diff --git a/deploy/onpremise/docker-compose.yml b/deploy/onpremise/docker-compose.yml index f913384b..336fd453 100644 --- a/deploy/onpremise/docker-compose.yml +++ b/deploy/onpremise/docker-compose.yml @@ -1,7 +1,5 @@ # Vexplor 온프레미스(공장) 배포용 Docker Compose -# 사용법: docker-compose up -d - -version: '3.8' +# 사용법: docker compose up -d services: # ============================================ @@ -33,7 +31,7 @@ services: # 2. 백엔드 API (Node.js) # ============================================ backend: - image: harbor.wace.me/vexplor/vexplor-backend:${IMAGE_TAG:-latest} + image: harbor.wace.me/speefox_vexplor/vexplor-backend:${IMAGE_TAG:-latest} container_name: vexplor-backend environment: NODE_ENV: production @@ -49,6 +47,8 @@ services: # JWT JWT_SECRET: ${JWT_SECRET:?JWT_SECRET is required} JWT_EXPIRES_IN: ${JWT_EXPIRES_IN:-24h} + # 암호화 키 (메일 등 민감정보 암호화용) + ENCRYPTION_KEY: ${ENCRYPTION_KEY:-vexplor-encryption-key-32characters-secure} # 회사 코드 (온프레미스는 단일 회사) DEFAULT_COMPANY_CODE: ${COMPANY_CODE:-SPIFOX} # 로깅 @@ -78,7 +78,7 @@ services: # 3. 프론트엔드 (Next.js) # ============================================ frontend: - image: harbor.wace.me/vexplor/vexplor-frontend:${IMAGE_TAG:-latest} + image: harbor.wace.me/speefox_vexplor/vexplor-frontend:${IMAGE_TAG:-latest} container_name: vexplor-frontend environment: NODE_ENV: production @@ -111,6 +111,7 @@ services: container_name: vexplor-watchtower environment: TZ: Asia/Seoul + DOCKER_API_VERSION: "1.44" # Harbor 레지스트리 인증 REPO_USER: ${HARBOR_USER} REPO_PASS: ${HARBOR_PASSWORD} diff --git a/deploy/onpremise/scripts/server-setup.sh b/deploy/onpremise/scripts/server-setup.sh new file mode 100644 index 00000000..fa20a85f --- /dev/null +++ b/deploy/onpremise/scripts/server-setup.sh @@ -0,0 +1,130 @@ +#!/bin/bash +# ============================================ +# Vexplor 온프레미스 서버 초기 설정 스크립트 +# 스피폭스 공장 서버용 +# ============================================ +# 사용법: sudo bash server-setup.sh + +set -e + +# 색상 정의 +RED='\033[0;31m' +GREEN='\033[0;32m' +YELLOW='\033[1;33m' +NC='\033[0m' + +echo "" +echo "==========================================" +echo " Vexplor 서버 초기 설정" +echo "==========================================" +echo "" + +# root 권한 확인 +if [ "$EUID" -ne 0 ]; then + echo -e "${RED}이 스크립트는 root 권한이 필요합니다.${NC}" + echo "다음 명령어로 실행하세요: sudo bash server-setup.sh" + exit 1 +fi + +# ============================================ +# 1. Docker 설치 +# ============================================ +echo -e "${YELLOW}[1/5] Docker 설치 중...${NC}" + +# 기존 Docker 제거 +apt-get remove -y docker docker-engine docker.io containerd runc 2>/dev/null || true + +# 필수 패키지 설치 +apt-get update +apt-get install -y ca-certificates curl gnupg + +# Docker GPG 키 추가 +install -m 0755 -d /etc/apt/keyrings +curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg +chmod a+r /etc/apt/keyrings/docker.gpg + +# Docker 저장소 추가 +echo \ + "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \ + $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \ + tee /etc/apt/sources.list.d/docker.list > /dev/null + +# Docker 설치 +apt-get update +apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin + +echo -e "${GREEN}Docker 설치 완료!${NC}" +docker --version +docker compose version + +# ============================================ +# 2. 사용자를 docker 그룹에 추가 +# ============================================ +echo "" +echo -e "${YELLOW}[2/5] 사용자 권한 설정...${NC}" + +# wace 사용자를 docker 그룹에 추가 +usermod -aG docker wace + +echo -e "${GREEN}wace 사용자를 docker 그룹에 추가했습니다.${NC}" + +# ============================================ +# 3. Vexplor 디렉토리 생성 +# ============================================ +echo "" +echo -e "${YELLOW}[3/5] Vexplor 디렉토리 생성...${NC}" + +mkdir -p /opt/vexplor +chown wace:wace /opt/vexplor + +echo -e "${GREEN}/opt/vexplor 디렉토리 생성 완료!${NC}" + +# ============================================ +# 4. Docker 서비스 시작 및 자동 시작 설정 +# ============================================ +echo "" +echo -e "${YELLOW}[4/5] Docker 서비스 설정...${NC}" + +systemctl start docker +systemctl enable docker + +echo -e "${GREEN}Docker 서비스 활성화 완료!${NC}" + +# ============================================ +# 5. 방화벽 설정 (필요시) +# ============================================ +echo "" +echo -e "${YELLOW}[5/5] 방화벽 설정 확인...${NC}" + +if command -v ufw &> /dev/null; then + ufw status + echo "" + echo "필요시 다음 포트를 개방하세요:" + echo " sudo ufw allow 80/tcp # 웹 서비스" + echo " sudo ufw allow 3001/tcp # 백엔드 API" +else + echo "ufw가 설치되어 있지 않습니다. (방화벽 설정 스킵)" +fi + +# ============================================ +# 완료 +# ============================================ +echo "" +echo "==========================================" +echo -e "${GREEN} 서버 초기 설정 완료!${NC}" +echo "==========================================" +echo "" +echo "다음 단계:" +echo " 1. 로그아웃 후 다시 로그인 (docker 그룹 적용)" +echo " exit" +echo " ssh -p 22 wace@112.168.212.142" +echo "" +echo " 2. Docker 동작 확인" +echo " docker ps" +echo "" +echo " 3. Vexplor 배포 진행" +echo " cd /opt/vexplor" +echo " # docker-compose.yml 및 .env 파일 복사 후" +echo " docker compose up -d" +echo "" +