# borrowed from https://gitlab.com/nix17/nixos-config/-/blob/main/.gitlab-ci.yml

# hopefully this image is good for my needs
image: nixpkgs/nix-flakes:nixos-22.11

stages:
  - flake
  #- deploy

# Passed in from upstream
# $PACKAGE_NAME = name of the flake that needs to be updated
# $UPDATE_FLAKE = flag to update the flake

update:
  stage: flake
  # from https://forum.gitlab.com/t/git-push-from-inside-a-gitlab-runner/30554/5
  before_script:
    #- 'which ssh-agent || ( apt-get update -qy && apt-get install openssh-client -qqy )'
    - eval `ssh-agent -s`
    # for the deploy
    - echo "${CI_KEY}" | tr -d '\r' | ssh-add - > /dev/null
    - mkdir -p ~/.ssh
    - chmod 700 ~/.ssh
    - echo "$CI_KEY" >> ~/.ssh/id_rsa.pub
    - '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'

  script:
    - git config --global user.email "${CI_EMAIL}"
    - git config --global user.name "${CI_USERNAME}"
    # the part that updates the flake
    - nix --experimental-features 'nix-command flakes' flake lock --update-input $PACKAGE_NAME
    - git add flake.lock
    - git commit -m "[skip ci] Updated flake for $PACKAGE_NAME" || echo "No changes, nothing to commit"
    # we have a custom domain
    - git remote rm origin && git remote add origin ssh://git@gitlab.skynet.ie:2222/compsoc/skynet/nixos.git
    - git push origin HEAD:$CI_COMMIT_REF_NAME

  only:
    refs:
      - main
    variables:
      - $UPDATE_FLAKE == "yes"

# use ctrl+/ on intellij to mass uncoment
# set up deployment later
#deploy:
#  stage: deploy
#  # from https://forum.gitlab.com/t/git-push-from-inside-a-gitlab-runner/30554/5
#  before_script:
#    # Check for ssh-agent + rsync and install if not present
#    #- 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client -y  )'
#    - eval $(ssh-agent -s)
#    # Inject the remote's private key
#    - echo "$SSH_PRIVATE_KEY" | tr -d '\r' | ssh-add - > /dev/null
#    - mkdir -p ~/.ssh
#    - chmod 700 ~/.ssh
#    # Append keyscan output into known hosts
#    - ssh-keyscan $SERVER_IP >> ~/.ssh/known_hosts
#    - chmod 644 ~/.ssh/known_hosts
#
#  script:
#      # this will grab a fresh copy of teh repo
#    - ssh $SERVER_USER@$SERVER_IP "cd /etc/nixos && git stash && git pull origin main && nixos-rebuild switch"
#
#  only:
#    refs:
#      - main
  

  # only run on $UPDATE_FLAKE