$schema: https://raw.githubusercontent.com/woodpecker-ci/woodpecker/refs/heads/main/pipeline/frontend/yaml/linter/schema/schema.json

when:
  - event: manual
  - event: push
    branch: main

steps:
  - name: build
    image: nixos/nix
    commands:
      - |
        mkdir -p ~/.ssh
        echo "$CD_SSH_KEY" > ~/.ssh/id_ed25519
        chmod 600 ~/.ssh/id_ed25519
      - |
        echo "
        Host forgejo-ci
          HostKeyAlias forgejo-ci
          HostName $CI_HOST
          IdentityFile ~/.ssh/id_ed25519
        " > ~/.ssh/config
      - NIX_CONFIG="experimental-features = nix-command flakes" nix-shell --run 'eval "$(ssh-agent -s)" && ssh-add ~/.ssh/id_ed25519 && SHELL=$(which bash) nixops4 apply default'
    environment:
      CD_SSH_KEY:
        from_secret: cd_ssh_key
      CI_HOST:
        from_secret: ci_host