the workflow#
This blog is built using Hugo which builds static websites from markdown files. This enables mee to write them in any code editor. But to publish the post I still need to manually copy the files to the server and run the build command.
This can easily be automated using a CI/CD pipeline on my git server OneDev.
Here I will show you how I set this up.
I use two servers for this:
- a lab server for testing
- a production server for the live blog (you are on right now)
When I write a new post and want to see it on the server I push the changes to the git server in the lab branch.
OneDev will then automatically build the website and deploy it to the lab server.
I can make my changes to the post and push them until I am happy with the result.
Then I merge the changes to the main branch.
OneDev will then automatically build the website and deploy it to the production server.
Preparation#
I assume that the webserver is already set up. In my setup I am using Ubuntu with nginx to server the static pages.
To be able to deploy the website I need to have a ssh key pair.
The public key needs to be added to allowed keys of the deployer user on the webserver and the private key needs to be added to the project secrets. Additionally, the deployer user needs write permissions to the server directory.
To see how to setup key based authentication you can see this post
OneDev#
create the build job#
First we need to checkout the code so that we can work with it. Then we are going to start up a small container which will build the website and copy it to the webserver through ssh using rclone.
version: 39
jobs:
- name: LAB - build and deploy
steps:
- !CheckoutStep
name: checkout code
cloneCredential: !DefaultCredential {}
withLfs: false
withSubmodules: true
condition: ALL_PREVIOUS_STEPS_WERE_SUCCESSFUL
- !CommandStep
name: build and deploy
runInContainer: false
image: klakegg/hugo:hugo:0.111.3-ext-alpine
interpreter: !DefaultInterpreter
commands: |
set -e
echo "--> Setting up SSH and dependencies..."
apt-get update && apt-get install -y openssh-client rsync
mkdir -p ~/.ssh
chmod 700 ~/.ssh
echo "@secret:DEPLOY_KEY_LAB@" > ~/.ssh/id_ed25519
chmod 600 ~/.ssh/id_ed25519
echo "--> Building Hugo site..."
hugo --minify
echo "--> Deploying files via rsync to lab-webserver.kohnkenet.de..."
rsync -e 'ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null' -avzO --delete public/ deployer@@lab-webserver.kohnkenet.de:/var/www/knet
echo "--> Deployment finished successfully!"
useTTY: true
condition: ALL_PREVIOUS_STEPS_WERE_SUCCESSFUL
trigger#
There are different triggers available to use in OneDev. I am using the Branch Update trigger.
One for the lab branch and one for the main branch.
Above you can only see the lab trigger. The main trigger looks very similar.
private key#
Go into the project to Settings -> Build -> Job Secrets
Then create the DEPLOY_KEY_LAB used in the script and paste the private SSH key from which the public key was added to the known_hosts file on the webserver.
Results#
Now you can see the server being updated automatically when you push changes to the git server.
