1
0
Fork 0
mirror of https://git.sr.ht/~seirdy/seirdy.one synced 2024-11-27 14:12:09 +00:00
seirdy.one/.build.yml
Rohan Kumar ee24778538
Update for new seirdy.one ssh configs
- Check host key acc. to SSHFP DNS record
- Enforce correct cipher
2022-08-30 21:13:57 -07:00

29 lines
899 B
YAML

---
# we rsync binaries.tar.gz from the same server we deploy to.
# it contains these static-pie binaries:
# hugo, brotli, ect (like gzip/zopfli), sd, htmlq (like jq for html), and xmllint.
image: alpine/edge
packages:
- curl # for webring update script
- rsync
- git # for Hugo's gitInfo
- bmake
sources:
- https://git.sr.ht/~seirdy/seirdy.one
secrets:
- cc1eb90c-b07b-4c46-86d4-58fec41cf0e4
triggers:
- action: email
condition: always
to: seirdy@seirdy.one
tasks:
- deps: |
printf "VerifyHostKeyDNS=yes\nKexAlgorithms=sntrup761x25519-sha512@openssh.com\n" >> ~/.ssh/config
# mirrored at https://seirdy.one/misc/binaries.tar.gz
rsync -Wv deploy@seirdy.one:/home/deploy/binaries.tar.gz .
mkdir -p ~/bin
tar xzf binaries.tar.gz -oC ~/bin
- build_deploy: |
cd seirdy.one
export PATH=~/bin:$PATH
bmake deploy-prod deploy-onion