diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml new file mode 100644 index 0000000..1491940 --- /dev/null +++ b/.gitea/workflows/deploy.yml @@ -0,0 +1,122 @@ +name: Deploy Jekyll Site + +on: + push: + branches: [ main ] + pull_request: + branches: [ main ] + types: [ closed ] + +jobs: + deploy: + runs-on: ubuntu-latest + if: github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.pull_request.merged == true) + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Setup Ruby + uses: ruby/setup-ruby@v1 + with: + ruby-version: '3.0' + bundler-cache: true + + - name: Install dependencies + run: | + gem install bundler + bundle install + + - name: Build Jekyll site + run: | + bundle exec jekyll build + + - name: Prepare deployment files + run: | + # Create deployment package + tar -czf site-deployment.tar.gz -C _site . + + - name: Deploy to web.resist.is + env: + DEPLOY_HOST: web.resist.is + DEPLOY_USER: resistbot + DEPLOY_PASS: ${{ secrets.DEPLOY_PASSWORD }} + SITE_PATH: /var/www/join.resist.is + run: | + # Install sshpass for password authentication + sudo apt-get update + sudo apt-get install -y sshpass rsync + + # Create backup directory name with timestamp + BACKUP_DIR="backup-$(date +%Y%m%d-%H%M%S)" + + # Create SSH config to disable host key checking (for automation) + mkdir -p ~/.ssh + echo "Host web.resist.is" >> ~/.ssh/config + echo " StrictHostKeyChecking no" >> ~/.ssh/config + echo " UserKnownHostsFile /dev/null" >> ~/.ssh/config + + # Create backup of existing site + echo "Creating backup of existing site..." + sshpass -p "$DEPLOY_PASS" ssh "$DEPLOY_USER@$DEPLOY_HOST" " + if [ -d '$SITE_PATH' ]; then + sudo mkdir -p /var/backups/join.resist.is + sudo cp -r '$SITE_PATH' '/var/backups/join.resist.is/$BACKUP_DIR' + echo 'Backup created at /var/backups/join.resist.is/$BACKUP_DIR' + else + echo 'No existing site found to backup' + fi + " + + # Create site directory if it doesn't exist + echo "Preparing deployment directory..." + sshpass -p "$DEPLOY_PASS" ssh "$DEPLOY_USER@$DEPLOY_HOST" " + sudo mkdir -p '$SITE_PATH' + sudo chown -R $DEPLOY_USER:$DEPLOY_USER '$SITE_PATH' + " + + # Deploy new site + echo "Deploying new Jekyll site..." + sshpass -p "$DEPLOY_PASS" rsync -avz --delete \ + -e "ssh -o StrictHostKeyChecking=no" \ + _site/ "$DEPLOY_USER@$DEPLOY_HOST:$SITE_PATH/" + + # Set proper permissions + sshpass -p "$DEPLOY_PASS" ssh "$DEPLOY_USER@$DEPLOY_HOST" " + sudo chown -R www-data:www-data '$SITE_PATH' + sudo chmod -R 755 '$SITE_PATH' + sudo find '$SITE_PATH' -type f -exec chmod 644 {} \; + " + + echo "Deployment completed successfully!" + echo "Site is now live at: https://join.resist.is" + echo "Backup location: /var/backups/join.resist.is/$BACKUP_DIR" + + - name: Verify deployment + env: + DEPLOY_HOST: web.resist.is + DEPLOY_USER: resistbot + DEPLOY_PASS: ${{ secrets.DEPLOY_PASSWORD }} + SITE_PATH: /var/www/join.resist.is + run: | + # Verify the deployment by checking if index.html exists + echo "Verifying deployment..." + sshpass -p "$DEPLOY_PASS" ssh "$DEPLOY_USER@$DEPLOY_HOST" " + if [ -f '$SITE_PATH/index.html' ]; then + echo 'Deployment verification successful - index.html found' + echo 'File count in deployment:' + find '$SITE_PATH' -type f | wc -l + else + echo 'Deployment verification failed - index.html not found' + exit 1 + fi + " + + - name: Cleanup + run: | + # Remove deployment artifacts + rm -f site-deployment.tar.gz + echo "Cleanup completed" +