name: nixos config pipeline

on: [push]

jobs:
  show-flake:
    runs-on: ubuntu-latest
    outputs:
      check-success: ${{ steps.check.outcome == 'success' }}
    steps:
      - name: checkout repo
        uses: actions/checkout@v4
      - name: install nix
        uses: cachix/install-nix-action@v31
      - id: check
        name: run nix flake show
        run: nix flake show --show-trace

  deploy:
    needs: show-flake
    if: needs.show-flake.result == 'success'
    runs-on: ubuntu-latest
    steps:
      - name: ssh to server1 and rebuild
        uses: appleboy/ssh-action@v1.2.0
        with:
          host: ${{ secrets.SERVER1_HOST }}
          username: root
          key: ${{ secrets.SERVER1_KEY }}
          script: |
            set -e
            cd /home/smayzy/nix-config
            sudo -u smayzy git pull
            old_gen="$(readlink /run/current-system)"
            if nixos-rebuild switch --flake .#server1 --show-trace; then
              echo "Deployment successful"
            else
              new_gen="$(readlink /run/current-system)"
              if [ "$new_gen" != "$old_gen" ]; then
                nixos-rebuild switch --rollback
              fi
              exit 1
            fi