# Required Gitea Actions secrets:
#   SSH_PRIVATE_KEY - Private key for SSH authentication
#   DEPLOY_HOST     - Target server IP address (e.g. 144.217.160.198)
#   DEPLOY_USER     - SSH user on the target server (e.g. root)

name: Deploy Haschel

on:
  push:
    branches:
      - main

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - name: Configure SSH
        run: |
          mkdir -p ~/.ssh
          echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_ed25519
          chmod 600 ~/.ssh/id_ed25519
          cat >> ~/.ssh/config << EOF
          Host haschel
            HostName ${{ secrets.DEPLOY_HOST }}
            User ${{ secrets.DEPLOY_USER }}
            StrictHostKeyChecking no
            UserKnownHostsFile /dev/null
            IdentityFile ~/.ssh/id_ed25519
          EOF
          chmod 600 ~/.ssh/config

      - name: Deploy
        run: |
          REPO_URL="${{ github.server_url }}/${{ github.repository }}.git"
          ssh haschel "rm -rf /tmp/nixos-config && git clone $REPO_URL /tmp/nixos-config && nixos-rebuild switch --flake /tmp/nixos-config#haschel && rm -rf /tmp/nixos-config"