From f28b8f06c6e8ae7157791deb09b883a63d16a39d Mon Sep 17 00:00:00 2001
From: RaineAllDay <raineallday@proton.me>
Date: Wed, 18 Mar 2026 04:55:29 -0600
Subject: [PATCH] again... fixing deployment actions

---
 .gitea/workflows/ci.yml     |  6 +++--
 .gitea/workflows/deploy.yml | 44 ++++++++++++++++++-------------------
 2 files changed, 25 insertions(+), 25 deletions(-)

diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml
index 6246c9d..dda665a 100644
--- a/.gitea/workflows/ci.yml
+++ b/.gitea/workflows/ci.yml
@@ -1,6 +1,6 @@
 # .gitea/workflows/ci.yml
 # Runs on every push and pull request (except main, which uses deploy.yml).
-# Designed for a host-mode act_runner on Ubuntu with Node 20 already installed.
+# Uses no external actions — all steps are plain shell commands.
 
 name: CI
 
@@ -17,7 +17,9 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        run: |
+          git clone ${{ gitea.server_url }}/${{ gitea.repository }}.git .
+          git checkout ${{ gitea.sha }}
 
       - name: Verify Node.js
         run: node --version && npm --version
diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml
index d3d3cee..d85d68e 100644
--- a/.gitea/workflows/deploy.yml
+++ b/.gitea/workflows/deploy.yml
@@ -1,6 +1,6 @@
 # .gitea/workflows/deploy.yml
 # Triggered on push to main.
-# Runs CI checks first, then deploys to production.
+# Uses no external actions — all steps are plain shell commands.
 #
 # Required Gitea secrets (Settings → Secrets → Actions):
 #   DEPLOY_HOST       — droplet IP or hostname
@@ -23,7 +23,9 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        run: |
+          git clone ${{ gitea.server_url }}/${{ gitea.repository }}.git .
+          git checkout ${{ gitea.sha }}
 
       - name: Verify Node.js
         run: node --version && npm --version
@@ -55,24 +57,20 @@ jobs:
 
     steps:
       - name: Deploy via SSH
-        uses: appleboy/ssh-action@v1.0.3
-        with:
-          host:     ${{ secrets.DEPLOY_HOST }}
-          username: ${{ secrets.DEPLOY_USER }}
-          key:      ${{ secrets.DEPLOY_SSH_KEY }}
-          port:     ${{ secrets.DEPLOY_PORT }}
-          script: |
-            set -e
-            APP_DIR=/opt/etc-prs/app
-            APP_USER=prs
-            echo "▸ Pulling latest code…"
-            cd "$APP_DIR" && git pull
-            echo "▸ Installing dependencies…"
-            npm install --quiet
-            echo "▸ Building…"
-            npm run build
-            echo "▸ Fixing ownership…"
-            chown -R "${APP_USER}:${APP_USER}" "$APP_DIR"
-            echo "▸ Reloading PM2…"
-            pm2 reload etc-prs
-            echo "✓ Deploy complete"
+        run: |
+          # Write the private key to a temp file
+          mkdir -p ~/.ssh
+          echo "${{ secrets.DEPLOY_SSH_KEY }}" > ~/.ssh/deploy_key
+          chmod 600 ~/.ssh/deploy_key
+
+          # Disable strict host checking so first connection doesn't hang
+          echo "StrictHostKeyChecking no" >> ~/.ssh/config
+
+          # SSH in and run the redeploy script
+          ssh -i ~/.ssh/deploy_key \
+              -p ${{ secrets.DEPLOY_PORT }} \
+              ${{ secrets.DEPLOY_USER }}@${{ secrets.DEPLOY_HOST }} \
+              "bash /opt/etc-prs/app/scripts/redeploy.sh"
+
+          # Clean up
+          rm -f ~/.ssh/deploy_key