From e36c26507a2a9d58627f54b2fc1f4dea0a1bf4c0 Mon Sep 17 00:00:00 2001 From: Damien Arnodo Date: Wed, 19 Nov 2025 11:50:14 +0000 Subject: [PATCH 01/13] Add Gitea Actions workflow for Scaleway deployment --- .gitea/workflows/deploy.yml | 50 +++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 .gitea/workflows/deploy.yml diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml new file mode 100644 index 0000000..93bf665 --- /dev/null +++ b/.gitea/workflows/deploy.yml @@ -0,0 +1,50 @@ +name: Deploy to Scaleway + +on: + push: + branches: + - main + +jobs: + build-and-deploy: + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + submodules: recursive + fetch-depth: 0 + + - name: Setup Hugo + uses: peaceiris/actions-hugo@v2 + with: + hugo-version: 'latest' + extended: true + + - name: Build Hugo site + run: hugo --minify + + - name: Install s3cmd + run: | + sudo apt-get update + sudo apt-get install -y s3cmd + + - name: Configure s3cmd for Scaleway + run: | + cat > ~/.s3cfg << EOF + [default] + access_key = ${{ secrets.SCW_ACCESS_KEY }} + secret_key = ${{ secrets.SCW_SECRET_KEY }} + host_base = s3.fr-par.scw.cloud + host_bucket = %(bucket)s.s3.fr-par.scw.cloud + use_https = True + EOF + + - name: Deploy to Scaleway Object Storage + run: | + s3cmd sync --delete-removed --acl-public public/ s3://${{ secrets.SCW_BUCKET_NAME }}/ + + - name: Invalidate cache (optional) + run: | + echo "If using Scaleway CDN, add cache invalidation here" -- 2.52.0 From 06185eacb0ae42208dcbbf1e6ad2acb35661e652 Mon Sep 17 00:00:00 2001 From: Damien Arnodo Date: Wed, 19 Nov 2025 11:50:55 +0000 Subject: [PATCH 02/13] Add comprehensive Scaleway deployment documentation --- docs/SCALEWAY_DEPLOYMENT.md | 266 ++++++++++++++++++++++++++++++++++++ 1 file changed, 266 insertions(+) create mode 100644 docs/SCALEWAY_DEPLOYMENT.md diff --git a/docs/SCALEWAY_DEPLOYMENT.md b/docs/SCALEWAY_DEPLOYMENT.md new file mode 100644 index 0000000..9e953ed --- /dev/null +++ b/docs/SCALEWAY_DEPLOYMENT.md @@ -0,0 +1,266 @@ +# Scaleway Deployment Guide for notebook.arnodo.fr + +This guide explains how to deploy your Hugo website to Scaleway using Gitea Actions and serve it at `notebook.arnodo.fr`. + +## Architecture Overview + +``` +Gitea (gitea.arnodo.fr) → Gitea Actions → Build Hugo → Deploy to Scaleway Object Storage → Served via notebook.arnodo.fr +``` + +## Prerequisites + +- Scaleway account +- Scaleway CLI installed (optional but recommended) +- Domain `arnodo.fr` with DNS control +- Gitea Actions enabled on your Gitea instance + +## Step 1: Create Scaleway Object Storage Bucket + +### Via Scaleway Console: +1. Go to **Object Storage** in Scaleway console +2. Click **Create a bucket** +3. Name: `notebook-arnodo-fr` (or your choice) +4. Region: `fr-par` (Paris) - recommended for France +5. Click **Create bucket** + +### Via Scaleway CLI: +```bash +scw object bucket create name=notebook-arnodo-fr region=fr-par +``` + +## Step 2: Configure Bucket for Static Website Hosting + +### Via Console: +1. Go to your bucket +2. Click **Bucket settings** +3. Enable **Website configuration** +4. Set index document: `index.html` +5. Set error document: `404.html` + +### Via CLI: +```bash +scw object bucket update notebook-arnodo-fr website-enable=true website-index=index.html website-error=404.html region=fr-par +``` + +## Step 3: Create Scaleway API Keys + +1. Go to **IAM** → **API Keys** +2. Click **Generate API key** +3. Name it: `gitea-ci-deployment` +4. Save both: + - **Access Key ID** + - **Secret Access Key** + +## Step 4: Configure Bucket Policy for Public Read + +Create a bucket policy to allow public read access: + +```json +{ + "Version": "2023-04-17", + "Id": "PublicRead", + "Statement": [ + { + "Sid": "PublicReadGetObject", + "Effect": "Allow", + "Principal": "*", + "Action": "s3:GetObject", + "Resource": "notebook-arnodo-fr/*" + } + ] +} +``` + +Apply via CLI: +```bash +cat > policy.json << EOF +{ + "Version": "2023-04-17", + "Id": "PublicRead", + "Statement": [ + { + "Sid": "PublicReadGetObject", + "Effect": "Allow", + "Principal": "*", + "Action": "s3:GetObject", + "Resource": "notebook-arnodo-fr/*" + } + ] +} +EOF + +scw object bucket update notebook-arnodo-fr --policy=@policy.json region=fr-par +``` + +## Step 5: Configure Gitea Secrets + +Add these secrets to your Gitea repository: + +1. Go to your Notebook repository in Gitea +2. Navigate to **Settings** → **Secrets** +3. Add the following secrets: + - `SCW_ACCESS_KEY`: Your Scaleway Access Key + - `SCW_SECRET_KEY`: Your Scaleway Secret Key + - `SCW_BUCKET_NAME`: `notebook-arnodo-fr` + +## Step 6: DNS Configuration + +### Option A: Direct S3 Bucket Access (Simple) + +Add a CNAME record: +``` +notebook.arnodo.fr CNAME notebook-arnodo-fr.s3-website.fr-par.scw.cloud. +``` + +**Note**: The bucket URL will be: `http://notebook-arnodo-fr.s3-website.fr-par.scw.cloud` + +### Option B: Using Scaleway CDN (Recommended for Production) + +1. Go to **Scaleway CDN** in console +2. Create a new CDN endpoint +3. Origin: Your bucket endpoint +4. Custom domain: `notebook.arnodo.fr` +5. Enable SSL/TLS +6. Add CNAME record as provided by Scaleway + +### Option C: Using Nginx Reverse Proxy on Scaleway Instance + +If you want more control: + +1. Create a Scaleway Instance (smallest one: DEV1-S) +2. Install Nginx +3. Configure Nginx to proxy to your S3 bucket + +Nginx config example: +```nginx +server { + listen 80; + server_name notebook.arnodo.fr; + + location / { + proxy_pass http://notebook-arnodo-fr.s3-website.fr-par.scw.cloud; + proxy_set_header Host notebook-arnodo-fr.s3-website.fr-par.scw.cloud; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } +} +``` + +4. Set up Let's Encrypt for HTTPS: +```bash +sudo apt install certbot python3-certbot-nginx +sudo certbot --nginx -d notebook.arnodo.fr +``` + +## Step 7: Test the Deployment + +1. Commit and push to the `main` branch +2. Check Gitea Actions for build status +3. Verify files are uploaded to Scaleway bucket +4. Access your site at `notebook.arnodo.fr` + +## Verification Commands + +Check bucket contents: +```bash +s3cmd ls s3://notebook-arnodo-fr/ +``` + +Test website endpoint: +```bash +curl -I http://notebook-arnodo-fr.s3-website.fr-par.scw.cloud +``` + +## Cost Estimation (Scaleway) + +### Object Storage: +- Storage: €0.01 per GB/month +- Outbound traffic: First 75 GB free, then €0.01 per GB +- Typical blog (1 GB): ~€0.01/month + traffic + +### Optional Instance (if using reverse proxy): +- DEV1-S: ~€0.01/hour (~€7/month) +- With 100% uptime SLA: ~€10/month + +### CDN (if needed): +- €1/month base + traffic costs + +## Troubleshooting + +### Build fails in Gitea Actions +- Check Hugo version compatibility +- Verify theme submodules are properly checked out +- Check build logs in Gitea Actions tab + +### Files not accessible +- Verify bucket policy allows public read +- Check bucket website configuration +- Ensure files were uploaded (check s3cmd output) + +### DNS not resolving +- Wait for DNS propagation (up to 48 hours, usually minutes) +- Verify CNAME record with: `dig notebook.arnodo.fr` +- Check TTL settings + +### SSL Certificate Issues +- If using reverse proxy, ensure Certbot ran successfully +- If using CDN, verify SSL certificate provisioning in Scaleway console + +## Migration from GitHub Pages + +1. Remove GitHub Actions workflow (or keep both temporarily) +2. Update any hardcoded URLs in your Hugo config +3. Verify all functionality works on Scaleway +4. Update DNS from GitHub Pages to Scaleway +5. Remove GitHub Pages when satisfied + +## Advanced: Cache Invalidation + +If using Scaleway CDN, add cache invalidation to workflow: + +```bash +# Install Scaleway CLI in workflow +- name: Install Scaleway CLI + run: | + curl -o /usr/local/bin/scw -L "https://github.com/scaleway/scaleway-cli/releases/latest/download/scaleway-cli_$(uname -s)_$(uname -m)" + chmod +x /usr/local/bin/scw + +- name: Invalidate CDN cache + run: | + scw edge invalidate path=/* zone=fr-par + env: + SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }} + SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }} +``` + +## Monitoring + +Set up Scaleway monitoring: +1. Enable bucket metrics in Scaleway console +2. Configure alerts for: + - High traffic usage + - Failed requests + - Storage size + +## Backup Strategy + +While Object Storage is highly durable, consider: +1. Git repository is your source of truth +2. Enable Object Storage versioning +3. Consider cross-region replication for critical sites + +## Next Steps + +1. Enable HTTPS (via CDN or reverse proxy) +2. Configure custom error pages +3. Set up monitoring and alerts +4. Optimize images and assets +5. Consider adding a CDN for global performance + +--- + +For questions or issues, refer to: +- [Scaleway Object Storage Docs](https://www.scaleway.com/en/docs/storage/object/) +- [Hugo Documentation](https://gohugo.io/documentation/) +- [Gitea Actions Documentation](https://docs.gitea.com/usage/actions) -- 2.52.0 From 9460b1d6761f52ead1eef4de72883a3ec4548b45 Mon Sep 17 00:00:00 2001 From: Damien Arnodo Date: Wed, 19 Nov 2025 11:51:12 +0000 Subject: [PATCH 03/13] Add Scaleway setup automation script --- scripts/setup-scaleway.sh | 114 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 114 insertions(+) create mode 100644 scripts/setup-scaleway.sh diff --git a/scripts/setup-scaleway.sh b/scripts/setup-scaleway.sh new file mode 100644 index 0000000..4dbe65c --- /dev/null +++ b/scripts/setup-scaleway.sh @@ -0,0 +1,114 @@ +#!/bin/bash + +# Scaleway Deployment Setup Script +# This script helps configure your Scaleway environment for Hugo deployment + +set -e + +echo "==========================================" +echo "Scaleway Hugo Deployment Setup" +echo "==========================================" +echo "" + +# Colors for output +RED='\033[0;31m' +GREEN='\033[0;32m' +YELLOW='\033[1;33m' +NC='\033[0m' # No Color + +# Check if scw CLI is installed +if ! command -v scw &> /dev/null; then + echo -e "${RED}Error: Scaleway CLI (scw) is not installed${NC}" + echo "Install it from: https://github.com/scaleway/scaleway-cli" + exit 1 +fi + +echo -e "${GREEN}✓ Scaleway CLI found${NC}" +echo "" + +# Configuration +read -p "Enter your bucket name (default: notebook-arnodo-fr): " BUCKET_NAME +BUCKET_NAME=${BUCKET_NAME:-notebook-arnodo-fr} + +read -p "Enter region (default: fr-par): " REGION +REGION=${REGION:-fr-par} + +echo "" +echo "Configuration:" +echo " Bucket: $BUCKET_NAME" +echo " Region: $REGION" +echo "" + +read -p "Create bucket? (y/n): " CREATE_BUCKET + +if [[ $CREATE_BUCKET =~ ^[Yy]$ ]]; then + echo -e "${YELLOW}Creating bucket...${NC}" + scw object bucket create name="$BUCKET_NAME" region="$REGION" || { + echo -e "${RED}Failed to create bucket. It might already exist.${NC}" + } + echo -e "${GREEN}✓ Bucket created/verified${NC}" +fi + +echo "" +read -p "Configure bucket for static website hosting? (y/n): " CONFIGURE_WEBSITE + +if [[ $CONFIGURE_WEBSITE =~ ^[Yy]$ ]]; then + echo -e "${YELLOW}Configuring static website hosting...${NC}" + scw object bucket update "$BUCKET_NAME" \ + --website-enable=true \ + --website-index=index.html \ + --website-error=404.html \ + region="$REGION" + echo -e "${GREEN}✓ Website hosting configured${NC}" +fi + +echo "" +read -p "Apply public read bucket policy? (y/n): " APPLY_POLICY + +if [[ $APPLY_POLICY =~ ^[Yy]$ ]]; then + echo -e "${YELLOW}Creating bucket policy...${NC}" + + cat > /tmp/bucket-policy.json << EOF +{ + "Version": "2023-04-17", + "Id": "PublicRead", + "Statement": [ + { + "Sid": "PublicReadGetObject", + "Effect": "Allow", + "Principal": "*", + "Action": "s3:GetObject", + "Resource": "$BUCKET_NAME/*" + } + ] +} +EOF + + scw object bucket update "$BUCKET_NAME" \ + --policy=@/tmp/bucket-policy.json \ + region="$REGION" + + rm /tmp/bucket-policy.json + echo -e "${GREEN}✓ Public read policy applied${NC}" +fi + +echo "" +echo -e "${GREEN}==========================================" +echo "Setup Complete!" +echo "==========================================${NC}" +echo "" +echo "Bucket endpoint: http://$BUCKET_NAME.s3-website.$REGION.scw.cloud" +echo "" +echo "Next steps:" +echo "1. Add Scaleway API keys to Gitea repository secrets:" +echo " - SCW_ACCESS_KEY" +echo " - SCW_SECRET_KEY" +echo " - SCW_BUCKET_NAME=$BUCKET_NAME" +echo "" +echo "2. Configure DNS CNAME record:" +echo " notebook.arnodo.fr CNAME $BUCKET_NAME.s3-website.$REGION.scw.cloud." +echo "" +echo "3. Push to main branch to trigger deployment" +echo "" +echo "4. Test your site at: http://$BUCKET_NAME.s3-website.$REGION.scw.cloud" +echo "" -- 2.52.0 From e205f4f3538404d2d34883e08e900a5f0c0217ed Mon Sep 17 00:00:00 2001 From: Damien Arnodo Date: Wed, 19 Nov 2025 11:51:56 +0000 Subject: [PATCH 04/13] Add Docker-based deployment alternative for Scaleway --- docs/SCALEWAY_DEPLOYMENT_DOCKER.md | 353 +++++++++++++++++++++++++++++ 1 file changed, 353 insertions(+) create mode 100644 docs/SCALEWAY_DEPLOYMENT_DOCKER.md diff --git a/docs/SCALEWAY_DEPLOYMENT_DOCKER.md b/docs/SCALEWAY_DEPLOYMENT_DOCKER.md new file mode 100644 index 0000000..99b5ebe --- /dev/null +++ b/docs/SCALEWAY_DEPLOYMENT_DOCKER.md @@ -0,0 +1,353 @@ +# Alternative: Docker-based Deployment on Scaleway Instance + +This guide provides an alternative deployment method using a Scaleway instance with Docker and Nginx. + +## Advantages of this Method + +- Full control over the web server +- Easy SSL/TLS setup with Let's Encrypt +- Better caching control +- Custom redirects and URL rewriting +- Lower egress costs for high-traffic sites + +## Architecture + +``` +Gitea → Build Hugo → Push to Scaleway Registry → Deploy to Instance via Docker +``` + +## Step 1: Create Scaleway Instance + +```bash +scw instance server create \ + name=notebook-server \ + type=DEV1-S \ + image=ubuntu_jammy \ + zone=fr-par-1 +``` + +Or via console: Create a DEV1-S instance with Ubuntu 22.04 + +## Step 2: Install Docker on Instance + +SSH into your instance and run: + +```bash +# Update system +sudo apt update && sudo apt upgrade -y + +# Install Docker +curl -fsSL https://get.docker.com -o get-docker.sh +sudo sh get-docker.sh +sudo usermod -aG docker $USER + +# Install Docker Compose +sudo apt install docker-compose-plugin -y + +# Install Nginx and Certbot +sudo apt install nginx certbot python3-certbot-nginx -y +``` + +## Step 3: Create Docker Deployment Structure + +On your instance, create: + +```bash +mkdir -p /opt/notebook +cd /opt/notebook +``` + +Create `docker-compose.yml`: + +```yaml +version: '3.8' + +services: + nginx: + image: nginx:alpine + container_name: notebook-nginx + ports: + - "80:80" + - "443:443" + volumes: + - ./public:/usr/share/nginx/html:ro + - ./nginx.conf:/etc/nginx/conf.d/default.conf:ro + - ./ssl:/etc/nginx/ssl:ro + restart: unless-stopped +``` + +Create `nginx.conf`: + +```nginx +server { + listen 80; + server_name notebook.arnodo.fr; + + # Redirect to HTTPS + return 301 https://$server_name$request_uri; +} + +server { + listen 443 ssl http2; + server_name notebook.arnodo.fr; + + ssl_certificate /etc/nginx/ssl/fullchain.pem; + ssl_certificate_key /etc/nginx/ssl/privkey.pem; + + # Security headers + add_header X-Frame-Options "SAMEORIGIN" always; + add_header X-Content-Type-Options "nosniff" always; + add_header X-XSS-Protection "1; mode=block" always; + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + + root /usr/share/nginx/html; + index index.html; + + # Compression + gzip on; + gzip_vary on; + gzip_min_length 1024; + gzip_types text/plain text/css text/xml text/javascript + application/x-javascript application/xml+rss + application/javascript application/json; + + # Cache static assets + location ~* \.(jpg|jpeg|png|gif|ico|css|js|svg|woff|woff2|ttf|eot)$ { + expires 1y; + add_header Cache-Control "public, immutable"; + } + + # Hugo pretty URLs + location / { + try_files $uri $uri/ $uri.html =404; + } + + # Custom 404 page + error_page 404 /404.html; +} +``` + +## Step 4: Configure DNS + +Point your domain to the Scaleway instance: + +``` +notebook.arnodo.fr A +``` + +## Step 5: Setup SSL Certificate + +```bash +sudo certbot certonly --standalone -d notebook.arnodo.fr + +# Copy certificates to project directory +sudo cp /etc/letsencrypt/live/notebook.arnodo.fr/fullchain.pem /opt/notebook/ssl/ +sudo cp /etc/letsencrypt/live/notebook.arnodo.fr/privkey.pem /opt/notebook/ssl/ +sudo chown -R $USER:$USER /opt/notebook/ssl +``` + +Set up auto-renewal: + +```bash +# Add to crontab +0 0 1 * * certbot renew && cp /etc/letsencrypt/live/notebook.arnodo.fr/*.pem /opt/notebook/ssl/ && docker-compose -f /opt/notebook/docker-compose.yml restart nginx +``` + +## Step 6: Update Gitea Workflow + +Create `.gitea/workflows/deploy-docker.yml`: + +```yaml +name: Deploy to Scaleway Instance + +on: + push: + branches: + - main + +jobs: + build-and-deploy: + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + submodules: recursive + fetch-depth: 0 + + - name: Setup Hugo + uses: peaceiris/actions-hugo@v2 + with: + hugo-version: 'latest' + extended: true + + - name: Build Hugo site + run: hugo --minify + + - name: Install rsync + run: sudo apt-get install -y rsync + + - name: Setup SSH key + run: | + mkdir -p ~/.ssh + echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa + chmod 600 ~/.ssh/id_rsa + ssh-keyscan -H ${{ secrets.SERVER_IP }} >> ~/.ssh/known_hosts + + - name: Deploy to server + run: | + rsync -avz --delete \ + -e "ssh -i ~/.ssh/id_rsa -o StrictHostKeyChecking=no" \ + public/ \ + ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_IP }}:/opt/notebook/public/ + + - name: Restart Nginx + run: | + ssh -i ~/.ssh/id_rsa ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_IP }} \ + "cd /opt/notebook && docker-compose restart nginx" +``` + +## Step 7: Configure Gitea Secrets + +Add to repository secrets: +- `SSH_PRIVATE_KEY`: Your SSH private key for the instance +- `SERVER_IP`: Your Scaleway instance IP +- `SERVER_USER`: SSH user (usually `root` or `ubuntu`) + +## Step 8: Create Deployment User (Recommended) + +For better security, create a dedicated deployment user: + +```bash +# On the Scaleway instance +sudo useradd -m -s /bin/bash deployer +sudo usermod -aG docker deployer +sudo chown -R deployer:deployer /opt/notebook + +# Generate SSH key on your local machine +ssh-keygen -t ed25519 -C "gitea-deployment" -f ~/.ssh/notebook_deploy + +# Copy public key to instance +ssh-copy-id -i ~/.ssh/notebook_deploy.pub deployer@ +``` + +Then update the workflow to use `deployer` user. + +## Cost Analysis + +### Monthly Costs: +- **DEV1-S Instance**: ~€7-10/month +- **100 GB outbound traffic**: Included +- **Additional traffic**: €0.01/GB +- **Total**: ~€10/month for typical blog traffic + +### Comparison with Object Storage: +- **More predictable costs** +- Better for high-traffic sites +- More control over caching and optimization +- Easier SSL/TLS management + +## Monitoring + +Install monitoring tools: + +```bash +# Install Prometheus Node Exporter +docker run -d \ + --name=node-exporter \ + --net="host" \ + --pid="host" \ + -v "/:/host:ro,rslave" \ + quay.io/prometheus/node-exporter:latest \ + --path.rootfs=/host +``` + +Or use Scaleway monitoring (free): +- Enable in console under Instance → Monitoring +- Set up alerts for CPU, memory, disk usage + +## Backup Strategy + +1. **Automated backups**: +```bash +# Add to crontab +0 2 * * * tar -czf /backup/notebook-$(date +\%Y\%m\%d).tar.gz /opt/notebook +``` + +2. **Use Scaleway snapshots**: +```bash +scw instance snapshot create volume-id= name=notebook-backup +``` + +## Security Hardening + +1. **Configure firewall**: +```bash +sudo ufw allow 22/tcp +sudo ufw allow 80/tcp +sudo ufw allow 443/tcp +sudo ufw enable +``` + +2. **Disable password authentication**: +Edit `/etc/ssh/sshd_config`: +``` +PasswordAuthentication no +PubkeyAuthentication yes +``` + +3. **Keep system updated**: +```bash +sudo apt update && sudo apt upgrade -y +``` + +4. **Install fail2ban**: +```bash +sudo apt install fail2ban -y +sudo systemctl enable fail2ban +``` + +## Troubleshooting + +### Check logs: +```bash +docker-compose -f /opt/notebook/docker-compose.yml logs -f +``` + +### Test Nginx config: +```bash +docker-compose exec nginx nginx -t +``` + +### Check SSL certificate: +```bash +openssl s_client -connect notebook.arnodo.fr:443 -servername notebook.arnodo.fr +``` + +## Performance Optimization + +Add to `nginx.conf`: + +```nginx +# HTTP/2 Server Push +http2_push_preload on; + +# Connection optimization +keepalive_timeout 65; +keepalive_requests 100; + +# Buffer sizes +client_body_buffer_size 128k; +client_max_body_size 10m; +``` + +Enable Brotli compression (optional): +```bash +# Add Brotli module to nginx container +# Or use a pre-built image with Brotli support +``` + +--- + +This Docker-based approach gives you more control and can be more cost-effective for sites with consistent traffic patterns. -- 2.52.0 From 9b3fd92b6a454d335de1376c40e5ac33a34cfa68 Mon Sep 17 00:00:00 2001 From: Damien Arnodo Date: Wed, 19 Nov 2025 11:52:36 +0000 Subject: [PATCH 05/13] Add comprehensive deployment options comparison guide --- docs/DEPLOYMENT_COMPARISON.md | 273 ++++++++++++++++++++++++++++++++++ 1 file changed, 273 insertions(+) create mode 100644 docs/DEPLOYMENT_COMPARISON.md diff --git a/docs/DEPLOYMENT_COMPARISON.md b/docs/DEPLOYMENT_COMPARISON.md new file mode 100644 index 0000000..75b39b6 --- /dev/null +++ b/docs/DEPLOYMENT_COMPARISON.md @@ -0,0 +1,273 @@ +# Deployment Options Comparison + +## Quick Decision Guide + +Choose based on your priorities: + +| Factor | Object Storage | Docker Instance | GitHub Pages (current) | +|--------|---------------|-----------------|------------------------| +| **Cost** | ~€1-2/month | ~€10/month | Free | +| **Setup Complexity** | Low | Medium | Very Low | +| **Control** | Limited | Full | Limited | +| **SSL/TLS** | Via CDN | Let's Encrypt | Automatic | +| **Custom Domain** | ✅ | ✅ | ✅ | +| **Scalability** | Excellent | Limited | Excellent | +| **Maintenance** | None | Regular updates | None | + +## Deployment Methods Overview + +### 1. Object Storage (S3-compatible) + +**Best for**: Low-traffic blogs, simple hosting needs + +**Pros**: +- Very low cost +- No server maintenance +- Highly scalable +- Built-in redundancy +- Pay only for what you use + +**Cons**: +- Limited server-side features +- HTTPS requires CDN or custom setup +- Less control over caching +- No server-side redirects + +**Setup time**: 30 minutes + +**Files needed**: +- `.gitea/workflows/deploy.yml` +- Scaleway API credentials + +**Documentation**: [SCALEWAY_DEPLOYMENT.md](./SCALEWAY_DEPLOYMENT.md) + +--- + +### 2. Docker on Scaleway Instance + +**Best for**: Sites needing more control, custom configurations + +**Pros**: +- Full server control +- Easy SSL with Let's Encrypt +- Custom Nginx configuration +- Server-side redirects/rewrites +- Better caching control +- No per-request costs + +**Cons**: +- Higher fixed cost +- Requires server maintenance +- Need to manage updates +- Single point of failure (without HA) + +**Setup time**: 1-2 hours + +**Files needed**: +- `.gitea/workflows/deploy-docker.yml` +- SSH key pair +- Docker Compose configuration + +**Documentation**: [SCALEWAY_DEPLOYMENT_DOCKER.md](./SCALEWAY_DEPLOYMENT_DOCKER.md) + +--- + +## Cost Breakdown + +### Object Storage +``` +Storage: 1 GB × €0.01 = €0.01/month +Traffic: 50 GB/month (first 75 GB free) +Total: €0.01-0.50/month +``` + +### Object Storage + CDN +``` +CDN base: €1/month +Storage: €0.01/month +Traffic: Reduced origin traffic +SSL: Included +Total: €1-3/month +``` + +### Docker Instance (DEV1-S) +``` +Instance: €7-10/month +Traffic: 100 GB included +SSL: Free (Let's Encrypt) +Total: €10/month (predictable) +``` + +### GitHub Pages (Current) +``` +Free for public repositories +Custom domain: ✅ +SSL: Automatic +Limits: 100 GB bandwidth/month, 1 GB storage +``` + +--- + +## Traffic Threshold Analysis + +When to choose each option: + +### Stay with GitHub Pages if: +- Traffic < 100 GB/month +- No special requirements +- Happy with current setup + +### Choose Object Storage if: +- Want French hosting +- Traffic 100-500 GB/month +- Need cost optimization +- Minimal configuration needs + +### Choose Docker Instance if: +- Need custom server config +- Traffic > 500 GB/month +- Want full control +- Need advanced features (auth, API endpoints, etc.) + +--- + +## Migration Path + +### Phase 1: Parallel Deployment +1. Keep GitHub Pages active +2. Set up Scaleway (either method) +3. Test thoroughly + +### Phase 2: DNS Switch +``` +notebook.arnodo.fr → Scaleway +netlify/pages subdomain → keep as backup +``` + +### Phase 3: Complete Migration +- Update all links +- Verify analytics +- Monitor for 30 days +- Decommission old setup + +--- + +## Performance Comparison + +| Metric | GitHub Pages | Object Storage | Docker Instance | +|--------|-------------|----------------|-----------------| +| **TTFB** | ~50-100ms | ~30-50ms | ~20-40ms | +| **Global CDN** | ✅ | Optional | No (single region) | +| **HTTP/2** | ✅ | ✅ | ✅ | +| **Brotli** | ✅ | ❌ | ✅ (configurable) | +| **Caching** | Good | Basic | Full control | + +--- + +## Recommended Approach + +### For Your Use Case (Network Engineer Blog): + +I recommend **Object Storage** initially because: + +1. **Cost-effective**: ~€1/month vs €10/month +2. **Low maintenance**: No server to manage +3. **Scalable**: Can handle traffic spikes +4. **French hosting**: Data sovereignty if needed +5. **Easy rollback**: Keep GitHub Pages as backup + +### Upgrade path: +``` +Object Storage → Add CDN if needed → Docker instance only if traffic justifies it +``` + +--- + +## Implementation Checklist + +### Object Storage Setup +- [ ] Create Scaleway account +- [ ] Create Object Storage bucket +- [ ] Configure bucket for static hosting +- [ ] Generate API keys +- [ ] Add secrets to Gitea +- [ ] Update DNS +- [ ] Test deployment +- [ ] Monitor costs + +### Docker Instance Setup +- [ ] Create Scaleway instance +- [ ] Install Docker and dependencies +- [ ] Configure Nginx +- [ ] Set up SSL certificate +- [ ] Create deployment user +- [ ] Configure SSH keys +- [ ] Update Gitea workflow +- [ ] Set up monitoring +- [ ] Configure backups + +--- + +## Maintenance Requirements + +### Object Storage +- **Daily**: None +- **Weekly**: None +- **Monthly**: Review costs +- **Yearly**: Review retention policy + +### Docker Instance +- **Daily**: Check monitoring +- **Weekly**: Review logs +- **Monthly**: Apply security updates +- **Quarterly**: Review backups, update SSL + +--- + +## Support & Resources + +### Scaleway +- Docs: https://www.scaleway.com/en/docs/ +- Support: Via console ticket system +- Community: Discord, Forum + +### Hugo +- Docs: https://gohugo.io/documentation/ +- Community: Forum, Discord + +### Gitea +- Docs: https://docs.gitea.com/ +- Actions: https://docs.gitea.com/usage/actions + +--- + +## Emergency Rollback Plan + +If Scaleway deployment fails: + +1. **Keep GitHub Pages active** during testing +2. **DNS TTL**: Set to 300s (5 min) during migration +3. **Rollback**: Change DNS back to GitHub Pages +4. **Monitoring**: Set up uptime monitoring (UptimeRobot, etc.) + +--- + +## Next Steps + +1. ✅ Review both deployment options +2. ⬜ Choose deployment method +3. ⬜ Run setup script (`scripts/setup-scaleway.sh`) +4. ⬜ Configure DNS +5. ⬜ Add secrets to Gitea +6. ⬜ Merge deployment branch +7. ⬜ Test deployment +8. ⬜ Monitor for issues +9. ⬜ Update documentation + +--- + +Need help deciding? Consider: +- **Budget**: Object Storage +- **Control**: Docker Instance +- **Simplicity**: Object Storage +- **Features**: Docker Instance -- 2.52.0 From 2a279ef673d6c77c59af756c67807a905f898667 Mon Sep 17 00:00:00 2001 From: Damien Arnodo Date: Wed, 19 Nov 2025 11:58:35 +0000 Subject: [PATCH 06/13] Add quick start guide for Scaleway deployment --- README_SCALEWAY.md | 177 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 177 insertions(+) create mode 100644 README_SCALEWAY.md diff --git a/README_SCALEWAY.md b/README_SCALEWAY.md new file mode 100644 index 0000000..0ec9238 --- /dev/null +++ b/README_SCALEWAY.md @@ -0,0 +1,177 @@ +# Scaleway Deployment - Quick Start + +This branch contains everything needed to deploy your Hugo Notebook to Scaleway at `notebook.arnodo.fr`. + +## 📁 Files Added + +- `.gitea/workflows/deploy.yml` - Gitea Actions workflow for Object Storage deployment +- `docs/SCALEWAY_DEPLOYMENT.md` - Complete Object Storage setup guide +- `docs/SCALEWAY_DEPLOYMENT_DOCKER.md` - Docker instance deployment guide +- `docs/DEPLOYMENT_COMPARISON.md` - Comparison of all deployment options +- `scripts/setup-scaleway.sh` - Automated Scaleway setup script + +## 🚀 Quick Start (Recommended: Object Storage) + +### 1. Install Scaleway CLI +```bash +# macOS +brew install scw + +# Linux +curl -o /usr/local/bin/scw -L "https://github.com/scaleway/scaleway-cli/releases/latest/download/scaleway-cli_$(uname -s)_$(uname -m)" +chmod +x /usr/local/bin/scw + +# Configure +scw init +``` + +### 2. Run Setup Script +```bash +chmod +x scripts/setup-scaleway.sh +./scripts/setup-scaleway.sh +``` + +This will: +- Create Object Storage bucket `notebook-arnodo-fr` +- Configure static website hosting +- Apply public read policy + +### 3. Get API Keys +```bash +# In Scaleway console: IAM → API Keys → Generate +# Or via CLI: +scw iam api-key create description="Gitea Deployment" +``` + +Save: +- Access Key ID +- Secret Access Key + +### 4. Add Gitea Secrets + +Go to: `https://gitea.arnodo.fr/Damien/Notebook/settings/secrets` + +Add: +- `SCW_ACCESS_KEY`: Your access key +- `SCW_SECRET_KEY`: Your secret key +- `SCW_BUCKET_NAME`: `notebook-arnodo-fr` + +### 5. Configure DNS + +Add CNAME record: +``` +notebook.arnodo.fr CNAME notebook-arnodo-fr.s3-website.fr-par.scw.cloud. +``` + +### 6. Deploy! + +Merge this branch to `main`, or push any change to `main`: +```bash +git checkout main +git merge scaleway-deployment +git push +``` + +Gitea Actions will automatically: +1. Build Hugo site +2. Upload to Scaleway Object Storage +3. Your site will be live at `https://notebook.arnodo.fr` + +## 💰 Cost + +**Object Storage**: ~€1-2/month +- Storage: €0.01/GB/month +- Traffic: First 75 GB free +- Very low cost for blogs + +**Docker Instance**: ~€10/month (if you need more control) + +## 📊 Deployment Methods Comparison + +| Feature | Object Storage | Docker Instance | +|---------|---------------|-----------------| +| Cost | €1-2/month | €10/month | +| Maintenance | None | Regular updates | +| SSL | Via CDN | Let's Encrypt | +| Control | Limited | Full | +| Setup Time | 30 min | 1-2 hours | + +See `docs/DEPLOYMENT_COMPARISON.md` for full analysis. + +## 🔍 Testing Before DNS Switch + +Test your deployment: +```bash +# After deployment, check: +curl -I http://notebook-arnodo-fr.s3-website.fr-par.scw.cloud + +# Test specific page: +curl http://notebook-arnodo-fr.s3-website.fr-par.scw.cloud/posts/your-post/ +``` + +## 🔄 Migration Strategy + +1. **Parallel run**: Keep GitHub Pages active +2. **Test thoroughly**: Verify Scaleway deployment works +3. **Switch DNS**: Point to Scaleway +4. **Monitor**: Watch for 30 days +5. **Decommission**: Remove GitHub Pages when confident + +## 📚 Documentation + +- **Object Storage Setup**: `docs/SCALEWAY_DEPLOYMENT.md` +- **Docker Instance Setup**: `docs/SCALEWAY_DEPLOYMENT_DOCKER.md` +- **Comparison Guide**: `docs/DEPLOYMENT_COMPARISON.md` + +## 🆘 Troubleshooting + +### Build fails +- Check Hugo version in workflow +- Verify theme submodules +- Check Gitea Actions logs + +### Files not accessible +- Verify bucket policy allows public read +- Check bucket website configuration +- Ensure files were uploaded (check workflow logs) + +### DNS not working +- Wait for DNS propagation (up to 48 hours, usually < 1 hour) +- Verify CNAME with: `dig notebook.arnodo.fr` +- Check TTL settings + +## 🔗 Useful Links + +- Scaleway Console: https://console.scaleway.com +- Scaleway Docs: https://www.scaleway.com/en/docs/storage/object/ +- Gitea Actions Logs: https://gitea.arnodo.fr/Damien/Notebook/actions + +## ✅ Checklist + +Before merging: +- [ ] Scaleway account created +- [ ] Object Storage bucket created +- [ ] API keys generated +- [ ] Gitea secrets configured +- [ ] DNS CNAME record added +- [ ] Tested workflow locally (optional) + +After merging: +- [ ] Verify Gitea Actions run successfully +- [ ] Test site at bucket URL +- [ ] Verify custom domain works +- [ ] Check all pages load correctly +- [ ] Monitor costs in Scaleway console + +## 🎯 Recommended Next Steps + +1. ✅ Merge this PR +2. ⬜ Monitor first deployment +3. ⬜ Test all site functionality +4. ⬜ Set up Scaleway monitoring/alerts +5. ⬜ Consider adding CDN (if high traffic) +6. ⬜ Document any custom workflows + +--- + +**Questions?** Check the detailed guides in the `docs/` directory or reach out for help! -- 2.52.0 From 37a7831f40dbb62afc731e7f6bc2e0f615f7ccb5 Mon Sep 17 00:00:00 2001 From: Damien Arnodo Date: Wed, 19 Nov 2025 12:51:23 +0000 Subject: [PATCH 07/13] Remove docs --- docs/SCALEWAY_DEPLOYMENT.md | 266 ------------------------------------ 1 file changed, 266 deletions(-) delete mode 100644 docs/SCALEWAY_DEPLOYMENT.md diff --git a/docs/SCALEWAY_DEPLOYMENT.md b/docs/SCALEWAY_DEPLOYMENT.md deleted file mode 100644 index 9e953ed..0000000 --- a/docs/SCALEWAY_DEPLOYMENT.md +++ /dev/null @@ -1,266 +0,0 @@ -# Scaleway Deployment Guide for notebook.arnodo.fr - -This guide explains how to deploy your Hugo website to Scaleway using Gitea Actions and serve it at `notebook.arnodo.fr`. - -## Architecture Overview - -``` -Gitea (gitea.arnodo.fr) → Gitea Actions → Build Hugo → Deploy to Scaleway Object Storage → Served via notebook.arnodo.fr -``` - -## Prerequisites - -- Scaleway account -- Scaleway CLI installed (optional but recommended) -- Domain `arnodo.fr` with DNS control -- Gitea Actions enabled on your Gitea instance - -## Step 1: Create Scaleway Object Storage Bucket - -### Via Scaleway Console: -1. Go to **Object Storage** in Scaleway console -2. Click **Create a bucket** -3. Name: `notebook-arnodo-fr` (or your choice) -4. Region: `fr-par` (Paris) - recommended for France -5. Click **Create bucket** - -### Via Scaleway CLI: -```bash -scw object bucket create name=notebook-arnodo-fr region=fr-par -``` - -## Step 2: Configure Bucket for Static Website Hosting - -### Via Console: -1. Go to your bucket -2. Click **Bucket settings** -3. Enable **Website configuration** -4. Set index document: `index.html` -5. Set error document: `404.html` - -### Via CLI: -```bash -scw object bucket update notebook-arnodo-fr website-enable=true website-index=index.html website-error=404.html region=fr-par -``` - -## Step 3: Create Scaleway API Keys - -1. Go to **IAM** → **API Keys** -2. Click **Generate API key** -3. Name it: `gitea-ci-deployment` -4. Save both: - - **Access Key ID** - - **Secret Access Key** - -## Step 4: Configure Bucket Policy for Public Read - -Create a bucket policy to allow public read access: - -```json -{ - "Version": "2023-04-17", - "Id": "PublicRead", - "Statement": [ - { - "Sid": "PublicReadGetObject", - "Effect": "Allow", - "Principal": "*", - "Action": "s3:GetObject", - "Resource": "notebook-arnodo-fr/*" - } - ] -} -``` - -Apply via CLI: -```bash -cat > policy.json << EOF -{ - "Version": "2023-04-17", - "Id": "PublicRead", - "Statement": [ - { - "Sid": "PublicReadGetObject", - "Effect": "Allow", - "Principal": "*", - "Action": "s3:GetObject", - "Resource": "notebook-arnodo-fr/*" - } - ] -} -EOF - -scw object bucket update notebook-arnodo-fr --policy=@policy.json region=fr-par -``` - -## Step 5: Configure Gitea Secrets - -Add these secrets to your Gitea repository: - -1. Go to your Notebook repository in Gitea -2. Navigate to **Settings** → **Secrets** -3. Add the following secrets: - - `SCW_ACCESS_KEY`: Your Scaleway Access Key - - `SCW_SECRET_KEY`: Your Scaleway Secret Key - - `SCW_BUCKET_NAME`: `notebook-arnodo-fr` - -## Step 6: DNS Configuration - -### Option A: Direct S3 Bucket Access (Simple) - -Add a CNAME record: -``` -notebook.arnodo.fr CNAME notebook-arnodo-fr.s3-website.fr-par.scw.cloud. -``` - -**Note**: The bucket URL will be: `http://notebook-arnodo-fr.s3-website.fr-par.scw.cloud` - -### Option B: Using Scaleway CDN (Recommended for Production) - -1. Go to **Scaleway CDN** in console -2. Create a new CDN endpoint -3. Origin: Your bucket endpoint -4. Custom domain: `notebook.arnodo.fr` -5. Enable SSL/TLS -6. Add CNAME record as provided by Scaleway - -### Option C: Using Nginx Reverse Proxy on Scaleway Instance - -If you want more control: - -1. Create a Scaleway Instance (smallest one: DEV1-S) -2. Install Nginx -3. Configure Nginx to proxy to your S3 bucket - -Nginx config example: -```nginx -server { - listen 80; - server_name notebook.arnodo.fr; - - location / { - proxy_pass http://notebook-arnodo-fr.s3-website.fr-par.scw.cloud; - proxy_set_header Host notebook-arnodo-fr.s3-website.fr-par.scw.cloud; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - } -} -``` - -4. Set up Let's Encrypt for HTTPS: -```bash -sudo apt install certbot python3-certbot-nginx -sudo certbot --nginx -d notebook.arnodo.fr -``` - -## Step 7: Test the Deployment - -1. Commit and push to the `main` branch -2. Check Gitea Actions for build status -3. Verify files are uploaded to Scaleway bucket -4. Access your site at `notebook.arnodo.fr` - -## Verification Commands - -Check bucket contents: -```bash -s3cmd ls s3://notebook-arnodo-fr/ -``` - -Test website endpoint: -```bash -curl -I http://notebook-arnodo-fr.s3-website.fr-par.scw.cloud -``` - -## Cost Estimation (Scaleway) - -### Object Storage: -- Storage: €0.01 per GB/month -- Outbound traffic: First 75 GB free, then €0.01 per GB -- Typical blog (1 GB): ~€0.01/month + traffic - -### Optional Instance (if using reverse proxy): -- DEV1-S: ~€0.01/hour (~€7/month) -- With 100% uptime SLA: ~€10/month - -### CDN (if needed): -- €1/month base + traffic costs - -## Troubleshooting - -### Build fails in Gitea Actions -- Check Hugo version compatibility -- Verify theme submodules are properly checked out -- Check build logs in Gitea Actions tab - -### Files not accessible -- Verify bucket policy allows public read -- Check bucket website configuration -- Ensure files were uploaded (check s3cmd output) - -### DNS not resolving -- Wait for DNS propagation (up to 48 hours, usually minutes) -- Verify CNAME record with: `dig notebook.arnodo.fr` -- Check TTL settings - -### SSL Certificate Issues -- If using reverse proxy, ensure Certbot ran successfully -- If using CDN, verify SSL certificate provisioning in Scaleway console - -## Migration from GitHub Pages - -1. Remove GitHub Actions workflow (or keep both temporarily) -2. Update any hardcoded URLs in your Hugo config -3. Verify all functionality works on Scaleway -4. Update DNS from GitHub Pages to Scaleway -5. Remove GitHub Pages when satisfied - -## Advanced: Cache Invalidation - -If using Scaleway CDN, add cache invalidation to workflow: - -```bash -# Install Scaleway CLI in workflow -- name: Install Scaleway CLI - run: | - curl -o /usr/local/bin/scw -L "https://github.com/scaleway/scaleway-cli/releases/latest/download/scaleway-cli_$(uname -s)_$(uname -m)" - chmod +x /usr/local/bin/scw - -- name: Invalidate CDN cache - run: | - scw edge invalidate path=/* zone=fr-par - env: - SCW_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }} - SCW_SECRET_KEY: ${{ secrets.SCW_SECRET_KEY }} -``` - -## Monitoring - -Set up Scaleway monitoring: -1. Enable bucket metrics in Scaleway console -2. Configure alerts for: - - High traffic usage - - Failed requests - - Storage size - -## Backup Strategy - -While Object Storage is highly durable, consider: -1. Git repository is your source of truth -2. Enable Object Storage versioning -3. Consider cross-region replication for critical sites - -## Next Steps - -1. Enable HTTPS (via CDN or reverse proxy) -2. Configure custom error pages -3. Set up monitoring and alerts -4. Optimize images and assets -5. Consider adding a CDN for global performance - ---- - -For questions or issues, refer to: -- [Scaleway Object Storage Docs](https://www.scaleway.com/en/docs/storage/object/) -- [Hugo Documentation](https://gohugo.io/documentation/) -- [Gitea Actions Documentation](https://docs.gitea.com/usage/actions) -- 2.52.0 From 1e6d82d9ee69e52f55f3449c0539271e8622b250 Mon Sep 17 00:00:00 2001 From: Damien Arnodo Date: Wed, 19 Nov 2025 12:51:37 +0000 Subject: [PATCH 08/13] Remove docs --- docs/SCALEWAY_DEPLOYMENT_DOCKER.md | 353 ----------------------------- 1 file changed, 353 deletions(-) delete mode 100644 docs/SCALEWAY_DEPLOYMENT_DOCKER.md diff --git a/docs/SCALEWAY_DEPLOYMENT_DOCKER.md b/docs/SCALEWAY_DEPLOYMENT_DOCKER.md deleted file mode 100644 index 99b5ebe..0000000 --- a/docs/SCALEWAY_DEPLOYMENT_DOCKER.md +++ /dev/null @@ -1,353 +0,0 @@ -# Alternative: Docker-based Deployment on Scaleway Instance - -This guide provides an alternative deployment method using a Scaleway instance with Docker and Nginx. - -## Advantages of this Method - -- Full control over the web server -- Easy SSL/TLS setup with Let's Encrypt -- Better caching control -- Custom redirects and URL rewriting -- Lower egress costs for high-traffic sites - -## Architecture - -``` -Gitea → Build Hugo → Push to Scaleway Registry → Deploy to Instance via Docker -``` - -## Step 1: Create Scaleway Instance - -```bash -scw instance server create \ - name=notebook-server \ - type=DEV1-S \ - image=ubuntu_jammy \ - zone=fr-par-1 -``` - -Or via console: Create a DEV1-S instance with Ubuntu 22.04 - -## Step 2: Install Docker on Instance - -SSH into your instance and run: - -```bash -# Update system -sudo apt update && sudo apt upgrade -y - -# Install Docker -curl -fsSL https://get.docker.com -o get-docker.sh -sudo sh get-docker.sh -sudo usermod -aG docker $USER - -# Install Docker Compose -sudo apt install docker-compose-plugin -y - -# Install Nginx and Certbot -sudo apt install nginx certbot python3-certbot-nginx -y -``` - -## Step 3: Create Docker Deployment Structure - -On your instance, create: - -```bash -mkdir -p /opt/notebook -cd /opt/notebook -``` - -Create `docker-compose.yml`: - -```yaml -version: '3.8' - -services: - nginx: - image: nginx:alpine - container_name: notebook-nginx - ports: - - "80:80" - - "443:443" - volumes: - - ./public:/usr/share/nginx/html:ro - - ./nginx.conf:/etc/nginx/conf.d/default.conf:ro - - ./ssl:/etc/nginx/ssl:ro - restart: unless-stopped -``` - -Create `nginx.conf`: - -```nginx -server { - listen 80; - server_name notebook.arnodo.fr; - - # Redirect to HTTPS - return 301 https://$server_name$request_uri; -} - -server { - listen 443 ssl http2; - server_name notebook.arnodo.fr; - - ssl_certificate /etc/nginx/ssl/fullchain.pem; - ssl_certificate_key /etc/nginx/ssl/privkey.pem; - - # Security headers - add_header X-Frame-Options "SAMEORIGIN" always; - add_header X-Content-Type-Options "nosniff" always; - add_header X-XSS-Protection "1; mode=block" always; - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - - root /usr/share/nginx/html; - index index.html; - - # Compression - gzip on; - gzip_vary on; - gzip_min_length 1024; - gzip_types text/plain text/css text/xml text/javascript - application/x-javascript application/xml+rss - application/javascript application/json; - - # Cache static assets - location ~* \.(jpg|jpeg|png|gif|ico|css|js|svg|woff|woff2|ttf|eot)$ { - expires 1y; - add_header Cache-Control "public, immutable"; - } - - # Hugo pretty URLs - location / { - try_files $uri $uri/ $uri.html =404; - } - - # Custom 404 page - error_page 404 /404.html; -} -``` - -## Step 4: Configure DNS - -Point your domain to the Scaleway instance: - -``` -notebook.arnodo.fr A -``` - -## Step 5: Setup SSL Certificate - -```bash -sudo certbot certonly --standalone -d notebook.arnodo.fr - -# Copy certificates to project directory -sudo cp /etc/letsencrypt/live/notebook.arnodo.fr/fullchain.pem /opt/notebook/ssl/ -sudo cp /etc/letsencrypt/live/notebook.arnodo.fr/privkey.pem /opt/notebook/ssl/ -sudo chown -R $USER:$USER /opt/notebook/ssl -``` - -Set up auto-renewal: - -```bash -# Add to crontab -0 0 1 * * certbot renew && cp /etc/letsencrypt/live/notebook.arnodo.fr/*.pem /opt/notebook/ssl/ && docker-compose -f /opt/notebook/docker-compose.yml restart nginx -``` - -## Step 6: Update Gitea Workflow - -Create `.gitea/workflows/deploy-docker.yml`: - -```yaml -name: Deploy to Scaleway Instance - -on: - push: - branches: - - main - -jobs: - build-and-deploy: - runs-on: ubuntu-latest - - steps: - - name: Checkout code - uses: actions/checkout@v4 - with: - submodules: recursive - fetch-depth: 0 - - - name: Setup Hugo - uses: peaceiris/actions-hugo@v2 - with: - hugo-version: 'latest' - extended: true - - - name: Build Hugo site - run: hugo --minify - - - name: Install rsync - run: sudo apt-get install -y rsync - - - name: Setup SSH key - run: | - mkdir -p ~/.ssh - echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa - chmod 600 ~/.ssh/id_rsa - ssh-keyscan -H ${{ secrets.SERVER_IP }} >> ~/.ssh/known_hosts - - - name: Deploy to server - run: | - rsync -avz --delete \ - -e "ssh -i ~/.ssh/id_rsa -o StrictHostKeyChecking=no" \ - public/ \ - ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_IP }}:/opt/notebook/public/ - - - name: Restart Nginx - run: | - ssh -i ~/.ssh/id_rsa ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_IP }} \ - "cd /opt/notebook && docker-compose restart nginx" -``` - -## Step 7: Configure Gitea Secrets - -Add to repository secrets: -- `SSH_PRIVATE_KEY`: Your SSH private key for the instance -- `SERVER_IP`: Your Scaleway instance IP -- `SERVER_USER`: SSH user (usually `root` or `ubuntu`) - -## Step 8: Create Deployment User (Recommended) - -For better security, create a dedicated deployment user: - -```bash -# On the Scaleway instance -sudo useradd -m -s /bin/bash deployer -sudo usermod -aG docker deployer -sudo chown -R deployer:deployer /opt/notebook - -# Generate SSH key on your local machine -ssh-keygen -t ed25519 -C "gitea-deployment" -f ~/.ssh/notebook_deploy - -# Copy public key to instance -ssh-copy-id -i ~/.ssh/notebook_deploy.pub deployer@ -``` - -Then update the workflow to use `deployer` user. - -## Cost Analysis - -### Monthly Costs: -- **DEV1-S Instance**: ~€7-10/month -- **100 GB outbound traffic**: Included -- **Additional traffic**: €0.01/GB -- **Total**: ~€10/month for typical blog traffic - -### Comparison with Object Storage: -- **More predictable costs** -- Better for high-traffic sites -- More control over caching and optimization -- Easier SSL/TLS management - -## Monitoring - -Install monitoring tools: - -```bash -# Install Prometheus Node Exporter -docker run -d \ - --name=node-exporter \ - --net="host" \ - --pid="host" \ - -v "/:/host:ro,rslave" \ - quay.io/prometheus/node-exporter:latest \ - --path.rootfs=/host -``` - -Or use Scaleway monitoring (free): -- Enable in console under Instance → Monitoring -- Set up alerts for CPU, memory, disk usage - -## Backup Strategy - -1. **Automated backups**: -```bash -# Add to crontab -0 2 * * * tar -czf /backup/notebook-$(date +\%Y\%m\%d).tar.gz /opt/notebook -``` - -2. **Use Scaleway snapshots**: -```bash -scw instance snapshot create volume-id= name=notebook-backup -``` - -## Security Hardening - -1. **Configure firewall**: -```bash -sudo ufw allow 22/tcp -sudo ufw allow 80/tcp -sudo ufw allow 443/tcp -sudo ufw enable -``` - -2. **Disable password authentication**: -Edit `/etc/ssh/sshd_config`: -``` -PasswordAuthentication no -PubkeyAuthentication yes -``` - -3. **Keep system updated**: -```bash -sudo apt update && sudo apt upgrade -y -``` - -4. **Install fail2ban**: -```bash -sudo apt install fail2ban -y -sudo systemctl enable fail2ban -``` - -## Troubleshooting - -### Check logs: -```bash -docker-compose -f /opt/notebook/docker-compose.yml logs -f -``` - -### Test Nginx config: -```bash -docker-compose exec nginx nginx -t -``` - -### Check SSL certificate: -```bash -openssl s_client -connect notebook.arnodo.fr:443 -servername notebook.arnodo.fr -``` - -## Performance Optimization - -Add to `nginx.conf`: - -```nginx -# HTTP/2 Server Push -http2_push_preload on; - -# Connection optimization -keepalive_timeout 65; -keepalive_requests 100; - -# Buffer sizes -client_body_buffer_size 128k; -client_max_body_size 10m; -``` - -Enable Brotli compression (optional): -```bash -# Add Brotli module to nginx container -# Or use a pre-built image with Brotli support -``` - ---- - -This Docker-based approach gives you more control and can be more cost-effective for sites with consistent traffic patterns. -- 2.52.0 From fb720f645985b6b8f8054aea9ce71c5f39ed3f0a Mon Sep 17 00:00:00 2001 From: Damien Arnodo Date: Wed, 19 Nov 2025 12:52:08 +0000 Subject: [PATCH 09/13] Remove docs --- docs/DEPLOYMENT_COMPARISON.md | 273 ---------------------------------- 1 file changed, 273 deletions(-) delete mode 100644 docs/DEPLOYMENT_COMPARISON.md diff --git a/docs/DEPLOYMENT_COMPARISON.md b/docs/DEPLOYMENT_COMPARISON.md deleted file mode 100644 index 75b39b6..0000000 --- a/docs/DEPLOYMENT_COMPARISON.md +++ /dev/null @@ -1,273 +0,0 @@ -# Deployment Options Comparison - -## Quick Decision Guide - -Choose based on your priorities: - -| Factor | Object Storage | Docker Instance | GitHub Pages (current) | -|--------|---------------|-----------------|------------------------| -| **Cost** | ~€1-2/month | ~€10/month | Free | -| **Setup Complexity** | Low | Medium | Very Low | -| **Control** | Limited | Full | Limited | -| **SSL/TLS** | Via CDN | Let's Encrypt | Automatic | -| **Custom Domain** | ✅ | ✅ | ✅ | -| **Scalability** | Excellent | Limited | Excellent | -| **Maintenance** | None | Regular updates | None | - -## Deployment Methods Overview - -### 1. Object Storage (S3-compatible) - -**Best for**: Low-traffic blogs, simple hosting needs - -**Pros**: -- Very low cost -- No server maintenance -- Highly scalable -- Built-in redundancy -- Pay only for what you use - -**Cons**: -- Limited server-side features -- HTTPS requires CDN or custom setup -- Less control over caching -- No server-side redirects - -**Setup time**: 30 minutes - -**Files needed**: -- `.gitea/workflows/deploy.yml` -- Scaleway API credentials - -**Documentation**: [SCALEWAY_DEPLOYMENT.md](./SCALEWAY_DEPLOYMENT.md) - ---- - -### 2. Docker on Scaleway Instance - -**Best for**: Sites needing more control, custom configurations - -**Pros**: -- Full server control -- Easy SSL with Let's Encrypt -- Custom Nginx configuration -- Server-side redirects/rewrites -- Better caching control -- No per-request costs - -**Cons**: -- Higher fixed cost -- Requires server maintenance -- Need to manage updates -- Single point of failure (without HA) - -**Setup time**: 1-2 hours - -**Files needed**: -- `.gitea/workflows/deploy-docker.yml` -- SSH key pair -- Docker Compose configuration - -**Documentation**: [SCALEWAY_DEPLOYMENT_DOCKER.md](./SCALEWAY_DEPLOYMENT_DOCKER.md) - ---- - -## Cost Breakdown - -### Object Storage -``` -Storage: 1 GB × €0.01 = €0.01/month -Traffic: 50 GB/month (first 75 GB free) -Total: €0.01-0.50/month -``` - -### Object Storage + CDN -``` -CDN base: €1/month -Storage: €0.01/month -Traffic: Reduced origin traffic -SSL: Included -Total: €1-3/month -``` - -### Docker Instance (DEV1-S) -``` -Instance: €7-10/month -Traffic: 100 GB included -SSL: Free (Let's Encrypt) -Total: €10/month (predictable) -``` - -### GitHub Pages (Current) -``` -Free for public repositories -Custom domain: ✅ -SSL: Automatic -Limits: 100 GB bandwidth/month, 1 GB storage -``` - ---- - -## Traffic Threshold Analysis - -When to choose each option: - -### Stay with GitHub Pages if: -- Traffic < 100 GB/month -- No special requirements -- Happy with current setup - -### Choose Object Storage if: -- Want French hosting -- Traffic 100-500 GB/month -- Need cost optimization -- Minimal configuration needs - -### Choose Docker Instance if: -- Need custom server config -- Traffic > 500 GB/month -- Want full control -- Need advanced features (auth, API endpoints, etc.) - ---- - -## Migration Path - -### Phase 1: Parallel Deployment -1. Keep GitHub Pages active -2. Set up Scaleway (either method) -3. Test thoroughly - -### Phase 2: DNS Switch -``` -notebook.arnodo.fr → Scaleway -netlify/pages subdomain → keep as backup -``` - -### Phase 3: Complete Migration -- Update all links -- Verify analytics -- Monitor for 30 days -- Decommission old setup - ---- - -## Performance Comparison - -| Metric | GitHub Pages | Object Storage | Docker Instance | -|--------|-------------|----------------|-----------------| -| **TTFB** | ~50-100ms | ~30-50ms | ~20-40ms | -| **Global CDN** | ✅ | Optional | No (single region) | -| **HTTP/2** | ✅ | ✅ | ✅ | -| **Brotli** | ✅ | ❌ | ✅ (configurable) | -| **Caching** | Good | Basic | Full control | - ---- - -## Recommended Approach - -### For Your Use Case (Network Engineer Blog): - -I recommend **Object Storage** initially because: - -1. **Cost-effective**: ~€1/month vs €10/month -2. **Low maintenance**: No server to manage -3. **Scalable**: Can handle traffic spikes -4. **French hosting**: Data sovereignty if needed -5. **Easy rollback**: Keep GitHub Pages as backup - -### Upgrade path: -``` -Object Storage → Add CDN if needed → Docker instance only if traffic justifies it -``` - ---- - -## Implementation Checklist - -### Object Storage Setup -- [ ] Create Scaleway account -- [ ] Create Object Storage bucket -- [ ] Configure bucket for static hosting -- [ ] Generate API keys -- [ ] Add secrets to Gitea -- [ ] Update DNS -- [ ] Test deployment -- [ ] Monitor costs - -### Docker Instance Setup -- [ ] Create Scaleway instance -- [ ] Install Docker and dependencies -- [ ] Configure Nginx -- [ ] Set up SSL certificate -- [ ] Create deployment user -- [ ] Configure SSH keys -- [ ] Update Gitea workflow -- [ ] Set up monitoring -- [ ] Configure backups - ---- - -## Maintenance Requirements - -### Object Storage -- **Daily**: None -- **Weekly**: None -- **Monthly**: Review costs -- **Yearly**: Review retention policy - -### Docker Instance -- **Daily**: Check monitoring -- **Weekly**: Review logs -- **Monthly**: Apply security updates -- **Quarterly**: Review backups, update SSL - ---- - -## Support & Resources - -### Scaleway -- Docs: https://www.scaleway.com/en/docs/ -- Support: Via console ticket system -- Community: Discord, Forum - -### Hugo -- Docs: https://gohugo.io/documentation/ -- Community: Forum, Discord - -### Gitea -- Docs: https://docs.gitea.com/ -- Actions: https://docs.gitea.com/usage/actions - ---- - -## Emergency Rollback Plan - -If Scaleway deployment fails: - -1. **Keep GitHub Pages active** during testing -2. **DNS TTL**: Set to 300s (5 min) during migration -3. **Rollback**: Change DNS back to GitHub Pages -4. **Monitoring**: Set up uptime monitoring (UptimeRobot, etc.) - ---- - -## Next Steps - -1. ✅ Review both deployment options -2. ⬜ Choose deployment method -3. ⬜ Run setup script (`scripts/setup-scaleway.sh`) -4. ⬜ Configure DNS -5. ⬜ Add secrets to Gitea -6. ⬜ Merge deployment branch -7. ⬜ Test deployment -8. ⬜ Monitor for issues -9. ⬜ Update documentation - ---- - -Need help deciding? Consider: -- **Budget**: Object Storage -- **Control**: Docker Instance -- **Simplicity**: Object Storage -- **Features**: Docker Instance -- 2.52.0 From a0579fcdc83d4dedce22758acbdb7c33cbb6943f Mon Sep 17 00:00:00 2001 From: Damien Arnodo Date: Wed, 19 Nov 2025 12:52:21 +0000 Subject: [PATCH 10/13] Remove script --- scripts/setup-scaleway.sh | 114 -------------------------------------- 1 file changed, 114 deletions(-) delete mode 100644 scripts/setup-scaleway.sh diff --git a/scripts/setup-scaleway.sh b/scripts/setup-scaleway.sh deleted file mode 100644 index 4dbe65c..0000000 --- a/scripts/setup-scaleway.sh +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash - -# Scaleway Deployment Setup Script -# This script helps configure your Scaleway environment for Hugo deployment - -set -e - -echo "==========================================" -echo "Scaleway Hugo Deployment Setup" -echo "==========================================" -echo "" - -# Colors for output -RED='\033[0;31m' -GREEN='\033[0;32m' -YELLOW='\033[1;33m' -NC='\033[0m' # No Color - -# Check if scw CLI is installed -if ! command -v scw &> /dev/null; then - echo -e "${RED}Error: Scaleway CLI (scw) is not installed${NC}" - echo "Install it from: https://github.com/scaleway/scaleway-cli" - exit 1 -fi - -echo -e "${GREEN}✓ Scaleway CLI found${NC}" -echo "" - -# Configuration -read -p "Enter your bucket name (default: notebook-arnodo-fr): " BUCKET_NAME -BUCKET_NAME=${BUCKET_NAME:-notebook-arnodo-fr} - -read -p "Enter region (default: fr-par): " REGION -REGION=${REGION:-fr-par} - -echo "" -echo "Configuration:" -echo " Bucket: $BUCKET_NAME" -echo " Region: $REGION" -echo "" - -read -p "Create bucket? (y/n): " CREATE_BUCKET - -if [[ $CREATE_BUCKET =~ ^[Yy]$ ]]; then - echo -e "${YELLOW}Creating bucket...${NC}" - scw object bucket create name="$BUCKET_NAME" region="$REGION" || { - echo -e "${RED}Failed to create bucket. It might already exist.${NC}" - } - echo -e "${GREEN}✓ Bucket created/verified${NC}" -fi - -echo "" -read -p "Configure bucket for static website hosting? (y/n): " CONFIGURE_WEBSITE - -if [[ $CONFIGURE_WEBSITE =~ ^[Yy]$ ]]; then - echo -e "${YELLOW}Configuring static website hosting...${NC}" - scw object bucket update "$BUCKET_NAME" \ - --website-enable=true \ - --website-index=index.html \ - --website-error=404.html \ - region="$REGION" - echo -e "${GREEN}✓ Website hosting configured${NC}" -fi - -echo "" -read -p "Apply public read bucket policy? (y/n): " APPLY_POLICY - -if [[ $APPLY_POLICY =~ ^[Yy]$ ]]; then - echo -e "${YELLOW}Creating bucket policy...${NC}" - - cat > /tmp/bucket-policy.json << EOF -{ - "Version": "2023-04-17", - "Id": "PublicRead", - "Statement": [ - { - "Sid": "PublicReadGetObject", - "Effect": "Allow", - "Principal": "*", - "Action": "s3:GetObject", - "Resource": "$BUCKET_NAME/*" - } - ] -} -EOF - - scw object bucket update "$BUCKET_NAME" \ - --policy=@/tmp/bucket-policy.json \ - region="$REGION" - - rm /tmp/bucket-policy.json - echo -e "${GREEN}✓ Public read policy applied${NC}" -fi - -echo "" -echo -e "${GREEN}==========================================" -echo "Setup Complete!" -echo "==========================================${NC}" -echo "" -echo "Bucket endpoint: http://$BUCKET_NAME.s3-website.$REGION.scw.cloud" -echo "" -echo "Next steps:" -echo "1. Add Scaleway API keys to Gitea repository secrets:" -echo " - SCW_ACCESS_KEY" -echo " - SCW_SECRET_KEY" -echo " - SCW_BUCKET_NAME=$BUCKET_NAME" -echo "" -echo "2. Configure DNS CNAME record:" -echo " notebook.arnodo.fr CNAME $BUCKET_NAME.s3-website.$REGION.scw.cloud." -echo "" -echo "3. Push to main branch to trigger deployment" -echo "" -echo "4. Test your site at: http://$BUCKET_NAME.s3-website.$REGION.scw.cloud" -echo "" -- 2.52.0 From 03b64e2f7efe12bb407ec0316a88e088c97bbe6a Mon Sep 17 00:00:00 2001 From: Damien Arnodo Date: Wed, 19 Nov 2025 12:52:53 +0000 Subject: [PATCH 11/13] Remove README --- README_SCALEWAY.md | 177 --------------------------------------------- 1 file changed, 177 deletions(-) delete mode 100644 README_SCALEWAY.md diff --git a/README_SCALEWAY.md b/README_SCALEWAY.md deleted file mode 100644 index 0ec9238..0000000 --- a/README_SCALEWAY.md +++ /dev/null @@ -1,177 +0,0 @@ -# Scaleway Deployment - Quick Start - -This branch contains everything needed to deploy your Hugo Notebook to Scaleway at `notebook.arnodo.fr`. - -## 📁 Files Added - -- `.gitea/workflows/deploy.yml` - Gitea Actions workflow for Object Storage deployment -- `docs/SCALEWAY_DEPLOYMENT.md` - Complete Object Storage setup guide -- `docs/SCALEWAY_DEPLOYMENT_DOCKER.md` - Docker instance deployment guide -- `docs/DEPLOYMENT_COMPARISON.md` - Comparison of all deployment options -- `scripts/setup-scaleway.sh` - Automated Scaleway setup script - -## 🚀 Quick Start (Recommended: Object Storage) - -### 1. Install Scaleway CLI -```bash -# macOS -brew install scw - -# Linux -curl -o /usr/local/bin/scw -L "https://github.com/scaleway/scaleway-cli/releases/latest/download/scaleway-cli_$(uname -s)_$(uname -m)" -chmod +x /usr/local/bin/scw - -# Configure -scw init -``` - -### 2. Run Setup Script -```bash -chmod +x scripts/setup-scaleway.sh -./scripts/setup-scaleway.sh -``` - -This will: -- Create Object Storage bucket `notebook-arnodo-fr` -- Configure static website hosting -- Apply public read policy - -### 3. Get API Keys -```bash -# In Scaleway console: IAM → API Keys → Generate -# Or via CLI: -scw iam api-key create description="Gitea Deployment" -``` - -Save: -- Access Key ID -- Secret Access Key - -### 4. Add Gitea Secrets - -Go to: `https://gitea.arnodo.fr/Damien/Notebook/settings/secrets` - -Add: -- `SCW_ACCESS_KEY`: Your access key -- `SCW_SECRET_KEY`: Your secret key -- `SCW_BUCKET_NAME`: `notebook-arnodo-fr` - -### 5. Configure DNS - -Add CNAME record: -``` -notebook.arnodo.fr CNAME notebook-arnodo-fr.s3-website.fr-par.scw.cloud. -``` - -### 6. Deploy! - -Merge this branch to `main`, or push any change to `main`: -```bash -git checkout main -git merge scaleway-deployment -git push -``` - -Gitea Actions will automatically: -1. Build Hugo site -2. Upload to Scaleway Object Storage -3. Your site will be live at `https://notebook.arnodo.fr` - -## 💰 Cost - -**Object Storage**: ~€1-2/month -- Storage: €0.01/GB/month -- Traffic: First 75 GB free -- Very low cost for blogs - -**Docker Instance**: ~€10/month (if you need more control) - -## 📊 Deployment Methods Comparison - -| Feature | Object Storage | Docker Instance | -|---------|---------------|-----------------| -| Cost | €1-2/month | €10/month | -| Maintenance | None | Regular updates | -| SSL | Via CDN | Let's Encrypt | -| Control | Limited | Full | -| Setup Time | 30 min | 1-2 hours | - -See `docs/DEPLOYMENT_COMPARISON.md` for full analysis. - -## 🔍 Testing Before DNS Switch - -Test your deployment: -```bash -# After deployment, check: -curl -I http://notebook-arnodo-fr.s3-website.fr-par.scw.cloud - -# Test specific page: -curl http://notebook-arnodo-fr.s3-website.fr-par.scw.cloud/posts/your-post/ -``` - -## 🔄 Migration Strategy - -1. **Parallel run**: Keep GitHub Pages active -2. **Test thoroughly**: Verify Scaleway deployment works -3. **Switch DNS**: Point to Scaleway -4. **Monitor**: Watch for 30 days -5. **Decommission**: Remove GitHub Pages when confident - -## 📚 Documentation - -- **Object Storage Setup**: `docs/SCALEWAY_DEPLOYMENT.md` -- **Docker Instance Setup**: `docs/SCALEWAY_DEPLOYMENT_DOCKER.md` -- **Comparison Guide**: `docs/DEPLOYMENT_COMPARISON.md` - -## 🆘 Troubleshooting - -### Build fails -- Check Hugo version in workflow -- Verify theme submodules -- Check Gitea Actions logs - -### Files not accessible -- Verify bucket policy allows public read -- Check bucket website configuration -- Ensure files were uploaded (check workflow logs) - -### DNS not working -- Wait for DNS propagation (up to 48 hours, usually < 1 hour) -- Verify CNAME with: `dig notebook.arnodo.fr` -- Check TTL settings - -## 🔗 Useful Links - -- Scaleway Console: https://console.scaleway.com -- Scaleway Docs: https://www.scaleway.com/en/docs/storage/object/ -- Gitea Actions Logs: https://gitea.arnodo.fr/Damien/Notebook/actions - -## ✅ Checklist - -Before merging: -- [ ] Scaleway account created -- [ ] Object Storage bucket created -- [ ] API keys generated -- [ ] Gitea secrets configured -- [ ] DNS CNAME record added -- [ ] Tested workflow locally (optional) - -After merging: -- [ ] Verify Gitea Actions run successfully -- [ ] Test site at bucket URL -- [ ] Verify custom domain works -- [ ] Check all pages load correctly -- [ ] Monitor costs in Scaleway console - -## 🎯 Recommended Next Steps - -1. ✅ Merge this PR -2. ⬜ Monitor first deployment -3. ⬜ Test all site functionality -4. ⬜ Set up Scaleway monitoring/alerts -5. ⬜ Consider adding CDN (if high traffic) -6. ⬜ Document any custom workflows - ---- - -**Questions?** Check the detailed guides in the `docs/` directory or reach out for help! -- 2.52.0 From d31d9e8eb3d46b51643b931c59b4539614e16766 Mon Sep 17 00:00:00 2001 From: Damien Arnodo Date: Wed, 19 Nov 2025 12:53:36 +0000 Subject: [PATCH 12/13] Update workflow to trigger only on merged PR to main --- .gitea/workflows/deploy.yml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml index 93bf665..759c406 100644 --- a/.gitea/workflows/deploy.yml +++ b/.gitea/workflows/deploy.yml @@ -1,12 +1,14 @@ name: Deploy to Scaleway on: - push: + pull_request: + types: [closed] branches: - main jobs: build-and-deploy: + if: github.event.pull_request.merged == true runs-on: ubuntu-latest steps: @@ -44,7 +46,3 @@ jobs: - name: Deploy to Scaleway Object Storage run: | s3cmd sync --delete-removed --acl-public public/ s3://${{ secrets.SCW_BUCKET_NAME }}/ - - - name: Invalidate cache (optional) - run: | - echo "If using Scaleway CDN, add cache invalidation here" -- 2.52.0 From 5460352a9bb098762313973c1a76f275e9c25042 Mon Sep 17 00:00:00 2001 From: darnodo Date: Wed, 19 Nov 2025 15:36:06 +0100 Subject: [PATCH 13/13] Deploy website to Scaleway Object Storage Use Scaleway CLI and replace s3cmd. Add CDN cache purge (optional). Remove GitHub Pages workflow. --- .gitea/workflows/deploy.yml | 42 ++++++++++---------- .github/workflows/hugo.yaml | 78 ------------------------------------- 2 files changed, 20 insertions(+), 100 deletions(-) delete mode 100644 .github/workflows/hugo.yaml diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml index 759c406..8325ebd 100644 --- a/.gitea/workflows/deploy.yml +++ b/.gitea/workflows/deploy.yml @@ -9,40 +9,38 @@ on: jobs: build-and-deploy: if: github.event.pull_request.merged == true - runs-on: ubuntu-latest - + runs-on: gitea-runner + + container: + image: scaleway/cli:latest + steps: - name: Checkout code uses: actions/checkout@v4 with: submodules: recursive fetch-depth: 0 - + - name: Setup Hugo uses: peaceiris/actions-hugo@v2 with: - hugo-version: 'latest' + hugo-version: "latest" extended: true - + - name: Build Hugo site run: hugo --minify - - - name: Install s3cmd + + - name: Configure Scaleway CLI run: | - sudo apt-get update - sudo apt-get install -y s3cmd - - - name: Configure s3cmd for Scaleway + scw init access-key=${{ secrets.SCW_ACCESS_KEY }} \ + secret-key=${{ secrets.SCW_SECRET_KEY }} \ + default-organization-id=${{ secrets.SCW_ORGANIZATION_ID }} \ + default-region=fr-par + + - name: Deploy to Object Storage run: | - cat > ~/.s3cfg << EOF - [default] - access_key = ${{ secrets.SCW_ACCESS_KEY }} - secret_key = ${{ secrets.SCW_SECRET_KEY }} - host_base = s3.fr-par.scw.cloud - host_bucket = %(bucket)s.s3.fr-par.scw.cloud - use_https = True - EOF - - - name: Deploy to Scaleway Object Storage + scw object cp public/ s3://notebook-arnodo-fr/ --recursive + + - name: Purge CDN Cache (optional) run: | - s3cmd sync --delete-removed --acl-public public/ s3://${{ secrets.SCW_BUCKET_NAME }}/ + scw edge-services pipeline purge pipeline-id=${{ secrets.SCW_PIPELINE_ID }} diff --git a/.github/workflows/hugo.yaml b/.github/workflows/hugo.yaml deleted file mode 100644 index 2fe1aa1..0000000 --- a/.github/workflows/hugo.yaml +++ /dev/null @@ -1,78 +0,0 @@ -# Sample workflow for building and deploying a Hugo site to GitHub Pages -name: Deploy Hugo site to Pages - -on: - # Runs on pushes targeting the default branch - push: - branches: - - main - - # Allows you to run this workflow manually from the Actions tab - workflow_dispatch: - -# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages -permissions: - contents: read - pages: write - id-token: write - -# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued. -# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete. -concurrency: - group: "pages" - cancel-in-progress: false - -# Default to bash -defaults: - run: - shell: bash - -jobs: - # Build job - build: - runs-on: ubuntu-latest - env: - HUGO_VERSION: 0.141.0 - steps: - - name: Install Hugo CLI - run: | - wget -O ${{ runner.temp }}/hugo.deb https://github.com/gohugoio/hugo/releases/download/v${HUGO_VERSION}/hugo_extended_${HUGO_VERSION}_linux-amd64.deb \ - && sudo dpkg -i ${{ runner.temp }}/hugo.deb - - name: Install Dart Sass - run: sudo snap install dart-sass - - name: Checkout - uses: actions/checkout@v4 - with: - submodules: recursive - fetch-depth: 0 - - name: Setup Pages - id: pages - uses: actions/configure-pages@v5 - - name: Install Node.js dependencies - run: "[[ -f package-lock.json || -f npm-shrinkwrap.json ]] && npm ci || true" - - name: Build with Hugo - env: - HUGO_CACHEDIR: ${{ runner.temp }}/hugo_cache - HUGO_ENVIRONMENT: production - TZ: America/Los_Angeles - run: | - hugo \ - --gc \ - --minify \ - --baseURL "${{ steps.pages.outputs.base_url }}/" - - name: Upload artifact - uses: actions/upload-pages-artifact@v3 - with: - path: ./public - - # Deployment job - deploy: - environment: - name: github-pages - url: ${{ steps.deployment.outputs.page_url }} - runs-on: ubuntu-latest - needs: build - steps: - - name: Deploy to GitHub Pages - id: deployment - uses: actions/deploy-pages@v4 \ No newline at end of file -- 2.52.0