name: Deploy to LXC

on:
  push:
    branches: [main]

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - name: Deploy via SSH
        uses: appleboy/ssh-action@v1
        with:
          host: ${{ secrets.DEPLOY_HOST }}
          username: ${{ secrets.DEPLOY_USER }}
          key: ${{ secrets.DEPLOY_KEY }}
          port: ${{ secrets.DEPLOY_PORT || 22 }}
          script: |
            set -e

            APP_DIR="${{ secrets.DEPLOY_PATH || '/opt/buildfor_life_ops/app' }}"
            REPO_URL="https://git.b4l.co.th/B4L/buildfor_life_ops.git"

            # Clone if first deploy, otherwise pull. Public HTTPS — no deploy key needed.
            if [ ! -d "$APP_DIR" ]; then
              echo "==> First deploy, cloning..."
              git clone "$REPO_URL" "$APP_DIR"
              cd "$APP_DIR"
            else
              cd "$APP_DIR"
              echo "==> Resetting local changes..."
              git checkout -- .
              echo "==> Pulling latest code..."
              git pull origin main
            fi

            # Activate the pinned Node via fnm and make pnpm available via Corepack.
            # Both are expected to be installed per DEPLOYMENT.md.
            export PATH="$HOME/.local/share/fnm:$PATH"
            eval "$(fnm env --shell bash)"
            fnm use --install-if-missing
            corepack enable >/dev/null 2>&1 || true

            echo "==> Installing dependencies..."
            pnpm install --frozen-lockfile

            echo "==> Building..."
            pnpm run build

            echo "==> Running migrations..."
            pnpm run db:migrate

            echo "==> Restarting service..."
            sudo systemctl restart buildfor_life_ops

            echo "==> Waiting for startup..."
            sleep 2
            systemctl is-active --quiet buildfor_life_ops && echo "Deploy successful!" || (echo "Service failed to start!" && exit 1)