summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authoruvok cheetah2020-01-04 20:29:57 +0100
committeruvok cheetah2020-01-04 20:29:57 +0100
commit0f4bf9fcdb19de049f4119080e710f579582c331 (patch)
tree4fc2ea017cc8e7e7c05907911fc683b3929b4217
parent9041fb41190d907d41bf0d58652c25b3c3039710 (diff)
Add autodeploy post
-rw-r--r--_posts/2020-01-04-autodeploy.md49
1 files changed, 49 insertions, 0 deletions
diff --git a/_posts/2020-01-04-autodeploy.md b/_posts/2020-01-04-autodeploy.md
new file mode 100644
index 0000000..15c1430
--- /dev/null
+++ b/_posts/2020-01-04-autodeploy.md
@@ -0,0 +1,49 @@
+---
+layout: post
+title: Auto-deploying my blog
+date: 2020-01-04 19:10 +0100
+language: en
+---
+
+So, after fiddling around for several hours, I finally managed to auto-deploy my
+[Jekyll](https://jekyllrb.com/) blog from Git.
+
+The main difficulty was that the blog is hosted on a standard shared web hoster,
+whereas the actual Jekyll blog content is hosted in a Git repository on a VPS.
+
+Of course I could've moved the blog, which would've made the whole ordeal
+easier. But where's the fun in that? So, after considering
+[Weex](http://weex.sourceforge.net/) for a moment, I reconsidered and decided to
+use lftp's mirroring mode instead. A strong must was the support of FTPS, by the
+way. My shared hoster does allow SSH access, but I can't (afaik) restrict access
+to specific directories, and I wanted to minimize impact *if*, god forbid, the
+credentials get in the wrong hands. With an FTP account, I could restrict access
+to a specific subdirectory, however.
+
+My setup also uses [buildbot](https://buildbot.net/) as "CI/CD" server.
+It was a lot of fiddling around with the following problems:
+
+- I use [RVM](https://rvm.io) to install Ruby (required for Jekyll) and need to
+ source the environment first (at least I think so), so I have to use a shell
+ command of
+ `["bash", "-c", "source ~/bash_profile && bundle install && <jekyll build>"]`
+- I needed to add the `haltOnFailure=True` argument to all steps (why isn't this
+ the default?), to make sure I don't end up mirroring an empty directory.
+- I needed to create a separate worker instead of using `LocalWorker`, because
+ only this way I could specify the umask of the worker files. The default is
+ secure (077), which leads to the umasks being mirrored to the server by lftp,
+ resulting in an inaccessible blog. (I don't quite get the lftp documentation
+ about the `--no-umask` flag - what EXACTLY does it do, i.e. which umask does
+ it use).
+
+During my fiddling, I saw someone mentioning [Drone](https://drone.io/), which
+might be worth a closer look sometime in the future. From what I got it supports
+the pipeline being set up in the repository itself, which means I wouldn't have
+to fumble around with the buildbot config were I to change the "build" procedure
+in the future.
+
+Also it supports docker. If I were to use a ruby docker image, I wouldn't have
+this weirdness with sourcing the `.bash_profile`. But since I'm using the
+cheapest VPS with the lowest RAM + disk space possible, I'm quite reluctant of
+that option.
+