set up woodpecker ci with gitea on arch linux
assuming you already have a working gitea and are only one person, idk
install server + agent
1yay -S woodpecker-server woodpecker-agent woodpecker-cli
/etc/woodpecker/server.env
1WOODPECKER_HOST=https://ci.trwnh.com
2WOODPECKER_SERVER_ADDR=:9663
3WOODPECKER_GRPC_ADDR=:9664
4WOODPECKER_ADMIN=a
5WOODPECKER_AGENT_SECRET=randomlongstring # openssl rand -hex 32
6WOODPECKER_GITEA=true
7WOODPECKER_GITEA_URL=https://git.trwnh.com
8WOODPECKER_GITEA_CLIENT= # generate from gitea applications
9WOODPECKER_GITEA_SECRET= # generate from gitea applications
use $WOODPECKER_HOST/authorize
as the redirect uri
/etc/woodpecker/agent.env
1WOODPECKER_SERVER=localhost:9664
2WOODPECKER_AGENT_SECRET=randomlongstring # same secret as the server.env
/etc/gitea/app.ini
1[webhook]
2ALLOWED_HOST_LIST=external,loopback
/etc/nginx/sites/ci.trwnh.com.conf
proxy_pass to $WOODPECKER_SERVER_ADDR
1server {
2 server_name ci.trwnh.com
3 listen 443 ssl http2;
4 listen [::]:443 ssl http2;
5
6 ssl_certificate /etc/letsencrypt/live/trwnh.com/fullchain.pem;
7 ssl_certificate_key /etc/letsencrypt/live/trwnh.com/privkey.pem;
8 include /etc/letsencrypt/options-ssl-nginx.conf;
9 ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
10
11 access_log logs/ci.trwnh.com-access.log main;
12 error_log logs/ci.trwnh.com-error.log;
13
14 location / {
15 proxy_set_header X-Forwarded-For $remote_addr;
16 proxy_set_header X-Forwarded-Proto $scheme;
17 proxy_set_header Host $http_host;
18
19 proxy_pass http://localhost:9663;
20
21 proxy_redirect off;
22 proxy_http_version 1.1;
23 proxy_buffering off;
24 chunked_transfer_encoding off;
25 }
26}
27
28server {
29 server_name ci.trwnh.com;
30 listen 80;
31 listen [::]:80;
32 return 301 https://$host$request_uri;
33}
the whole point of this got dam thing
.woodpecker.yml
1pipeline:
2 build:
3 image: klakegg/hugo
4 commands:
5 - hugo
6 - |
7 mkdir $HOME/.ssh
8 echo "$SSH_KEY" > $HOME/.ssh/id_ed25519
9 echo "$SSH_KNOWN_HOSTS" > $HOME/.ssh/known_hosts
10 chown 600 $HOME/.ssh/id_ed25519
11 rsync -avHAX public/ trwnh.com:/srv/http/wiki.trwnh.com/public/
12 secrets: [SSH_KEY, SSH_KNOWN_HOSTS]
[at this point i give up, it’s not worth building on every single push]
[i should have just used rsync directly]
~/.ssh/config
1Host trwnh.com
2 HostName trwnh.com
3 Port 22222
deploy
1#!/bin/bash
2rsync -avz --delete public/ trwnh.com:/srv/http/wiki.trwnh.com/public
just do chmod +x deploy
and now i just deploy with
1hugo
2./deploy