Files @ 55ee5b53b6f6
Branch filter:

Location: website/bin/deploy/systemd/conservancy-www-update.service

55ee5b53b6f6 613 B text/plain Show Annotation Show as Raw Download as Raw
bsturmfels
Add a basic script to "push" deploy

Currently updates are published by the "conservancy-www-update.sh" that does a
"pull" deploy with a 5-minutely job that runs on the web server. This doesn't
run `migrate`, `collectstatic` or restart the application, so certain types of
changes don't take effect, and even template changes often don't due to caching
template loader.

This script allows you to deploy more significant updates on-demand, but
requires SSH access.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
# Run the website update script (see also: conservancy-www-update.timer).

[Unit]
Description=Update Conservancy website checkout

[Service]
Type=oneshot
User=www-data
WorkingDirectory=/var/www/website
ExecStart=/var/www/website/deploy/systemd/conservancy-www-update.sh

SystemCallFilter=~@clock @cpu-emulation @debug @module @mount @obsolete
CapabilityBoundingSet=
NoNewPrivileges=true

PrivateDevices=true
PrivateNetwork=false
PrivateTmp=true
PrivateUsers=false
ProtectControlGroups=true
ProtectHome=true
ProtectKernelModules=true
ProtectKernelTunables=true
ProtectSystem=strict
ReadWritePaths=/var/www/website
Server instance: kapok.sfconservancy.org-4399 This site is powered by Kallithea 0.6.3, which is © 2010–2020 by various authors & licensed under GPLv3. – SupportPrivacy Policy