name: "darwin"

on:
  push:
    branches: [master]
  workflow_dispatch:

concurrency:
  group: "darwin"
  cancel-in-progress: false

jobs:
  deploy:
    environment:
      name: darwin
    strategy:
      fail-fast: false
      matrix:
        host: [darwin01, darwin02]
    runs-on: ubuntu-latest
    timeout-minutes: 15
    steps:
      - uses: actions/checkout@v4
      - name: Install Nix
        uses: cachix/install-nix-action@v30
        with:
          extra_nix_config: |
            accept-flake-config = true
            experimental-features = nix-command flakes
      - name: Setup SSH
        env:
          SSH_KEY: "${{ secrets.SSH_KEY }}"
        run: |
          mkdir -p "$HOME/.ssh"
          cat >>"$HOME/.ssh/id_ed25519" <<EOF
          $SSH_KEY
          EOF
          chmod 600 "$HOME/.ssh/id_ed25519"
          known_hosts="$(nix eval .#nixosConfigurations.build01.config.environment.etc.'ssh/ssh_known_hosts'.text)"
          echo -e "$known_hosts" >>"$HOME/.ssh/known_hosts"
          cat >>"$HOME/.ssh/config" <<EOF
          Host *
            IdentityFile ~/.ssh/id_ed25519
            IdentitiesOnly yes
          EOF
      - name: Deploy
        run: |
          ./inv deploy --hosts ${{ matrix.host }}
      - name: Alert on failure
        if: ${{ failure() }}
        run: |
          curl -XPOST -d '{"msgtype":"m.text", "body":"${{ matrix.host }}: deployment failed"}' \
            "https://matrix.org/_matrix/client/r0/rooms/!cBybDCkeRlSWfuaFvn:numtide.com/send/m.room.message?access_token=${{ secrets.TOKEN_MATRIX_BOT }}"
  collect:
    environment:
      name: darwin
    needs: deploy
    runs-on: ubuntu-latest
    steps:
      - run: echo