veloc1ty · ʎʇƖɔolǝʌ

Links:

Each icon is taken from the providers trademark page.

Content licensed under CC BY-SA 4.0 - Powered by Hugo and a customized Hyde-X template

Deploy Hugo sites with GitLab CI

Tuesday, December 18 2018 · Lesezeit: 2 Minuten · 343 Wörter Achtung! Dieser Artikel ist älter als ein Jahr. Der Inhalt ist möglicherweise nicht mehr aktuell!

I’ve done some testing with GitLab CI at work and like it. I like it so much that I decided to implement some CI/CD stuff for my home projects. My first project is to deploy this Hugo blog after a new post is commited into the git.

I’ve done this using GitLab with a GitLab Runner using a docker container in the background. I personally use LXC and had not contact with docker before, but using it was pretty easy. Install docker, start and enable the systemd service. That’s it. The rest is done by the runner.

My .gitlab-ci.yml file currently has the following content:

---
stages:
    - build

build the blog:
    tags:
        - runner
    stage: build
    script:
        - "uname -a"
        - whoami
        - pwd
        # Strip out leaseweb mirrors (mirror speed issue)
        - sed -i '/leaseweb/d' /etc/pacman.d/mirrorlist
        - pacman -Sy openssh rsync hugo --noconfirm
        - hugo version
        - hugo
        # SSH key deployment
        - mkdir -p ~/.ssh
        - chmod 700 ~/.ssh
        - echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
        - chmod 0600 ~/.ssh/id_rsa
        # Deploy blog
        - rsync -e "ssh -o StrictHostKeyChecking=no" -ah --delete --stats public/* veloc1ty@veloc1ty.de:vhosts/hugoblog

Note: The runner’s default docker image is base/archlinux. I choose Archlinux because that’s my preferred server operating system. You can use any image you like as long as it can install and run Hugo.

The only fiddling is the deployment via rsync. The rsync command is the same one as I’ve used before.
Especially the ssh private key is stored in GitLab as a variable. The public key is added as an authorized key on the server. This job is done by ansibe, but I’ve not found a cool way to limit that specific key for just rsync commands. Another uncool part is the disabled host key checking. The solution is to add the host key also as variable. Thanks to my ansible setup the same server host key is deployed. So after reinstall or move to another LXC container I shouldn’t have to adapt my CI for that.

Update: This post and update was automatically deployed :-)


Du hast einen Kommentar, einen Wunsch oder eine Verbesserung? Schreib mir doch eine E-Mail! Die Infos dazu stehen hier.

🖇️ = Link zu anderer Webseite
🔐 = Webseite nutzt HTTPS (verschlüsselter Transportweg) Zurück