From a5cf020c70ef3dcad9fe32c532a694df112facad Mon Sep 17 00:00:00 2001
From: smayzy <smayzy@smayzy.ovh>
Date: Sat, 9 Aug 2025 17:05:31 +0200
Subject: [PATCH] add auto rebuild workflow

---
 .gitea/workflows/nix-rebuild-server1.yml | 40 ++++++++++++++++++++++++
 1 file changed, 40 insertions(+)
 create mode 100644 .gitea/workflows/nix-rebuild-server1.yml

diff --git a/.gitea/workflows/nix-rebuild-server1.yml b/.gitea/workflows/nix-rebuild-server1.yml
new file mode 100644
index 0000000..92482cd
--- /dev/null
+++ b/.gitea/workflows/nix-rebuild-server1.yml
@@ -0,0 +1,40 @@
+name: rebuild server1
+run-name: ${{ gitea.actor }} triggered server1 rebuild
+
+on:
+  workflow_run:
+    workflows: ["nix flake show"]
+    types:
+      - completed
+
+jobs:
+  deploy:
+    if: ${{ gitea.event.workflow_run.conclusion == 'success' }}
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: ssh to server1 and rebuild
+        uses: appleboy/ssh-action@v1.2.0
+        with:
+          host: ${{ secrets.SERVER1_HOST }}
+          username: root
+          key: ${{ secrets.SERVER1_KEY }}
+          script: |
+            set -e
+            echo "Pulling repo ..."
+            cd /home/smayzy/nix-config
+            git pull
+
+            echo "Rebuilding system ..."
+            old_gen="$(readlink /run/current-system)"
+            if nixos-rebuild switch --flake .#server1 --show-trace; then
+              echo "Deployment successful"
+            else
+              if [ "$(readlink /run/current-system)" != "$old_gen" ]; then
+                echo "Build failed after activation — rolling back..."
+                nixos-rebuild switch --rollback
+              else
+                echo "Build failed before activation — staying on current config"
+              fi
+              exit 1
+            fi