daniel/furtka
1
1
Fork 0
Code Issues 1 Pull requests Projects 1 Releases 13 Packages Wiki Activity Actions
furtka/website/deploy-ci.sh
Daniel Maksymilian Syrnicki b77ef80b56
All checks were successful
CI / lint (pull_request) Successful in 1m2s
Details
CI / test (pull_request) Successful in 1m19s
Details
CI / validate-json (pull_request) Successful in 55s
Details
CI / markdown-links (pull_request) Successful in 27s
Details
feat(website): legal pages (Impressum/Datenschutz) + auto-deploy on push-to-main 
Two coupled changes that make sense to land together:

1. Legal pages required under German law
   - /imprint/ + /de/impressum/ — §5 DDG disclosure (contact is email
     plus Forgejo-Issues as the second quick-contact channel, per ECJ
     C-298/07 no phone number required)
   - /privacy/ + /de/datenschutz/ — Art. 13 GDPR minimum: server-log
     processing (IP, UA, URL, retention ≤30 days), no cookies, no
     tracking, no third-party embeds. RLP Landesbeauftragter as the
     competent supervisory authority.
   - Footer partial linked from every page, localized per language.
   - DE versions are legally binding; EN versions are courtesy
     translations noting that.

2. Auto-deploy wired up
   - New workflow .forgejo/workflows/deploy-site.yml fires on
     push-to-main with paths under website/**. Runs on the self-hosted
     runner, which *is* forge-runner-01 — so "deploy" is just a local
     rsync into /srv/furtka-site and a hugo build into
     /var/www/furtka.org. No SSH, no secrets.
   - website/deploy-ci.sh is the SSH-free counterpart of deploy.sh,
     invoked by the workflow.
   - compose.yml bind-mounts /srv/furtka-site and /var/www/furtka.org
     into the runner container at matching paths so the workflow can
     reach them. Requires a one-time `docker compose up -d` on the
     runner host to pick the mounts up.
   - deploy.sh is kept for out-of-band manual deploys (testing from a
     local branch, CI outage) but gets a header comment pointing at
     the CI path as the normal flow.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-18 12:10:06 +02:00

27 lines
861 B
Bash
Executable file
Raw Blame History

#!/usr/bin/env bash
# Auto-deploy path run by .forgejo/workflows/deploy-site.yml inside the
# self-hosted runner — which is forge-runner-01, the actual web server.
# Same effect as deploy.sh but without the SSH hop: everything is local.
#
# Requires `rsync` and `hugo` on PATH. The workflow apk-installs both
# before invoking this script.
set -euo pipefail
HERE="$(cd "$(dirname "$0")" && pwd)"
SRCROOT="${FURTKA_SRCROOT:-/srv/furtka-site}"
WEBROOT="${FURTKA_WEBROOT:-/var/www/furtka.org}"
echo "==> rsync website/ → $SRCROOT"
rsync -az --delete \
--exclude='.hugo_build.lock' \
--exclude='public/' \
--exclude='resources/' \
--exclude='deploy.sh' \
--exclude='deploy-ci.sh' \
"$HERE/" "$SRCROOT/"
echo "==> hugo build → $WEBROOT"
cd "$SRCROOT"
hugo --minify --cleanDestinationDir -d "$WEBROOT"
echo "OK: deployed to https://furtka.org/"
Reference in a new issue View git blame Copy permalink