diff --git a/README.md b/README.md index ccdbc8c..52b936a 100644 --- a/README.md +++ b/README.md @@ -11,12 +11,12 @@ Linux Distributions, install them like this: Now you can clone the repository: - $ git clone ssh://git@gitlab.hamburg.ccc.de:4242/cryptoparty/website-content.git + $ git clone ssh://forgejo@git.hamburg.ccc.de/Cryptoparty/cryptoparty-website.git If this doesn't work, you may need to add a ssh authentication key to -your gitlab profile on [this page]: +your Forgejo profile on [this page]: -[this page]: https://gitlab.hamburg.ccc.de/profile/keys +[this page]: https://git.hamburg.ccc.de/user/settings/keys Furthermore, you need to checkout the submodules: @@ -64,44 +64,24 @@ If you are satisfied, add it to the branch, and push it to the server: $ git commit -m 'Added new post.' $ git push -Then, [create a merge request] on gitlab. Press the blue button -labeled `Create merge request`. On the following site, press the -green `Submit merge request` button, then press the blue button -labeled `Merge once pipeline succeeds`. Your change will be published -once the continuous integration setup confirmed the validity of the -change. +Then, [create a pull request] on Forgejo. Press the button labeled +`New pull request`. On the following site, select the branch you want to merge +(`my-new-post`) in the `pull from:` dropdown, press the `New pull request` +button and then finally the `Create pull request` button. The CI will now build +a website with your changes. Once that's done and you verified everything looks +alright, you can then merge the pull request to publish the change. -[create a merge request]: https://gitlab.hamburg.ccc.de/cryptoparty/website-content/merge_requests +[create a pull request]: https://git.hamburg.ccc.de/Cryptoparty/cryptoparty-website/pulls How this is set up on the server ================================ -On the server, the website is built using gitlab's ci runner, see -`.gitlab-ci.yml`. To deploy the site, the ci job rsyncs it to the -host. For this purpose, a restricted user is created: +The website gets built and deployed using Forgejo Actions, see +`.forgejo/workflows/deploy.yaml`. It's using the same mechanism for hosting and +deployment as the [CCCHH Website] and is therefore using the CCCHH +infrastructure, see [ansible-infra] and [nix-infra]. - # adduser --system --home /var/www/www-data-rsync --shell /bin/sh --disabled-password --ingroup www-data www-data-rsync +[CCCHH Website]: https://git.hamburg.ccc.de/CCCHH/ccchh-website -Create a key and restrict it to invoke the restricted-rsync script: - - # mkdir /var/www/www-data-rsync/.ssh - # chmod 700 /var/www/www-data-rsync/.ssh - # ssh-keygen -t ed25519 -C 'Used for website deployment.' -f www-data-rsync-id_ed25519 - # echo 'command="/usr/local/bin/rrsync /var/www/html --safe-links",no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOBBpthbSQ3HgOkhoBwsrZCA9VMX7hRftB5t6LePqtr3 Used for website deployment.' > /var/www/www-data-rsync/.ssh/authorized_keys - # chmod 400 /var/www/www-data-rsync/.ssh/authorized_keys - # chown -R www-data-rsync:www-data /var/www/www-data-rsync/.ssh - -Copy the restricted-rsync script from the docs and make it executable: - - # cp /usr/share/doc/rsync/scripts/rrsync /usr/local/bin/ - # chmod +x /usr/local/bin/rrsync - -Finally, allow www-data-rsync to write to the document root: - - # chown root:www-data /var/www/html - # chmod g+w /var/www/html - -The last bit is to supply the generated secret to gitlab's ci runner -via RSYNC_TARGET_SECRET_KEY. Other information that needs to be -provided are RSYNC_TARGET_HOST, RSYNC_TARGET_PORT, -RSYNC_TARGET_HOST_KEY, and RSYNC_TARGET_USER. +[ansible-infra]: https://git.hamburg.ccc.de/CCCHH/ansible-infra +[nix-infra]: https://git.hamburg.ccc.de/CCCHH/nix-infra