boostcampwm2025 · SnailW · Mar 4, 2026 · Mar 4, 2026 · Mar 4, 2026 · Mar 4, 2026
diff --git a/docker-compose.webserver.yml b/docker-compose.webserver.yml
@@ -2,6 +2,8 @@ services:
   frontend:
     image: ${FRONTEND_IMAGE:-ghcr.io/boostcampwm2025/web15-ipconfig/frontend:latest}
     container_name: web15-ipconfig-frontend
+    environment:
+      - WAS_HOST=${WAS_HOST:-backend}
     ports:
       - '80:80'
       - '443:443'

diff --git a/dockerfile.prod b/dockerfile.prod
@@ -33,8 +33,8 @@ FROM nginx:alpine AS frontend-prod
 # Vite 빌드 결과를 nginx 정적 루트로 복사
 COPY --from=frontend-build /app/frontend/dist /usr/share/nginx/html
 
-# nginx 설정 파일 복사
-COPY nginx/nginx.conf /etc/nginx/conf.d/default.conf
+# nginx 설정 템플릿 복사 (컨테이너 시작 시 envsubst로 환경변수 치환)
+COPY nginx/nginx.conf.template /etc/nginx/templates/default.conf.template
 
 EXPOSE 80
 CMD ["nginx", "-g", "daemon off;"]

diff --git a/nginx/nginx.conf → nginx/nginx.conf.template b/nginx/nginx.conf → nginx/nginx.conf.template
@@ -1,81 +1,68 @@
-server {
-  listen 80;
-  server_name teamconfig.work;
-
-  # Gzip 압축 설정
-  gzip on;
-  gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
-  gzip_min_length 1000;
-
-  # 보안 헤더 설정
-  add_header X-Frame-Options "SAMEORIGIN";
-  add_header X-Content-Type-Options "nosniff";
-  add_header X-XSS-Protection "1; mode=block";
-
-  # 클라이언트 요청 크기 제한 (이미지 업로드 고려, 10MB)
-  client_max_body_size 10M;
-
-  location /.well-known/acme-challenge/ {
-      root /var/www/certbot;
-  }
-
-  location / {
-      return 301 https://$host$request_uri;
-  }
-}
-
-server {
-  listen 443 ssl;
-  server_name teamconfig.work;
-
-  # Gzip 압축 설정
-  gzip on;
-  gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
-  gzip_min_length 1000;
-
-  # 보안 헤더 설정
-  add_header X-Frame-Options "SAMEORIGIN";
-  add_header X-Content-Type-Options "nosniff";
-  add_header X-XSS-Protection "1; mode=block";
-
-  # 클라이언트 요청 크기 제한 (이미지 업로드 고려, 10MB)
-  client_max_body_size 10M;
-
-  ssl_certificate /etc/letsencrypt/live/teamconfig.work/fullchain.pem;
-  ssl_certificate_key /etc/letsencrypt/live/teamconfig.work/privkey.pem;
-
-  ssl_protocols TLSv1.2 TLSv1.3;
-  ssl_ciphers HIGH:!aNULL:!MD5;
-
-  root /usr/share/nginx/html;
-  index index.html;
-
-  # API 요청을 백엔드로 프록시
-  location /api/ {
-    proxy_pass http://backend:3000;
-    proxy_http_version 1.1;
-    proxy_set_header Upgrade $http_upgrade;
-    proxy_set_header Connection 'upgrade';
-    proxy_set_header Host $host;
-    proxy_set_header X-Real-IP $remote_addr;
-    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-    proxy_cache_bypass $http_upgrade;
-  }
-
-  # WebSocket 연결을 백엔드로 프록시
-  location /collaboration {
-    proxy_pass http://backend:3000;
-    proxy_http_version 1.1;
-    proxy_set_header Upgrade $http_upgrade;
-    proxy_set_header Connection "upgrade";
-    proxy_set_header Host $host;
-    proxy_set_header X-Real-IP $remote_addr;
-    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-    proxy_cache_bypass $http_upgrade;
-  }
-
-  # 정적 파일 서빙
-  location / {
-    try_files $uri $uri/ /index.html;
-  }
-}
+server {
+  listen 80;
+  server_name teamconfig.work;
+
+  location /.well-known/acme-challenge/ {
+      root /var/www/certbot;
+  }
+
+  location / {
+      return 301 https://$host$request_uri;
+  }
+}
+
+server {
+  listen 443 ssl;
+  server_name teamconfig.work;
+
+  # Gzip 압축 설정
+  gzip on;
+  gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
+  gzip_min_length 1000;
+
+  # 보안 헤더 설정
+  add_header X-Frame-Options "SAMEORIGIN";
+  add_header X-Content-Type-Options "nosniff";
+  add_header X-XSS-Protection "1; mode=block";
+
+  # 클라이언트 요청 크기 제한 (이미지 업로드 고려, 10MB)
+  client_max_body_size 10M;
+
+  ssl_certificate /etc/letsencrypt/live/teamconfig.work/fullchain.pem;
+  ssl_certificate_key /etc/letsencrypt/live/teamconfig.work/privkey.pem;
+
+  ssl_protocols TLSv1.2 TLSv1.3;
+  ssl_ciphers HIGH:!aNULL:!MD5;
+
+  root /usr/share/nginx/html;
+  index index.html;
+
+  # API 요청을 백엔드로 프록시
+  location /api/ {
+    proxy_pass http://${WAS_HOST}:3000;
+    proxy_http_version 1.1;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection 'upgrade';
+    proxy_set_header Host $host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_cache_bypass $http_upgrade;
+  }
+
+  # WebSocket 연결을 백엔드로 프록시
+  location /collaboration {
+    proxy_pass http://${WAS_HOST}:3000;
+    proxy_http_version 1.1;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection "upgrade";
+    proxy_set_header Host $host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_cache_bypass $http_upgrade;
+  }
+
+  # 정적 파일 서빙
+  location / {
+    try_files $uri $uri/ /index.html;
+  }
+}