on: [push]
jobs:
  check:
    runs-on: nix
    steps:
      - uses: https://code.forgejo.org/actions/checkout@v3
      - run: nix flake check .

  deploy:
    runs-on: nix
    needs: check
    if: contains(github.event.head_commit.message, '[deploy]')
    steps:
      - uses: https://code.forgejo.org/actions/checkout@v3
      - name: Setup SSH key
        run: |
          mkdir -p ~/.ssh
          echo "$SSHKEY" > ./id_ed25519
          chmod 600 ./id_ed25519

        env:
          SSHKEY: ${{ secrets.SSHKEY }}
      - run: nix develop .#default -c deploy --skip-checks --ssh-user root --ssh-opts  '-i ./id_ed25519 -o StrictHostKeyChecking=accept-new -o UserKnownHostsFile=/dev/null'