운영환경 pgadmin 서버 추가

kubrickcode · kubrickcode · commit 38bccad48cd6 · 2025-08-23T09:27:19.000Z
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -139,7 +139,35 @@ jobs:
               --user root \
               grafana/promtail:3.4 -config.file=/etc/promtail/config.yaml || echo "Docker run failed: $?"
 
-      - name: Deploy Web Service to EC2
+      - name: Setup pgAdmin config files
+        run: |
+          # Parse DATABASE_URL to extract connection details
+          DB_URL="${{ secrets.DATABASE_URL }}"
+          DB_HOST=$(echo $DB_URL | sed -n 's/.*@\([^:]*\):.*/\1/p')
+          DB_USER=$(echo $DB_URL | sed -n 's/.*:\/\/\([^:]*\):.*/\1/p')
+          DB_PASS=$(echo $DB_URL | sed -n 's/.*:\/\/[^:]*:\([^@]*\)@.*/\1/p')
+          DB_NAME=$(echo $DB_URL | sed -n 's/.*\/\([^?]*\).*/\1/p')
+          
+          # Create servers.json with actual DB details
+          sed "s/HOST_PLACEHOLDER/$DB_HOST/g; s/USER_PLACEHOLDER/$DB_USER/g; s/DB_NAME_PLACEHOLDER/$DB_NAME/g" \
+            infra/pgadmin/servers.json > servers.json
+          
+          # Create pgpass with actual credentials  
+          sed "s/HOST_PLACEHOLDER/$DB_HOST/g; s/USER_PLACEHOLDER/$DB_USER/g; s/PASSWORD_PLACEHOLDER/$DB_PASS/g" \
+            infra/pgadmin/pgpass > pgpass
+          
+          chmod 600 pgpass
+
+      - name: Copy pgAdmin config to EC2
+        uses: appleboy/scp-action@master
+        with:
+          host: ${{ secrets.EC2_HOST }}
+          username: ubuntu
+          key: ${{ secrets.EC2_SSH_KEY }}
+          source: "servers.json,pgpass"
+          target: "/home/ubuntu"
+
+      - name: Deploy Web Service and pgAdmin to EC2
         uses: appleboy/ssh-action@master
         with:
           host: ${{ secrets.EC2_HOST }}
@@ -153,7 +181,25 @@ jobs:
             docker pull ${{ secrets.ECR_REGISTRY }}/loa-work/web-service:latest
             docker stop web-service || true
             docker rm web-service || true
+            docker stop pgadmin || true
+            docker rm pgadmin || true
+
+            # Start pgAdmin with pre-configured database
+            docker run -d \
+              --name pgadmin \
+              -p 5050:80 \
+              --log-driver json-file \
+              --log-opt max-size=10m \
+              --log-opt max-file=3 \
+              -e PGADMIN_DEFAULT_EMAIL="admin@loa-work.info" \
+              -e PGADMIN_DEFAULT_PASSWORD="admin" \
+              -e PGADMIN_CONFIG_SERVER_MODE=False \
+              -v /home/ubuntu/servers.json:/pgadmin4/servers.json:ro \
+              -v /home/ubuntu/pgpass:/pgpass:ro \
+              --restart always \
+              dpage/pgadmin4:latest
 
+            # Start web service
             docker run -d \
               --name web-service \
               -p 3000:3000 \
diff --git a/infra/pgadmin/pgpass b/infra/pgadmin/pgpass
@@ -0,0 +1 @@
+HOST_PLACEHOLDER:5432:*:USER_PLACEHOLDER:PASSWORD_PLACEHOLDER
diff --git a/infra/pgadmin/servers.json b/infra/pgadmin/servers.json
@@ -0,0 +1,13 @@
+{
+  "Servers": {
+    "1": {
+      "Name": "LOA Work Database",
+      "Group": "Servers",
+      "Host": "HOST_PLACEHOLDER",
+      "Port": 5432,
+      "MaintenanceDB": "DB_NAME_PLACEHOLDER",
+      "Username": "USER_PLACEHOLDER",
+      "SSLMode": "require"
+    }
+  }
+}
diff --git a/infra/web/default.conf b/infra/web/default.conf
@@ -15,6 +15,41 @@ server {
         expires 1d;
     }
 
+    # pgAdmin 4 reverse proxy configuration
+    location /pgadmin/ {
+        # Remove trailing slash and redirect to add it back
+        rewrite ^/pgadmin$ /pgadmin/ permanent;
+        
+        proxy_pass http://localhost:5050;
+        proxy_http_version 1.1;
+        
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto https;
+        proxy_set_header X-Script-Name /pgadmin;
+        
+        # WebSocket support for pgAdmin
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        
+        # Increase buffer sizes for large queries
+        proxy_buffer_size 128k;
+        proxy_buffers 4 256k;
+        proxy_busy_buffers_size 256k;
+        
+        # Increase timeout for long-running queries
+        proxy_connect_timeout 60s;
+        proxy_send_timeout 60s;
+        proxy_read_timeout 60s;
+        
+        # Security headers for pgAdmin
+        add_header X-Frame-Options "SAMEORIGIN" always;
+        add_header X-Content-Type-Options "nosniff" always;
+        add_header X-XSS-Protection "1; mode=block" always;
+        add_header Referrer-Policy "strict-origin-when-cross-origin" always;
+    }
+
     location / {
         proxy_pass http://localhost:3000;
         proxy_http_version 1.1;

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+HOST_PLACEHOLDER:5432:*:USER_PLACEHOLDER:PASSWORD_PLACEHOLDER`