From 77e3e1205f263bd02ccc3f87c2a98b8b03ca3cc4 Mon Sep 17 00:00:00 2001
From: Earl Warren <contact@earl-warren.org>
Date: Sun, 26 May 2024 11:23:09 +0200
Subject: [PATCH] developer: infrastructure: static pages hosting

Run a LXC container that hosts static pages.

* manual one time configuration (web server configuration, git clone
  of content)
* webhook based pull for updates

It is created to host the F3 documentation. It can be used in the
future to host the Forgejo website and retire Uberspace.

Refs: https://codeberg.org/forgejo/governance/issues/36
Refs: https://forgejo.org/docs/v7.0/developer/infrastructure/#uberspace
Refs: https://codeberg.org/forgejo/discussions/issues/114
---
 docs/developer/index.md          |   1 +
 docs/developer/infrastructure.md |  12 ++++
 docs/developer/static-pages.md   | 107 +++++++++++++++++++++++++++++++
 3 files changed, 120 insertions(+)
 create mode 100644 docs/developer/static-pages.md

diff --git a/docs/developer/index.md b/docs/developer/index.md
index eac55462..167557b5 100644
--- a/docs/developer/index.md
+++ b/docs/developer/index.md
@@ -19,6 +19,7 @@ their needs.
   - [Developer Certificate of Origin (DCO)](./dco/)
   - [code.forgejo.org](./code-forgejo-org/)
   - [next.forgejo.org](./next-forgejo-org/)
+  - [static pages](./static-pages/)
   - [Forgejo runner implementation notes](https://code.forgejo.org/forgejo/runner/#hacking)
   - [Localization](./localization/)
   - [Base localization](./localization-english/)
diff --git a/docs/developer/infrastructure.md b/docs/developer/infrastructure.md
index 8433cd9a..32c3b4dc 100644
--- a/docs/developer/infrastructure.md
+++ b/docs/developer/infrastructure.md
@@ -393,6 +393,18 @@ It hosts LXC containers setup with [lxc-helpers](https://code.forgejo.org/forgej
 
   ```
 
+- `static-pages` on hetzner02
+
+  See [the static pages documenation](../static-pages/) for more information.
+
+  - LXC creation
+    ```sh
+    lxc-helpers.sh lxc_container_create --config "unprivileged" static-pages
+    echo "lxc.start.auto = 1" >> /var/lib/lxc/static-pages/config
+    lxc-helpers.sh lxc_container_start static-pages
+    lxc-helpers.sh lxc_container_user_install static-pages $(id -u) $USER
+    ```
+
 - `runner-forgejo-helm` on hetzner03
 
   Dedicated to https://codeberg.org/forgejo-contrib/forgejo-helm and running from an ephemeral disk
diff --git a/docs/developer/static-pages.md b/docs/developer/static-pages.md
new file mode 100644
index 00000000..a9f8d24e
--- /dev/null
+++ b/docs/developer/static-pages.md
@@ -0,0 +1,107 @@
+---
+title: Static pages
+license: 'CC-BY-SA-4.0'
+---
+
+LXC container dedicated to hosting static HTML pages.
+
+# LXC container
+
+See the [static-pages section in the infrastructure documentation](../infrastructure/).
+
+# SSL on the LXC host
+
+Each domain has a `/etc/nginx/sites-enabled/f3.forgefriends.forgejo.org` file similar to the following
+on the host where the LXC container resides.
+
+```nginx
+server {
+    listen 80;
+    listen [::]:80;
+
+    server_name f3.forgefriends.forgejo.org;
+
+    location / {
+        proxy_pass http://10.6.83.106:80;
+    }
+}
+```
+
+Obtain the certificate:
+
+```sh
+sudo certbot -n --agree-tos --email contact@forgejo.org -d f3.forgefriends.forgejo.org --nginx
+```
+
+# Creation in the LXC container
+
+With the example of `f3.forgefriends.forgejo.org` and
+`f3.forgefriends.org` serving the same content.
+
+## login
+
+From the LXC host:
+
+```sh
+lxc-helpers.sh lxc_container_run static-pages -- sudo --user $USER bash
+```
+
+## nginx
+
+```
+server {
+        listen 80;
+
+        server_name f3.forgefriends.org f3.forgefriends.forgejo.org;
+
+        root /var/www/f3.forgefriends.org;
+
+        location / {
+                try_files $uri $uri/ =404;
+        }
+}
+```
+
+## clone
+
+```sh
+git clone https://code.forgejo.org/f3/html-documentation /var/www/f3.forgefriends.org
+```
+
+# Update in the LXC container
+
+## Webhook
+
+Create a `POST` webhook with the URL `https://f3.forgefriends.forgejo.org/.well-known/forgejo/f3.forgefriends.org` on https://code.forgejo.org/f3/html-documentation. It is expected to fail with 404, the information will be extracted from the web server logs.
+
+## Service
+
+### git pull on change
+
+```sh
+$ cat /usr/local/bin/static-pages.sh
+sudo tail -f /var/log/nginx/access.log | sed --silent --regexp-extended --unbuffered --expression 's|.*.well-known/forgejo/([^ ]+) .*|\1|p' | while read server ; do
+    d="/var/www/$server"
+    if test -d "$d" ; then
+        echo "update $server"
+        cd "$d"
+        git pull
+    fi
+done
+```
+
+### service
+
+```sh
+$ cat /etc/systemd/system/static-pages.service
+[Unit]
+Description=Static pages
+
+[Service]
+User=debian
+ExecStart=/usr/local/bin/static-pages.sh
+
+[Install]
+WantedBy=multi-user.target
+$ sudo systemctl enable static-pages
+```