Add Gitea Actions workflow for nginx deployment

- Create .gitea/workflows/deploy.yml for automated nginx config deployment
- Implement local server deployment (no SSH required)
- Add automatic backup, validation, and rollback features
- Update README.md with Gitea Actions setup instructions
- Include sudo permissions configuration guide

Features:
- Automatic nginx config backup before deployment
- Configuration syntax validation
- Seamless nginx service reload
- Automatic rollback on deployment failure
- Old backup cleanup (keeps last 5)

.gitea/workflows/deploy.yml

@@ -0,0 +1,107 @@
+# Ubuntu 서버 nginx 설정 자동 배포 워크플로우 (Gitea Actions)
+#
+# 성공 조건:
+# - Gitea Actions 활성화
+# - admin 사용자 sudo NOPASSWD 설정 완료
+# - nginx 서비스 실행 중
+#
+# 실패 조건:
+# - sudo 권한 없음
+# - nginx 설정 문법 오류
+# - 시스템 서비스 오류
+#
+# 주요 작업:
+# 1. 소스 코드 체크아웃
+# 2. nginx 설정 백업
+# 3. 새 설정 적용 (/etc/nginx/sites-available/default)
+# 4. nginx 설정 검증 (nginx -t)
+# 5. nginx 서비스 reload
+# 6. 배포 결과 확인
+
+name: Deploy Nginx Config to Ubuntu Server
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    
+    steps:
+      - name: Checkout source code
+        uses: actions/checkout@v4
+        
+      - name: Backup current nginx config
+        run: |
+          echo "📋 Creating backup of current nginx configuration..."
+          sudo cp /etc/nginx/sites-available/default /etc/nginx/sites-available/default.backup.$(date +%Y%m%d_%H%M%S)
+          echo "✅ Backup created successfully"
+          
+      - name: Validate new nginx configuration
+        run: |
+          echo "🔍 Validating new nginx configuration syntax..."
+          # Create temporary copy to validate
+          sudo cp server-nginx-default /tmp/nginx-test-config
+          sudo nginx -t -c /tmp/nginx-test-config || {
+            echo "❌ New nginx configuration has syntax errors!"
+            exit 1
+          }
+          echo "✅ New configuration syntax is valid"
+          
+      - name: Apply new nginx configuration
+        run: |
+          echo "📋 Applying new nginx configuration..."
+          sudo cp server-nginx-default /etc/nginx/sites-available/default
+          echo "✅ Configuration file updated"
+          
+      - name: Test nginx configuration
+        run: |
+          echo "🔍 Testing nginx configuration with current setup..."
+          sudo nginx -t
+          echo "✅ Configuration test passed"
+          
+      - name: Reload nginx service
+        run: |
+          echo "🔄 Reloading nginx service..."
+          sudo systemctl reload nginx
+          echo "✅ Nginx service reloaded successfully"
+          
+      - name: Verify deployment
+        run: |
+          echo "🚀 Verifying deployment status..."
+          # Check nginx service status
+          sudo systemctl is-active nginx || {
+            echo "❌ Nginx service is not running!"
+            # Rollback on failure
+            echo "🔄 Rolling back to previous configuration..."
+            BACKUP_FILE=$(ls -t /etc/nginx/sites-available/default.backup.* 2>/dev/null | head -1)
+            if [ -n "$BACKUP_FILE" ]; then
+              sudo cp "$BACKUP_FILE" /etc/nginx/sites-available/default
+              sudo systemctl reload nginx
+              echo "✅ Rollback completed"
+            fi
+            exit 1
+          }
+          
+          # Test HTTP response
+          curl -f -s -I http://localhost:80 > /dev/null || {
+            echo "⚠️  Warning: HTTP response test failed, but nginx is running"
+          }
+          
+          echo "✅ Deployment completed successfully!"
+          echo "📊 Deployment Summary:"
+          echo "  - Configuration: Applied"
+          echo "  - Service: Running"
+          echo "  - Status: Success"
+          
+      - name: Cleanup old backups
+        run: |
+          echo "🧹 Cleaning up old backup files (keeping last 5)..."
+          cd /etc/nginx/sites-available/
+          sudo ls -t default.backup.* 2>/dev/null | tail -n +6 | sudo xargs rm -f
+          echo "✅ Cleanup completed"

README.md

@@ -5,37 +5,41 @@ Ubuntu 서버용 Nginx 리버스 프록시 배포 저장소입니다.
 ## 구조
 
 ```
-nginx-deploy/
+nginx-infra/
-├── .github/workflows/deploy.yml  # GitHub Actions 배포 스크립트
+├── .gitea/workflows/deploy.yml   # Gitea Actions 배포 스크립트
+├── .github/workflows/deploy.yml  # GitHub Actions 배포 스크립트 (legacy)
 ├── default.conf                  # Docker nginx 설정 (legacy)
 ├── server-nginx-default          # 서버 nginx 설정 파일
 ├── docker-compose.yml            # Docker Compose 정의 (cleanup용)
 └── README.md                     # 이 파일
 ```
 
-## 배포 플로우
+## 배포 플로우 (Gitea Actions)
 
 1. **main 브랜치에 push**
-2. **GitHub Actions** 자동 실행
+2. **Gitea Actions** 자동 실행 (로컬 서버)
-3. **파일 전송** (Ubuntu 서버 ~/robeing-nginx)
+3. **nginx 설정 백업** (자동 백업)
-4. **nginx 설정 적용** (서버 nginx 자동 reload)
+4. **설정 검증** (nginx -t)
-5. **Docker 컨테이너 정리** (기존 컨테이너 중지)
+5. **nginx 설정 적용** (/etc/nginx/sites-available/default)
+6. **nginx 서비스 reload** (무중단 적용)
+7. **배포 검증** (자동 롤백 포함)
 
 ## 서버 설정
 
-### GitHub Secrets 설정
+### Gitea Actions 요구사항
-```
-NAS_HOST: 124.55.18.179
-NAS_PORT: 51123
-NAS_USER: admin
-NAS_SSH_KEY_ADMIN: SSH 개인키
-```
-
-### 서버 요구사항
 - Ubuntu 22.04 LTS
-- Nginx 설치 및 SSL 설정 완료
+- Gitea Actions 활성화
-- admin 사용자 특정 명령어 sudo 권한 (NOPASSWD)
+- admin 사용자 sudo NOPASSWD 권한
-- 포트 80, 443 오픈
+- nginx 서비스 실행 중
+
+### sudo 권한 설정
+```bash
+# /etc/sudoers.d/admin 파일 생성
+sudo visudo -f /etc/sudoers.d/admin
+
+# 다음 내용 추가:
+admin ALL=(ALL) NOPASSWD: /usr/bin/cp, /usr/sbin/nginx, /bin/systemctl
+```
 
 ## 프록시 라우팅