on: [push]

jobs:
  deploy:
    runs-on: ubuntu-latest
    name: Deploy blog to hydrogen
    if: github.ref == 'refs/heads/main'
    env:
      MACHINE: hydrogen
    steps:
    - name: Setup Go 1.19
      id: go
      uses: actions/setup-go@v2
      with:
        go-version: '1.19.3'
    - name: Setup Tailscale
      id: tailscale
      uses: tailscale/github-action@v2
      with:
        oauth-client-id: ${{ secrets.TS_OAUTH_CLIENT_ID }}
        oauth-secret: ${{ secrets.TS_OAUTH_CLIENT_SECRET }}
        tags: tag:public
    - name: Add SSH key
      id: ssh
      env:
        SSH_KEY: ${{ secrets.SSH_KEY }}
      run: |
        set -euxo pipefail
        mkdir -p ~/.ssh
        ssh-keyscan $(tailscale ip -4 $MACHINE) > ~/.ssh/known_hosts
        printf "%s" "$SSH_KEY" > ~/.ssh/key
        chmod 600 ~/.ssh/key

    - name: Fetch code
      id: fetch
      uses: actions/checkout@v1

    - name: Compile blog binary
      id: compile
      run: go build -o prose .

    - name: Build tarball and ship it
      id: tarball
      run: |
        TIME=$(date +%Y%m%d-%H%M%S)
        FILENAME=prose-${TIME}.tar.gz
        mkdir -p static/css
        tar -czf $FILENAME prose fonts/ static/ styles/ templates/ posts/
        echo $FILENAME "github@$(tailscale ip -4 $MACHINE):/home/github/"
        scp -i ~/.ssh/key $FILENAME "github@$(tailscale ip -4 $MACHINE):/home/github/"
        ssh -i ~/.ssh/key "github@$(tailscale ip -4 $MACHINE)" "tar -C /var/www/blog -xzf ~/$FILENAME"
        ssh -i ~/.ssh/key "github@$(tailscale ip -4 $MACHINE)" "sudo systemctl restart prose"