From f879031b6681ed579f598500615c0ee51defe1c1 Mon Sep 17 00:00:00 2001
From: ywonchae1 <ywonchae62@gmail.com>
Date: Wed, 6 Nov 2024 10:16:37 +0900
Subject: [PATCH] =?UTF-8?q?fix:=20=EB=B0=B0=ED=8F=AC=20CICD=20=ED=85=8C?=
 =?UTF-8?q?=EC=8A=A4=ED=8A=B8=20(#76)=20(KAN-131)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .github/workflows/deploy.yml | 11 -------
 scripts/docker-compose.yml   | 56 +++++++++++++++++++++++++++++++++---
 scripts/traefik.yml          | 34 ----------------------
 3 files changed, 52 insertions(+), 49 deletions(-)
 delete mode 100644 scripts/traefik.yml

diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index c5d118f2..a57166aa 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -75,16 +75,6 @@ jobs:
           path: .env
           remote_path: /home/${{ secrets.EC2_USERNAME }}/
 
-      - name: 서버로 traefik 정적 파일 전송
-        uses: burnett01/rsync-deployments@7.0.1
-        with:
-          switches: -avzr --delete
-          remote_host: ${{ secrets.EC2_HOST }}
-          remote_user: ${{ secrets.EC2_USERNAME }}
-          remote_key: ${{ secrets.EC2_PRIVATE_KEY }}
-          path: scripts/traefik.yml
-          remote_path: /home/${{ secrets.EC2_USERNAME }}/
-
       - name: 서버로 docker compose 파일 전송
         uses: burnett01/rsync-deployments@7.0.1
         with:
@@ -106,6 +96,5 @@ jobs:
           envs: IMAGE_FULL_URL, DOCKERHUB_IMAGE_NAME # docker-compose.yml 에서 사용할 환경 변수
           script: |
             echo "${{ secrets.DOCKERHUB_ACCESS_TOKEN }}" | docker login -u "${{ env.DOCKERHUB_USERNAME }}" --password-stdin
-            docker container restart traefik
             docker compose down --remove-orphans
             docker compose up --build -d
\ No newline at end of file
diff --git a/scripts/docker-compose.yml b/scripts/docker-compose.yml
index 7644b997..b0c16d49 100644
--- a/scripts/docker-compose.yml
+++ b/scripts/docker-compose.yml
@@ -1,6 +1,52 @@
-version: "3.3"
+version: "3.8"
 
 services:
+  traefik:
+    image: traefik:v3.1.4
+    command:
+      - --api.dashboard=true
+      - --log.level=INFO
+      #- --log.filepath=/var/log/traefik.log
+      - --accesslog=true
+      #- --accesslog.filepath=/var/log/traefik-access.log
+      - --providers.docker.network=proxy
+      - --providers.docker.exposedByDefault=false
+      - --entrypoints.web.address=:80
+      - --entrypoints.web.http.redirections.entrypoint.to=websecure
+      - --entryPoints.web.http.redirections.entrypoint.scheme=https
+      - --entrypoints.websecure.address=:443
+      # remove next line when using Traefik v2
+      - --entrypoints.websecure.asDefault=true
+      - --entrypoints.websecure.http.tls.certresolver=letsencrypt
+      - --certificatesresolvers.letsencrypt.acme.email=meonghanyang@gmail.com
+      - --certificatesresolvers.letsencrypt.acme.tlschallenge=true
+      - --certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json
+      - --providers.docker.network=mhn-net
+    ports:
+      - target: 443
+        published: 443
+        protocol: tcp
+        mode: host
+      - target: 80
+        published: 80
+        protocol: tcp
+        mode: host
+      - target: 8080
+        published: 8000
+        protocol: tcp
+        mode: host
+    volumes:
+      - "/var/run/docker.sock:/var/run/docker.sock"
+      - "./acme.json:/letsencrypt/acme.json"
+    labels:
+      - "traefik.http.routers.dashboard.rule=Host(`api.test-wonchae.p-e.kr`) && PathPrefix(`/dashboard`)"
+      - "traefik.http.routers.dashboard.service=api@internal"
+      - "traefik.http.routers.dashboard.middlewares=auth"
+      - "traefik.http.middlewares.auth.basicauth.users=test:$$apr1$$H6uskkkW$$IgXLP6ewTrSuBkTrqE8wj/,test2:$$apr1$$d9hr9HBB$$4HxwgUir3HP4EsggP/QNo0"
+      - "traefik.docker.network=mhn-net"
+    networks:
+      - mhn-net
+
   server:
     image: ${IMAGE_FULL_URL}
     container_name: ${DOCKERHUB_IMAGE_NAME}
@@ -13,11 +59,13 @@ services:
     volumes:
       - "./client_secret.json:/client_secret.json"
     labels:
+      - "traefik.enable=true"
+      - "traefik.http.services.server.loadbalancer.server.port=8080"
+      - "traefik.http.routers.server.entrypoints=websecure"
       - "traefik.http.routers.server.rule=Host(`api.test-wonchae.p-e.kr`)"
       - "traefik.http.routers.server.tls=true"
-      - "traefik.http.routers.server.tls.certresolver=myresolver"
-      - "traefik.http.routers.server.service=server"
-#      - "traefik.http.services.server.loadbalancer.server.port=8080"
+      - "traefik.http.routers.server.tls.certresolver=letsencrypt"
+      - "traefik.docker.network=mhn-net"
     networks:
       - mhn-net
 
diff --git a/scripts/traefik.yml b/scripts/traefik.yml
deleted file mode 100644
index 5fbde204..00000000
--- a/scripts/traefik.yml
+++ /dev/null
@@ -1,34 +0,0 @@
-## traefik.yml
-
-# Docker configuration backend
-providers:
-  docker: {}
-
-# API and dashboard configuration
-api:
-  insecure: true
-
-entryPoints:
-  web:
-    address: ":80"
-  websecure:
-    address: ":443"
-
-certificatesResolvers:
-  myresolver:
-    acme:
-      email: meonghanyang@example.com
-      storage: acme.json
-      httpChallenge:
-        # used during the challenge
-        entryPoint: web
-
-## Dynamic configuration
-http:
-  routers:
-    Router-1:
-      # won't listen to entry point web
-      entryPoints:
-        - "websecure"
-      rule: "Host(`api.test-wonchae.p-e.kr`)"
-      service: "server"
\ No newline at end of file