From d1542a65ac53f9a6e46312524ac19f8eefc9eb69 Mon Sep 17 00:00:00 2001
From: admin <admin@viaeon.com>
Date: Sun, 14 Jun 2026 11:16:51 +0800
Subject: [PATCH] feat: add SSH deploy step to CI/CD workflow

---
 .gitea/workflows/docker-build.yaml | 50 ++++++++++++++++++++++++++++++
 1 file changed, 50 insertions(+)

diff --git a/.gitea/workflows/docker-build.yaml b/.gitea/workflows/docker-build.yaml
index 1b49d3fb1..32c32011a 100644
--- a/.gitea/workflows/docker-build.yaml
+++ b/.gitea/workflows/docker-build.yaml
@@ -80,3 +80,53 @@ jobs:
           docker system prune -af --volumes 2>/dev/null || true
           echo "Docker disk usage:"
           docker system df
+
+      - name: Deploy via SSH
+        if: success()
+        run: |
+          if [ -z "${{ secrets.DEPLOY_SSH_HOST }}" ]; then
+            echo "DEPLOY_SSH_HOST not configured, skipping SSH deploy"
+            exit 0
+          fi
+
+          # Install sshpass if not available
+          if ! command -v sshpass &> /dev/null; then
+            if command -v apk &> /dev/null; then
+              apk add --no-cache sshpass
+            elif command -v apt-get &> /dev/null; then
+              apt-get update && apt-get install -y sshpass
+            else
+              echo "sshpass not available, trying ssh with key"
+            fi
+          fi
+
+          SSH_HOST="${{ secrets.DEPLOY_SSH_HOST }}"
+          SSH_PORT="${{ secrets.DEPLOY_SSH_PORT }}"
+          SSH_USER="${{ secrets.DEPLOY_SSH_USER }}"
+          SSH_PASS="${{ secrets.DEPLOY_SSH_PASS }}"
+          SSH_KEY="${{ secrets.DEPLOY_SSH_KEY }}"
+          DEPLOY_CMD="${{ secrets.DEPLOY_CMD }}"
+
+          # Default port
+          SSH_PORT="${SSH_PORT:-22}"
+          # Default deploy command
+          DEPLOY_CMD="${DEPLOY_CMD:-docker pull git.viaeon.com/admin/new-api:latest && docker compose up -d}"
+
+          SSH_OPTS="-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -p ${SSH_PORT}"
+
+          if [ -n "${SSH_KEY}" ]; then
+            echo "Deploying via SSH key..."
+            mkdir -p ~/.ssh
+            echo "${SSH_KEY}" > ~/.ssh/deploy_key
+            chmod 600 ~/.ssh/deploy_key
+            ssh ${SSH_OPTS} -i ~/.ssh/deploy_key ${SSH_USER}@${SSH_HOST} "${DEPLOY_CMD}"
+            rm -f ~/.ssh/deploy_key
+          elif [ -n "${SSH_PASS}" ] && command -v sshpass &> /dev/null; then
+            echo "Deploying via SSH password..."
+            sshpass -p "${SSH_PASS}" ssh ${SSH_OPTS} ${SSH_USER}@${SSH_HOST} "${DEPLOY_CMD}"
+          else
+            echo "No SSH key or password configured, skipping SSH deploy"
+            exit 0
+          fi
+
+          echo "SSH deploy completed successfully"