Deploy

2025-11-05 19:55:38 +01:00
parent 6b0cfc49c0
commit c7d8f4868b
2 changed files with 125 additions and 30 deletions
--- a/.gitea/workflows/demo.yaml
+++ b/.gitea/workflows/demo.yaml
@@ -1,19 +1,38 @@
-name: Gitea Actions Demo
-run-name: ${{ gitea.actor }} is testing out Gitea Actions 🚀
-on: [push]
+name: Build and Deploy Hugo Site
+run-name: ${{ gitea.actor }} is deploying to production
+on:
+  push:
+    branches:
+      - main

 jobs:
-  Explore-Gitea-Actions:
+  build-and-deploy:
    runs-on: ubuntu-latest
    steps:
-      - run: echo "🎉 The job was automatically triggered by a ${{ gitea.event_name }} event."
-      - run: echo "🐧 This job is now running on a ${{ runner.os }} server hosted by Gitea!"
-      - run: echo "🔎 The name of your branch is ${{ gitea.ref }} and your repository is ${{ gitea.repository }}."
-      - name: Check out repository code
+      - name: Checkout repository
        uses: actions/checkout@v4
-      - run: echo "💡 The ${{ gitea.repository }} repository has been cloned to the runner."
-      - run: echo "🖥️ The workflow is now ready to test your code on the runner."
-      - name: List files in the repository
+
+      - name: Setup Hugo
+        uses: peaceiris/actions-hugo@v3
+        with:
+          hugo-version: 'latest'
+          extended: true
+
+      - name: Build Hugo site
+        run: hugo --minify
+
+      - name: Setup SSH
        run: |
-          ls ${{ gitea.workspace }}
-      - run: echo "🍏 This job's status is ${{ job.status }}."
+          mkdir -p ~/.ssh
+          echo "${{ secrets.SSH_KEY }}" > ~/.ssh/id_rsa
+          chmod 600 ~/.ssh/id_rsa
+          ssh-keyscan -H ${{ secrets.HOST }} >> ~/.ssh/known_hosts
+
+      - name: Deploy to production
+        run: |
+          scp -r public/* ${{ secrets.USERNAME }}@${{ secrets.HOST }}:/var/www/sometimescode.com/
+
+      - name: Cleanup
+        if: always()
+        run: |
+          rm -f ~/.ssh/id_rsa
--- a/README.md
+++ b/README.md
@@ -28,33 +28,106 @@ hugo new content posts/my-new-post.md
 ```
 ├── content/
 │   ├── posts/          # Blog posts
-│   └── resume.md       # Resume page
-├── themes/ananke/      # Hugo theme (git submodule)
+│   └── pages/          # Static pages (resume, etc.)
+├── themes/
+│   └── sometimescode/  # Custom theme
 ├── hugo.toml           # Site configuration
-└── .github/workflows/  # Deployment automation
+└── .gitea/workflows/   # Gitea Actions for CI/CD
 ```

 ## Deployment

-### Digital Ocean Setup
+### Automatic Deployment (Gitea Actions)
+
+The site automatically builds and deploys when you push to the `main` branch using Gitea Actions.
+
+#### Required Gitea Secrets
+
+Configure these secrets in your Gitea repository settings (Settings → Secrets):
+
+1. **`SSH_KEY`**: Private SSH key for deployment authentication
+   ```bash
+   # Generate a new SSH key pair on the host server
+   ssh-keygen -t ed25519 -C "gitea-deploy@sometimescode.com" -f ~/.ssh/gitea_deploy
+
+   # Copy the PRIVATE key content (this goes in Gitea secrets)
+   cat ~/.ssh/gitea_deploy
+
+   # Add the PUBLIC key to authorized_keys on the host
+   cat ~/.ssh/gitea_deploy.pub >> ~/.ssh/authorized_keys
+   chmod 600 ~/.ssh/authorized_keys
+   ```
+
+2. **`HOST`**: IP address to reach the host from the Docker worker
+   - **Same-host deployment**: Use `172.17.0.1` (Docker bridge gateway IP)
+   - **Remote server**: Use the actual server IP or hostname
+
+3. **`USERNAME`**: SSH username on the deployment server
+   - Example: `www-data`, `ubuntu`, or `deploy`
+
+**Important for same-host deployment**: When your Gitea worker runs in Docker on the same machine as your web server, use `172.17.0.1` as the HOST. This is the default Docker bridge network IP that allows containers to reach the host machine.
+
+#### How It Works
+
+1. Push to `main` branch triggers the workflow
+2. Gitea worker (Docker container) checks out the code
+3. Hugo extended is installed via the peaceiris/actions-hugo action
+4. Site is built with `hugo --minify`
+5. SSH connection is established to the host (via `172.17.0.1` for same-host)
+6. Built files in `public/` are copied via SCP to `/var/www/sometimescode.com/`
+7. SSH keys are cleaned up after deployment
+
+### Server Setup

 1. **Server Requirements**:
-   - Ubuntu 22.04+ droplet
-   - Nginx installed
-   - SSL certificate (use certbot)
+   - Ubuntu 22.04+ or similar Linux server
+   - Nginx or Caddy web server
+   - SSL certificate (automatic with Caddy, or use certbot with Nginx)

-2. **GitHub Secrets** (for automatic deployment):
-   - `DO_HOST`: Your server IP or domain
-   - `DO_USERNAME`: SSH username (usually `root` or `ubuntu`)
-   - `DO_SSH_KEY`: Private SSH key for server access
-
-3. **Server Setup**:
+2. **Prepare deployment directory**:
   ```bash
   # Create web directory
   sudo mkdir -p /var/www/sometimescode.com

-   # Copy nginx config
-   sudo cp nginx-example.conf /etc/nginx/sites-available/sometimescode.com
+   # Set appropriate permissions for your deploy user
+   sudo chown -R deploy-user:deploy-user /var/www/sometimescode.com
+   ```
+
+3. **Configure Web Server**:
+
+   **Option A: Caddy (Recommended - automatic HTTPS)**
+   ```bash
+   # Install Caddy if not already installed
+   sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https
+   curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
+   curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
+   sudo apt update
+   sudo apt install caddy
+
+   # Edit Caddyfile
+   sudo nano /etc/caddy/Caddyfile
+   ```
+
+   Add this configuration:
+   ```caddy
+   sometimescode.com {
+       root * /var/www/sometimescode.com
+       file_server
+       encode gzip
+   }
+   ```
+
+   ```bash
+   # Reload Caddy
+   sudo systemctl reload caddy
+   ```
+
+   **Option B: Nginx (manual SSL setup)**
+   ```bash
+   # Create nginx config
+   sudo nano /etc/nginx/sites-available/sometimescode.com
+
+   # Enable site
   sudo ln -s /etc/nginx/sites-available/sometimescode.com /etc/nginx/sites-enabled/

   # Get SSL certificate
@@ -66,6 +139,8 @@ hugo new content posts/my-new-post.md

 ### Manual Deployment

+If needed, you can still deploy manually:
+
 ```bash
 # Build site
 hugo --minify
@@ -76,10 +151,11 @@ scp -r public/* user@server:/var/www/sometimescode.com/

 ## Development

- **Theme**: [Ananke](https://github.com/theNewDynamic/gohugo-theme-ananke) with custom dark mode
- **Hugo Version**: 0.150.0+
+- **Theme**: Custom "sometimescode" theme
+- **Hugo Version**: 0.139.4+ (extended version)
 - **Content Format**: Markdown with YAML frontmatter
 - **Dark Mode**: Custom CSS and JavaScript implementation with toggle button
+- **CI/CD**: Gitea Actions for automated build and deployment

 ## Philosophy