$schema: https://raw.githubusercontent.com/woodpecker-ci/woodpecker/refs/heads/main/pipeline/frontend/yaml/linter/schema/schema.json

when:
  - event: manual
  - event: push
    branch: main

steps:
  - name: build
    image: nixos/nix
    commands:
      - |
        mkdir -p ~/.ssh
        echo "$CD_SSH_KEY" > ~/.ssh/id_ed25519
        chmod 600 ~/.ssh/id_ed25519
      - |
        NIX_CONFIG="
          experimental-features = nix-command flakes
        " nix-shell --run 'eval "$(ssh-agent -s)" && ssh-add ~/.ssh/id_ed25519 && SHELL=$(which bash) nixops4 apply -v default'
        # --extra-experimental-features 'nix-command flakes'
          # substituters = https://cache.nixos.org/
          # system-features = nixos-test benchmark big-parallel kvm
          # trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
          # trusted-substituters =
          # trusted-users = root @wheel
          # extra-sandbox-paths =
    environment:
      CD_SSH_KEY:
        from_secret: cd_ssh_key