name: Deploy website to VPS on: push: branches: ['main'] workflow_dispatch: jobs: build-and-deploy: runs-on: site-builder steps: - name: Checkout uses: actions/checkout@v4 with: fetch-depth: 0 - name: Get Hugo Version run: | if [ -f "hugoblox.yaml" ]; then VERSION=$(grep "hugo_version" hugoblox.yaml | awk '{print $2}' | tr -d "'\"") echo "HUGO_VERSION=$VERSION" >> $GITHUB_ENV else echo "HUGO_VERSION=0.125.0" >> $GITHUB_ENV fi - name: Install Node Dependencies run: | if [ -f "package.json" ]; then # Force pnpm to use the version baked into our Nix image sed -i '/"packageManager":/d' package.json pnpm config set manage-package-manager false pnpm install --no-frozen-lockfile fi - name: Build with Hugo env: HUGO_ENVIRONMENT: production run: | # Use the baked-in hugo binary hugo --minify --baseURL "https://ejs.cam/" - name: Generate Pagefind search index run: | if [ -f "package.json" ] && grep -q "pagefind" package.json; then pnpm dlx pagefind --source "public" || npx pagefind --source "public" fi - name: Deploy via Rsync env: SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }} REMOTE_HOST: ${{ secrets.REMOTE_HOST }} REMOTE_USER: ${{ secrets.REMOTE_USER }} REMOTE_PORT: ${{ secrets.REMOTE_PORT }} run: | mkdir -p ~/.ssh chmod 700 ~/.ssh echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_ed25519 chmod 600 ~/.ssh/id_ed25519 ssh-keyscan -p "$REMOTE_PORT" "$REMOTE_HOST" >> ~/.ssh/known_hosts rsync -avz --delete \ --exclude 'cv.pdf' \ --omit-dir-times \ --no-perms \ --no-owner \ --no-group \ -e "ssh -p $REMOTE_PORT" \ ./public/ \ $REMOTE_USER@$REMOTE_HOST:/var/www/