ci: Production 환경 배포 파이프라인 구축 (#69)

* refactor: Docker Compose 파일 환경별 분리

- docker-compose.yml 삭제
- docker-compose.dev.yml 생성 (Development 환경)
  - 포트: 8080:80, 8443:443
  - 컨테이너: yogieat-*-dev
  - 네트워크: yogieat-dev-network
  - 볼륨: certbot_conf_dev, certbot_www_dev

- docker-compose.prod.yml 생성 (Production 환경)
  - 포트: 80:80, 443:443
  - 컨테이너: yogieat-*-prod
  - 네트워크: yogieat-prod-network
  - 볼륨: certbot_conf_prod, certbot_www_prod
  - Health check 추가

Co-Authored-By: Claude (us.anthropic.claude-sonnet-4-5-20250929-v1:0) <noreply@anthropic.com>

* refactor: Nginx 설정 파일 환경별 분리

- client.conf 삭제

- client-dev.conf 생성 (Development)
  - 도메인: dev.yogieat.com
  - SSL 경로: /etc/letsencrypt-dev
  - Certbot webroot: /var/www/certbot-dev
  - Proxy: http://client-dev:3000
  - 로그: /var/log/nginx/client-dev/

- client-prod.conf 생성 (Production)
  - 도메인: yogieat.com, www.yogieat.com
  - SSL 경로: /etc/letsencrypt-prod
  - Certbot webroot: /var/www/certbot-prod
  - Proxy: http://client-prod:3000
  - 로그: /var/log/nginx/client-prod/

- Dockerfile 수정
  - 두 환경의 설정 파일 모두 복사
  - 환경별 로그 디렉토리 생성
  - 환경별 Certbot webroot 디렉토리 생성

Co-Authored-By: Claude (us.anthropic.claude-sonnet-4-5-20250929-v1:0) <noreply@anthropic.com>

* chore: Development 배포 워크플로우 docker-compose.dev.yml 사용

- docker-compose.yml -> docker-compose.dev.yml 참조로 변경
- 모든 docker compose 명령어에 -f docker-compose.dev.yml 추가

Co-Authored-By: Claude (us.anthropic.claude-sonnet-4-5-20250929-v1:0) <noreply@anthropic.com>

* feat: Production 자동 배포 파이프라인 구축

- main 브랜치 푸시 시 자동 배포
- Production 환경 변수 사용 (NEXT_PUBLIC_API_URL_PROD)
- docker-compose.prod.yml 사용
- Health Check 추가
- Discord 알림 (Production 전용 웹훅 지원)

배포 프로세스:
1. 변경 파일 감지 (client/nginx)
2. .env.production 생성 (Prod 환경 변수)
3. Docker 이미지 빌드 및 푸시
4. 서버 배포
5. Health Check 확인
6. Discord 알림

Co-Authored-By: Claude (us.anthropic.claude-sonnet-4-5-20250929-v1:0) <noreply@anthropic.com>

---------

Co-authored-by: Claude (us.anthropic.claude-sonnet-4-5-20250929-v1:0) <noreply@anthropic.com>

Author: RookieAND

.github/workflows/development-deploy.yml

@@ -76,13 +76,13 @@ jobs:
       - name: Checkout Repository
         uses: actions/checkout@v5
 
-      - name: Copy docker-compose.yml to Server
+      - name: Copy docker-compose.dev.yml to Server
         uses: appleboy/scp-action@v0.1.7
         with:
           host: ${{ secrets.SERVER_HOST }}
           username: ${{ secrets.SERVER_USERNAME }}
           key: ${{ secrets.SERVER_PRIVATE_KEY }}
-          source: "docker-compose.yml"
+          source: "docker-compose.dev.yml"
           target: "~/yogieat"
 
       - name: Deploy Project to Gabia Server
@@ -94,13 +94,13 @@ jobs:
           script: |
             cd ~/yogieat
 
-            sudo docker compose -f ./docker-compose.yml down
+            sudo docker compose -f ./docker-compose.dev.yml down
             # Clean up unused images only (preserve volumes with SSL certificates)
             sudo docker image prune -a -f
 
-            sudo docker compose -f ./docker-compose.yml pull
-            sudo docker compose -f ./docker-compose.yml up -d
-            sudo docker compose -f ./docker-compose.yml ps
+            sudo docker compose -f ./docker-compose.dev.yml pull
+            sudo docker compose -f ./docker-compose.dev.yml up -d
+            sudo docker compose -f ./docker-compose.dev.yml ps
 
       - name: Extract commit info
         id: commit

.github/workflows/production-deploy.yml

@@ -0,0 +1,150 @@
+name: Production Deployment
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  build-image:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v5
+
+      - name: Detect changed files
+        uses: dorny/paths-filter@v3
+        id: changes
+        with:
+          filters: |
+            client:
+              - 'app/**'
+              - 'src/**'
+              - 'public/**'
+              - 'package.json'
+              - 'pnpm-lock.yaml'
+              - 'docker/client/**'
+              - 'next.config.js'
+            nginx:
+              - 'docker/nginx/**'
+
+      - name: Login to DockerHub
+        if: steps.changes.outputs.client == 'true' || steps.changes.outputs.nginx == 'true'
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
+
+      - name: Set up Docker Buildx
+        if: steps.changes.outputs.client == 'true' || steps.changes.outputs.nginx == 'true'
+        uses: docker/setup-buildx-action@v3
+
+      - name: Create .env.production
+        if: steps.changes.outputs.client == 'true'
+        run: |
+          echo "NEXT_PUBLIC_API_URL=${{ secrets.NEXT_PUBLIC_API_URL_PROD }}" > .env.production
+          echo "NEXT_PUBLIC_AWS_S3=${{ secrets.NEXT_PUBLIC_AWS_S3 }}" >> .env.production
+          echo "NEXT_PUBLIC_GTM_ID=${{ secrets.NEXT_PUBLIC_GTM_ID_PROD || secrets.NEXT_PUBLIC_GTM_ID }}" >> .env.production
+
+      - name: Build and Push Client image
+        if: steps.changes.outputs.client == 'true'
+        uses: docker/build-push-action@v5
+        with:
+          push: true
+          context: .
+          file: ./docker/client/Dockerfile
+          tags: ${{ secrets.DOCKER_HUB_USERNAME }}/yogieat-client:latest
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+
+      - name: Build and Push Nginx image
+        if: steps.changes.outputs.nginx == 'true'
+        uses: docker/build-push-action@v5
+        with:
+          push: true
+          file: ./docker/nginx/Dockerfile
+          context: ./docker/nginx
+          tags: ${{ secrets.DOCKER_HUB_USERNAME }}/yogieat-nginx:latest
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+
+  deploy-application:
+    needs: build-image
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v5
+
+      - name: Copy docker-compose.prod.yml to Server
+        uses: appleboy/scp-action@v0.1.7
+        with:
+          host: ${{ secrets.SERVER_HOST }}
+          username: ${{ secrets.SERVER_USERNAME }}
+          key: ${{ secrets.SERVER_PRIVATE_KEY }}
+          source: "docker-compose.prod.yml"
+          target: "~/yogieat"
+
+      - name: Deploy Project to Gabia Server
+        uses: appleboy/ssh-action@master
+        with:
+          host: ${{ secrets.SERVER_HOST }}
+          username: ${{ secrets.SERVER_USERNAME }}
+          key: ${{ secrets.SERVER_PRIVATE_KEY }}
+          script: |
+            cd ~/yogieat
+
+            sudo docker compose -f ./docker-compose.prod.yml down
+            # Clean up unused images only (preserve volumes with SSL certificates)
+            sudo docker image prune -a -f
+
+            sudo docker compose -f ./docker-compose.prod.yml pull
+            sudo docker compose -f ./docker-compose.prod.yml up -d
+            sudo docker compose -f ./docker-compose.prod.yml ps
+
+      - name: Health Check
+        uses: appleboy/ssh-action@master
+        with:
+          host: ${{ secrets.SERVER_HOST }}
+          username: ${{ secrets.SERVER_USERNAME }}
+          key: ${{ secrets.SERVER_PRIVATE_KEY }}
+          script: |
+            cd ~/yogieat
+
+            echo "Waiting for services to be healthy..."
+            sleep 10
+
+            # Check container status
+            sudo docker compose -f ./docker-compose.prod.yml ps
+
+            # Check if client is healthy
+            CLIENT_STATUS=$(sudo docker inspect --format='{{.State.Health.Status}}' yogieat-client-prod 2>/dev/null || echo "no-healthcheck")
+            echo "Client health status: $CLIENT_STATUS"
+
+            if [ "$CLIENT_STATUS" != "healthy" ] && [ "$CLIENT_STATUS" != "no-healthcheck" ]; then
+              echo "Client container is not healthy"
+              sudo docker compose -f ./docker-compose.prod.yml logs client-prod
+              exit 1
+            fi
+
+      - name: Extract commit info
+        id: commit
+        run: |
+          COMMIT_MSG=$(echo "${{ github.event.head_commit.message }}" | head -n 1)
+          SHORT_SHA=$(echo "${{ github.sha }}" | cut -c1-7)
+          echo "message=$COMMIT_MSG" >> $GITHUB_OUTPUT
+          echo "sha=$SHORT_SHA" >> $GITHUB_OUTPUT
+
+      - name: Discord notification
+        if: always()
+        uses: sarisia/actions-status-discord@v1
+        with:
+          webhook: ${{ secrets.DISCORD_WEBHOOK_PROD || secrets.DISCORD_WEBHOOK }}
+          title: "🚀 Production 배포"
+          description: |
+            **상태**: ${{ job.status }}
+            **커밋**: [`${{ steps.commit.outputs.sha }}`](https://github.com/${{ github.repository }}/commit/${{ github.sha }})
+            **메시지**: ${{ steps.commit.outputs.message }}
+            **URL**: https://yogieat.com
+          color: ${{ job.status == 'success' && '0x57F287' || '0xED4245' }}
+          username: GitHub Actions

docker-compose.dev.yml

@@ -0,0 +1,54 @@
+services:
+  client-dev:
+    image: rookieanddocker/yogieat-client:latest
+    container_name: yogieat-client-dev
+    expose:
+      - "3000"
+    environment:
+      - NODE_ENV=production
+      - PORT=3000
+      - HOSTNAME=0.0.0.0
+    networks:
+      - yogieat-dev-network
+    labels:
+      - "name=client-dev"
+      - "mode=development"
+
+  nginx-dev:
+    image: rookieanddocker/yogieat-nginx:latest
+    container_name: yogieat-nginx-dev
+    ports:
+      - 8080:80
+      - 8443:443
+    volumes:
+      - certbot_conf_dev:/etc/letsencrypt-dev
+      - certbot_www_dev:/var/www/certbot-dev
+    depends_on:
+      - client-dev
+    networks:
+      - yogieat-dev-network
+    labels:
+      - "name=nginx-dev"
+      - "mode=development"
+    restart: on-failure
+
+  certbot-dev:
+    image: certbot/certbot:latest
+    container_name: yogieat-certbot-dev
+    volumes:
+      - certbot_conf_dev:/etc/letsencrypt
+      - certbot_www_dev:/var/www/certbot
+    networks:
+      - yogieat-dev-network
+    entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
+    labels:
+      - "name=certbot-dev"
+      - "mode=development"
+
+networks:
+  yogieat-dev-network:
+    driver: bridge
+
+volumes:
+  certbot_conf_dev:
+  certbot_www_dev:

docker-compose.prod.yml

@@ -0,0 +1,60 @@
+services:
+  client-prod:
+    image: rookieanddocker/yogieat-client:latest
+    container_name: yogieat-client-prod
+    expose:
+      - "3000"
+    environment:
+      - NODE_ENV=production
+      - PORT=3000
+      - HOSTNAME=0.0.0.0
+    networks:
+      - yogieat-prod-network
+    labels:
+      - "name=client-prod"
+      - "mode=production"
+    healthcheck:
+      test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3000"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 40s
+
+  nginx-prod:
+    image: rookieanddocker/yogieat-nginx:latest
+    container_name: yogieat-nginx-prod
+    ports:
+      - 80:80
+      - 443:443
+    volumes:
+      - certbot_conf_prod:/etc/letsencrypt-prod
+      - certbot_www_prod:/var/www/certbot-prod
+    depends_on:
+      - client-prod
+    networks:
+      - yogieat-prod-network
+    labels:
+      - "name=nginx-prod"
+      - "mode=production"
+    restart: on-failure
+
+  certbot-prod:
+    image: certbot/certbot:latest
+    container_name: yogieat-certbot-prod
+    volumes:
+      - certbot_conf_prod:/etc/letsencrypt
+      - certbot_www_prod:/var/www/certbot
+    networks:
+      - yogieat-prod-network
+    entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
+    labels:
+      - "name=certbot-prod"
+      - "mode=production"
+
+networks:
+  yogieat-prod-network:
+    driver: bridge
+
+volumes:
+  certbot_conf_prod:
+  certbot_www_prod:

docker-compose.yml

@@ -3,14 +3,15 @@ FROM nginx:1.29.4-alpine
 # Default Configuration 파일 삭제
 RUN rm /etc/nginx/conf.d/default.conf
 
-# Configuration 파일 복사
-COPY ./config/client.conf /etc/nginx/conf.d/client.conf
+# Configuration 파일 복사 (Dev와 Prod 모두)
+COPY ./config/client-dev.conf /etc/nginx/conf.d/client-dev.conf
+COPY ./config/client-prod.conf /etc/nginx/conf.d/client-prod.conf
 COPY ./config/nginx.conf /etc/nginx/nginx.conf
 
-# 로그 디렉토리 생성
-RUN mkdir -p /var/log/nginx/client
+# 로그 디렉토리 생성 (환경별 분리)
+RUN mkdir -p /var/log/nginx/client-dev /var/log/nginx/client-prod
 
-# Certbot webroot 디렉토리 생성
-RUN mkdir -p /var/www/certbot
+# Certbot webroot 디렉토리 생성 (환경별 분리)
+RUN mkdir -p /var/www/certbot-dev /var/www/certbot-prod
 
-CMD ["nginx", "-g", "daemon off;"]
+CMD ["nginx", "-g", "daemon off;"]