Matthew Binning
ed22dbb4b8
All checks were successful
CI / build (push) Successful in 5s
Now the private content is stored as a git submodule. This means I can keep that repo's source private, but still use it in the build product. The build product (website) relies on HTTP basic authentication, so access control is maintained throughout the SDLC.
75 lines
2.4 KiB
Bash
Executable file
75 lines
2.4 KiB
Bash
Executable file
#!/usr/bin/env sh
|
|
|
|
set -e
|
|
|
|
usage() {
|
|
printf "Usage: %s [build|staging|prod|local]\n\n build - Build the blog with mdbook\n staging - Deploy to local staging environment (/srv/www/stage.binning.net)\n prod - Deploy to production server via SSH (www.binning.net)\n local - Deploy directly to /srv/www/binning.net (used by Forgejo CI runner)\n\nExample:\n %s build\n %s staging\n %s prod\n %s local\n" "$0" "$0" "$0" "$0" "$0"
|
|
exit 1
|
|
}
|
|
|
|
if [ $# -eq 0 ]; then
|
|
printf "Error: No command specified\n"
|
|
usage
|
|
fi
|
|
|
|
CMD=$1
|
|
|
|
case $CMD in
|
|
build)
|
|
printf "Building blog with mdbook...\n"
|
|
mdbook build
|
|
printf "✓ Build complete!\n"
|
|
;;
|
|
|
|
local)
|
|
printf "Deploying locally to production path...\n"
|
|
|
|
LOCAL_PATH="/srv/www/binning.net"
|
|
|
|
printf "Deploying website files...\n"
|
|
rsync -av --delete blog/ ${LOCAL_PATH}/
|
|
|
|
printf "✓ Local deployment complete!\n Run any webserver with the webroot at : %s\n" "${LOCAL_PATH}"
|
|
;;
|
|
|
|
staging)
|
|
printf "Deploying to STAGING environment...\n"
|
|
|
|
STAGING_PATH="/srv/www/stage"
|
|
|
|
sudo mkdir -p ${STAGING_PATH}
|
|
|
|
printf "Deploying website files...\n"
|
|
sudo rsync -av --delete blog/ ${STAGING_PATH}/
|
|
|
|
sudo chown -R nginx:nginx ${STAGING_PATH}/
|
|
|
|
printf "✓ Staging deployment complete!\n See stage.local:8080 %s\n" "${STAGING_PATH}"
|
|
;;
|
|
|
|
prod)
|
|
printf "Deploying to PRODUCTION environment...\n"
|
|
|
|
REMOTE_HOST="crossbox"
|
|
REMOTE_USER="brimlock"
|
|
REMOTE_PATH="/srv/www/binning.net"
|
|
|
|
if ! ssh -o BatchMode=yes -o ConnectTimeout=5 ${REMOTE_USER}@${REMOTE_HOST} exit 2>/dev/null; then
|
|
printf "Warning: SSH connection test failed. Ensure SSH keys are configured.\nYou may be prompted for a password.\n"
|
|
fi
|
|
|
|
printf "Deploying website files...\n"
|
|
ssh ${REMOTE_USER}@${REMOTE_HOST} "mkdir -p /tmp/blog-deploy"
|
|
rsync -avz --delete blog/ ${REMOTE_USER}@${REMOTE_HOST}:/tmp/blog-deploy/
|
|
ssh ${REMOTE_USER}@${REMOTE_HOST} "sudo rsync -avz --delete /tmp/blog-deploy/ ${REMOTE_PATH}/ && \
|
|
sudo chown -R nginx:nginx ${REMOTE_PATH}/ && \
|
|
printf 'Content deployed.\n'"
|
|
|
|
printf "✓ Production deployment complete!\n\nNginx configuration is managed by the nixos-config flake (hosts/crossbox/nginx.nix).\n"
|
|
;;
|
|
|
|
*)
|
|
printf "Error: Invalid command '%s'\n" "$CMD"
|
|
usage
|
|
;;
|
|
esac
|