From 730a5513e28bd2f10588cbfb04a4701fdd413d7e Mon Sep 17 00:00:00 2001
From: a <a@trwnh.com>
Date: Thu, 15 Dec 2022 05:14:55 -0600
Subject: [PATCH] ugh trying to set up woodpecker was a waste of time

---
 .../{gotchas/index.md => !gotchas.md}         |  28 ++--
 content/tech/tutorials/_index.md              |   0
 content/tech/tutorials/woodpecker-ci.md       | 123 ++++++++++++++++++
 deploy                                        |   2 +
 4 files changed, 135 insertions(+), 18 deletions(-)
 rename content/tech/activitypub/{gotchas/index.md => !gotchas.md} (59%)
 create mode 100644 content/tech/tutorials/_index.md
 create mode 100644 content/tech/tutorials/woodpecker-ci.md
 create mode 100755 deploy

diff --git a/content/tech/activitypub/gotchas/index.md b/content/tech/activitypub/!gotchas.md
similarity index 59%
rename from content/tech/activitypub/gotchas/index.md
rename to content/tech/activitypub/!gotchas.md
index 06008fe..8fa71c2 100644
--- a/content/tech/activitypub/gotchas/index.md
+++ b/content/tech/activitypub/!gotchas.md
@@ -1,18 +1,16 @@
 # Gotchas
 
-## @context
+{{<toc>}}
 
-** DO NOT VALIDATE @CONTEXT IF YOU DO NOT UNDERSTAND JSON-LD **
+## DO NOT VALIDATE @CONTEXT IF YOU DO NOT UNDERSTAND JSON-LD
 
 you CANNOT check for the presence of `https://www.w3.org/ns/activitystreams` AT ALL -- the activitystreams context may be included within another context hosted elsewhere. just ignore this property entirely if you don't understand it
 
-## id
+## DON'T BE STRICT ABOUT VALIDATING ID
 
-### transient ids
+do NOT try to be overly strict about dereferencing IDs. some IDs may not be on your domain, or otherwise they may not be present at all, or they may be explicitly null. null or missing id indicates a transient activity.
 
-do NOT try to be overly strict about dereferencing IDs. some IDs may not be on your domain, or otherwise they may not be present at all, or they may be explicitly null.
-
-#### example: Follow semantics
+### example: Follow semantics
 
 Follows are realistically transient. it is therefore enough to:
 
@@ -27,21 +25,15 @@ if you receive an Accept/Reject Follow, check ONLY for the following:
 - object.type == Follow
 - object.object == actor
 
-this is enough information, PROVIDED THAT you have a local pending follow request. if you do not have a pending follow, then DO NOT process an incoming Accept Follow. however, you may receive a Reject Follow at any time, indicating that you should destroy that follow relationship. note that you may also receive an Undo Accept Follow by some implementations. this is discouraged but should be handled as well
+if object is inlined, you don't need to check that object.id is local. the above is enough information, PROVIDED THAT you have a local pending follow request. if you do not have a pending follow, then DO NOT process an incoming Accept Follow. however, you may receive a Reject Follow at any time, indicating that you should destroy that follow relationship. note that you may also receive an Undo Accept Follow by some implementations. this is discouraged but should be handled as well
 
-## type
+## DO NOT CHECK TYPES DURING VALIDATION
 
-### Actor
+an Actor has an `inbox` and `outbox`. that's it.
 
-has an `inbox` and `outbox`. that's it.
+an Activity has an `actor`. that's it.
 
-### Activity
-
-has an `actor`. that's it.
-
-## tag
-
-### filter for what you understand
+## DON'T PANIC WHEN YOU SEE A TYPE YOU DON'T UNDERSTAND
 
 say you understand tags of type Mention and Hashtag and Emoji. someone sends you a `tag` array with a raw Link. DON'T PANIC. the document is still valid. just filter out anything you don't understand, something like
 
diff --git a/content/tech/tutorials/_index.md b/content/tech/tutorials/_index.md
new file mode 100644
index 0000000..e69de29
diff --git a/content/tech/tutorials/woodpecker-ci.md b/content/tech/tutorials/woodpecker-ci.md
new file mode 100644
index 0000000..d300515
--- /dev/null
+++ b/content/tech/tutorials/woodpecker-ci.md
@@ -0,0 +1,123 @@
+# set up woodpecker ci with gitea on arch linux
+
+assuming you already have a working gitea and are only one person, idk
+
+## install server + agent
+
+```sh
+yay -S woodpecker-server woodpecker-agent woodpecker-cli
+```
+
+## /etc/woodpecker/server.env
+
+```ini
+WOODPECKER_HOST=https://ci.trwnh.com
+WOODPECKER_SERVER_ADDR=:9663
+WOODPECKER_GRPC_ADDR=:9664
+WOODPECKER_ADMIN=a
+WOODPECKER_AGENT_SECRET=randomlongstring # openssl rand -hex 32
+WOODPECKER_GITEA=true
+WOODPECKER_GITEA_URL=https://git.trwnh.com
+WOODPECKER_GITEA_CLIENT=  # generate from gitea applications
+WOODPECKER_GITEA_SECRET=  # generate from gitea applications
+```
+
+use `$WOODPECKER_HOST/authorize` as the redirect uri
+
+## /etc/woodpecker/agent.env
+
+```ini
+WOODPECKER_SERVER=localhost:9664
+WOODPECKER_AGENT_SECRET=randomlongstring  # same secret as the server.env
+```
+
+## /etc/gitea/app.ini
+
+```ini
+[webhook]
+ALLOWED_HOST_LIST=external,loopback
+```
+
+## /etc/nginx/sites/ci.trwnh.com.conf
+
+proxy_pass to `$WOODPECKER_SERVER_ADDR`
+
+
+```nginx
+server {
+	server_name ci.trwnh.com
+	listen 443 ssl http2;
+	listen [::]:443 ssl http2;
+
+	ssl_certificate /etc/letsencrypt/live/trwnh.com/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/trwnh.com/privkey.pem;
+	include /etc/letsencrypt/options-ssl-nginx.conf;
+	ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+
+	access_log logs/ci.trwnh.com-access.log main;
+	error_log logs/ci.trwnh.com-error.log;
+
+	location / {
+		proxy_set_header X-Forwarded-For $remote_addr;
+		proxy_set_header X-Forwarded-Proto $scheme;
+		proxy_set_header Host $http_host;
+
+		proxy_pass http://localhost:9663;
+		
+		proxy_redirect off;
+		proxy_http_version 1.1;
+		proxy_buffering off;
+		chunked_transfer_encoding off;
+	}
+}
+
+server {
+	server_name ci.trwnh.com;
+	listen 80;
+	listen [::]:80;
+	return 301 https://$host$request_uri;
+}
+```
+
+## the whole point of this got dam thing
+
+.woodpecker.yml
+
+```yaml
+pipeline:
+  build:
+    image: klakegg/hugo
+    commands:
+	   - hugo
+		- |
+		    mkdir $HOME/.ssh
+			 echo "$SSH_KEY" > $HOME/.ssh/id_ed25519
+			 echo "$SSH_KNOWN_HOSTS" > $HOME/.ssh/known_hosts
+			 chown 600 $HOME/.ssh/id_ed25519
+			 rsync -avHAX public/ trwnh.com:/srv/http/wiki.trwnh.com/public/
+  secrets: [SSH_KEY, SSH_KNOWN_HOSTS]
+```
+
+[at this point i give up, it's not worth building on every single push]
+
+[i should have just used rsync directly]
+
+~/.ssh/config
+```ssh
+Host trwnh.com
+	HostName trwnh.com
+	Port 22222
+```
+
+deploy
+```sh
+#!/bin/bash
+rsync -avz --delete public/ trwnh.com:/srv/http/wiki.trwnh.com/public
+```
+
+just do `chmod +x deploy` and now i just deploy with
+
+```sh
+hugo
+./deploy
+```
\ No newline at end of file
diff --git a/deploy b/deploy
new file mode 100755
index 0000000..2901077
--- /dev/null
+++ b/deploy
@@ -0,0 +1,2 @@
+#!/bin/bash
+rsync -avz --delete public/ trwnh.com:/srv/http/wiki.trwnh.com/public
\ No newline at end of file