.github/workflows/deploy-server.yml

name: Deploy Server

on:
  push:
    branches:
      - master
    paths:
      - 'nixos/server'

  workflow_dispatch:
  workflow_call:
      secrets:
        SSH_PRIVATE_KEY:
          required: true
        SSH_CONFIG:
          required: true
        KNOWN_HOSTS:
          required: true

jobs:
  deploy-server:
    runs-on: ubuntu-latest

    steps:
      - name: Install SSH key
        uses: shimataro/ssh-key-action@v2
        with:
          key: ${{ secrets.SSH_PRIVATE_KEY }}
          name: id_rsa # optional
          known_hosts: ${{ secrets.KNOWN_HOSTS }}
          config: ${{ secrets.SSH_CONFIG }} # ssh_config; optional
          if_key_exists: fail

      - name: rsync over SSH
        run: rsync -r . deployer@152.53.0.129:bar/

      - uses: actions/checkout@v3.5.0
        with:
          fetch-depth: 0

      - uses: cachix/install-nix-action@v18
        with:
          nix_path: nixpkgs=channel:nixos-23.11
          
      - uses: workflow/nix-shell-action@v3.3.0
        with:
          packages: rsync
          working-directory: nixos/server
          script: |
            rsync -r . deployer@152.53.0.129:bar
          
      - uses: workflow/nix-shell-action@v3.3.0
        with:
          packages: nixos-rebuild
          working-directory: nixos/server
          script: |
            nixos-rebuild switch --verbose --fast --flake ".#nixos" --use-remote-sudo --target-host "deployer@152.53.0.129" --build-host "deployer@152.53.0.129" --builders "ssh://deployer@152.53.0.129 aarch64-linux"
            nixos-rebuild switch --verbose --fast --flake ".#nixos" --use-remote-sudo --target-host "deployer@152.53.0.129" --build-host "deployer@152.53.0.129" --builders '"ssh://deployer@152.53.0.129 aarch64-linux"'