Hugo with GH actions
Posted on Sun 09 May 2021 in code
Basic idea
I have GitHub actions build the Hugo website then I use scp to copy it over to my remote server. It's a few extra steps to also deploy the site to GitHub Pages, so I do that too.
It's a simple little project. Here are the steps.
- Set up SSH keys to give GitHub access to your server
- Add "secrets" to GitHub so that your Actions can access hidden variables
- Add the Action script to your repo (build website > upload to server > build for GH pages)
- Create a cron job on your server to pick up the files
SSH keys
The idea here is to generate an SSH key on your computer. You then send the public key to the remote server, and you paste your private key into GitHub. That way GitHub can log into your server and dump the new files there.
If ever something goes wrong with GitHub secrets, you can log into your server and delete the key.
First, generate an ssh key on your computer. Put it in a separate place so that you don't mix it up with other keys.
ssh-keygen -f ~/temp/id_rsa
You can then send the public key to your server. If you want to get rid of the key, delete it from authorized_keys.
cat ~/temp/id_rsa.pub | ssh user@hostname 'cat >> .ssh/authorized_keys'
SECRETS
Secrets are encrypted values that can be read securely by your Actions scripts. You can read more about GitHub secrets here: https://docs.github.com/en/actions/reference/encrypted-secrets
Adding a new secret into GitHub is pretty easy. In your repository, navigate here:
Settings -> Secrets -> New repository secret
Let's use this to give GitHub our SSH private key.
Create a new secret and name it KEY. Paste in the private key contents as its value.
If you added a passphrase to your key, add it to a PASSPHRASE secret.
Add these other secrets to GitHub. You have to specify the USERNAME, HOST AND PORT separately.
USERNAMEthe user you want to log into for the scpHOSTprobably an IP addressPORTthe port number, probably 22 if you kept the default
GitHub action
Automated Hugo dump
Here is my full .yml file. The last step Upload is when the files are copied.
You can read more about scp-action here: https://github.com/appleboy/scp-action
I stuck to the basic Hugo action. I tried with the latest version of Hugo, but that didn't work. You can tweak your actions by reading the README: https://github.com/peaceiris/actions-hugo
name: hugo deploy
on:
push:
branches:
- master
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
submodules: true # Fetch Hugo themes (true OR recursive)
fetch-depth: 0 # Fetch all history for .GitInfo and .Lastmod
- name: Setup Hugo
uses: peaceiris/actions-hugo@v2
with:
hugo-version: '0.81.0'
extended: true
- name: Build
run: hugo --minify
- name: Upload
uses: appleboy/scp-action@master
with:
username: ${{ secrets.USERNAME }}
host: ${{ secrets.HOST }}
port: ${{ secrets.PORT }}
passphrase: ${{ secrets.PASSPHRASE }}
key: ${{ secrets.KEY }}
source: "./public"
target: "gh_page"
rm: true
Don't forget your pages
I also want to deploy to GitHub pages, so I add these steps at the end.
- name: Config
run: |
sed -i "s=${{ secrets.DO_DOMAIN }}=${{ secrets.GH_DOMAIN }}=" config.toml
hugo --minify
- name: Deploy
uses: peaceiris/actions-gh-pages@v3
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
publish_dir: ./public
The sed command edits my Hugo config.toml to point to the GH pages address. I can then deploy, and the site will work properly. If you don't do this, the site will be broken.
Pro tip: you can run multiple commands by using run: |. You can see this below.
Final step: cron job
On your server, run sudo crontab -e to start a regular job as ROOT. This will regularly copy your files to the web server.
A file will open in your console, where you can paste
0 * * * * rsync -avh /home/username/gh_page/public/ /var/www/example.com/