name: Build and Deploy

on:
  push:
    branches:
      - main

jobs:
  build-and-deploy:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        run: |
          rm -rf /tmp/watch-party
          git clone https://gitea.home.arpa/nik/watch-party /tmp/watch-party

      - name: Write deploy key
        run: |
          echo "${{ secrets.DEPLOY_KEY }}" > /tmp/deploy_key
          chmod 600 /tmp/deploy_key

      - name: Log in to Gitea registry
        run: |
          echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login gitea.home.arpa \
            --username ${{ secrets.REGISTRY_USERNAME }} \
            --password-stdin

      - name: Build and push backend
        run: |
          docker build \
            --platform linux/amd64 \
            -t gitea.home.arpa/nik/watch-party-backend:latest \
            /tmp/watch-party/backend
          docker push gitea.home.arpa/nik/watch-party-backend:latest

      - name: Build and push frontend
        run: |
          docker build \
            --platform linux/amd64 \
            -t gitea.home.arpa/nik/watch-party-frontend:latest \
            /tmp/watch-party/frontend
          docker push gitea.home.arpa/nik/watch-party-frontend:latest

      - name: Deploy to Mac Mini
        run: |
          ssh -o StrictHostKeyChecking=no \
            -i /tmp/deploy_key \
            ${{ secrets.DEPLOY_USER }}@${{ secrets.DEPLOY_HOST }} \
            "cd ~/repo/watch-party && \
             docker login gitea.home.arpa -u ${{ secrets.REGISTRY_USERNAME }} -p ${{ secrets.REGISTRY_PASSWORD }} && \
             docker compose pull && \
             docker compose up -d"