arch: null artifacts: - scolbyblog/output.tar.gz environment: BUILD_SUBMITTER: git.sr.ht GIT_REF: refs/heads/main image: debian/bookworm packages: - curl - fonts-liberation - imagemagick - python3 - python3-pip - python3-setuptools - python3-venv - python3-wheel - rsync repositories: {} secrets: - 2ccf0ee2-3429-473d-91c5-bbf637a4be5a shell: false sources: - https://git.sr.ht/~scolby33/scolbyblog#fcdee3521d9d9ce64d7c45ba27a65905e5f390ef tasks: - deps: | sudo sed -i -e '/en_US.UTF-8/{s/^# //};p' /etc/locale.gen sudo dpkg-reconfigure --frontend noninteractive locales sudo update-locale 'en_US.UTF-8' mkdir -p ~/.local/bin printf 'PATH=~/.local/bin:$PATH\n' >> ~/.buildenv cd scolbyblog python3 -m venv venv # pip3 install --progress-bar off --upgrade pip setuptools wheel venv/bin/python3 -m pip install --progress-bar off --no-warn-script-location -r requirements/requirements.txt cd "$(venv/bin/python3 -m pip show markdown | grep '^Location' | cut -d ':' -f2 | xargs)" patch markdown/extensions/toc.py ~/scolbyblog/patches/toc.patch cd "$(venv/bin/python3 -m pip show pelican-image-process | grep '^Location' | cut -d ':' -f2 | xargs)" patch pelican/plugins/image_process/image_process.py ~/scolbyblog/patches/image_process.patch - build: | cd scolbyblog git ls-tree -r -z --name-only HEAD content/ \ | xargs -0 -I {} -- \ git log --date='format:%Y%m%d%H%M.%S' \ --format='format:%ad%x00{}%x00' -1 -- {} \ | xargs -0 -n 2 -- touch -t venv/bin/pelican --fatal warnings --settings publishconf.py tar -czvf output.tar.gz output - check-branch: | cd scolbyblog if test "$(git rev-parse 'main')" != "$(git rev-parse HEAD)" then echo 'Only deploy from main.' complete-build fi - deploy: | printf "ssh.nyc1.nearlyfreespeech.net ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICbXE1f5S3N/flFHUm2i97tzKGJUWzxotY1HHBMIX72h\n" >> ~/.ssh/known_hosts cd scolbyblog tmpfile=$(mktemp) # grab sitemap to determine if it has changed rsync \ --info=COPY,DEL,FLIST2,MISC2,NAME,STATS3,SYMSAFE \ --ignore-missing-args \ --compress \ scolby_scolby@ssh.nyc1.nearlyfreespeech.net:/home/public/www.scolby.com/sitemap.xml \ "$tmpfile" rsync \ --info=COPY,DEL,FLIST2,MISC2,NAME,STATS3,SYMSAFE \ --checksum \ --compress \ --recursive \ --delete-after \ --filter='- .webassets-cache' \ output/ \ scolby_scolby@ssh.nyc1.nearlyfreespeech.net:/home/protected/www.scolby.com/deploy-cache commit_hash=$(git rev-parse HEAD) # do an atomic update of the live site contents # note that symlinks inside symlinks resolve relative to their real path ssh scolby_scolby@ssh.nyc1.nearlyfreespeech.net " set -xeuo pipefail cd /home/protected/www.scolby.com # delete the release dir if it exists for some reason test -d 'releases/www.scolby.com-$commit_hash' && rm -rf 'releases/www.scolby.com-$commit_hash' # copy the current state of the deploy-cache to the release dir cp -RPp deploy-cache 'releases/www.scolby.com-$commit_hash' # create relative symlink to .htaccess ln -sfh ../../.htaccess 'releases/www.scolby.com-$commit_hash' # create relative symlink to ai.txt ln -sfh ../../ai.txt 'releases/www.scolby.com-$commit_hash' # create relative symlink to robots.txt ln -sfh ../../robots.txt 'releases/www.scolby.com-$commit_hash' # create .well-known dir and symlink the real public acme-challenge dir inside it mkdir 'releases/www.scolby.com-$commit_hash/.well-known' ln -sfh ../../../../../public/.well-known/acme-challenge 'releases/www.scolby.com-$commit_hash/.well-known' # create properly-named symlink to the active release dir ln -sfh '../protected/www.scolby.com/releases/www.scolby.com-$commit_hash' www.scolby.com # move the symlink to the active release into place mv www.scolby.com /home/public # clean up, keeping only the current and previous release dirs cd releases && ls -t | tail -n +3 | xargs rm -frv " # compare the previous sitemap to the current one diff_rc=0; diff --brief --report-identical-files "$tmpfile" output/sitemap.xml || diff_rc=$? # exit with a bad status if diff didn't exit 0 or 1 test $diff_rc -eq 0 || test $diff_rc -eq 1 || exit $diff_rc # if the sitemap has changed, ping the Google sitemap endpoint test $diff_rc -eq 1 && curl 'https://www.google.com/ping?sitemap=https://www.scolby.com/sitemap.xml' triggers: [] oauth: ""