Merge remote-tracking branch 'origin/dev' into feat/96

Author: loseminho

.github/workflows/backend-ci.yml

@@ -24,6 +24,10 @@ jobs:
           distribution: 'temurin'   # Eclipse Temurin JDK
           java-version: '21'        # Gradle build.gradle toolchain에 맞춤
 
+      # .env 파일 생성
+      - name: Create .env file
+        run: echo "${{ secrets.DOT_ENV }}" > .env
+
       # Build (테스트 제외)
       - name: Build project
         run: ./gradlew clean build -x test

.gitignore

@@ -46,4 +46,5 @@ db_dev.trace.db
 /infra/terraform/.terraform
 /infra/terraform/.terraform.lock.hcl
 /infra/terraform/terraform.tfstate
-/infra/terraform/terraform.tfstate.backup
+/infra/terraform/terraform.tfstate.backup
+/infra/terraform/secrets.tf

build.gradle.kts

@@ -64,6 +64,8 @@ dependencies {
     // Test
     testImplementation("org.springframework.boot:spring-boot-starter-test")
     testImplementation("org.springframework.security:spring-security-test")
+    testImplementation("org.testcontainers:testcontainers:1.19.3")
+    testImplementation("org.testcontainers:junit-jupiter:1.19.3")
     testRuntimeOnly("org.junit.platform:junit-platform-launcher")
 
     // Redis

infra/terraform/main.tf

@@ -19,7 +19,9 @@ resource "aws_vpc" "vpc_1" {
   enable_dns_hostnames = true
 
   tags = {
-    Name = "team5-vpc-1"
+    Key   = "TEAM"
+    Value = "devcos-team05"
+    Name  = "team5-vpc-1"
   }
 }
 
@@ -31,7 +33,9 @@ resource "aws_subnet" "subnet_1" {
   map_public_ip_on_launch = true # 퍼블릭 IP 자동 할당
 
   tags = {
-    Name = "team5-subnet-1-public"
+    Key   = "TEAM"
+    Value = "devcos-team05"
+    Name  = "team5-subnet-1-public"
   }
 }
 
@@ -42,7 +46,9 @@ resource "aws_subnet" "subnet_2" {
   availability_zone = "ap-northeast-2a"
 
   tags = {
-    Name = "team5-subnet-2-private"
+    Key   = "TEAM"
+    Value = "devcos-team05"
+    Name  = "team5-subnet-2-private"
   }
 }
 
@@ -53,7 +59,9 @@ resource "aws_subnet" "subnet_3" {
   availability_zone = "ap-northeast-2b"
 
   tags = {
-    Name = "team5-subnet-3-private"
+    Key   = "TEAM"
+    Value = "devcos-team05"
+    Name  = "team5-subnet-3-private"
   }
 }
 
@@ -62,7 +70,9 @@ resource "aws_internet_gateway" "igw_1" {
   vpc_id = aws_vpc.vpc_1.id
 
   tags = {
-    Name = "team5-igw-1"
+    Key   = "TEAM"
+    Value = "devcos-team05"
+    Name  = "team5-igw-1"
   }
 }
 
@@ -77,7 +87,9 @@ resource "aws_route_table" "rt_1" {
   }
 
   tags = {
-    Name = "team5-rt-1"
+    Key   = "TEAM"
+    Value = "devcos-team05"
+    Name  = "team5-rt-1"
   }
 }
 
@@ -104,8 +116,14 @@ resource "aws_route_table_association" "association_3" {
 }
 
 resource "aws_security_group" "sg_1" {
-  name        = "team5-sg-1"
-  vpc_id      = aws_vpc.vpc_1.id
+  name   = "team5-sg-1"
+  vpc_id = aws_vpc.vpc_1.id
+
+  tags = {
+    Key   = "TEAM"
+    Value = "devcos-team05"
+    Name  = "team5-sg-1"
+  }
 
   ingress {
     from_port   = 0
@@ -124,7 +142,11 @@ resource "aws_security_group" "sg_1" {
 
 # EC2 역할 생성
 resource "aws_iam_role" "ec2_role_1" {
-  name = "team5-ec2-role-1"
+  tags = {
+    Key   = "TEAM"
+    Value = "devcos-team05"
+    Name  = "team5-ec2-role-1"
+  }
 
   # 이 역할에 대한 신뢰 정책 설정. EC2 서비스가 이 역할을 가정할 수 있도록 설정
   assume_role_policy = <<EOF
@@ -152,26 +174,62 @@ resource "aws_iam_role_policy_attachment" "ec2_ssm" {
 
 # IAM 인스턴스 프로파일 생성
 resource "aws_iam_instance_profile" "instance_profile_1" {
-  name = "team5-instance-profile-1"
+  tags = {
+    Key   = "TEAM"
+    Value = "devcos-team05"
+    Name  = "team5-instance-profile-1"
+  }
+
   role = aws_iam_role.ec2_role_1.name
 }
 
 # EC2 실행마다 적용할 작업
 locals {
   ec2_user_data_base = <<-END_OF_FILE
 #!/bin/bash
-yum install docker -y
-systemctl enable docker
-systemctl start docker
-
-yum install git -y
-
+# 가상 메모리 4GB 설정
 sudo dd if=/dev/zero of=/swapfile bs=128M count=32
 sudo chmod 600 /swapfile
 sudo mkswap /swapfile
 sudo swapon /swapfile
 sudo sh -c 'echo "/swapfile swap swap defaults 0 0" >> /etc/fstab'
 
+# git 설치
+yum install git -y
+
+#도커 설치 및 실행/활성화
+yum install docker -y
+systemctl enable docker
+systemctl start docker
+
+# 도커 네트워크 생성
+docker network create common
+
+# redis 설치
+docker run -d \
+  --name redis_1 \
+  --network common \
+  -p 6379:6379 \
+  -e TZ=Asia/Seoul \
+  -v /dockerProjects/redis_1/volumes/data:/data \
+  redis --requirepass ${var.password_1}
+
+# NginX 설치
+docker run -d \
+  --name npm_1 \
+  --restart unless-stopped \
+  --network common \
+  -p 80:80 \
+  -p 443:443 \
+  -p 81:81 \
+  -e TZ=Asia/Seoul \
+  -e [email protected] \
+  -e INITIAL_ADMIN_PASSWORD=${var.password_1} \
+  -v /dockerProjects/npm_1/volumes/data:/data \
+  -v /dockerProjects/npm_1/volumes/etc/letsencrypt:/etc/letsencrypt \
+  jc21/nginx-proxy-manager:latest
+
+
 END_OF_FILE
 }
 
@@ -189,7 +247,9 @@ resource "aws_instance" "ec2_1" {
   iam_instance_profile = aws_iam_instance_profile.instance_profile_1.name
 
   tags = {
-    Name = "team5-ec2-1"
+    Key   = "TEAM"
+    Value = "devcos-team05"
+    Name  = "team5-ec2-1"
   }
 
   # 루트 불륨 설정
@@ -211,9 +271,9 @@ resource "aws_security_group" "rds_sg_1" {
   vpc_id      = aws_vpc.vpc_1.id
 
   ingress {
-    from_port       = 3306
-    to_port         = 3306
-    protocol        = "tcp"
+    from_port   = 3306
+    to_port     = 3306
+    protocol    = "tcp"
     cidr_blocks = ["0.0.0.0/0"]
   }
 
@@ -225,7 +285,9 @@ resource "aws_security_group" "rds_sg_1" {
   }
 
   tags = {
-    Name = "team5-rds-sg-1"
+    Key   = "TEAM"
+    Value = "devcos-team05"
+    Name  = "team5-rds-sg-1"
   }
 }
 
@@ -235,7 +297,9 @@ resource "aws_db_subnet_group" "db_subnet_group" {
   subnet_ids = [aws_subnet.subnet_2.id, aws_subnet.subnet_3.id]
 
   tags = {
-    Name = "team5-db-subnet-group"
+    Key   = "TEAM"
+    Value = "devcos-team05"
+    Name  = "team5-db-subnet-group"
   }
 }
 
@@ -260,10 +324,12 @@ resource "aws_db_instance" "mysql" {
   # 자동 백업 보관 기간
   backup_retention_period = 1
 
-  # 삭제 시 최종 스냅샷 생성 여부 (개발용은 true, 운영은 false 권장)
+  # 삭제 시 최종 스냅샷 생성 여부
   skip_final_snapshot = true
 
   tags = {
-    Name = "team5-rds-mysql"
+    Key   = "TEAM"
+    Value = "devcos-team05"
+    Name  = "team5-mysql"
   }
 }

src/main/java/com/back/global/config/EmbeddedRedisConfig.java

@@ -1,5 +1,8 @@
 package com.back.global.config;
 
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.SerializationFeature;
+import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.data.redis.connection.RedisConnectionFactory;
@@ -13,24 +16,25 @@
 @Configuration
 public class RedisConfig {
 
-    /**
-     * RedisTemplate 설정
-     * - Key: String
-     * - Value: JSON (Jackson)
-     */
     @Bean
     public RedisTemplate<String, Object> redisTemplate(RedisConnectionFactory connectionFactory) {
         RedisTemplate<String, Object> template = new RedisTemplate<>();
         template.setConnectionFactory(connectionFactory);
 
-        // Key: String
+        // ObjectMapper 설정
+        ObjectMapper objectMapper = new ObjectMapper();
+        objectMapper.registerModule(new JavaTimeModule());
+        objectMapper.disable(SerializationFeature.WRITE_DATES_AS_TIMESTAMPS);
+
+        // Jackson2JsonRedisSerializer 사용
+        Jackson2JsonRedisSerializer<Object> serializer =
+                new Jackson2JsonRedisSerializer<>(objectMapper, Object.class);
+
         template.setKeySerializer(new StringRedisSerializer());
         template.setHashKeySerializer(new StringRedisSerializer());
-
-        // Value: JSON
-        template.setValueSerializer(new Jackson2JsonRedisSerializer<>(Object.class));
-        template.setHashValueSerializer(new Jackson2JsonRedisSerializer<>(Object.class));
+        template.setValueSerializer(serializer);
+        template.setHashValueSerializer(serializer);
 
         return template;
     }
-}
+}

src/main/java/com/back/global/config/RedisConfig.java

@@ -36,7 +36,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                 .authorizeHttpRequests(
                         auth -> auth
                                 .requestMatchers("/api/auth/**", "/oauth2/**", "/login/oauth2/**").permitAll()
-                                .requestMatchers("/api/ws/**").permitAll()
+                                .requestMatchers("api/ws/**", "/ws/**").permitAll()
                                 .requestMatchers("/api/rooms/*/messages/**").permitAll()  //스터디 룸 내에 잡혀있어 있는 채팅 관련 전체 허용
                                 //.requestMatchers("/api/rooms/RoomChatApiControllerTest").permitAll() // 테스트용 임시 허용
                                 .requestMatchers("/","/swagger-ui/**", "/v3/api-docs/**").permitAll() // Swagger 허용