From c7d8f4868b6ded5603b89a2e11f973a41f528722 Mon Sep 17 00:00:00 2001 From: Chris Smith Date: Wed, 5 Nov 2025 19:55:38 +0100 Subject: [PATCH] Deploy --- .gitea/workflows/demo.yaml | 45 ++++++++++----- README.md | 110 +++++++++++++++++++++++++++++++------ 2 files changed, 125 insertions(+), 30 deletions(-) diff --git a/.gitea/workflows/demo.yaml b/.gitea/workflows/demo.yaml index 394c807..198a8ec 100644 --- a/.gitea/workflows/demo.yaml +++ b/.gitea/workflows/demo.yaml @@ -1,19 +1,38 @@ -name: Gitea Actions Demo -run-name: ${{ gitea.actor }} is testing out Gitea Actions 🚀 -on: [push] +name: Build and Deploy Hugo Site +run-name: ${{ gitea.actor }} is deploying to production +on: + push: + branches: + - main jobs: - Explore-Gitea-Actions: + build-and-deploy: runs-on: ubuntu-latest steps: - - run: echo "🎉 The job was automatically triggered by a ${{ gitea.event_name }} event." - - run: echo "🐧 This job is now running on a ${{ runner.os }} server hosted by Gitea!" - - run: echo "🔎 The name of your branch is ${{ gitea.ref }} and your repository is ${{ gitea.repository }}." - - name: Check out repository code + - name: Checkout repository uses: actions/checkout@v4 - - run: echo "💡 The ${{ gitea.repository }} repository has been cloned to the runner." - - run: echo "🖥️ The workflow is now ready to test your code on the runner." - - name: List files in the repository + + - name: Setup Hugo + uses: peaceiris/actions-hugo@v3 + with: + hugo-version: 'latest' + extended: true + + - name: Build Hugo site + run: hugo --minify + + - name: Setup SSH run: | - ls ${{ gitea.workspace }} - - run: echo "🍏 This job's status is ${{ job.status }}." \ No newline at end of file + mkdir -p ~/.ssh + echo "${{ secrets.SSH_KEY }}" > ~/.ssh/id_rsa + chmod 600 ~/.ssh/id_rsa + ssh-keyscan -H ${{ secrets.HOST }} >> ~/.ssh/known_hosts + + - name: Deploy to production + run: | + scp -r public/* ${{ secrets.USERNAME }}@${{ secrets.HOST }}:/var/www/sometimescode.com/ + + - name: Cleanup + if: always() + run: | + rm -f ~/.ssh/id_rsa \ No newline at end of file diff --git a/README.md b/README.md index 2f553ec..d420f57 100644 --- a/README.md +++ b/README.md @@ -28,33 +28,106 @@ hugo new content posts/my-new-post.md ``` ├── content/ │ ├── posts/ # Blog posts -│ └── resume.md # Resume page -├── themes/ananke/ # Hugo theme (git submodule) +│ └── pages/ # Static pages (resume, etc.) +├── themes/ +│ └── sometimescode/ # Custom theme ├── hugo.toml # Site configuration -└── .github/workflows/ # Deployment automation +└── .gitea/workflows/ # Gitea Actions for CI/CD ``` ## Deployment -### Digital Ocean Setup +### Automatic Deployment (Gitea Actions) + +The site automatically builds and deploys when you push to the `main` branch using Gitea Actions. + +#### Required Gitea Secrets + +Configure these secrets in your Gitea repository settings (Settings → Secrets): + +1. **`SSH_KEY`**: Private SSH key for deployment authentication + ```bash + # Generate a new SSH key pair on the host server + ssh-keygen -t ed25519 -C "gitea-deploy@sometimescode.com" -f ~/.ssh/gitea_deploy + + # Copy the PRIVATE key content (this goes in Gitea secrets) + cat ~/.ssh/gitea_deploy + + # Add the PUBLIC key to authorized_keys on the host + cat ~/.ssh/gitea_deploy.pub >> ~/.ssh/authorized_keys + chmod 600 ~/.ssh/authorized_keys + ``` + +2. **`HOST`**: IP address to reach the host from the Docker worker + - **Same-host deployment**: Use `172.17.0.1` (Docker bridge gateway IP) + - **Remote server**: Use the actual server IP or hostname + +3. **`USERNAME`**: SSH username on the deployment server + - Example: `www-data`, `ubuntu`, or `deploy` + +**Important for same-host deployment**: When your Gitea worker runs in Docker on the same machine as your web server, use `172.17.0.1` as the HOST. This is the default Docker bridge network IP that allows containers to reach the host machine. + +#### How It Works + +1. Push to `main` branch triggers the workflow +2. Gitea worker (Docker container) checks out the code +3. Hugo extended is installed via the peaceiris/actions-hugo action +4. Site is built with `hugo --minify` +5. SSH connection is established to the host (via `172.17.0.1` for same-host) +6. Built files in `public/` are copied via SCP to `/var/www/sometimescode.com/` +7. SSH keys are cleaned up after deployment + +### Server Setup 1. **Server Requirements**: - - Ubuntu 22.04+ droplet - - Nginx installed - - SSL certificate (use certbot) + - Ubuntu 22.04+ or similar Linux server + - Nginx or Caddy web server + - SSL certificate (automatic with Caddy, or use certbot with Nginx) -2. **GitHub Secrets** (for automatic deployment): - - `DO_HOST`: Your server IP or domain - - `DO_USERNAME`: SSH username (usually `root` or `ubuntu`) - - `DO_SSH_KEY`: Private SSH key for server access - -3. **Server Setup**: +2. **Prepare deployment directory**: ```bash # Create web directory sudo mkdir -p /var/www/sometimescode.com - # Copy nginx config - sudo cp nginx-example.conf /etc/nginx/sites-available/sometimescode.com + # Set appropriate permissions for your deploy user + sudo chown -R deploy-user:deploy-user /var/www/sometimescode.com + ``` + +3. **Configure Web Server**: + + **Option A: Caddy (Recommended - automatic HTTPS)** + ```bash + # Install Caddy if not already installed + sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https + curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg + curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list + sudo apt update + sudo apt install caddy + + # Edit Caddyfile + sudo nano /etc/caddy/Caddyfile + ``` + + Add this configuration: + ```caddy + sometimescode.com { + root * /var/www/sometimescode.com + file_server + encode gzip + } + ``` + + ```bash + # Reload Caddy + sudo systemctl reload caddy + ``` + + **Option B: Nginx (manual SSL setup)** + ```bash + # Create nginx config + sudo nano /etc/nginx/sites-available/sometimescode.com + + # Enable site sudo ln -s /etc/nginx/sites-available/sometimescode.com /etc/nginx/sites-enabled/ # Get SSL certificate @@ -66,6 +139,8 @@ hugo new content posts/my-new-post.md ### Manual Deployment +If needed, you can still deploy manually: + ```bash # Build site hugo --minify @@ -76,10 +151,11 @@ scp -r public/* user@server:/var/www/sometimescode.com/ ## Development -- **Theme**: [Ananke](https://github.com/theNewDynamic/gohugo-theme-ananke) with custom dark mode -- **Hugo Version**: 0.150.0+ +- **Theme**: Custom "sometimescode" theme +- **Hugo Version**: 0.139.4+ (extended version) - **Content Format**: Markdown with YAML frontmatter - **Dark Mode**: Custom CSS and JavaScript implementation with toggle button +- **CI/CD**: Gitea Actions for automated build and deployment ## Philosophy