85a627e1ab
- Builds Jekyll site on push to main branch - Backs up existing site before deployment - Deploys to web.resist.is with proper permissions - Includes verification and cleanup steps
123 lines
3.9 KiB
YAML
123 lines
3.9 KiB
YAML
name: Deploy Jekyll Site
|
|
|
|
on:
|
|
push:
|
|
branches: [ main ]
|
|
pull_request:
|
|
branches: [ main ]
|
|
types: [ closed ]
|
|
|
|
jobs:
|
|
deploy:
|
|
runs-on: ubuntu-latest
|
|
if: github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.pull_request.merged == true)
|
|
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: Setup Ruby
|
|
uses: ruby/setup-ruby@v1
|
|
with:
|
|
ruby-version: '3.0'
|
|
bundler-cache: true
|
|
|
|
- name: Install dependencies
|
|
run: |
|
|
gem install bundler
|
|
bundle install
|
|
|
|
- name: Build Jekyll site
|
|
run: |
|
|
bundle exec jekyll build
|
|
|
|
- name: Prepare deployment files
|
|
run: |
|
|
# Create deployment package
|
|
tar -czf site-deployment.tar.gz -C _site .
|
|
|
|
- name: Deploy to web.resist.is
|
|
env:
|
|
DEPLOY_HOST: web.resist.is
|
|
DEPLOY_USER: resistbot
|
|
DEPLOY_PASS: ${{ secrets.DEPLOY_PASSWORD }}
|
|
SITE_PATH: /var/www/join.resist.is
|
|
run: |
|
|
# Install sshpass for password authentication
|
|
sudo apt-get update
|
|
sudo apt-get install -y sshpass rsync
|
|
|
|
# Create backup directory name with timestamp
|
|
BACKUP_DIR="backup-$(date +%Y%m%d-%H%M%S)"
|
|
|
|
# Create SSH config to disable host key checking (for automation)
|
|
mkdir -p ~/.ssh
|
|
echo "Host web.resist.is" >> ~/.ssh/config
|
|
echo " StrictHostKeyChecking no" >> ~/.ssh/config
|
|
echo " UserKnownHostsFile /dev/null" >> ~/.ssh/config
|
|
|
|
# Create backup of existing site
|
|
echo "Creating backup of existing site..."
|
|
sshpass -p "$DEPLOY_PASS" ssh "$DEPLOY_USER@$DEPLOY_HOST" "
|
|
if [ -d '$SITE_PATH' ]; then
|
|
sudo mkdir -p /var/backups/join.resist.is
|
|
sudo cp -r '$SITE_PATH' '/var/backups/join.resist.is/$BACKUP_DIR'
|
|
echo 'Backup created at /var/backups/join.resist.is/$BACKUP_DIR'
|
|
else
|
|
echo 'No existing site found to backup'
|
|
fi
|
|
"
|
|
|
|
# Create site directory if it doesn't exist
|
|
echo "Preparing deployment directory..."
|
|
sshpass -p "$DEPLOY_PASS" ssh "$DEPLOY_USER@$DEPLOY_HOST" "
|
|
sudo mkdir -p '$SITE_PATH'
|
|
sudo chown -R $DEPLOY_USER:$DEPLOY_USER '$SITE_PATH'
|
|
"
|
|
|
|
# Deploy new site
|
|
echo "Deploying new Jekyll site..."
|
|
sshpass -p "$DEPLOY_PASS" rsync -avz --delete \
|
|
-e "ssh -o StrictHostKeyChecking=no" \
|
|
_site/ "$DEPLOY_USER@$DEPLOY_HOST:$SITE_PATH/"
|
|
|
|
# Set proper permissions
|
|
sshpass -p "$DEPLOY_PASS" ssh "$DEPLOY_USER@$DEPLOY_HOST" "
|
|
sudo chown -R www-data:www-data '$SITE_PATH'
|
|
sudo chmod -R 755 '$SITE_PATH'
|
|
sudo find '$SITE_PATH' -type f -exec chmod 644 {} \;
|
|
"
|
|
|
|
echo "Deployment completed successfully!"
|
|
echo "Site is now live at: https://join.resist.is"
|
|
echo "Backup location: /var/backups/join.resist.is/$BACKUP_DIR"
|
|
|
|
- name: Verify deployment
|
|
env:
|
|
DEPLOY_HOST: web.resist.is
|
|
DEPLOY_USER: resistbot
|
|
DEPLOY_PASS: ${{ secrets.DEPLOY_PASSWORD }}
|
|
SITE_PATH: /var/www/join.resist.is
|
|
run: |
|
|
# Verify the deployment by checking if index.html exists
|
|
echo "Verifying deployment..."
|
|
sshpass -p "$DEPLOY_PASS" ssh "$DEPLOY_USER@$DEPLOY_HOST" "
|
|
if [ -f '$SITE_PATH/index.html' ]; then
|
|
echo 'Deployment verification successful - index.html found'
|
|
echo 'File count in deployment:'
|
|
find '$SITE_PATH' -type f | wc -l
|
|
else
|
|
echo 'Deployment verification failed - index.html not found'
|
|
exit 1
|
|
fi
|
|
"
|
|
|
|
- name: Cleanup
|
|
run: |
|
|
# Remove deployment artifacts
|
|
rm -f site-deployment.tar.gz
|
|
echo "Cleanup completed"
|
|
|