on:
  push:
    branches:
      - main
  workflow_dispatch:

jobs:
  deploy:
    runs-on: ubuntu-latest
    name: Deploy website to server
    env:
      MACHINE_USER_NAME: kenneth
      MACHINE_NAME: helian
    steps:
      - name: Setup Tailscale
        uses: tailscale/github-action@v3
        with:
          oauth-client-id: ${{ secrets.TS_OAUTH_CLIENT_ID }}
          oauth-secret: ${{ secrets.TS_OAUTH_CLIENT_SECRET }}
          tags: tag:ci
      - name: Add SSH key
        env:
          SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
        run: |
          mkdir -p ~/.ssh
          MACHINE_IP="$(tailscale ip -4 $MACHINE_NAME)"
          ssh-keyscan $MACHINE_IP >> ~/.ssh/known_hosts
          printf "%s" "$SSH_PRIVATE_KEY" > ~/.ssh/key
          # add a new line to the end of the private key file
          # otherwise it won't be loaded properly
          echo >> ~/.ssh/key
          chmod 600 ~/.ssh/key
      - name: Deploy website
        run: |
          MACHINE_IP="$(tailscale ip -4 $MACHINE_NAME)"
          ssh -i ~/.ssh/key "$MACHINE_USER_NAME:@$MACHINE_IP" /bin/bash << EOF
            cd /opt/website
            git pull
            cd ../
            docker compose up --build --detach website
          EOF