name: ssh-test
run-name: ${{ github.actor }} - ssh-test
on:
  push:
    branches:
    - main
 
jobs:
  ssh-test:
    runs-on: docker
    container: 
      image: alpine:edge
      options: --mount type=bind,src=/dev/net/tun,dst=/dev/net/tun --privileged
    steps:
    - name: "Runner: Info"
      run: |
        echo "============= pwd"
        pwd
        echo "============= ls -lah"
        ls -lah 
        echo '============= id'
        id
        echo "============= uname -a"
        uname -a
        echo "============= hostname"
        hostname
        echo "============= /etc/os-release"
        cat /etc/os-release
        echo "============= whoami"
        whoami
        id
        echo "============= cat /etc/resolv.conf" 
        cat /etc/resolv.conf

    - name:  "Setup: Runner"
      run: |
        apk update
        apk add git nodejs nix openssh-client qemu tailscale sudo --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing/

    - name:  "Setup: SSH"
      run: |
        mkdir /root/.ssh
        echo "${{ secrets.SSH_PUBLIC_KEY }}"  > /root/.ssh/id_ed25519.pub 
        echo "${{ secrets.SSH_PRIVATE_KEY }}" > /root/.ssh/id_ed25519
        chmod 700 /root/.ssh
        chmod 600 /root/.ssh/id_ed25519 
        chmod 644 /root/.ssh/id_ed25519.pub
        echo "Public Key:  "
        cat /root/.ssh/id_ed25519.pub

    - name: "Setup:  Headscale"
      run: | 
        echo "tailscaled --cleanup"
        sudo tailscaled --cleanup
        echo ""
        echo "tailscaled --state=mem 2> ~/tailscaled.log &"
        sudo tailscaled --state=mem: 2> ~/tailscaled.log &
        echo ""
        echo "tailscale up"
        sudo tailscale up \
            --login-server=https://headscale.sysctl.io \
            --accept-routes \
            --accept-dns \
            --authkey ${{ secrets.TAILSCALE_KEY }}  \
            --hostname forgejo-runner \
            --advertise-tags "tag:forgejo,tag:container,tag:ephemeral"
        sudo tailscale status 
        sudo tailscale netcheck

    - uses: actions/checkout@v3
    - name: "Directory Structure"
      run: | 
        ls ${{ github.workspace }}/*

    - name: "Nix Version"
      run:  | 
        nix --version
    - name: "Nix build - nixos-vm-01"
      run: | 
        echo "Running Nix Build"
        nixos-rebuild --build-host albert@framework-server --target-host albert@nixos-vm-01 --flake /etc/nixos/git 


    - if: always()
      run:  rm -rf /.cache
    - if: always()
      run: rm -rf ${{ github.worksspace }}