OneByOne-Kindergarten · wngns1101 · Aug 26, 2025 · Aug 22, 2025 · Aug 22, 2025 · Aug 22, 2025
diff --git a/.github/workflows/aws.yml b/.github/workflows/aws.yml
@@ -52,18 +52,64 @@ jobs:
           push: true
           tags: ${{ secrets.DOCKER_HUB }}/kindergarten:${{ github.ref == 'refs/heads/main' && 'latest' || 'dev' }}
 
-      - name: Deploy to Server
+      # ---------- 프로덕션 배포 ----------
+      - name: Upload stack files (prod)
+        if: github.ref == 'refs/heads/main'
+        uses: appleboy/scp-action@v1
+        with:
+          host: ${{ secrets.PRODUCTION_SERVER_HOST }}
+          username: ${{ secrets.SERVER_USER }}
+          key: ${{ secrets.PRODUCTION_SERVER_SSH_KEY }}
+          # 레포의 실제 경로에 맞춰 업로드
+          source: "./docker/app/docker-compose.yml,./docker/loki/config/config.yml,./docker/promtail/config/config.yml"
+
+          target: /home/ubuntu/stack
+
+      - name: Deploy to Server (prod)
         if: github.ref == 'refs/heads/main'
         uses: appleboy/ssh-action@v1
         with:
           host: ${{ secrets.PRODUCTION_SERVER_HOST }}
           username: ${{ secrets.SERVER_USER }}
           key: ${{ secrets.PRODUCTION_SERVER_SSH_KEY }}
           script: |
-            sudo docker stop kindergarten || true
-            sudo docker rm kindergarten || true
-            sudo docker pull ${{ secrets.DOCKER_HUB }}/kindergarten:latest
-            sudo docker run -d --name kindergarten -p 8080:8080 -v /home/ubuntu/logs:/home/ubuntu/logs -e SPRING_PROFILES_ACTIVE=production ${{ secrets.DOCKER_HUB }}/kindergarten:latest
+            set -e
+            cd /home/ubuntu/stack/docker/app
+
+            sudo docker compose down || true
+
+            # 기존 kindergarten 이미지 전부 삭제
+            sudo docker images "juhoonlee/kindergarten" -q | xargs -r sudo docker rmi -f
+
+            # .env 주입 (compose에서 사용)
+            cat > .env << 'EOF'
+            REGISTRY=${{ secrets.DOCKER_HUB }}
+            APP_TAG=latest
+            SPRING_PROFILE=production
+            GRAFANA_USER=${{ secrets.GRAFANA_USER }}
+            GRAFANA_PASSWORD=${{ secrets.GRAFANA_PASSWORD }}
+            EOF
+
+            # 최신 이미지 풀 & 재기동
+            sudo docker compose pull
+            sudo docker compose up -d --remove-orphans
+
+      - name: Debug upload paths
+        run: |
+          set -e
+          ls -al docker/app/docker-compose.yml
+          ls -al docker/loki/config/config.yml
+          ls -al docker/promtail/config/config.yml      
+
+      - name: Upload stack files (dev)
+        if: github.ref == 'refs/heads/develop'
+        uses: appleboy/scp-action@v1
+        with:
+          host: ${{ secrets.SERVER_HOST }}
+          username: ${{ secrets.SERVER_USER }}
+          key: ${{ secrets.SERVER_SSH_KEY }}
+          source: "./docker/app/docker-compose.yml,./docker/loki/config/config.yml,./docker/promtail/config/config.yml"
+          target: /home/ubuntu/stack
 
       - name: Deploy to Dev Server
         if: github.ref == 'refs/heads/develop'
@@ -73,7 +119,21 @@ jobs:
           username: ${{ secrets.SERVER_USER }}
           key: ${{ secrets.SERVER_SSH_KEY }}
           script: |
-            sudo docker stop kindergarten || true
-            sudo docker rm kindergarten || true
-            sudo docker pull ${{ secrets.DOCKER_HUB }}/kindergarten:dev
-            sudo docker run -d --name kindergarten -p 8080:8080 -v /home/ubuntu/logs:/home/ubuntu/logs -e SPRING_PROFILES_ACTIVE=dev ${{ secrets.DOCKER_HUB }}/kindergarten:dev
+            set -e
+            cd /home/ubuntu/stack/docker/app
+
+            sudo docker compose down || true
+
+            # 기존 kindergarten 이미지 전부 삭제
+            sudo docker images "juhoonlee/kindergarten" -q | xargs -r sudo docker rmi -f
+
+            cat > .env << 'EOF'
+            REGISTRY=${{ secrets.DOCKER_HUB }}
+            APP_TAG=dev
+            SPRING_PROFILE=dev
+            GRAFANA_USER=${{ secrets.GRAFANA_USER }}
+            GRAFANA_PASSWORD=${{ secrets.GRAFANA_PASSWORD }}
+            EOF
+
+            sudo docker compose pull
+            sudo docker compose up -d --remove-orphans
diff --git a/docker/app/docker-compose.yml b/docker/app/docker-compose.yml
@@ -0,0 +1,54 @@
+services:
+  app:
+    image: ${REGISTRY}/kindergarten:${APP_TAG}
+    container_name: kindergarten
+    ports:
+      - "8080:8080"
+    environment:
+      - SPRING_PROFILES_ACTIVE=${SPRING_PROFILE}
+    volumes:
+      - /home/ubuntu/logs:/home/ubuntu/logs
+    networks:
+      - backend_network
+    restart: unless-stopped
+
+  loki:
+    image: grafana/loki:3.0.0
+    command: -config.file=/etc/loki/config.yml
+    ports:
+      - "3100:3100"
+    volumes:
+      - /home/ubuntu/stack/docker/loki/config:/etc/loki:ro
+    networks:
+      - backend_network
+    restart: unless-stopped
+
+  grafana:
+    image: grafana/grafana:10.4.4
+    ports:
+      - "3000:3000"
+    volumes:
+      - grafana-storage:/var/lib/grafana
+    networks:
+      - backend_network
+    restart: unless-stopped
+    environment:
+      - GF_SECURITY_ADMIN_USER=${GRAFANA_USER}
+      - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
+
+  promtail:
+    image: grafana/promtail:3.0.0
+    command: -config.file=/etc/promtail/config.yml
+    volumes:
+      - /home/ubuntu/logs:/var/log/app-logs:ro
+      - /home/ubuntu/stack/docker/promtail/config:/etc/promtail:ro
+    networks:
+      - backend_network
+    restart: unless-stopped
+
+volumes:
+  grafana-storage:
+
+networks:
+  backend_network:
+    driver: bridge
diff --git a/docker/loki/config/config.yml b/docker/loki/config/config.yml
@@ -0,0 +1,26 @@
+auth_enabled: false # 인증 기능 비활성화
+
+server:
+  http_listen_port: 3100 # 서버 열리는 포트
+common:
+  instance_addr: 127.0.0.1 # 이 인스턴스가 사용하는 네트워크 주소
+  path_prefix: /loki # 내부에서 데이터 저장할 기본 경로
+  storage:
+    filesystem:
+      chunks_directory: /loki/chunks # 실제 로그 데이터 저장하는 디렉토리
+      rules_directory: /loki/rules
+  replication_factor: 1 #  데이터 복제 개수
+  ring:
+    kvstore:
+      store: inmemory
+schema_config:
+  configs:
+    - from: 2024-10-24
+      store: tsdb
+      object_store: filesystem
+      schema: v13
+      index:
+        prefix: index_
+        period: 24h
+ruler:
+  alertmanager_url: http://localhost:9093 # 알림을 보낼 주소
diff --git a/docker/promtail/config/config.yml b/docker/promtail/config/config.yml
@@ -0,0 +1,15 @@
+server:
+  http_listen_port: 3100 # 상태 확인용 포트
+
+positions:
+  filename: /tmp/positions.yaml # promtail이 로그 파일을 읽은 위치 기록하는 파일
+clients:
+  - url: http://loki:3100/loki/api/v1/push # 수집한 로그를 전송할 Loki 서버 주소
+scrape_configs:
+  - job_name: system
+    static_configs:
+      - targets:
+          - localhost
+        labels:
+          job: spring-boot-app
+          __path__: /var/log/app-logs/*.log