August 19, 2020

Publishing a Hugo Site With Github Actions

Storing your Hugo site in a Github repository makes it easy to automate re-generating and uploading your site every time you create a new commit. I'll assume you have a Hugo site in a Github repository already & walk through the steps to configure Github Actions to generate the site & upload it using rsync over SSH, with key-based authentication:

  1. Create a Workflow

    In the root directory of your Hugo site, create a .github directory. Within that directory create a workflows directory. Finally, within the workflows directory create an empty file named main.yaml.

    At the top of the file, add a name, I used the name of the site:

      name: goterkyourself.com

    The next section – on: – describes when to invoke the Action. I've set mine to build/deploy on every push to the Git repository (with the push: section) and to offer manual deploys (workflow_dispatch:):

      on:
        workflow_dispatch:
        push:
          branches:
            - main

    The meat of the file is the jobs: configuration, which installs the necessary pre-requisites to check out the repository, generate the Hugo site, and use rsync to deploy it:

      jobs:
        deploy:
          runs-on: ubuntu-18.04
          steps:
            - uses: actions/checkout@v2
              with:
                submodules: false  # Fetch Hugo themes (use true OR recursive to fetch)
                fetch-depth: 0    # Fetch all history for .GitInfo and .Lastmod
    
            - name: Setup Hugo
              uses: peaceiris/actions-hugo@v2
              with:
                hugo-version: '0.74.2'
                # extended: true
    
            - name: Build
              run: hugo --minify
    
            - name: Deploy
              id: deploy
              uses: Pendect/action-rsyncer@v1.1.0
              env:
                DEPLOY_KEY: ${{secrets.DEPLOY_KEY}}
              with:
                flags: '-vzcrlp --delete --chmod=Dgo+rx,Fgo+r'
                options: ''
                ssh_options: ''
                src: 'public/'
                dest: 'SSH_USERNAME@SSH_HOST:HOST_PATH'
    
            - name: Display status from deploy
              run: echo "${{ steps.deploy.outputs.status }}"

    Take particular note of the dest: line - this needs to contain the correct parameters the deployment target. The HOST_PATH must include a trailing /, as well. An example dest value is:

                dest: 'bob@ssh.hostingco.com:/home/bob/htdocs/'
  2. Generate Keys

    With the Workflow in place the Action to build the site will work, but when it attempts to rsync it will fail, because the Action doesn't have SSH access. To fix this, generate an SSH key just for the Action. Hit <ENTER> when prompted for a passphrase:

      $ ssh-keygen -f github-action
      Generating public/private rsa key pair.
      Enter passphrase (empty for no passphrase):
      Enter same passphrase again:
      Your identification has been saved in github-action.
      Your public key has been saved in github-action.pub.
      The key fingerprint is:
      SHA256:umfz5GHZ0ke3xcGtXkJZ8fKztu6hSLe+6KEHHOuQMWY
      The key's randomart image is:
      +---[RSA 2048]----+
      |               .o|
      |              .oo|
      |              +oo|
      |       E .   . =.|
      |      o S o   +.*|
      |       + + + o +=|
      |      . o Boo.o= |
      |       .+=o+=.+ o|
      |      .o +=+.=++ |
      +----[SHA256]-----+
    

    This generates a private key in the github-actions file, and a public key in github-actions.pub. Copy the contents of github-actions.pub and add it to the .authorized_keys file on the server to which the site will be deployed.

  3. Give Github the Private Key

    The contents of github-actions (the private key) need to be added to Github. Go to the 'Settings' page for the site's Github repository and select 'Secrets':

    Before adding secrets

    Select 'New Secret'. Enter the 'Name' DEPLOY_KEY and paste the contents of the github-actions private key vile in the 'Value' box:

    Adding the DEPLOY_KEY secret

    After clicking 'Add secret' the key will appear in the list of secrets:

    After adding the secret

  4. Test the Deploy

    Navigate to the 'Actions' tab of the Github repository and select the workflow with the name configured in main.yaml. The 'Run workflow' button will present a menu to select the branch to use.

    The Actions page and menu

    If everything goes well the deploy will churn for a little bit and then display a check-box to indicate success.

A Note on rsync Options

The Action that builds the site checks everything out anew when it runs, which means that the mtimes of the files it generates will always be set to the generation time. rsync, by default, uses the mtime as a cheap way to determine if a file should be sync-ed. To prevent every file on the site from sync-ing every time this setup uses the -c option to indicate that rsync should use file checksums to determine if they should be sync-ed. It also uses the -p option, combined with --chmod=Dgo+rx,Fgo+r to ensure that all files and directories are readable by all users. These can be modified to suit any specific case.

December 13, 2018

Aquarium Drunkard :: 2018 Year In Review

Another year, another fantastic list from Aquarium Drunkard of notable music newly or re-released this year. As usual, here’s an overwhelming playlist of everything that’s available on Spotify.

Notes:

The “sampler” version of Bob Dylan – More Blood, More Tracks -The Bootleg Series Vol. 14 is included; the full compilation is not (yet) available on Spotify.

The albums that comprise Bruce Springsteen – Album Collection Vol 2 are not included.

Environments – App is not included … because it’s a mobile app.

The following albums are not included because they are not available on Spotify:

  • Alice Coltrane – Spiritual Eternal
  • Haruomi Hosono – Cochin Moon, Hosono House, Paraiso, omni Sight Seeing, Philharmony
  • Scientist and Prince Jammy – Scientist and Jammy Strike Back!
  • Long Hots – Monday Night Raw
  • Michael Hurley – Living Ljubljana
  • Bitchin Bajas – Rebajas
  • Pearls Before Swine – Balaklava
  • Parades Against Parades – Driving Me Stoned
  • Ken Boothe – Freedom Street
  • Gloria Barnes – Uptown
  • Carl Weingarten – Living in the Distant Present
  • Wet Tuna – Livin’ The Die
  • Matthew “Doc” Dunn – Lightbourn
  • Give Me My Flowers (Nashboro Gospel Comp)
  • Grant Green – Slick! Live at Oil Can Henry’s
  • Wes Montgomery – In Paris: The Definitive ORTF Recordings
  • Orchestre Abass – De Bassari Togo
  • Maxine Funke – Silk

December 15, 2014

Aquarium Drunkard's 2014 Year In Review

I spent the first two or three months of this year listening to everything from Aquarium Drunkard’s 2013 Year In Review, and then the rest of the year listening to everything from that list that I really liked (Courtney Barnett, Steve Gunn, Mo Kolours, Hiss Golden Messenger, Darkside, Wooden Wand, Kurt Vile, Foxygen, Torres). Needless to say I’ve been anticipating this year’s list since the “end-of-year” lists started rolling out this month and it went up today. Everything that Spotify has available is in this playlist, which will surely be on repeat through March:

July 10, 2014

Opus No. 1

In January This American Life included a story about a man who became obsessed with a particular piece of on-hold music, which turned out to be a song called Opus No. 1:

For some reason this story — and the music — stuck in my mind strongly enough that I recognized the music months later when I was on hold and heard that music. Today I recognized it again as part of a song off of the new album from How To Dress Well – I wonder if Tom Krell listens to This American Life.

April 24, 2014

Shriek

Wye Oak

I love Wye Oak and I’m really digging their upcoming album, Shriek. You can preview it in its entirety at NPR Music.

March 2, 2013

We Found Our Son in the Subway

Danny called me that day, frantic. “I found a baby!” he shouted. “I called 911, but I don’t think they believed me. No one’s coming. I don’t want to leave the baby alone. Get down here and flag down a police car or something.” By nature Danny is a remarkably calm person, so when I felt his heart pounding through the phone line, I knew I had to run.

Read the whole story at the NYT Opinionator