diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml index 79cf415..44bcc43 100644 --- a/.gitea/workflows/deploy.yml +++ b/.gitea/workflows/deploy.yml @@ -12,24 +12,12 @@ jobs: steps: - name: Setup SSH env: - SSH_KEY: ${{ secrets.SSH_PRIVATE_KEY }} - SSH_KEY_B64: ${{ secrets.SSH_PRIVATE_KEY_B64 }} + SSH_KEY: ${{ vars.SSH_PRIVATE_KEY }} run: | mkdir -p ~/.ssh - if [ -n "$SSH_KEY_B64" ]; then - echo "Using base64-encoded key" - echo "$SSH_KEY_B64" | base64 -d > ~/.ssh/id_rsa - else - echo "Using raw key, fixing newlines" - printf '%s' "$SSH_KEY" | sed 's/\\n/\n/g' > ~/.ssh/id_rsa - fi + echo "$SSH_KEY" | sed 's/^[[:space:]]*//' > ~/.ssh/id_rsa chmod 600 ~/.ssh/id_rsa - # Sanity check — fail fast with a readable message if key is broken - ssh-keygen -y -f ~/.ssh/id_rsa > /dev/null || { - echo "::error::SSH key is invalid (libcrypto parse error). Use SSH_PRIVATE_KEY_B64 instead: base64 the file and put the result in the secret." - exit 1 - } - ssh-keyscan -p ${{ vars.SERVER_PORT }} ${{ vars.SERVER_HOST }} >> ~/.ssh/known_hosts 2>/dev/null + ssh-keyscan -p ${{ vars.SERVER_PORT }} ${{ vars.SERVER_HOST }} >> ~/.ssh/known_hosts - name: Clone or pull on server run: | @@ -49,7 +37,7 @@ jobs: DEBUG_CHAT_ID: ${{ vars.DEBUG_CHAT_ID }} SELFTEST_CHAT_ID: ${{ vars.SELFTEST_CHAT_ID }} run: | - ssh -i ~/.ssh/id_rsa -p ${{ vars.SERVER_PORT }} ${{ vars.SERVER_USER }}@${{ vars.SERVER_HOST }} "cat > /home/pkirillw/dockered-services/max-bot-test/.env <<'ENVEOF' + ssh -i ~/.ssh/id_rsa -p ${{ vars.SERVER_PORT }} ${{ vars.SERVER_USER }}@${{ vars.SERVER_HOST }} "cat > /home/pkirillw/dockered-services/max-bot-test/.env << 'ENVEOF' BOT_TOKEN=$BOT_TOKEN MAX_BOT_API_SECRET=$MAX_BOT_API_SECRET WEBHOOK_URL=$WEBHOOK_URL