Fix: dev/stg 환경 SSL 인증서 관리 구조 통합

lunarbae628 · lunarbae628 · commit 23ffddb8fa5d · 2026-02-01T04:24:31.000+09:00
diff --git a/infra/docker-compose.stg.yml b/infra/docker-compose.stg.yml
@@ -93,8 +93,8 @@ services:
     restart: unless-stopped
     volumes:
       - ./nginx/nginx.stg.conf:/etc/nginx/nginx.conf:ro
-      - ./certbot/etc:/etc/letsencrypt:ro
-      - ./certbot/www:/var/www/certbot:ro
+      - /srv/docsa/infra/certbot/etc:/etc/letsencrypt:ro
+      - /srv/docsa/infra/certbot/www:/var/www/certbot:ro
     ports:
       - "8080:80"
       - "8443:443"
@@ -104,63 +104,6 @@ services:
     networks:
       - docsa_stg_net
 
-  # 최초 발급용(수동실행)
-  certbot_init:
-    image: certbot/certbot:latest
-    container_name: docsa-certbot-init-stg
-    profiles:
-      - "init"
-    depends_on:
-      - nginx
-    volumes:
-      - ./certbot/www:/var/www/certbot:rw
-      - ./certbot/etc:/etc/letsencrypt:rw
-      - ./certbot/logs:/var/log/letsencrypt:rw
-    command: >
-      certonly --webroot
-      --webroot-path /var/www/certbot
-      -d stg.api.docsa.o-r.kr
-      --email qoanstjdsla@gmail.com
-      --agree-tos --non-interactive
-      --no-eff-email
-
-  # 자동 갱신 데몬(하루마다 확인, 갱신되면 nginx 리로드)
-  certbot_renew:
-    image: certbot/certbot:latest
-    container_name: docsa-certbot-renew-stg
-    depends_on:
-      - nginx
-    volumes:
-      - ./certbot/www:/var/www/certbot:rw
-      - ./certbot/etc:/etc/letsencrypt:rw
-      - ./certbot/logs:/var/log/letsencrypt:rw
-      - /var/run/docker.sock:/var/run/docker.sock:rw
-    entrypoint: >
-      sh -c '
-        set -eu
-      
-        # curl 없으면 설치
-        if ! command -v curl >/dev/null 2>&1; then
-          if command -v apk >/dev/null 2>&1; then
-            apk add --no-cache curl >/dev/null 2>&1
-          else
-            echo "[ERROR] curl not found and apk not available. Need curl-capable image." >&2
-            exit 1
-          fi
-        fi
-      
-        while :; do
-          # renew 실행
-          certbot renew --webroot -w /var/www/certbot --quiet || true
-      
-          # nginx 무중단 reload (Docker Engine API)
-          curl -sS --unix-socket /var/run/docker.sock \
-            -X POST "http://localhost/v1.41/containers/docsa-nginx-stg/kill?signal=HUP" \
-            >/dev/null 2>&1 || true
-      
-          sleep 24h
-        done
-      '
 
  # ===== METRICS =====
   cadvisor:
