๐ ์ ์ฒด HTTPS ๊ฐ๋ฐ ํ๊ฒฝ
18456 ๋จ์ด developmentsecurityhttpsmonorepo
์ ๋๋ ๊ฐ๋ฐ ์ค์ HTTPS๋ฅผ ์ฌ์ฉํด์ผ ํฉ๋๊น?
์ฌ์ค ๊ฐ๋ฐ ํ๊ฒฝ์์ HTTPS๋ฅผ ์ฌ์ฉํ๋ ๋ฐ๋ ์ฌ๋ฌ ๊ฐ์ง ์ด์ ๊ฐ ์์ต๋๋ค.
์ธ์ฆ์ ์ค์
๋ฃจํธ CA๋ก ์๋ช
๋ ์ธ์ฆ์๋ฅผ ์ค์ ํด์ผ ํฉ๋๋ค. ์ด ์ธ์ฆ์๋ ์์คํ
๊ณผ ๋ธ๋ผ์ฐ์ ์์ ์๋ณ๋ฉ๋๋ค.
์ฐ์ , ์ฐ๋ฆฌ๋ ๋ก์ปฌ ๊ฐ๋ฐ ํ๊ฒฝ์ ์ํด ํธ์คํธ ์ด๋ฆ์ ์ ํํ ๋ค์์awesome ๋๊ตฌ mkcert์ ์ฌ์ฉํ์ฌ ์ ํจํ ์ธ์ฆ์๋ฅผ ์์ฑํ ๊ฒ์
๋๋ค.
๊ฐ๋ฐ์ ํธ์คํธ ์ด๋ฆ ์ ํ
๊ฐ๋ฐ ํ๊ฒฝ์ ์ํ ํธ์คํธ ์ด๋ฆ์ ์ ํํ์ญ์์ค.
โ ๏ธ ์ถฉ๋ํ ์ ์๋ ๊ธฐ์กด ๋๋ฉ์ธ ์ด๋ฆ์ ์ฌ์ฉํ์ง ๋ง์ญ์์ค!
์ผ๋ฐ์ ์ธ localhost ๋๋ ๋ค๋ฅธ ํธ์คํธ ์ด๋ฆ์ ์ฌ์ฉํ ์ ์์ต๋๋ค.๋๋ dev.local์ ์ฌ์ฉํ๋ ๊ฒ์ ์ข์ํ๋ค. ๋๋ ๋ค์ ๋จ๊ณ์์ ๊ทธ๊ฒ์ ์ฌ์ฉํ ๊ฒ์ด๋ค.
๋ก์ปฌ dns์ ํธ์คํธ ์ด๋ฆ์ ์ถ๊ฐํด์ผ ํฉ๋๋ค. Linux์ Mac์์ /etc/hosts
์
๋๋ค.๋ฐ๋ผ์ 127.0.0.1 dev.local
์ /etc/hosts
์ ์ถ๊ฐํฉ๋๋ค.
๐ก ์๋ฆผ: this gist์ ์ด ์คํฌ๋ฆฝํธ๋ฅผ ์ฌ์ฉํ์ฌ ํธ์คํธ ์ด๋ฆ์ ์ฝ๊ฒ ์ถ๊ฐํ๊ณ ์ญ์ ํ๊ณ ์์ต๋๋ค๐
๐๏ธ ์ฐธ๊ณ : api.dev.local
, app.dev.local
๊ณผ ๊ฐ์ ํ์ ๋๋ฉ์ธ์ ์ฌ์ฉํ๋ ๊ฒฝ์ฐ...๋๋ /etc/hosts
์ ๊ทธ๊ฒ๋ค์ ์ถ๊ฐํด์ผ ํ๋ค.*.dev.local
์ ์ง์ ์ด๋ํฐ (์๋ฅผ ๋ค์ด /etc/hosts
) ๋ฅผ ์ฌ์ฉํ ์ ์์ง๋ง dnsmasq ๋ฑ ์๋น์ค๋ฅผ ์ฌ์ฉํ์ฌ ์ด ์ ์ ์คํํ ์ ์์ต๋๋ค.
Mkcert ํ์ฌ
์ฐ๋ฆฌ๋ mkcert์ ์ฌ์ฉํ์ฌ ๋ฃจํธCA๋ฅผ ๊ด๋ฆฌํ๊ณ ์ธ์ฆ์๋ฅผ ์์ฑํ ๊ฒ์
๋๋ค.
์ค์น
๐ MacOS ํ์ฌ
acOS์์ Homebrew ์ฌ์ฉ
brew install mkcert
brew install nss # if you use Firefox
๐ง Linux
Linux์ certutil
์ ๋จผ์ ์ค์นํฉ๋๋ค.
sudo apt install libnss3-tools
curl -Lo /tmp/mkcert https://github.com/FiloSottile/mkcert/releases/download/v1.4.1/mkcert-v1.4.1-linux-amd64
chmod +x /tmp/mkcert
sudo mv /tmp/mkcert /usr/local/bin/mkcert
๋ ๋ง์ ์ค์น ๋ฐฉ๋ฒ here ์ฐธ์กฐ๐
ํ์ฉ๋จ์ด์ฐธ์กฐ
๋จผ์ ๋ก์ปฌ CA๋ฅผ ์์คํ
๋ฐ ๋ธ๋ผ์ฐ์ ์ ์ค์นํด์ผ ํฉ๋๋ค.
$ mkcert -install
Created a new local CA at "/home/***/.local/share/mkcert" ๐ฅ
The local CA is now installed in the system trust store! โก๏ธ
The local CA is now installed in the Firefox trust store (requires browser restart)! ๐ฆ
๋ค์์ผ๋ก, ์ฐ๋ฆฌ๋ mkcert๋ฅผ ์ฌ์ฉํ์ฌ ์ธ์ฆ์๋ฅผ ์์ฑํ ๊ฒ์
๋๋ค.๋ด ์์์ญ dev.local
๊ณผ ์ด๋ํฐ *.dev.local
์ ์ฌ์ฉํฉ๋๋ค.
$ mkcert -cert-file certs/local-cert.pem -key-file certs/local-key.pem dev.local *.dev.local
Using the local CA at "/home/***/.local/share/mkcert" โจ
Created a new certificate valid for the following names ๐
- "dev.local"
- "*.dev.local"
Reminder: X.509 wildcards only go one level deep, so this won't match a.b.dev.local โน๏ธ
The certificate is at "certs/local-cert.pem" and the key at "certs/local-key.pem" โ
์ฐ๋ฆฌ๋ ํ์ฌ certs/local-cert.pem
๊ณผ certs/local-key.pem
์ ์๋ ์ธ์ฆ์๋ฅผ ์ฌ์ฉํ ์ ์์ต๋๋ค.
๋ค์์ ์ด ์ธ์ฆ์๋ฅผ ๋ค๋ฅธ ์์ฉ ํ๋ก๊ทธ๋จ์ ์ด๋ป๊ฒ ์ฌ์ฉํ๋์ง ์์๋ณด๊ฒ ์ต๋๋ค.
์ด์ : ๊ฐ๋ฐ ์ฐฝ๊ณ ์ Makefile์ ๋ชจ๋ ๋ด์ฉ์ ํฌ์ฅํฉ๋๋ค
์ด๊ฒ์ ๋ด๊ฐ ์ด๋ป๊ฒ ๋์ ๊ฐ๋ฐ ์ฐฝ๊ณ ๋ฅผ ์กฐ์งํ๋์ง, ๊ทธ๊ฒ์ ๋งค์ฐ ์์ ์ ์๊ฒฌ์ ๊ณ ์งํ๊ธฐ ๋๋ฌธ์, ๊ทธ ์ค์์ ๋น์ ์ด ํ์๋ก ํ๋ ๊ฒ๋ง ์ป๋๋ค๐!
๐ ํด๋ ๊ตฌ์กฐ
project_root
โโโ dev-stack
โ โโโ certs
โ โ โโโ .gitignore
โ โ โโโ local-cert.pem
โ โ โโโ local-key.pem
โ โโโ scripts
โ โ โโโ get-ip.sh
โ โ โโโ manage-hosts.sh
โ โโโ .env.local
โ โโโ .gitignore
โ โโโ docker-compose.yml
โ โโโ Makefile
โ โโโ README.md
ํ์ผ ์์ฑ
ifndef DEV_STACK_DIR
DEV_STACK_DIR = $(CURDIR)
endif
SCRIPTS_DIR=${DEV_STACK_DIR}/scripts
ifndef HOSTNAME
HOSTNAME = dev.local
endif
ifndef SUBDOMAINS
SUBDOMAINS = docs \
traefik \
mail \
media \
portainer \
graphql \
auth
endif
ifndef DATABASE
DATABASE = postgres
endif
ifndef INFRA
INFRA = traefik \
maildev \
minio \
mkdocs \
portainer \
${DATABASE} \
graphql-engine \
keycloak \
auth-connector
endif
export HOST_IP := $(shell ${SCRIPTS_DIR}/get-ip.sh)
# HELP
.PHONY: help
help: ## List of the command available, make {command}
@awk 'BEGIN {FS = ":.*?## "} /^[a-zA-Z_-]+:.*?## / {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' $(MAKEFILE_LIST)
.DEFAULT_GOAL := help
start: ## Start the docker stack
docker-compose up -d ${INFRA}
up: ## Start the docker stack
docker-compose up ${INFRA}
stop: ## Stop the docker stack
docker-compose stop
restart: ## Restart the docker stack
docker-compose restart
down: ## Down the docker stack and remove all containers and networks
docker-compose down
build: ## Build or rebuild all docker container
docker-compose build
pull: ## Pull latest image
docker-compose pull
add-hosts: ## Add Hosts entries for Dev stack
${SCRIPTS_DIR}/manage-hosts.sh addhost ${HOSTNAME}
$(foreach subdomain, $(SUBDOMAINS), ${SCRIPTS_DIR}/manage-hosts.sh addhost $(subdomain).$(HOSTNAME);)
remove-hosts: ## Remove Hosts entries for Dev stack
${SCRIPTS_DIR}/manage-hosts.sh removehost ${HOSTNAME}
$(foreach subdomain, $(SUBDOMAINS), ${SCRIPTS_DIR}/manage-hosts.sh removehost $(subdomain).$(HOSTNAME);)
certs-generate: ## Generate certs for all our domains
mkcert -install
mkcert -cert-file certs/local-cert.pem -key-file certs/local-key.pem $(HOSTNAME) *.$(HOSTNAME)
certs-uninstall: ## Uninstall the local CA (but do not delete it)
mkcert -uninstall
์คํฌ๋ฆฝํธ
ip๋ฅผ ๊ฐ์ ธ์ต๋๋ค.์ํด
#!/bin/bash
# Get host IP address
if [ "$(uname)" = "Darwin" ];then
ifconfig en0 | grep "inet "| cut -d ' ' -f 2
else
ip route get 1.2.3.4 | awk '{print $7}'
fi
ํธ์คํธ ๊ด๋ฆฌ์ํด
#!/bin/bash
# copy from https://gist.github.com/irazasyed/a7b0a079e7727a4315b9
# PATH TO YOUR HOSTS FILE
ETC_HOSTS=/etc/hosts
# DEFAULT IP FOR HOSTNAME
IP="127.0.0.1"
# Hostname to add/remove.
HOSTNAME=$2
removehost() {
echo "removing host";
if [ -n "$(grep $HOSTNAME /etc/hosts)" ]
then
echo "$HOSTNAME Found in your $ETC_HOSTS, Removing now...";
sudo sed -i".bak" "/$HOSTNAME/d" $ETC_HOSTS
else
echo "$HOSTNAME was not found in your $ETC_HOSTS";
fi
}
addhost() {
echo "adding host";
HOSTS_LINE="$IP\t$HOSTNAME"
if [ -n "$(grep $HOSTNAME /etc/hosts)" ]
then
echo "$HOSTNAME already exists : $(grep $HOSTNAME $ETC_HOSTS)"
else
echo "Adding $HOSTNAME to your $ETC_HOSTS";
sudo -- sh -c -e "echo '$HOSTS_LINE' >> /etc/hosts";
if [ -n "$(grep $HOSTNAME /etc/hosts)" ]
then
echo "$HOSTNAME was added succesfully \n $(grep $HOSTNAME /etc/hosts)";
else
echo "Failed to Add $HOSTNAME, Try again!";
fi
fi
}
$@
์ธ์ฆ์ ์ฌ์ฉ
โ ๋ค์ ๊ฒ์๋ฌผ์์๋ ์๋ก ์์ฑ๋ ์ธ์ฆ์๋ฅผ ์ฌ์ฉํ๋ ๋ฐฉ๋ฒ์ ๋ณผ ์ ์์ต๋๋ค
๊ฐ๋ฐ ํ๊ฒฝ์ ์ํ ํธ์คํธ ์ด๋ฆ์ ์ ํํ์ญ์์ค.
โ ๏ธ ์ถฉ๋ํ ์ ์๋ ๊ธฐ์กด ๋๋ฉ์ธ ์ด๋ฆ์ ์ฌ์ฉํ์ง ๋ง์ญ์์ค!
์ผ๋ฐ์ ์ธ localhost ๋๋ ๋ค๋ฅธ ํธ์คํธ ์ด๋ฆ์ ์ฌ์ฉํ ์ ์์ต๋๋ค.๋๋ dev.local์ ์ฌ์ฉํ๋ ๊ฒ์ ์ข์ํ๋ค. ๋๋ ๋ค์ ๋จ๊ณ์์ ๊ทธ๊ฒ์ ์ฌ์ฉํ ๊ฒ์ด๋ค.
๋ก์ปฌ dns์ ํธ์คํธ ์ด๋ฆ์ ์ถ๊ฐํด์ผ ํฉ๋๋ค. Linux์ Mac์์
/etc/hosts
์
๋๋ค.๋ฐ๋ผ์ 127.0.0.1 dev.local
์ /etc/hosts
์ ์ถ๊ฐํฉ๋๋ค.๐ก ์๋ฆผ: this gist์ ์ด ์คํฌ๋ฆฝํธ๋ฅผ ์ฌ์ฉํ์ฌ ํธ์คํธ ์ด๋ฆ์ ์ฝ๊ฒ ์ถ๊ฐํ๊ณ ์ญ์ ํ๊ณ ์์ต๋๋ค๐
๐๏ธ ์ฐธ๊ณ :
api.dev.local
, app.dev.local
๊ณผ ๊ฐ์ ํ์ ๋๋ฉ์ธ์ ์ฌ์ฉํ๋ ๊ฒฝ์ฐ...๋๋ /etc/hosts
์ ๊ทธ๊ฒ๋ค์ ์ถ๊ฐํด์ผ ํ๋ค.*.dev.local
์ ์ง์ ์ด๋ํฐ (์๋ฅผ ๋ค์ด /etc/hosts
) ๋ฅผ ์ฌ์ฉํ ์ ์์ง๋ง dnsmasq ๋ฑ ์๋น์ค๋ฅผ ์ฌ์ฉํ์ฌ ์ด ์ ์ ์คํํ ์ ์์ต๋๋ค.Mkcert ํ์ฌ
์ฐ๋ฆฌ๋ mkcert์ ์ฌ์ฉํ์ฌ ๋ฃจํธCA๋ฅผ ๊ด๋ฆฌํ๊ณ ์ธ์ฆ์๋ฅผ ์์ฑํ ๊ฒ์
๋๋ค.
์ค์น
๐ MacOS ํ์ฌ
acOS์์ Homebrew ์ฌ์ฉ
brew install mkcert
brew install nss # if you use Firefox
๐ง Linux
Linux์ certutil
์ ๋จผ์ ์ค์นํฉ๋๋ค.
sudo apt install libnss3-tools
curl -Lo /tmp/mkcert https://github.com/FiloSottile/mkcert/releases/download/v1.4.1/mkcert-v1.4.1-linux-amd64
chmod +x /tmp/mkcert
sudo mv /tmp/mkcert /usr/local/bin/mkcert
๋ ๋ง์ ์ค์น ๋ฐฉ๋ฒ here ์ฐธ์กฐ๐
ํ์ฉ๋จ์ด์ฐธ์กฐ
๋จผ์ ๋ก์ปฌ CA๋ฅผ ์์คํ
๋ฐ ๋ธ๋ผ์ฐ์ ์ ์ค์นํด์ผ ํฉ๋๋ค.
$ mkcert -install
Created a new local CA at "/home/***/.local/share/mkcert" ๐ฅ
The local CA is now installed in the system trust store! โก๏ธ
The local CA is now installed in the Firefox trust store (requires browser restart)! ๐ฆ
๋ค์์ผ๋ก, ์ฐ๋ฆฌ๋ mkcert๋ฅผ ์ฌ์ฉํ์ฌ ์ธ์ฆ์๋ฅผ ์์ฑํ ๊ฒ์
๋๋ค.๋ด ์์์ญ dev.local
๊ณผ ์ด๋ํฐ *.dev.local
์ ์ฌ์ฉํฉ๋๋ค.
$ mkcert -cert-file certs/local-cert.pem -key-file certs/local-key.pem dev.local *.dev.local
Using the local CA at "/home/***/.local/share/mkcert" โจ
Created a new certificate valid for the following names ๐
- "dev.local"
- "*.dev.local"
Reminder: X.509 wildcards only go one level deep, so this won't match a.b.dev.local โน๏ธ
The certificate is at "certs/local-cert.pem" and the key at "certs/local-key.pem" โ
์ฐ๋ฆฌ๋ ํ์ฌ certs/local-cert.pem
๊ณผ certs/local-key.pem
์ ์๋ ์ธ์ฆ์๋ฅผ ์ฌ์ฉํ ์ ์์ต๋๋ค.
๋ค์์ ์ด ์ธ์ฆ์๋ฅผ ๋ค๋ฅธ ์์ฉ ํ๋ก๊ทธ๋จ์ ์ด๋ป๊ฒ ์ฌ์ฉํ๋์ง ์์๋ณด๊ฒ ์ต๋๋ค.
์ด์ : ๊ฐ๋ฐ ์ฐฝ๊ณ ์ Makefile์ ๋ชจ๋ ๋ด์ฉ์ ํฌ์ฅํฉ๋๋ค
์ด๊ฒ์ ๋ด๊ฐ ์ด๋ป๊ฒ ๋์ ๊ฐ๋ฐ ์ฐฝ๊ณ ๋ฅผ ์กฐ์งํ๋์ง, ๊ทธ๊ฒ์ ๋งค์ฐ ์์ ์ ์๊ฒฌ์ ๊ณ ์งํ๊ธฐ ๋๋ฌธ์, ๊ทธ ์ค์์ ๋น์ ์ด ํ์๋ก ํ๋ ๊ฒ๋ง ์ป๋๋ค๐!
๐ ํด๋ ๊ตฌ์กฐ
project_root
โโโ dev-stack
โ โโโ certs
โ โ โโโ .gitignore
โ โ โโโ local-cert.pem
โ โ โโโ local-key.pem
โ โโโ scripts
โ โ โโโ get-ip.sh
โ โ โโโ manage-hosts.sh
โ โโโ .env.local
โ โโโ .gitignore
โ โโโ docker-compose.yml
โ โโโ Makefile
โ โโโ README.md
ํ์ผ ์์ฑ
ifndef DEV_STACK_DIR
DEV_STACK_DIR = $(CURDIR)
endif
SCRIPTS_DIR=${DEV_STACK_DIR}/scripts
ifndef HOSTNAME
HOSTNAME = dev.local
endif
ifndef SUBDOMAINS
SUBDOMAINS = docs \
traefik \
mail \
media \
portainer \
graphql \
auth
endif
ifndef DATABASE
DATABASE = postgres
endif
ifndef INFRA
INFRA = traefik \
maildev \
minio \
mkdocs \
portainer \
${DATABASE} \
graphql-engine \
keycloak \
auth-connector
endif
export HOST_IP := $(shell ${SCRIPTS_DIR}/get-ip.sh)
# HELP
.PHONY: help
help: ## List of the command available, make {command}
@awk 'BEGIN {FS = ":.*?## "} /^[a-zA-Z_-]+:.*?## / {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' $(MAKEFILE_LIST)
.DEFAULT_GOAL := help
start: ## Start the docker stack
docker-compose up -d ${INFRA}
up: ## Start the docker stack
docker-compose up ${INFRA}
stop: ## Stop the docker stack
docker-compose stop
restart: ## Restart the docker stack
docker-compose restart
down: ## Down the docker stack and remove all containers and networks
docker-compose down
build: ## Build or rebuild all docker container
docker-compose build
pull: ## Pull latest image
docker-compose pull
add-hosts: ## Add Hosts entries for Dev stack
${SCRIPTS_DIR}/manage-hosts.sh addhost ${HOSTNAME}
$(foreach subdomain, $(SUBDOMAINS), ${SCRIPTS_DIR}/manage-hosts.sh addhost $(subdomain).$(HOSTNAME);)
remove-hosts: ## Remove Hosts entries for Dev stack
${SCRIPTS_DIR}/manage-hosts.sh removehost ${HOSTNAME}
$(foreach subdomain, $(SUBDOMAINS), ${SCRIPTS_DIR}/manage-hosts.sh removehost $(subdomain).$(HOSTNAME);)
certs-generate: ## Generate certs for all our domains
mkcert -install
mkcert -cert-file certs/local-cert.pem -key-file certs/local-key.pem $(HOSTNAME) *.$(HOSTNAME)
certs-uninstall: ## Uninstall the local CA (but do not delete it)
mkcert -uninstall
์คํฌ๋ฆฝํธ
ip๋ฅผ ๊ฐ์ ธ์ต๋๋ค.์ํด
#!/bin/bash
# Get host IP address
if [ "$(uname)" = "Darwin" ];then
ifconfig en0 | grep "inet "| cut -d ' ' -f 2
else
ip route get 1.2.3.4 | awk '{print $7}'
fi
ํธ์คํธ ๊ด๋ฆฌ์ํด
#!/bin/bash
# copy from https://gist.github.com/irazasyed/a7b0a079e7727a4315b9
# PATH TO YOUR HOSTS FILE
ETC_HOSTS=/etc/hosts
# DEFAULT IP FOR HOSTNAME
IP="127.0.0.1"
# Hostname to add/remove.
HOSTNAME=$2
removehost() {
echo "removing host";
if [ -n "$(grep $HOSTNAME /etc/hosts)" ]
then
echo "$HOSTNAME Found in your $ETC_HOSTS, Removing now...";
sudo sed -i".bak" "/$HOSTNAME/d" $ETC_HOSTS
else
echo "$HOSTNAME was not found in your $ETC_HOSTS";
fi
}
addhost() {
echo "adding host";
HOSTS_LINE="$IP\t$HOSTNAME"
if [ -n "$(grep $HOSTNAME /etc/hosts)" ]
then
echo "$HOSTNAME already exists : $(grep $HOSTNAME $ETC_HOSTS)"
else
echo "Adding $HOSTNAME to your $ETC_HOSTS";
sudo -- sh -c -e "echo '$HOSTS_LINE' >> /etc/hosts";
if [ -n "$(grep $HOSTNAME /etc/hosts)" ]
then
echo "$HOSTNAME was added succesfully \n $(grep $HOSTNAME /etc/hosts)";
else
echo "Failed to Add $HOSTNAME, Try again!";
fi
fi
}
$@
์ธ์ฆ์ ์ฌ์ฉ
โ ๋ค์ ๊ฒ์๋ฌผ์์๋ ์๋ก ์์ฑ๋ ์ธ์ฆ์๋ฅผ ์ฌ์ฉํ๋ ๋ฐฉ๋ฒ์ ๋ณผ ์ ์์ต๋๋ค
brew install mkcert
brew install nss # if you use Firefox
sudo apt install libnss3-tools
curl -Lo /tmp/mkcert https://github.com/FiloSottile/mkcert/releases/download/v1.4.1/mkcert-v1.4.1-linux-amd64
chmod +x /tmp/mkcert
sudo mv /tmp/mkcert /usr/local/bin/mkcert
$ mkcert -install
Created a new local CA at "/home/***/.local/share/mkcert" ๐ฅ
The local CA is now installed in the system trust store! โก๏ธ
The local CA is now installed in the Firefox trust store (requires browser restart)! ๐ฆ
$ mkcert -cert-file certs/local-cert.pem -key-file certs/local-key.pem dev.local *.dev.local
Using the local CA at "/home/***/.local/share/mkcert" โจ
Created a new certificate valid for the following names ๐
- "dev.local"
- "*.dev.local"
Reminder: X.509 wildcards only go one level deep, so this won't match a.b.dev.local โน๏ธ
The certificate is at "certs/local-cert.pem" and the key at "certs/local-key.pem" โ
์ด๊ฒ์ ๋ด๊ฐ ์ด๋ป๊ฒ ๋์ ๊ฐ๋ฐ ์ฐฝ๊ณ ๋ฅผ ์กฐ์งํ๋์ง, ๊ทธ๊ฒ์ ๋งค์ฐ ์์ ์ ์๊ฒฌ์ ๊ณ ์งํ๊ธฐ ๋๋ฌธ์, ๊ทธ ์ค์์ ๋น์ ์ด ํ์๋ก ํ๋ ๊ฒ๋ง ์ป๋๋ค๐!
๐ ํด๋ ๊ตฌ์กฐ
project_root
โโโ dev-stack
โ โโโ certs
โ โ โโโ .gitignore
โ โ โโโ local-cert.pem
โ โ โโโ local-key.pem
โ โโโ scripts
โ โ โโโ get-ip.sh
โ โ โโโ manage-hosts.sh
โ โโโ .env.local
โ โโโ .gitignore
โ โโโ docker-compose.yml
โ โโโ Makefile
โ โโโ README.md
ํ์ผ ์์ฑ
ifndef DEV_STACK_DIR
DEV_STACK_DIR = $(CURDIR)
endif
SCRIPTS_DIR=${DEV_STACK_DIR}/scripts
ifndef HOSTNAME
HOSTNAME = dev.local
endif
ifndef SUBDOMAINS
SUBDOMAINS = docs \
traefik \
mail \
media \
portainer \
graphql \
auth
endif
ifndef DATABASE
DATABASE = postgres
endif
ifndef INFRA
INFRA = traefik \
maildev \
minio \
mkdocs \
portainer \
${DATABASE} \
graphql-engine \
keycloak \
auth-connector
endif
export HOST_IP := $(shell ${SCRIPTS_DIR}/get-ip.sh)
# HELP
.PHONY: help
help: ## List of the command available, make {command}
@awk 'BEGIN {FS = ":.*?## "} /^[a-zA-Z_-]+:.*?## / {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' $(MAKEFILE_LIST)
.DEFAULT_GOAL := help
start: ## Start the docker stack
docker-compose up -d ${INFRA}
up: ## Start the docker stack
docker-compose up ${INFRA}
stop: ## Stop the docker stack
docker-compose stop
restart: ## Restart the docker stack
docker-compose restart
down: ## Down the docker stack and remove all containers and networks
docker-compose down
build: ## Build or rebuild all docker container
docker-compose build
pull: ## Pull latest image
docker-compose pull
add-hosts: ## Add Hosts entries for Dev stack
${SCRIPTS_DIR}/manage-hosts.sh addhost ${HOSTNAME}
$(foreach subdomain, $(SUBDOMAINS), ${SCRIPTS_DIR}/manage-hosts.sh addhost $(subdomain).$(HOSTNAME);)
remove-hosts: ## Remove Hosts entries for Dev stack
${SCRIPTS_DIR}/manage-hosts.sh removehost ${HOSTNAME}
$(foreach subdomain, $(SUBDOMAINS), ${SCRIPTS_DIR}/manage-hosts.sh removehost $(subdomain).$(HOSTNAME);)
certs-generate: ## Generate certs for all our domains
mkcert -install
mkcert -cert-file certs/local-cert.pem -key-file certs/local-key.pem $(HOSTNAME) *.$(HOSTNAME)
certs-uninstall: ## Uninstall the local CA (but do not delete it)
mkcert -uninstall
์คํฌ๋ฆฝํธ
ip๋ฅผ ๊ฐ์ ธ์ต๋๋ค.์ํด
#!/bin/bash
# Get host IP address
if [ "$(uname)" = "Darwin" ];then
ifconfig en0 | grep "inet "| cut -d ' ' -f 2
else
ip route get 1.2.3.4 | awk '{print $7}'
fi
ํธ์คํธ ๊ด๋ฆฌ์ํด
#!/bin/bash
# copy from https://gist.github.com/irazasyed/a7b0a079e7727a4315b9
# PATH TO YOUR HOSTS FILE
ETC_HOSTS=/etc/hosts
# DEFAULT IP FOR HOSTNAME
IP="127.0.0.1"
# Hostname to add/remove.
HOSTNAME=$2
removehost() {
echo "removing host";
if [ -n "$(grep $HOSTNAME /etc/hosts)" ]
then
echo "$HOSTNAME Found in your $ETC_HOSTS, Removing now...";
sudo sed -i".bak" "/$HOSTNAME/d" $ETC_HOSTS
else
echo "$HOSTNAME was not found in your $ETC_HOSTS";
fi
}
addhost() {
echo "adding host";
HOSTS_LINE="$IP\t$HOSTNAME"
if [ -n "$(grep $HOSTNAME /etc/hosts)" ]
then
echo "$HOSTNAME already exists : $(grep $HOSTNAME $ETC_HOSTS)"
else
echo "Adding $HOSTNAME to your $ETC_HOSTS";
sudo -- sh -c -e "echo '$HOSTS_LINE' >> /etc/hosts";
if [ -n "$(grep $HOSTNAME /etc/hosts)" ]
then
echo "$HOSTNAME was added succesfully \n $(grep $HOSTNAME /etc/hosts)";
else
echo "Failed to Add $HOSTNAME, Try again!";
fi
fi
}
$@
์ธ์ฆ์ ์ฌ์ฉ
โ ๋ค์ ๊ฒ์๋ฌผ์์๋ ์๋ก ์์ฑ๋ ์ธ์ฆ์๋ฅผ ์ฌ์ฉํ๋ ๋ฐฉ๋ฒ์ ๋ณผ ์ ์์ต๋๋ค
Github ์ ์ฅ์
์ผ๊ฐ
/
์์ ํ https ๊ฐ๋ฐ ํ๊ฒฝ
HTTPS์ ์์ ํ ๊ฐ๋ฐ ํ๊ฒฝ์ ๋ก์ปฌ ๊ฐ๋ฐ ์์ญ์ ์ ์ฉ๋๋ ์ ํจํ ์ธ์ฆ์๋ฅผ ๊ฐ์ง๊ณ ์์ผ๋ฉฐ mkcert, Nxworkspace,angular,reactjs,nestjs,express,docker,traefik๋ฅผ ํฌํจํ๋ค.
๋ง์ด์ด๊ทธ
์ด ํ๋ก์ ํธ๋ Nx์ ์ฌ์ฉํ์ฌ ์์ฑ๋ฉ๋๋ค.
๐ Nx๋ Monorepos๋ฅผ ์ํ ํ์ฅ ๊ฐ๋ฅํ ๊ฐ๋ฐ ๋๊ตฌ์
๋๋ค.
์์
๊ณต๊ฐ์ ๊ธฐ๋ฅ ์ถ๊ฐ
Nx๋ ๋ค์ํ ์ ํ์ ์์ฉ ํ๋ก๊ทธ๋จ๊ณผ ๋๊ตฌ๋ฅผ ๊ฐ๋ฐํ๋ ๊ธฐ๋ฅ์ ์ถ๊ฐํ ๋ง์ ํ๋ฌ๊ทธ์ธ์ ์ง์ํฉ๋๋ค.
์ด๋ฌํ ๊ธฐ๋ฅ์ ์์ฉ ํ๋ก๊ทธ๋จ, ๋ผ์ด๋ธ๋ฌ๋ฆฌ ์์ฑ, ํ๋ก์ ํธ ํ
์คํธ ๋ฐ ๊ตฌ์ถ์ ์ฌ์ฉ๋๋ devtools๋ฅผ ํฌํจํ๋ค.
๋ค์์ ํต์ฌ ํ๋ฌ๊ทธ์ธ์
๋๋ค.
์ด ํ๋ก์ ํธ๋ Nx์ ์ฌ์ฉํ์ฌ ์์ฑ๋ฉ๋๋ค.
๐ Nx๋ Monorepos๋ฅผ ์ํ ํ์ฅ ๊ฐ๋ฅํ ๊ฐ๋ฐ ๋๊ตฌ์ ๋๋ค.
์์ ๊ณต๊ฐ์ ๊ธฐ๋ฅ ์ถ๊ฐ
Nx๋ ๋ค์ํ ์ ํ์ ์์ฉ ํ๋ก๊ทธ๋จ๊ณผ ๋๊ตฌ๋ฅผ ๊ฐ๋ฐํ๋ ๊ธฐ๋ฅ์ ์ถ๊ฐํ ๋ง์ ํ๋ฌ๊ทธ์ธ์ ์ง์ํฉ๋๋ค.
์ด๋ฌํ ๊ธฐ๋ฅ์ ์์ฉ ํ๋ก๊ทธ๋จ, ๋ผ์ด๋ธ๋ฌ๋ฆฌ ์์ฑ, ํ๋ก์ ํธ ํ ์คํธ ๋ฐ ๊ตฌ์ถ์ ์ฌ์ฉ๋๋ devtools๋ฅผ ํฌํจํ๋ค.
๋ค์์ ํต์ฌ ํ๋ฌ๊ทธ์ธ์ ๋๋ค.
React
npm install --save-dev @nrwl/react
npm install --save-dev @nrwl/web
Angular
npm install --save-dev @nrwl/angular
Nest
npm install --save-dev @nrwl/nest
Express
npm install --save-dev @nrwl/express
Node
npm install --save-dev @nrwl/node
์ ํ๋ฆฌ์ผ์ด์ ์์ฑ
nx g @nrwl/react:app my-app
์ ์คํํ์ฌ ์์ฉ ํ๋ก๊ทธ๋จ์ ์์ฑํฉ๋๋ค.You can use any of the plugins above to generate applications as well.
Nx๋ฅผ ์ฌ์ฉํ๋ฉด ๊ฐ์ ์์ ๊ณต๊ฐ์์ ์ฌ๋ฌ ์์ฉ ํ๋ก๊ทธ๋จ๊ณผ ๋ผ์ด๋ธ๋ฌ๋ฆฌ๋ฅผ ๋ง๋ค ์ ์์ต๋๋ค.
๋ผ์ด๋ธ๋ฌ๋ฆฌ ์์ฑ
nx
์คํ...View on GitHub
Reference
์ด ๋ฌธ์ ์ ๊ดํ์ฌ(๐ ์ ์ฒด HTTPS ๊ฐ๋ฐ ํ๊ฒฝ), ์ฐ๋ฆฌ๋ ์ด๊ณณ์์ ๋ ๋ง์ ์๋ฃ๋ฅผ ๋ฐ๊ฒฌํ๊ณ ๋งํฌ๋ฅผ ํด๋ฆญํ์ฌ ๋ณด์๋ค https://dev.to/nightbr/full-https-ssl-development-environment-4damํ ์คํธ๋ฅผ ์์ ๋กญ๊ฒ ๊ณต์ ํ๊ฑฐ๋ ๋ณต์ฌํ ์ ์์ต๋๋ค.ํ์ง๋ง ์ด ๋ฌธ์์ URL์ ์ฐธ์กฐ URL๋ก ๋จ๊ฒจ ๋์ญ์์ค.
์ฐ์ํ ๊ฐ๋ฐ์ ์ฝํ ์ธ ๋ฐ๊ฒฌ์ ์ ๋ (Collection and Share based on the CC Protocol.)
์ข์ ์นํ์ด์ง ์ฆ๊ฒจ์ฐพ๊ธฐ
๊ฐ๋ฐ์ ์ฐ์ ์ฌ์ดํธ ์์ง
๊ฐ๋ฐ์๊ฐ ์์์ผ ํ ํ์ ์ฌ์ดํธ 100์ ์ถ์ฒ ์ฐ๋ฆฌ๋ ๋น์ ์ ์ํด 100๊ฐ์ ์์ฃผ ์ฌ์ฉํ๋ ๊ฐ๋ฐ์ ํ์ต ์ฌ์ดํธ๋ฅผ ์ ๋ฆฌํ์ต๋๋ค