There is an accompanying video devlog available on YouTube, where I go more in depth about how this stuff is actually implemented: https://www.youtube.com/watch?v=c6z5A_PRodg.
Recently I went down the Kubernetes rabbit-hole and automated my whole blog’s pipeline. From build to deployment. No GitHub actions or any other 3rd party CI provider. All self-hosted, literally. Well, with the sole exception of CloudFlare Tunnels, of course.
How did I do it?
For starters, my blog repository is deployed as static files in a NGINX Docker container. As part of the build process, I execute a little CLI tool I built in Zig to transform my posts from markdown to html.
So, I process the posts, build the image, tag it appropriately and push it to Docker Hub. This is all automated in my git server, as we’ll see in a minute.
Next, my stuff is hosted in a git server that I own. This server is exposed via SSH and cloudflare tunnels. I have it configured to only allow public key authentication and no root login, for example. Also, the SSH port is not publicly exposed and is only accessible via cloudflared.
Now, Git has hooks for both server and client. In this case, we are interested in the post-receive server hook. This hook runs after the changes have been accepted by the server, so we have access to the latest code.
In my case, what the hook does is clone the repository from the bare repo in the server, execute the build script (that is located in the cloned repository), and finally executes a rollout in my Kubernetes cluster to pull the latest image.
So, that’s it. A pretty damn simple configuration, if I may say.
Next steps for me would be to configure redundancy for the disk where my git stuff is. Right now I have the stuff in my local dev machine and on that server, but ideally I’d want to make backups to an external drive periodically.
If you, dear reader, have any tips or tricks for me, please feel free to contact me in whichever way you might deem appropriate.