production.yaml (832B)
1 name: Production 2 3 on: 4 push: 5 branches: 6 - master 7 8 jobs: 9 build-deploy: 10 name: Build and deploy 11 runs-on: ubuntu-latest 12 steps: 13 - name: Checkout 14 uses: actions/checkout@v6 15 with: 16 submodules: true 17 - name: Install nix 18 uses: cachix/install-nix-action@v31 19 - name: Build 20 run: nix build 21 - name: Deploy 22 run: | 23 set -e 24 id_rsa=$(mktemp) 25 chmod 600 $id_rsa 26 echo "${{ secrets.SSH_KEY }}" > $id_rsa 27 rsync --delete --chmod=D755,F644 -vrLe "ssh -i $id_rsa -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" ./result/ "${{ secrets.SSH_TARGET }}:${{ secrets.SSH_WEBROOT }}" 28 ssh -i $id_rsa -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null "${{ secrets.SSH_TARGET }}" cache-purge