name: Deploy Jekyll Site

on:
  push:
    branches: [ main ]
  pull_request:
    branches: [ main ]
    types: [ closed ]

jobs:
  deploy:
    runs-on: ubuntu-latest
    if: github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.pull_request.merged == true)
    
    steps:
    - name: Checkout repository
      uses: actions/checkout@v4
      with:
        fetch-depth: 0

    - name: Setup Ruby
      uses: ruby/setup-ruby@v1
      with:
        ruby-version: '3.0'
        bundler-cache: true

    - name: Install dependencies
      run: |
        gem install bundler
        bundle install

    - name: Build Jekyll site
      run: |
        bundle exec jekyll build
        
    - name: Prepare deployment files
      run: |
        # Create deployment package
        tar -czf site-deployment.tar.gz -C _site .
        
    - name: Deploy to web.resist.is
      env:
        DEPLOY_HOST: web.resist.is
        DEPLOY_USER: resistbot
        DEPLOY_PASS: ${{ secrets.DEPLOY_PASSWORD }}
        SITE_PATH: /var/www/join.resist.is
      run: |
        # Install sshpass for password authentication
        sudo apt-get update
        sudo apt-get install -y sshpass rsync
        
        # Create backup directory name with timestamp
        BACKUP_DIR="backup-$(date +%Y%m%d-%H%M%S)"
        
        # Create SSH config to disable host key checking (for automation)
        mkdir -p ~/.ssh
        echo "Host web.resist.is" >> ~/.ssh/config
        echo "  StrictHostKeyChecking no" >> ~/.ssh/config
        echo "  UserKnownHostsFile /dev/null" >> ~/.ssh/config
        
        # Create backup of existing site
        echo "Creating backup of existing site..."
        sshpass -p "$DEPLOY_PASS" ssh "$DEPLOY_USER@$DEPLOY_HOST" "
          if [ -d '$SITE_PATH' ]; then
            sudo mkdir -p /var/backups/join.resist.is
            sudo cp -r '$SITE_PATH' '/var/backups/join.resist.is/$BACKUP_DIR'
            echo 'Backup created at /var/backups/join.resist.is/$BACKUP_DIR'
          else
            echo 'No existing site found to backup'
          fi
        "
        
        # Create site directory if it doesn't exist
        echo "Preparing deployment directory..."
        sshpass -p "$DEPLOY_PASS" ssh "$DEPLOY_USER@$DEPLOY_HOST" "
          sudo mkdir -p '$SITE_PATH'
          sudo chown -R $DEPLOY_USER:$DEPLOY_USER '$SITE_PATH'
        "
        
        # Deploy new site
        echo "Deploying new Jekyll site..."
        sshpass -p "$DEPLOY_PASS" rsync -avz --delete \
          -e "ssh -o StrictHostKeyChecking=no" \
          _site/ "$DEPLOY_USER@$DEPLOY_HOST:$SITE_PATH/"
        
        # Set proper permissions
        sshpass -p "$DEPLOY_PASS" ssh "$DEPLOY_USER@$DEPLOY_HOST" "
          sudo chown -R www-data:www-data '$SITE_PATH'
          sudo chmod -R 755 '$SITE_PATH'
          sudo find '$SITE_PATH' -type f -exec chmod 644 {} \;
        "
        
        echo "Deployment completed successfully!"
        echo "Site is now live at: https://join.resist.is"
        echo "Backup location: /var/backups/join.resist.is/$BACKUP_DIR"

    - name: Verify deployment
      env:
        DEPLOY_HOST: web.resist.is
        DEPLOY_USER: resistbot
        DEPLOY_PASS: ${{ secrets.DEPLOY_PASSWORD }}
        SITE_PATH: /var/www/join.resist.is
      run: |
        # Verify the deployment by checking if index.html exists
        echo "Verifying deployment..."
        sshpass -p "$DEPLOY_PASS" ssh "$DEPLOY_USER@$DEPLOY_HOST" "
          if [ -f '$SITE_PATH/index.html' ]; then
            echo 'Deployment verification successful - index.html found'
            echo 'File count in deployment:'
            find '$SITE_PATH' -type f | wc -l
          else
            echo 'Deployment verification failed - index.html not found'
            exit 1
          fi
        "

    - name: Cleanup
      run: |
        # Remove deployment artifacts
        rm -f site-deployment.tar.gz
        echo "Cleanup completed"