diff --git a/.gitignore b/.gitignore index 48494c3..f8fe8c8 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ inventory.ini -venv/* \ No newline at end of file +venv/* +.env \ No newline at end of file diff --git a/02_vps_core_services_setup.md b/02_vps_core_services_setup.md index de9e6f6..75c2ab3 100644 --- a/02_vps_core_services_setup.md +++ b/02_vps_core_services_setup.md @@ -191,3 +191,34 @@ ntfy-emergency-app is a simple web application that allows trusted people to sen * `ntfy_emergency_app_ui_message`: Custom message displayed in the web interface * Make sure docker is available on the host. * Run the deployment playbook: `ansible-playbook -i inventory.ini services/ntfy-emergency-app/deploy_ntfy_emergency_app_playbook.yml`. + + +## Personal Blog + +Personal blog is a static website served directly by Caddy. + +### Deploy + +* Decide what subdomain you want to serve the blog on and add it to `services/personal-blog/personal_blog_vars.yml` on the `personal_blog_subdomain`. + * Note that you will have to add a DNS entry to point to the VPS public IP. +* Configure the git repository settings in `personal_blog_vars.yml`: + * `personal_blog_git_repo`: The HTTPS URL to your git repository (default: "https://forgejo.contrapeso.xyz/counterweight/pablohere.git") + * `personal_blog_source_folder`: The folder within the repo containing static files (default: "public") +* Set up a Forgejo deploy token: + * Go to your repository → Settings → Deploy Tokens + * Create a new token with "Read" permissions + * Copy the token (you won't see it again) +* Export the token as an environment variable: `export PERSONAL_BLOG_DEPLOY_TOKEN=your_token_here` +* Run the deployment playbook: `ansible-playbook -i inventory.ini services/personal-blog/deploy_personal_blog_playbook.yml`. + +### Configure + +* The blog will be automatically updated every hour via a cron job that pulls the latest changes from the git repository. +* Static files are served directly by Caddy from the configured webroot directory. +* No additional configuration is needed - the site will be available at your configured domain. + +### Updating content + +* Simply push changes to the `master` branch of your git repository. +* The cron job will automatically pull and deploy updates within an hour. +* For immediate updates, you can manually run: `/usr/local/bin/update-personal-blog.sh` on the server. diff --git a/ansible/services/personal-blog/deploy_personal_blog_playbook.yml b/ansible/services/personal-blog/deploy_personal_blog_playbook.yml new file mode 100644 index 0000000..1c6ed88 --- /dev/null +++ b/ansible/services/personal-blog/deploy_personal_blog_playbook.yml @@ -0,0 +1,100 @@ +- name: Deploy personal blog static site + hosts: vipy + become: yes + vars_files: + - ../../infra_vars.yml + - ./personal_blog_vars.yml + + tasks: + - name: Install git + apt: + name: git + state: present + + - name: Create source directory for blog + file: + path: "{{ personal_blog_source_dir }}" + state: directory + owner: root + group: root + mode: '0755' + + - name: Create webroot directory + file: + path: "{{ personal_blog_webroot }}" + state: directory + owner: www-data + group: www-data + mode: '0755' + + - name: Clone blog repository with token authentication + git: + repo: "https://{{ personal_blog_git_username }}:{{ lookup('env', 'PERSONAL_BLOG_DEPLOY_TOKEN') }}@forgejo.contrapeso.xyz/counterweight/pablohere.git" + dest: "{{ personal_blog_source_dir }}" + version: master + force: yes + become_user: root + + - name: Copy static files to webroot + shell: | + rsync -av --delete {{ personal_blog_source_dir }}/{{ personal_blog_source_folder }}/ {{ personal_blog_webroot }}/ + args: + creates: "{{ personal_blog_webroot }}/index.html" + + - name: Set ownership and permissions for webroot + file: + path: "{{ personal_blog_webroot }}" + owner: www-data + group: www-data + recurse: yes + state: directory + + - name: Ensure Caddy sites-enabled directory exists + file: + path: "{{ caddy_sites_dir }}" + state: directory + owner: root + group: root + mode: '0755' + + - name: Ensure Caddyfile includes import directive for sites-enabled + lineinfile: + path: /etc/caddy/Caddyfile + line: 'import sites-enabled/*' + insertafter: EOF + state: present + backup: yes + + - name: Create Caddy static site configuration + copy: + dest: "{{ caddy_sites_dir }}/personal-blog.conf" + content: | + {{ personal_blog_domain }} { + root * {{ personal_blog_webroot }} + file_server + } + owner: root + group: root + mode: '0644' + + - name: Reload Caddy to apply new config + command: systemctl reload caddy + + - name: Create update script for blog + copy: + dest: /usr/local/bin/update-personal-blog.sh + content: | + #!/bin/bash + cd {{ personal_blog_source_dir }} + git pull https://{{ personal_blog_git_username }}:${PERSONAL_BLOG_DEPLOY_TOKEN}@forgejo.contrapeso.xyz/counterweight/pablohere.git master + rsync -av --delete {{ personal_blog_source_dir }}/{{ personal_blog_source_folder }}/ {{ personal_blog_webroot }}/ + chown -R www-data:www-data {{ personal_blog_webroot }} + owner: root + group: root + mode: '0755' + + - name: Add cron job to update blog every hour + cron: + name: "Update personal blog" + job: "0 * * * * PERSONAL_BLOG_DEPLOY_TOKEN={{ lookup('env', 'PERSONAL_BLOG_DEPLOY_TOKEN') }} /usr/local/bin/update-personal-blog.sh" + user: root diff --git a/ansible/services/personal-blog/personal_blog_vars.yml b/ansible/services/personal-blog/personal_blog_vars.yml new file mode 100644 index 0000000..ea8ea65 --- /dev/null +++ b/ansible/services/personal-blog/personal_blog_vars.yml @@ -0,0 +1,8 @@ +caddy_sites_dir: /etc/caddy/sites-enabled +personal_blog_subdomain: pablohere +personal_blog_domain: pablohere.contrapeso.xyz +personal_blog_git_repo: https://forgejo.contrapeso.xyz/counterweight/pablohere.git +personal_blog_git_username: counterweight +personal_blog_source_dir: /opt/personal-blog +personal_blog_webroot: /var/www/pablohere.contrapeso.xyz +personal_blog_source_folder: public