From 775cfbae7ec945b0997b7767f3e47728d3c034aa Mon Sep 17 00:00:00 2001 From: Soap Date: Mon, 11 Nov 2024 15:07:55 +0900 Subject: [PATCH] =?UTF-8?q?fix:=20CORS=20=EC=B2=98=EB=A6=AC=20Nginx?= =?UTF-8?q?=EB=A1=9C=20=EC=9D=B4=EB=8F=99?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- backend/resources/nginx.conf | 91 ++++++++++++++++++++++++++++++++++++ backend/src/main.ts | 3 -- 2 files changed, 91 insertions(+), 3 deletions(-) create mode 100644 backend/resources/nginx.conf diff --git a/backend/resources/nginx.conf b/backend/resources/nginx.conf new file mode 100644 index 00000000..13be93c5 --- /dev/null +++ b/backend/resources/nginx.conf @@ -0,0 +1,91 @@ +events { } + +http { + root /usr/share/nginx/html/frontend/dist; + include /etc/nginx/mime.types; + + # HTTP 요청을 HTTPS로 리디렉션 + server { + listen 80; + server_name api.dailyroad.site dailyroad.site; + + location / { + return 301 https://$host$request_uri; + } + } + + server { + listen 443 ssl; + server_name dailyroad.site www.dailyroad.site; + + ssl_certificate /etc/letsencrypt/live/dailyroad.site/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/dailyroad.site/privkey.pem; + + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + + location / { + try_files $uri $uri/ /index.html =404; + } + + # NestJS API 요청 처리 (추후논의) + location /api/ { + rewrite ^/api/(.*) /$1 break; + proxy_pass http://localhost:8080; + + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-Prefix /api; + proxy_set_header X-Forwarded-Host $http_x_forwarded_host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-NginX-Proxy true; + proxy_set_header X-Forwarded-Proto $scheme; + + proxy_pass_request_body on; + proxy_method $request_method; + } + } + + # API 서브도메인 + server { + listen 443 ssl; + server_name api.dailyroad.site; + + ssl_certificate /etc/letsencrypt/live/dailyroad.site/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/dailyroad.site/privkey.pem; + + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + + # CORS + location / { + set $cors_origin ""; + if ($http_origin ~* "^https?://(localhost:5173|dailyroad\.site|api\.dailyroad\.site)$") { + set $cors_origin $http_origin; + } + + add_header 'Access-Control-Allow-Origin' $cors_origin always; + add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, PATCH, OPTIONS' always; + add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization' always; + add_header 'Access-Control-Allow-Credentials' 'true' always; + + + if ($request_method = 'OPTIONS') { + add_header 'Access-Control-Allow-Origin' $cors_origin always; + add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, PATCH, OPTIONS' always; + add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization' always; + add_header 'Access-Control-Allow-Credentials' 'true' always; + add_header 'Content-Length' 0 always; + return 204; + } + + # NestJS 프록시 + proxy_pass http://localhost:8080; + + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + } +} diff --git a/backend/src/main.ts b/backend/src/main.ts index b64a9c8f..c00eefb0 100644 --- a/backend/src/main.ts +++ b/backend/src/main.ts @@ -7,9 +7,6 @@ async function bootstrap() { const app = await NestFactory.create(AppModule); app.useGlobalFilters(new GlobalExceptionFilter()); app.useGlobalPipes(new ValidationPipe({ transform: true })); - app.enableCors({ - origin: 'http://localhost:5173', - }); await app.listen(8080); }