--- /dev/null
+---
+title: How I Manage my Blog
+date: 30 april 2026
+---
+
+Recently I went down the Kubernetes rabbit-hole and automated my whole blog's
+pipeline. From build to deployment. No GitHub actions or any other 3rd party CI
+provider. All self-hosted, literally. Well, with the sole exception of
+CloudFlare Tunnels, course.
+
+How did I do it?
+
+For starters, my blog repository is deployed as static files in a NGINX Docker
+container. As part of the build process, I execute a little CLI tool I built in
+Zig to transform my posts from markdown to html.
+
+So, I process the posts, build the image, tag it appropriately and push it to
+Docker Hub. This is all automated in my git server, as we'll see in a minute.
+
+Next, my stuff is hosted in a git server that I own. This server is exposed via
+SSH and cloudflare tunnels. I have it configured to only allow public key
+authentication and not root login, for example. Also, the SSH port is not
+publicly exposed and is only accessible via cloudflared.
+
+Now, Git has hooks for both server and client. In this case, we are interested
+in the post-receive server hook. This hook runs after the changes have been
+accepted by the server, so we have access to the latest code.
+
+In my case, what the hook does is clone the repository from the bare repo in
+the server, execute the build script (that is located in the cloned
+repository), and finally executes a rollout in my Kubernetes cluster to pull
+the latest image.
+
+So, that's it. A pretty damn simple configuration, if I may say.
+
+Next steps for me would be to configure redundancy for the disk where my git
+stuff is. Right now I have the stuff in my local dev machine and on that
+server, but ideally I'd want to make backups to an external drive periodically.
+
+If you, dear reader, have any tips or tricks for me, please feel free to
+contact me in whichever way you might deem appropriate.
projects / frustrated-functor.dev.git / commitdiff