trwnh.com/unified.test.hugo/content/wiki/tech/tutorials/woodpecker-ci.md
2024-10-05 01:27:07 -05:00

126 lines
No EOL
2.5 KiB
Markdown

+++
updated = "2022-12-15"
+++
# set up woodpecker ci with gitea on arch linux
assuming you already have a working gitea and are only one person, idk
## install server + agent
```sh
yay -S woodpecker-server woodpecker-agent woodpecker-cli
```
## /etc/woodpecker/server.env
```ini
WOODPECKER_HOST=https://ci.trwnh.com
WOODPECKER_SERVER_ADDR=:9663
WOODPECKER_GRPC_ADDR=:9664
WOODPECKER_ADMIN=a
WOODPECKER_AGENT_SECRET=randomlongstring # openssl rand -hex 32
WOODPECKER_GITEA=true
WOODPECKER_GITEA_URL=https://git.trwnh.com
WOODPECKER_GITEA_CLIENT= # generate from gitea applications
WOODPECKER_GITEA_SECRET= # generate from gitea applications
```
use `$WOODPECKER_HOST/authorize` as the redirect uri
## /etc/woodpecker/agent.env
```ini
WOODPECKER_SERVER=localhost:9664
WOODPECKER_AGENT_SECRET=randomlongstring # same secret as the server.env
```
## /etc/gitea/app.ini
```ini
[webhook]
ALLOWED_HOST_LIST=external,loopback
```
## /etc/nginx/sites/ci.trwnh.com.conf
proxy_pass to `$WOODPECKER_SERVER_ADDR`
```nginx
server {
server_name ci.trwnh.com
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/letsencrypt/live/trwnh.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/trwnh.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
access_log logs/ci.trwnh.com-access.log main;
error_log logs/ci.trwnh.com-error.log;
location / {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_pass http://localhost:9663;
proxy_redirect off;
proxy_http_version 1.1;
proxy_buffering off;
chunked_transfer_encoding off;
}
}
server {
server_name ci.trwnh.com;
listen 80;
listen [::]:80;
return 301 https://$host$request_uri;
}
```
## the whole point of this got dam thing
.woodpecker.yml
```yaml
pipeline:
build:
image: klakegg/hugo
commands:
- hugo
- |
mkdir $HOME/.ssh
echo "$SSH_KEY" > $HOME/.ssh/id_ed25519
echo "$SSH_KNOWN_HOSTS" > $HOME/.ssh/known_hosts
chown 600 $HOME/.ssh/id_ed25519
rsync -avHAX public/ trwnh.com:/srv/http/wiki.trwnh.com/public/
secrets: [SSH_KEY, SSH_KNOWN_HOSTS]
```
[at this point i give up, it's not worth building on every single push]
[i should have just used rsync directly]
~/.ssh/config
```ssh
Host trwnh.com
HostName trwnh.com
Port 22222
```
deploy
```sh
#!/bin/bash
rsync -avz --delete public/ trwnh.com:/srv/http/wiki.trwnh.com/public
```
just do `chmod +x deploy` and now i just deploy with
```sh
hugo
./deploy
```