name: Build Website on: [push] jobs: build: runs-on: shell steps: - name: Checkout run: | git clone --branch ${{ github.ref_name }} ${{ github.server_url }}/${{ github.repository }}.git . - name: Prepare output directory run: | mkdir -p site/public chmod 777 site # - name: Build # run: | # mkdir -p "$PWD/.hugo-cache" # docker run --rm \ # -u "$(id -u):$(id -g)" \ # -v "$PWD/site:/src" \ # -v "$PWD/.git:/src/.git:ro" \ # -v "$PWD/.hugo-cache:/cache" \ # -e GOPATH=/cache \ # -w /src \ # forgejo.jmopines.com/jm/hugo-git:latest \ # --minify --destination "public" --baseURL "/" # - name: Deploy # run: | # echo "${{ secrets.FORGEJO_SSH }}" > /tmp/deploy_key # chmod 600 /tmp/deploy_key # rsync -az --delete \ # --exclude 'resume/' \ # -e "ssh -i /tmp/deploy_key -o StrictHostKeyChecking=no" \ # site/public/. \ # ${{ vars.JMOPINES_USER }}@${{ vars.JMOPINES_IP }}:/var/www/jmopines/ # rm /tmp/deploy_key - name: Build run: | set -ex mkdir -p "$PWD/.hugo-cache" chmod -R 777 "$PWD/.hugo-cache" # We pass the Git config as an environment variable to bypass the 'dubious ownership' docker run --rm \ -v "$PWD:/src" \ -v "$PWD/.hugo-cache:/cache" \ -e GOPATH=/cache \ -e HUGO_CACHEDIR=/cache \ -e GIT_CONFIG_COUNT=1 \ -e GIT_CONFIG_KEY_0=safe.directory \ -e GIT_CONFIG_VALUE_0=/src \ -w /src/site \ forgejo.jmopines.com/jm/hugo-git:latest \ --minify --enableGitInfo --noTimes --destination "public" --baseURL "/" # Ensure the forgejo user owns the output so rsync can read it # (Docker root often leaves files owned by root) sudo chown -R forgejo:forgejo site/public - name: Deploy run: | set -ex # Verify files exist ls -la site/public/ # Setup SSH echo "${{ secrets.FORGEJO_SSH }}" > /tmp/deploy_key chmod 600 /tmp/deploy_key # Sync with verbose output so we see what is happening rsync -avz --delete \ --exclude 'resume/' \ -e "ssh -i /tmp/deploy_key -o StrictHostKeyChecking=no" \ site/public/ \ ${{ vars.JMOPINES_USER }}@${{ vars.JMOPINES_IP }}:/var/www/jmopines/ rm /tmp/deploy_key