Joakim
1350d10a7c
- Created comprehensive devigo Ansible role with Podman Quadlet support - Deployed devigo-site container (Hugo + nginx) via systemd - Deployed devigo-decap-oauth OAuth2 proxy for Decap CMS - Integrated with Caddy reverse proxy for HTTPS Services deployed: - devigo.no (apex domain, primary) - www.devigo.no (redirects to apex) - decap.jnss.me (OAuth proxy) Key features: - REGISTRY_AUTH_FILE environment for Podman GHCR authentication - TRUSTED_ORIGINS (plural) for decapcms-oauth2 multi-origin support - JavaScript-based Decap CMS initialization (eliminates YAML MIME dependency) - nginx location block for YAML MIME type (text/yaml) - Automated deployment via GitHub Actions CI/CD - Comprehensive documentation with troubleshooting guide - Architecture decision records Fixes applied during deployment: - OAuth origin trust validation (TRUSTED_ORIGINS vs TRUSTED_ORIGIN) - MIME type handling strategy (location-specific vs server-level types block) - Decap CMS initialization method (JavaScript vs link tag) - Podman authentication for systemd services (REGISTRY_AUTH_FILE) Testing status: - ✅ MIME types verified (HTML, CSS, YAML all correct) - ✅ OAuth authentication working - ✅ Container image pulls from private GHCR - ✅ Automated deployments functional - ✅ Site fully operational at devigo.no
20 lines
327 B
YAML
20 lines
327 B
YAML
---
|
|
- name: reload systemd
|
|
systemd:
|
|
daemon_reload: yes
|
|
|
|
- name: restart devigo-decap-oauth
|
|
systemd:
|
|
name: "{{ devigo_oauth_container_name }}"
|
|
state: restarted
|
|
|
|
- name: restart devigo-site
|
|
systemd:
|
|
name: devigo-site
|
|
state: restarted
|
|
|
|
- name: reload caddy
|
|
systemd:
|
|
name: caddy
|
|
state: reloaded
|