when:
  - event: ["push", "manual"]
    branch: ["main"]

engine: "nixery"

dependencies:
  nixpkgs:
    - deno
    - openssh
    - su

steps:
  - name: "Pretend we have a real local user"
    command: |
      echo "🪶 pretend root is a real user"
      echo "root:x:0:0:System administrator:/root:/run/current-system/sw/bin/bash" >> /etc/passwd
    
  - name: "Copy config to server"
    command: |
      echo "🪶 copying config from secrets"
      echo "${CONFIG}" > config.ts
     
  - name: "Set up Deno"
    command: |
      echo "🪶 installing deno packages"
      deno install
    
  - name: "Build static files"
    command: |
      echo "🪶 building static files"
      deno run build
  
  - name: "SSH setup"
    command: |
      echo "🪶 setting up ssh connection"
      mkdir ~/.ssh
      echo "${SSH_KEY}" > ~/.ssh/id_tangledsh
      chmod 600 ~/.ssh/id_tangledsh
      cat > /etc/ssh/ssh_config << EOF
      Host deploy
        HostName ${SERVER_HOST}
        User ${SERVER_USER}
        IdentityFile ~/.ssh/id_tangledsh
        StrictHostKeyChecking no
        UserKnownHostsFile /dev/null
        BatchMode yes
        PasswordAuthentication no
        PubkeyAuthentication yes
      EOF
      chmod 600 /etc/ssh/ssh_config
      ssh-keyscan -H $SERVER_HOST >> ~/.ssh/known_hosts
  
  - name: "Deploy via SCP"
    command: |
      echo "🪶 deploying files via scp"
      scp -r ./dist/* deploy:/pds/caddy/etc/caddy/static
  
  - name: "Done!"
    command: |
      echo "🪶 all done!