Building the digital garden maintenance pipeline has been nontrivial. But at this point, I have a pretty solid process in place.
First, I created a new SSH key pair just for deploying this website. I added the public key as an authorized key to the web server that hosts this blog with a command restriction so that the key only authorizes a single command, which is the command that deploys this blog.
Next, I created a private GitHub repository that holds the Jekyll setup for this blog and added the private key to the repository’s secrets. This theme (al-folio at the time of writing) has a sophisticated deployment workflow already built out, so it will use GitHub Actions to run the build job whenever changes are pushed to the repository’s main branch.
When the build is triggered, GitHub will run the commands that build the blog. Then, the static blog files are compressed into a tar ball and sent to the web server with the custom command I mentioned earlier that the SSH key can be used to run. That triggers the execution of a bash script on the web server end that extracts the contents of the tar ball and loads them into the directory containing the blog’s live files, which completes the deployment pipeline.
I also set up the digital garden section of this blog as an Obsidian vault using Sync so that I can write notes in the garden from anywhere easily. I don’t have a great way to trigger the build from my phone, so I have to push the updates I may write from my phone on my laptop. So that is the next pain point to automate away. Well, it’s not push-of-a-button easy, but I now have an SSH client app on my phone that allows me to remote into the machine that I use for personal projects.
I can type up a note, jump over to the SSH client, remote into my laptop, and push the note to the live website that way.
Combined with Tailscale, this allows me to create notes for the garden and push them to the live website entirely from my phone in just a couple of minutes. I’d say that’s about as good as it’s gonna get for now!