인증서 파일을 환경변수를 사용하도록 변경

@@ -10,11 +10,20 @@ services:
       - "3000:3000"
     volumes:
       - /etc/letsencrypt:/etc/letsencrypt
+    environment:
+      - SSL_CERT={SSL_CERT}
+      - SSL_KEY={SSL_KEY}
+      - SSL_CA={SSL_CA}
 
   web:
     build:
       context: .
       dockerfile: ./web/Dockerfile
+      args:
+        - HOST={HOST}
+        - SSL_CERT={SSL_CERT}
+        - SSL_KEY={SSL_KEY}
+        - SSL_CA={SSL_CA}
     restart: unless-stopped
     ports:
       - "443:443"

@@ -23,15 +23,9 @@ export class Server {
     } else {
       server = createServerHttps(
         {
-          cert: readFileSync(
-            "/etc/letsencrypt/live/2020105578.oss2021.tk/cert.pem"
-          ),
-          key: readFileSync(
-            "/etc/letsencrypt/live/2020105578.oss2021.tk/privkey.pem"
-          ),
-          ca: readFileSync(
-            "/etc/letsencrypt/live/2020105578.oss2021.tk/fullchain.pem"
-          ),
+          cert: readFileSync(process.env.SSL_CERT as string),
+          key: readFileSync(process.env.SSL_KEY as string),
+          ca: readFileSync(process.env.SSL_CA as string),
         },
         app
       );

@@ -16,7 +16,18 @@ RUN yarn build
 
 FROM nginx:latest
 
-COPY web/default.conf /etc/nginx/conf.d/default.conf
+ARG HOST
+ENV HOST ${HOST}
+ARG SSL_CERT
+ENV SSL_CERT ${SSL_CERT}
+ARG SSL_KEY
+ENV SSL_KEY ${SSL_KEY}}
+ARG SSL_CA
+ENV SSL_CA ${SSL_CA}}
+
+COPY web/default.conf /etc/nginx/conf.d/default_temp
+RUN envsubst < /etc/nginx/conf.d/default_temp > /etc/nginx/conf.d/default.conf
+
 COPY --from=build /usr/web/build /usr/web/build
 
 EXPOSE 443

@@ -5,10 +5,10 @@ server {
 
 server {
     listen 443 ssl default_server;
-    server_name 2020105578.oss2021.tk;
+    server_name $HOST;
 
-    ssl_certificate /etc/letsencrypt/live/2020105578.oss2021.tk/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/2020105578.oss2021.tk/privkey.pem;
+    ssl_certificate $SSL_CA;
+    ssl_certificate_key $SSL_KEY;
 
     location / {
         root    /usr/web/build;