blekin/.gitea/workflows/publish.yml

name: Publish

on:
  push:
    branches: [main]

jobs:
  frontend:
    runs-on: rust
    steps:
      - uses: actions/checkout@v4

      - name: Install Node.js
        run: |
          curl -fsSL https://fnm.vercel.app/install | bash -s -- --skip-shell
          export PATH="$HOME/.local/share/fnm:$PATH"
          eval "$(fnm env)"
          fnm install --lts
          fnm use --lts
          node --version
          npm --version

      - name: Build frontend
        run: |
          export PATH="$HOME/.local/share/fnm:$PATH"
          eval "$(fnm env)"
          cd crates/ericrfb-frontend
          npm ci
          npm run build

      - name: Set up SSH
        run: |
          mkdir -p ~/.ssh
          echo "${{ secrets.PUBLISH_KEY }}" > ~/.ssh/id_ed25519
          chmod 600 ~/.ssh/id_ed25519
          ssh-keyscan -H ${{ vars.UI_HOST }} >> ~/.ssh/known_hosts 2>/dev/null

      - name: Deploy static files to UI host
        run: |
          rsync -avz --delete dist/ gitea_ci@${{ vars.UI_HOST }}:${{ vars.UI_PATH }}/

      - name: Deploy nginx config and reload
        run: |
          rsync -avz asset/nginx/blekin.kosherinata.internal.conf gitea_ci@${{ vars.UI_HOST }}:/etc/nginx/sites-available/blekin.kosherinata.internal.conf
          ssh gitea_ci@${{ vars.UI_HOST }} 'sudo /usr/bin/ln -sf /etc/nginx/sites-available/blekin.kosherinata.internal.conf /etc/nginx/sites-enabled/blekin.kosherinata.internal.conf && sudo /usr/bin/nginx -t && sudo /usr/bin/systemctl reload nginx.service'

  backend:
    runs-on: rust
    steps:
      - uses: actions/checkout@v4

      - name: Build release binary
        run: cargo build --release -p ericrfb-proxy

      - name: Set up SSH
        run: |
          mkdir -p ~/.ssh
          echo "${{ secrets.PUBLISH_KEY }}" > ~/.ssh/id_ed25519
          chmod 600 ~/.ssh/id_ed25519
          ssh-keyscan -H ${{ vars.WS_HOST }} >> ~/.ssh/known_hosts 2>/dev/null

      - name: Stop service
        run: |
          ssh gitea_ci@${{ vars.WS_HOST }} 'sudo /usr/bin/systemctl stop blekin.service' || true

      - name: Deploy binary
        run: |
          rsync -avz target/release/ericrfb-proxy gitea_ci@${{ vars.WS_HOST }}:~/ericrfb-proxy
          ssh gitea_ci@${{ vars.WS_HOST }} 'sudo /usr/bin/rsync ~/ericrfb-proxy /usr/local/bin/ericrfb-proxy && rm ~/ericrfb-proxy'

      - name: Deploy systemd unit
        run: |
          rsync -avz asset/systemd/blekin.service gitea_ci@${{ vars.WS_HOST }}:~/blekin.service
          ssh gitea_ci@${{ vars.WS_HOST }} 'sudo /usr/bin/rsync ~/blekin.service /etc/systemd/system/blekin.service && rm ~/blekin.service'

      - name: Start and enable service
        run: |
          ssh gitea_ci@${{ vars.WS_HOST }} 'sudo /usr/bin/systemctl enable blekin.service && sudo /usr/bin/systemctl start blekin.service'