name: Deploy Website

on:
  push:
    branches:
      - main  # change if your main branch is different

jobs:
  deploy:
    runs-on: self-hosted
    steps:
      - name: Checkout repository
        uses: actions/checkout@v3

      # Debug step (optional)
      - name: Debug environment
        run: |
          echo "Host: ${DEPLOY_HOST}"
          echo "User: ${DEPLOY_USER}"
          echo "Port: ${DEPLOY_PORT:-22}"
          if [ -n "${DEPLOY_KEY}" ]; then
            echo "✅ DEPLOY_KEY is set"
          else
            echo "❌ DEPLOY_KEY is missing!"
          fi
        env:
          DEPLOY_HOST: ${{ secrets.DEPLOY_HOST }}
          DEPLOY_USER: ${{ secrets.DEPLOY_USER }}
          DEPLOY_KEY: ${{ secrets.DEPLOY_KEY }}
          DEPLOY_PORT: ${{ secrets.DEPLOY_PORT }}

      # Set up SSH key safely
      - name: Set up SSH key
        run: |
          set -e
          mkdir -p ~/.ssh
          printf "%s" "${DEPLOY_KEY}" > ~/.ssh/id_rsa
          chmod 600 ~/.ssh/id_rsa
          ssh-keyscan -p "${DEPLOY_PORT:-22}" -H "${DEPLOY_HOST}" >> ~/.ssh/known_hosts
        env:
          DEPLOY_KEY: ${{ secrets.DEPLOY_KEY }}
          DEPLOY_HOST: ${{ secrets.DEPLOY_HOST }}
          DEPLOY_PORT: ${{ secrets.DEPLOY_PORT }}

      # Deploy site files with rsync over custom port
      - name: Deploy website via rsync
        run: |
          echo "🚀 Deploying files to ${DEPLOY_USER}@${DEPLOY_HOST}:${DEPLOY_PATH} (port ${DEPLOY_PORT:-22})"
          rsync -avz -e "ssh -p ${DEPLOY_PORT:-22}" --delete ./ ${DEPLOY_USER}@${DEPLOY_HOST}:${DEPLOY_PATH}
        env:
          DEPLOY_HOST: ${{ secrets.DEPLOY_HOST }}
          DEPLOY_USER: ${{ secrets.DEPLOY_USER }}
          DEPLOY_PATH: ${{ secrets.DEPLOY_PATH }}
          DEPLOY_PORT: ${{ secrets.DEPLOY_PORT }}