=camon # Copy dependency files COPY pnpm-lock.yaml package.json pnpm-workspace.yaml ./ COPY apps/record/package.json apps/record/ diff --git a/docker-compose.yml b/docker-compose.yml index 20a09c1d..9994b9a4 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -38,22 +38,28 @@ services: - SERVER_PRIVATE_IP=${SERVER_PRIVATE_IP} - PUBLIC_RECORD_SERVER_URL=${PUBLIC_RECORD_SERVER_URL} - chat: container_name: chat-camon image: ${NCLOUD_REGISTRY_URL}/chat-camon networks: - camon - expose: - - "3002" ports: - "3002:3002" + environment: + - CHAT_PORT=${CHAT_PORT} + - REDIS_HOST=${REDIS_HOST} + - REDIS_PORT=${REDIS_PORT} + - REDIS_CHAT=${REDIS_CHAT} + - JWT_SECRET=${JWT_SECRET} record: container_name: record-camon image: ${NCLOUD_REGISTRY_URL}/record-camon networks: - - camon + camon: + ipv4_address: 172.19.0.10 + expose: + - "3003" ports: - "3003:3003" environment: @@ -63,4 +69,7 @@ services: networks: camon: - driver: bridge \ No newline at end of file + driver: bridge + ipam: + config: + - subnet: 172.19.0.0/16 \ No newline at end of file