Hollanov Site
A fan site celebrating the rivalry between Shane Hollander and Ilya Rozanov.
Features
- The Rivalry Overview
- Team Shane and Team Ilya profiles
- Head-to-head stats and timeline
- Vote system with localStorage persistence
- Easter egg: Konami code (up up down down left right left right B A)
Technologies
- Pure HTML5, CSS3, vanilla JavaScript
- No build process — open
index.htmlin a browser
Auto-Deploy Flow (End-to-End)
You push to main
│
▼
GitHub detects push event
│
▼
GitHub sends POST to https://hollanov.cloud/hooks/deploy
│ (HMAC-SHA256 signed with webhook secret)
▼
Cloudflare proxies request to VPS (76.13.100.227)
│
▼
nginx receives on port 443
│ (location /hooks/ → proxy_pass http://127.0.0.1:9000)
▼
webhook listener on port 9000 validates HMAC signature
│ (config: /etc/webhook.conf)
▼
webhook executes deploy.sh
│ (hollanov/webhook/deploy.sh)
▼
deploy.sh runs: cd /var/www/openclaw && git pull
│
▼
nginx serves updated files from /var/www/openclaw/hollanov/
│
▼
Live at https://hollanov.cloud
What triggers it: Any push to main. The GitHub webhook fires on all push events; the deploy script runs git pull to update the entire repo on the VPS.
Key components:
| Component | Location | Purpose |
|---|---|---|
| GitHub webhook | GitHub repo settings | Sends signed POST on push |
| nginx | VPS, port 443 | Terminates SSL, proxies /hooks/ to webhook |
| webhook listener | VPS, port 9000 (localhost only) | Validates HMAC signature, runs deploy script |
| deploy.sh | /var/www/openclaw/hollanov/webhook/deploy.sh | Runs git pull to update site |
| webhook.conf | /etc/webhook.conf | Webhook rules (trigger ID, secret, command) |
How it differs from docs auto-deploy: Hollanov deploys via GitHub webhook → VPS (self-hosted nginx). The docs site deploys via GitHub Actions → Cloudflare Pages (serverless). See Docs auto-deploy for that flow.
VPS Deployment
The site lives in hollanov/ and deploys to a VPS with nginx + GitHub webhook auto-deploy.
Quick Setup
Use the VPS provisioner to set up the webserver and firewall:
# From your Mac — sets up nginx, webhook, firewall on existing VPS
just vps openclaw-vps-3 --firewall web --webserver
The webserver module will:
- Install nginx, git, webhook, and certbot
- Clone the repo to
/var/www/openclaw - Configure nginx for your domain
- Set up the webhook listener for auto-deploy
- Create the GitHub webhook (if
ghis authenticated)
The firewall module opens ports 22, 80, and 443.
After setup, add SSL:
certbot --nginx -d hollanov.cloud -d www.hollanov.cloud
systemctl enable certbot-renew.timer
Manual Setup
1. Install nginx and git
# Arch Linux
pacman -Syu && pacman -S nginx git
systemctl enable --now nginx
# Ubuntu/Debian
apt update && apt upgrade -y && apt install nginx git -y
systemctl enable --now nginx
2. Clone the repo
cd /var/www
git clone https://github.com/langhalsb/openclaw.git
3. Configure nginx
Create /etc/nginx/sites-available/hollanov:
server {
listen 80;
server_name your-domain.com www.your-domain.com;
root /var/www/openclaw/hollanov;
index index.html;
location / {
try_files $uri $uri/ =404;
}
location /webhook {
deny all;
return 404;
}
location ~* \.(css|js|jpg|jpeg|png|gif|ico|svg)$ {
expires 30d;
add_header Cache-Control "public, immutable";
}
}
Enable the site:
# Arch: add `include /etc/nginx/sites-enabled/*;` to nginx.conf http block
mkdir -p /etc/nginx/sites-available /etc/nginx/sites-enabled
ln -s /etc/nginx/sites-available/hollanov /etc/nginx/sites-enabled/
nginx -t && systemctl reload nginx
4. Set permissions
chown -R www-data:www-data /var/www/openclaw
chmod -R 755 /var/www/openclaw
chmod +x /var/www/openclaw/hollanov/webhook/deploy.sh
5. Configure firewall
# Arch Linux (iptables)
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -j ACCEPT
iptables -A INPUT -p tcp --dport 9000 -j ACCEPT
iptables-save > /etc/iptables/iptables.rules
# Ubuntu/Debian (UFW)
ufw allow 'Nginx Full'
ufw allow 9000
ufw enable
6. Add SSL
# Arch
pacman -S certbot certbot-nginx
certbot --nginx -d your-domain.com -d www.your-domain.com
systemctl enable certbot-renew.timer
# Ubuntu/Debian
apt install certbot python3-certbot-nginx -y
certbot --nginx -d your-domain.com -d www.your-domain.com
7. Set up auto-deploy webhook
Install webhook server:
# Arch
pacman -S webhook
# Ubuntu/Debian
apt install webhook -y
Generate a secret and configure:
# Generate a secret and set it as an env var (or store in /etc/openclaw/)
export GITHUB_WEBHOOK_SECRET=$(openssl rand -hex 32)
# Generate webhook config from template
envsubst < /var/www/openclaw/hollanov/webhook/webhook.conf.tpl > /etc/webhook.conf
Create systemd service at /etc/systemd/system/webhook.service:
[Unit]
Description=GitHub webhook listener
After=network.target
[Service]
Type=simple
ExecStart=/usr/bin/webhook -hooks /etc/webhook.conf -port 9000 -verbose
Restart=on-failure
User=root
[Install]
WantedBy=multi-user.target
systemctl daemon-reload
systemctl enable --now webhook
Create the GitHub webhook:
gh api repos/langhalsb/openclaw/hooks \
-X POST \
-F 'name=web' \
-F 'active=true' \
-f 'events[]=push' \
-f 'config[url]=https://YOUR_DOMAIN/hooks/deploy' \
-f 'config[content_type]=json' \
-f 'config[secret]=YOUR_WEBHOOK_SECRET'
Troubleshooting
| Problem | Fix |
|---|---|
| Default nginx page showing | Comment out the default server {} block in /etc/nginx/nginx.conf |
| Git "dubious ownership" error | git config --global --add safe.directory /var/www/openclaw |
| Webhook returns 502/timeout | Port 9000 blocked by CDN — route through nginx (location /hooks/ { proxy_pass http://127.0.0.1:9000; }) |
| DNS not resolving | Check dig hollanov.cloud +short — should return VPS IP only |
Useful commands
systemctl status nginx # Check nginx
systemctl status webhook # Check webhook
journalctl -u webhook -f # Follow webhook logs
curl -I http://localhost # Test if site is served
nginx -t # Validate nginx config