Built With sr.ht sites

Updated

Hello world! Again. Now my blog is finally running in the cloud1!

This time I’m using the terrific SourceHut to automatically build, deploy and host my site, in addition to hosting my git repositories.

Setup

The most important part of this - my .build.yml:

image: alpine/latest
packages:
  - hugo
oauth: pages.sr.ht/PAGES:RW
secrets:
  - f83f7c0c-e142-41d9-9d64-7175040ddc92
sources:
  - git@git.sr.ht:~monotux/www.monotux.tech
environment:
  site: www.monotux.tech
tasks:
- package: |
    cd $site
    make update build package    
- upload: |
    cd $site
    acurl -f https://pages.sr.ht/publish/$site -Fcontent=@site.tar.gz    

And, the Makefile:

DST_DIR := public/

build:
    @hugo --minify

update:
    @git submodule init
    @git submodule update

package:
    @tar -C $(DST_DIR) -cz . > site.tar.gz

clean:
    @rm -rf $(DST_DIR)

serve:
    -@hugo serve -FD

Two issues, one imagined

I ran into one issue when setting this up. At first I thought it was a bug in the srht.site implementation, but later I realized that I just hadn’t read the documentation, and that the builds were failing as the build service wasn’t allowed to check out my private repository.

Here’s the helpful error message:

[#460340] 2021/03/15 20:06:21 Failed to clone repository. If this a private repository, make sure you've added a suitable SSH key.
[#460340] 2021/03/15 20:06:21 https://man.sr.ht/builds.sr.ht/private-repos.md
[#460340] 2021/03/15 20:06:22 Build failed.

So I read the linked documentation, added an unique ssh-ed25519 public key to my profile, and the ssh secret key as a build secret, and included the secret identifier to my .build.yml.

But it seems that only rsa keys are supported with this build service - I was getting invalid format error messages with my ssh-ed25519 keys. I redid the steps above with a rsa key and it worked without issues - maybe this is a limitation in the default Alpine sshd?

[#460340] 2021/03/15 20:06:21 Cloning repositories
Cloning into 'monotux.srht.site'...
Warning: Permanently added 'git.sr.ht,173.195.146.142' (ECDSA) to the list of known hosts.
Load key "/home/build/.ssh/id_rsa": invalid format
git@git.sr.ht: Permission denied (publickey,keyboard-interactive).
fatal: Could not read from remote repository.

Conclusion

It’s working now, and will keep on working long after I get tired of this blog, or foul up in some new way that will lead to the loss of my repositories.


  1. On someone elses computer, that is. ↩︎