Zola deployment with Gitea Actions and Rsync
Gitea now has a native support for Actions, which is a clone of GitHub Actions with the same syntax. Since Drone CI – which was the topic of an older article – seems to get slowly abandoned by upstream and Gitea Actions are now stable, it is a good idea to switch.
This article shares a lot of similarities with the old Drone CI post.
The main advantage of Gitea Actions is a native integration to the Gitea UI. Al we need to do is prepare an Act Runner. Compatibility with the more widely used GitHub Actions is also nice.
Pipeline
The Act Runner reads the private key from a secret and uses it for SSH authentication. I am deliberately not using some random external modules for Rsync, since it is more trustworthy to execute your own code. The ssh-agent is necessary for a successful auth.
Zola is also installed by pulling a built release tar and extracting the binary. I have tried using the official Zola container, but it just would not work properly.
name: Build
on:
push:
branches:
- master
env:
ZOLA_VERSION: "0.18.0"
HOST: ${{ secrets.SSH_HOSTNAME }}
HOST_DIR: ${{ secrets.SSH_TARGET_DIR }}
SSH_USERNAME: ${{ secrets.SSH_USERNAME }}
SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Install Zola
run: |
wget https://github.com/getzola/zola/releases/download/v${ZOLA_VERSION}/zola-v${ZOLA_VERSION}-x86_64-unknown-linux-gnu.tar.gz
tar -xvzf *.tar.gz
- name: Build
run: ./zola build
- name: Deploy
run: |
apt update -y && apt-get install -y --no-install-recommends rsync
eval "$(ssh-agent -s)"
ssh-add - <<< "${SSH_PRIVATE_KEY}"
mkdir -p ~/.ssh/
ssh-keyscan -H ${HOST} >> ~/.ssh/known_hosts
rsync -r --delete-after public/* "${SSH_USERNAME}@${HOST}:${HOST_DIR}"
Webserver configuration
The server needs a new user with write access to the website root directory. I still call it drone for the sake of not having to redo my server configuration.
useradd drone
mkdir -p /srv/www/em.0x45.cz
chown drone:drone /srv/www/em.0x45.cz
SSH keys
Create a keypair for SSH connection from Drone to our deployment server.
ssh-keygen -t ed25519
Public key has to be added to ~/.ssh/authorized_keys of the “drone” user.
Secrets
SSH_HOSTNAME | Server hostname |
SSH_TARGET_DIR | Website root directory |
SSH_USERNAME | In our case “drone” |
SSH_PRIVATE_KEY | Plaintext private key |