name: Build and Deploy Prod # only run on changes to main on: schedule: - cron: 0 13 * * * workflow_dispatch: push: branches: - main concurrency: # prevent concurrent deploys doing strange things group: deploy-prod cancel-in-progress: true # Default to bash defaults: run: shell: bash jobs: deploy: name: Build and deploy Hugo site runs-on: ubuntu-latest steps: - name: Hugo setup uses: peaceiris/actions-hugo@v2.6.0 with: hugo-version: '0.121.1' extended: true - name: Checkout uses: actions/checkout@v4 with: submodules: recursive - name: Connect to Tailscale uses: tailscale/github-action@v2 with: oauth-client-id: ${{ secrets.TS_API_CLIENT_ID }} oauth-secret: ${{ secrets.TS_API_CLIENT_SECRET }} tags: ${{ secrets.TS_TAG }} - name: Configure SSH known hosts run: | mkdir -p ~/.ssh echo "${{ secrets.SSH_KNOWN_HOSTS }}" > ~/.ssh/known_hosts chmod 644 ~/.ssh/known_hosts - name: Build with Hugo run: HUGO_REMOTE_FONT_PATH=${{ secrets.REMOTE_FONT_PATH }} hugo --minify - name: Insert 404 page run: | cp public/404/index.html public/not_found.html - name: Highlight with Torchlight run: | npm i @torchlight-api/torchlight-cli TORCHLIGHT_TOKEN=${{ secrets.TORCHLIGHT_TOKEN }} npx torchlight - name: Deploy to Bunny uses: ayeressian/bunnycdn-storage-deploy@v2.2.2 with: source: public destination: / storageZoneName: "${{ secrets.BUNNY_STORAGE_NAME }}" storagePassword: "${{ secrets.BUNNY_STORAGE_PASSWORD }}" storageEndpoint: "${{ secrets.BUNNY_STORAGE_ENDPOINT }}" accessKey: "${{ secrets.BUNNY_API_KEY }}" pullZoneId: "${{ secrets.BUNNY_ZONE_ID }}" upload: "true" remove: "true" purgePullZone: "true" - name: Deploy GMI to Agate run: | rsync -avz --delete --exclude='*.html' --exclude='*.css' --exclude='*.js' -e ssh public/ deploy@${{ secrets.GMI_HOST }}:${{ secrets.GMI_CONTENT_PATH }}