- Be added to the Netlify identity system
- Go to https://vaporware-blog.netlify.app/admin
We're using Decap to provide a friendly web GUI for the CMS.
It relies on Netlify to help with auth-handling. Some helpful resources for when
I need to set this up again in the future:
- https://docs.netlify.com/security/secure-access-to-sites/git-gateway/
- Add users in the Netlify > Site > Integrations > Identity section
- Depending on who owns the repo, you might need to change OAuth approval settings and 3rd-party app content restrictions
- Ruby 3.0.0
bundle installbundle exec jekyll serve
- Updates are made to the repo
- either by developer
pushes or: - Decap
- GitHub webhook sends a ping to the endpoint
- Caddy picks this up and runs a bash script via
caddy-exec - This rebuilds the
_sitedirectory which is served from Caddy - Some webhook stuff is logged to
log/
systemd- Ruby 3.0.0 (use
rbenv) - Set up this repo at
~/vaporware-blogand runbundle install - install Go (ugh)
- install Caddy with custom build to support
exec: xcaddy caddy-exec - use the binary built from above for running caddy (see systemd service later)
/etc/caddy/Caddyfile:
blog.vaporware.network {
root * /home/vcavallo/vaporware-blog/_site
encode zstd gzip
file_server
route /webhook {
exec {
command /home/vcavallo/vaporware-blog/sh/github-webhook.sh
}
}
}
The /webhook endpoint above receives pings when the master branch
receives updates. It then calls the sh/github-webhook.sh script,
which checks the branch and then calls the post-receive hook (which
you must create. see below)
# .git/hook/post-receive
#!/bin/bash
# Navigate to the repository directory
cd /home/vcavallo/vaporware-blog
# Pull the latest changes from the remote repository
if ! git pull; then
echo "Error: Failed to pull latest changes from the remote repository."
exit 1
fi
# build site and capture output
# Make sure to use proper bundle path
jekyll_output=$(/home/vcavallo/.rbenv/shims/bundle exec jekyll build 2>&1)
# Check if the jekyll build command succeeded
if [ $? -ne 0 ]; then
echo "Error: Jekyll build failed."
echo "Jekyll build output:"
echo "$jekyll_output"
exit 1
fi
echo "Jekyll build completed successfully."
- Create a new webhook in the repository:
Settings > Webhooks- payload URL:
https://blog.vaporware.network/webhook - content type:
application/json - secret: [leave blank]
- SSL: enable
- Which events? "Just the
pushevent" - Active: checked
- payload URL:
/etc/systemd/system/caddy.service (ExecStart and ExecReload reflect the binary built above)
[Unit]
Description=Caddy Web Server
Documentation=https://caddyserver.com/docs/
After=network.target
[Service]
User=vcavallo
Group=vcavallo
ExecStart=/home/vcavallo/caddy/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/home/vcavallo/caddy/bin/caddy reload --config /etc/caddy/Caddyfile
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE
[Install]
WantedBy=multi-user.target