Merge pull request #56 from SWM-FIRE/dev-https

new feature: https without loadbalancer👍

.github/workflows/main.yml

@@ -0,0 +1,55 @@
+name: Deploy using AWS Code Deploy
+
+on:
+  push:
+    branches: ['main']
+  workflow_dispatch:
+
+# These permissions are needed to interact with GitHub's OIDC Token endpoint.
+permissions:
+  id-token: write
+  contents: read
+jobs:
+  deploy:
+    runs-on: ubuntu-22.04
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - uses: actions/setup-node@v3
+        with:
+          node-version-file: '.nvmrc'
+          cache: yarn
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v2
+        with:
+          role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
+          aws-region: ${{ secrets.AWS_REGION }}
+
+      - name: Clean Install Dependencies
+        run: yarn ci
+
+      - name: Get Credentials
+        run: |
+          aws s3 cp --region ${{ secrets.AWS_REGION }} s3://${{ secrets.SERVER_SECRETS }} .
+          aws s3 cp --region ${{ secrets.AWS_REGION }} s3://${{ secrets.NEWRELIC_LICENSE }} ./src/
+
+      - name: Build
+        run: yarn build
+        env:
+          ENV: production
+
+      - name: Compress artifact
+        run: |
+          zip -r ./$GITHUB_SHA.zip . -x "node_modules/*" ".test.env" "src/*" "test/*" "README.md" "*.git*" "dockers/*" && rm -rf src/*
+        shell: bash
+
+      - name: Upload artifact
+        run: |
+          aws s3 cp --region ${{ secrets.AWS_REGION }} ./$GITHUB_SHA.zip s3://${{ secrets.BUCKET_NAME }}/${{ secrets.PROJECT_NAME }}/$GITHUB_SHA.zip
+
+      - name: Deploy
+        run: |
+          aws deploy create-deployment --application-name ${{ secrets.AWS_CODEDEPLOY_APPLICATION_NAME }} --deployment-config-name CodeDeployDefault.AllAtOnce --deployment-group-name ${{ secrets.AWS_CODEDEPLOY_DEPLOYMENT_GROUP_NAME }} --s3-location bucket=${{ secrets.BUCKET_NAME }},bundleType=zip,key=${{ secrets.PROJECT_NAME }}/$GITHUB_SHA.zip

README.md

@@ -1,9 +1,10 @@
 # Modoco Backend
 
 Modoco Backend Server
- - `Socket.IO Server` with Redis Adapter
- - `HTTP API Server` documented with Swagger
-
+
+- `Socket.IO Server` with Redis Adapter
+- `HTTP API Server` documented with Swagger
+
 Issue is tracked with JIRA
 
 ## API Documentation
@@ -12,6 +13,13 @@ Issue is tracked with JIRA
 
 ## (Required) Project settings
 
+### certificate
+
+`/secrets`에 private key와 certificate 파일(`key.pem`, `cert.pem`)을 넣어줍니다.
+필요 없으면 `main.ts`의 createServer 함수를 수정해주세요.
+
+### .env
+
 먼저 `.env`파일을 아래의 양식을 참고해서 만듭니다. 프로젝트 루트 디렉터리 아래에 넣어야 합니다.
 
 별도로 서버를 띄우지 않더라도 간편하게 Docker로 띄워서 바로 modoco-backend를 실행할 수 있도록 스크립트를 구성해두었습니다.
@@ -194,6 +202,7 @@ yarn prisma generate
 ```
 
 ### Sponsor
+
 </details>
 
 <p align="center"><i>This Project is Sponsored by <b>Software Maestro</b></i></p>

app.json

@@ -0,0 +1,13 @@
+{
+  "apps": [
+    {
+      "name": "modoco-backend",
+      "script": "dist/main.js",
+      "instances": 1,
+      "exec_mode": "cluster",
+      "env": {
+        "ENV": "production"
+      }
+    }
+  ]
+}

appspec.yml

@@ -0,0 +1,15 @@
+version: 0.0
+os: linux
+files:
+  - source: /
+    destination: /home/ubuntu/modoco-backend
+    overwrite: true
+hooks:
+  AfterInstall:
+    - location: scripts/start_server.sh
+      timeout: 300
+      runas: root
+  ApplicationStop:
+    - location: scripts/stop_server.sh
+      timeout: 300
+      runas: root

package.json

@@ -30,6 +30,10 @@
     "start:debug": "nest start --debug --watch",
     "start:prod": "node dist/main",
     "start:repl": "yarn start:dev --entryFile repl",
+    "pm2:deploy": "yarn ci && pm2 start app.json",
+    "pm2:start": "pm2 start app.json",
+    "pm2:stop": "pm2 stop app.json",
+    "pm2:destroy": "pm2 delete app.json",
     "deploy": "yarn ci && yarn build && yarn start:prod",
     "lint": "eslint \"{src,apps,libs,test}/**/*.ts\" --fix",
     "test": "jest",

scripts/start_server.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+
+REPOSITORY=/home/ubuntu/modoco-backend
+
+cd $REPOSITORY
+
+yarn pm2:deploy

scripts/stop_server.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+
+REPOSITORY=/home/ubuntu/modoco-backend
+
+cd $REPOSITORY
+
+yarn pm2:stop

src/config/environment-config.ts

@@ -22,8 +22,6 @@ export default () => ({
   CORS_ALLOWLIST: [
     'https://modocode.com',
     /https:\/\/.+\.modocode\.com$/,
-    'https://xn--hq1br4kwqt.com',
-    /https:\/\/.+\.xn--hq1br4kwqt\.com$/,
     /https:\/\/.+\.do65qrifiozf1\.amplifyapp\.com$/,
     'http://localhost:3000',
     'https://localhost:3000',

src/main.ts

@@ -5,17 +5,22 @@ import { AppModule } from './app.module';
 import { Logger, ValidationPipe } from '@nestjs/common';
 import { NewrelicInterceptor } from './interceptors/newrelic.interceptor';
 import { ConfigService } from '@nestjs/config';
-import helmet from 'helmet';
 import { SwaggerModule } from '@nestjs/swagger';
 import { AuthService } from './auth/auth.service';
 import { ShutdownService } from './services/shutdown.service';
+import { readFileSync } from 'fs';
+import helmet from 'helmet';
 
 /**
  * bootstrap server
  */
 async function bootstrap() {
   // create express application
-  const app = await createServer();
+  const app = await createServer({
+    key: readFileSync(process.env.KEY_PATH),
+    cert: readFileSync(process.env.CERT_PATH),
+    ca: process.env.CA_PATH ? readFileSync(process.env.CA_PATH) : null,
+  });
 
   // get config service
   const configService = app.get(ConfigService);
@@ -35,8 +40,10 @@ async function bootstrap() {
  * Create nestExpressApplication application
  * @returns {Promise<NestExpressApplication>} NestExpressApplication app
  */
-async function createServer(): Promise<NestExpressApplication> {
-  return await NestFactory.create<NestExpressApplication>(AppModule);
+async function createServer(httpsOptions): Promise<NestExpressApplication> {
+  return await NestFactory.create<NestExpressApplication>(AppModule, {
+    httpsOptions,
+  });
 }
 
 /**