Infrastructure Updates

For the last while, the website’s been running on caddy. Caddy’s a really nice piece of software - https integrated as standard with let’s encrypt, http2 support by default and a
simple config file format. It’s pretty cool, I really like it. Unfortunately
it’s not yet in any repos, and I don’t feel particularly secure running a server by starting it with sudo and keeping the files and configs in my home directory.

With my new dedicated box, I’ve got the perfect excuse to start again! I’m gonna go back to nginx as it’s pretty easy to get hold of and I know the config syntax already. Someone else can do the packaging and I’ll just grab updates in my “regular” apt runs.

nginx is configured with letsencrypt for my SSL certificate and all is well.

Publishing to the website is done with git - I can commit to git a new version
of the site (generated with hugo) to the server, and git hooks take care of the rest. The repo on the server was initialised bare (no working directory) and in repo/hooks/post-update it runs

sudo -u www-data git -C /var/www/html pull origin master

The user git has sudo access to run that one command as www-data.git -C allows you to run your git commands in a different directory - in this case, the webroot.

It’s very useful!

i'm hibby · blog ·