diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 3b093dd1abb24cb87fc9adeb6c69a7df2ed04f08..5b05f7f01bbe5d0400a1b2fc244959e5c324af43 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -22,16 +22,11 @@ build-deploy: refs: - master before_script: - - pacman -Sy --noconfirm openssh hugo - - eval $(ssh-agent -s) - - mkdir -p ~/.ssh - - printf '%s\n' "$SSH_PRIVATE_KEY" | ssh-add - - - echo $SSH_KNOWN_HOSTS > ~/.ssh/known_hosts + - pacman -Sy --noconfirm hugo script: - hugo - - ssh -o StrictHostKeyChecking=no -o "UserKnownHostsFile /dev/null" kalube@sucs.org rm -rf public_html/blogtest - - scp -o StrictHostKeyChecking=no -o "UserKnownHostsFile /dev/null" -r public kalube@sucs.org:public_html/blogtest + - curl https://blogs.sucs.org/update.php artifacts: paths: - public - expire_in: 1 week \ No newline at end of file + expire_in: 1 week diff --git a/config.toml b/config.toml index 2a9266cd4026006be20fe856b8d547d7642bf891..a1ef90bb3381f1f9db92ef1ff30e2b40fba72b8b 100644 --- a/config.toml +++ b/config.toml @@ -1,7 +1,7 @@ -baseURL = "https://sucs.org/~kalube/blogtest" +baseURL = "https://blogs.sucs.org/" relativeURLs = false -languageCode = "en-us" -title = "The S.U.C.S Register" +languageCode = "en-gb" +title = "The SUCS Register" theme = "sucs" paginate = 10 @@ -29,4 +29,4 @@ paginate = 10 [[menu.main]] name = "Tags" url = "/tags" - weight = 4 \ No newline at end of file + weight = 4 diff --git a/content/authors/thomas-lake/_index.md b/content/authors/thomas-lake/_index.md new file mode 100644 index 0000000000000000000000000000000000000000..b8886344c2169939077791128a73abe0fbca0275 --- /dev/null +++ b/content/authors/thomas-lake/_index.md @@ -0,0 +1,9 @@ +--- +name: "Thomas Lake" +# Delete the following if unused +twitter: "@DrTomLake" +github: "tswsl1989" +website: "https://sucs.org/~tswsl1989/" +--- + +Marine Energy researcher in the [ZCCE Energy and Environment Research Group](https://www.swansea.ac.uk/engineering/zcce/energy-environment/). One of the SUCS admin team, trying to be as useful as possible when time permits. diff --git a/content/posts/20200924-Gitlab-CI-and-testing.md b/content/posts/20200924-Gitlab-CI-and-testing.md new file mode 100644 index 0000000000000000000000000000000000000000..4c9c36c1cba65e51e5171a5a4d50870eafa89559 --- /dev/null +++ b/content/posts/20200924-Gitlab-CI-and-testing.md @@ -0,0 +1,22 @@ +--- +title: "Attempting to deploy Hugo with GitLab CI/CD" +date: 2020-09-24T20:21:00+01:00 +draft: false +toc: false +authors: + - Thomas Lake +tags: + - sucs + - gitlab +--- + +How do you arrange to deploy a new project on to an old server, without opening up a raft of vulnerabilities? + +The answer to that is, unsurprisingly, "with difficulty" + + +SUCS has a single main server, called silver, that provides pretty much all of our public facing services. There are a few things, such as gitlab, that live as virtual machines on a second server (called iridium). + +The current deployment method uses a PHP script hosted on the blogs site that, when called from an authorised IP, will download the latest blog build from GitLab and extract it on the server for the world to see. + +This appeared to be a more tightly constrained solution than allowing SSH access for the user that the site runs as, but still feels like a bit of a bodge. At least it fits in with the rest of the bodges, patches and decade old "temporary" solutions that make up most of the SUCS infrastructure!