Feat: migrate to on-premise sever (#312)

* Feat: add cicd branch for test

* Feat: Migrate static file storage to Cloudflare R2

* Fix: change to using ssh password

* Fix: change docker build to arm64 platform

* Fix: add docker auto restart option

* Feat: Add Docker network config for on-premise Redis

* Fix: change log level in dev env

Author: SolfE

.github/workflows/dev-deploy.yml

@@ -2,7 +2,7 @@ name: Dev Deployment
 
 on:
   push:
-    branches: [ develop, feat/enhance-recommendation ]
+    branches: [ develop, feat/migrate-on-premise ]
 
 jobs:
   build:
@@ -30,7 +30,7 @@ jobs:
           password: ${{ secrets.DOCKER_PASSWORD }}
 
       - name: Build Docker image
-        run: docker build -t devsolfe/server:latest .
+        run: docker buildx build --platform linux/arm64 -t devsolfe/server:latest .
 
       - name: Push Docker image to Docker Hub
         run: docker push devsolfe/server:latest
@@ -47,7 +47,7 @@ jobs:
         with:
           host: ${{ secrets.SERVER_HOST }}
           username: ${{ secrets.SSH_USERNAME }}
-          key: ${{ secrets.SSH_KEY }}
+          password: ${{ secrets.SSH_KEY }}
           port: ${{ secrets.PORT }}
           script: |
             docker pull devsolfe/server:latest
@@ -63,15 +63,20 @@ jobs:
             
             docker run -d \
               --name server \
+              --restart unless-stopped \
+              --network npm_nginx-proxy \
               -e SPRING_PROFILES_ACTIVE=dev \
               -e 'SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }}' \
               -e SENTRY_DSN=${{ vars.SENTRY_DSN }} \
               -e 'MONGODB_URI_DEV=${{ secrets.MONGODB_URI_DEV }}' \
               -e MONGODB_DATABASE_DEV=${{ secrets.MONGODB_DATABASE_DEV }} \
               -e S3_REGION=${{ secrets.S3_REGION }} \
-              -e S3_STATIC_NAME=${{ secrets.S3_STATIC_NAME }} \
               -e S3_AI_INPUT_NAME=${{ vars.S3_AI_INPUT_NAME }} \
               -e S3_AI_OUTPUT_NAME=${{ vars.S3_AI_OUTPUT_NAME }} \
+              -e CF_R2_ENDPOINT=${{ vars.CF_R2_ENDPOINT }} \
+              -e CF_R2_ACCESS_KEY=${{ secrets.CF_R2_ACCESS_KEY }} \
+              -e CF_R2_SECRET_KEY=${{ secrets.CF_R2_SECRET_KEY }} \
+              -e CF_R2_STATIC_BUCKET=${{ vars.CF_R2_STATIC_BUCKET }} \
               -e IMPORT_API_KEY=${{ secrets.IMPORT_API_KEY }} \
               -e AWS_ACCESS_KEY=${{ secrets.AWS_ACCESS_KEY }} \
               -e AWS_SECRET_KEY=${{ secrets.AWS_SECRET_KEY }} \
@@ -81,7 +86,7 @@ jobs:
               -e FIREBASE_CONFIG_BASE64=${{ secrets.FIREBASE_CONFIG_BASE64 }} \
               -e SWAGGER_USERNAME=${{ secrets.SWAGGER_USERNAME }} \
               -e SWAGGER_PASSWORD=${{ secrets.SWAGGER_PASSWORD }} \
-              -p 80:8080 \
+              -p 8080:8080 \
               devsolfe/server
             
             docker image prune -f

.github/workflows/prod-deploy.yml

@@ -20,7 +20,7 @@
 import java.util.Optional;
 
 @Component
-@Profile({"dev", "local"})
+@Profile({"local"})
 public class TestAuthFilter extends OncePerRequestFilter {
 
     private final UserRepository userRepository;

src/main/java/com/linglevel/api/auth/filter/TestAuthFilter.java

@@ -8,9 +8,12 @@
 import software.amazon.awssdk.regions.Region;
 import software.amazon.awssdk.services.s3.S3Client;
 
+import java.net.URI;
+
 @Configuration
 public class S3Config {
 
+    // AWS S3 Configuration (for AI buckets)
     @Value("${aws.s3.region}")
     private String region;
 
@@ -20,23 +23,51 @@ public class S3Config {
     @Value("${aws.secret-key}")
     private String secretKey;
 
-    @Value("${aws.s3.static.bucket}")
-    private String staticBucketName;
-
     @Value("${aws.s3.ai.input.bucket}")
     private String aiInputBucketName;
 
     @Value("${aws.s3.ai.output.bucket}")
     private String aiOutputBucketName;
 
+    // Cloudflare R2 Configuration (for Static files)
+    @Value("${cf.r2.endpoint}")
+    private String r2Endpoint;
+
+    @Value("${cf.r2.access-key}")
+    private String r2AccessKey;
+
+    @Value("${cf.r2.secret-key}")
+    private String r2SecretKey;
+
+    @Value("${cf.r2.static.bucket}")
+    private String r2StaticBucketName;
+
+    /**
+     * AWS S3 클라이언트 (AI Input/Output 버킷용)
+     */
     @Bean("s3AiClient")
     public S3Client s3AiClient() {
-        return createS3Client();
+        AwsBasicCredentials credentials = AwsBasicCredentials.create(accessKey, secretKey);
+
+        return S3Client.builder()
+                .region(Region.of(region))
+                .credentialsProvider(StaticCredentialsProvider.create(credentials))
+                .build();
     }
 
+    /**
+     * Cloudflare R2 클라이언트 (Static 파일용)
+     * R2는 S3 호환 API를 제공하므로 endpoint만 변경하면 됩니다.
+     */
     @Bean("s3StaticClient")
     public S3Client s3StaticClient() {
-        return createS3Client();
+        AwsBasicCredentials credentials = AwsBasicCredentials.create(r2AccessKey, r2SecretKey);
+
+        return S3Client.builder()
+                .endpointOverride(URI.create(r2Endpoint))
+                .region(Region.of("auto")) // R2는 auto region 사용
+                .credentialsProvider(StaticCredentialsProvider.create(credentials))
+                .build();
     }
 
     @Bean("aiInputBucketName")
@@ -51,15 +82,6 @@ public String aiOutputBucketName() {
 
     @Bean("staticBucketName")
     public String staticBucketName() {
-        return staticBucketName;
-    }
-
-    private S3Client createS3Client() {
-        AwsBasicCredentials credentials = AwsBasicCredentials.create(accessKey, secretKey);
-        
-        return S3Client.builder()
-                .region(Region.of(region))
-                .credentialsProvider(StaticCredentialsProvider.create(credentials))
-                .build();
+        return r2StaticBucketName;
     }
 } 

src/main/java/com/linglevel/api/s3/config/S3Config.java

@@ -6,12 +6,11 @@ spring.data.mongodb.database=${MONGODB_DATABASE_DEV}
 # Redis Configuration
 spring.data.redis.host=${REDIS_ENDPOINT_DEV}
 spring.data.redis.port=6379
-spring.data.redis.ssl.enabled=true
 
 # Logging for Dev Environment
-logging.level.com.linglevel.api=DEBUG
+logging.level.com.linglevel.api=INFO
 logging.level.org.springframework.data.mongodb=WARN
-logging.level.root=DEBUG
+logging.level.root=INFO
 
 # Swagger UI Configuration
 springdoc.swagger-ui.enabled=true
@@ -21,6 +20,3 @@ swagger.servers=https://dev.linglevel.com
 # Swagger Login Configuration
 api.docs.user.username=${SWAGGER_USERNAME}
 api.docs.user.password=${SWAGGER_PASSWORD}
-
-# S3 URL
-aws.s3.static.url=https://s3.${S3_REGION}.amazonaws.com/${S3_STATIC_NAME}

src/main/resources/application-dev.properties

@@ -23,6 +23,3 @@ swagger.servers=http://localhost:8080
 # Swagger Login Configuration
 api.docs.user.username=${SWAGGER_USERNAME}
 api.docs.user.password=${SWAGGER_PASSWORD}
-
-# S3 URL
-aws.s3.static.url=https://s3.${S3_REGION}.amazonaws.com/${S3_STATIC_NAME}

src/main/resources/application-local.properties

@@ -6,7 +6,6 @@ spring.data.mongodb.database=${MONGODB_DATABASE_PROD}
 # Redis Configuration
 spring.data.redis.host=${REDIS_ENDPOINT_PROD}
 spring.data.redis.port=6379
-spring.data.redis.ssl.enabled=true
 
 # Logging for Production Environment
 logging.level.com.linglevel.api=INFO
@@ -17,6 +16,3 @@ logging.level.root=INFO
 springdoc.swagger-ui.enabled=false
 springdoc.api-docs.enabled=false
 swagger.servers=https://api.linglevel.com
-
-# S3 URL
-aws.s3.static.url=https://static.linglevel.com

src/main/resources/application-prod.properties

@@ -51,11 +51,19 @@ firebase.config=${FIREBASE_CONFIG_BASE64}
 # Redis
 spring.data.redis.ssl.enabled=false
 
-# S3
+# AWS S3 (AI Input/Output buckets)
 aws.s3.region=${S3_REGION}
 aws.s3.ai.input.bucket=${S3_AI_INPUT_NAME}
 aws.s3.ai.output.bucket=${S3_AI_OUTPUT_NAME}
-aws.s3.static.bucket=${S3_STATIC_NAME}
+
+# Cloudflare R2 (Static files)
+cf.r2.endpoint=${CF_R2_ENDPOINT}
+cf.r2.access-key=${CF_R2_ACCESS_KEY}
+cf.r2.secret-key=${CF_R2_SECRET_KEY}
+cf.r2.static.bucket=${CF_R2_STATIC_BUCKET}
+
+# R2 Public URL (Common for all environments)
+aws.s3.static.url=https://static.linglevel.com
 
 # Sentry
 sentry.dsn=${SENTRY_DSN}