nixos-base-image/.forgejo/workflows/single-flow.yml

name: "Build & Upload NixOS Proxmox Image"

on:
  push:
    tags:
      - "v*" # triggers on v1.0.0, v1.2.3, etc.
  workflow_dispatch:

jobs:
  build:
    name: Build NixOS Base Image
    # Ensure 'nixos-latest' runner has Docker, SSH client, and basic Nix tools installed.
    # It seems it already does.
    runs-on: nixos-custom
    env:
      NIXOS_BUILER_HOST: nixos-builder.lab
      NIXOS_BUILER_USER: runner
      PROXMOX_HOST: 192.168.1.205
      PROXMOX_USER: plasmagoat

      # VM Template IDs for your Ansible playbook
      # These are now passed to the playbook via --extra-vars, not directly as env vars for qm.
      # They are defined in group_vars/all.yml, but can be overridden from here if needed.
      # TEMPLATE_VMID: 9001 # Removed from direct env for explicit passing to Ansible
      # LATEST_TEMPLATE_VMID: 9000 # Removed from direct env for explicit passing to Ansible

    steps:
      # Use nix-env for setup (as you prefer and it works well for ephemeral environments)
      - name: Install dependencies via nix-env
        run: |
          nix-env -iA nixpkgs.nodejs
          nix-env -iA nixpkgs.ansible
          nix-env -iA nixpkgs.jq
          nix-env -iA nixpkgs.curl
          nix-env -iA nixpkgs.openssh
          nix-env -iA cachix -f https://cachix.org/api/v1/install
          cachix use plasmagoat
          cachix authtoken ${{ secrets.CACHIX_AUTH_TOKEN }}

      - name: Checkout repo
        uses: actions/checkout@v4

      - name: Enable experimental features
        run: |
          mkdir -p ~/.config/nix
          echo "experimental-features = nix-command flakes" >> ~/.config/nix/nix.conf

      - name: Debug Environment
        run: |
          echo "PATH: $PATH"
          which bash
          which curl
          which git
          which jq
          ls -l /var/run/act/actions/
          ls -l /var/run/act/actions/https---code.forgejo.org-sheik-forgejo-release@v2.6.0/forgejo-release.sh
          echo "--- Running forgejo-release.sh with bash -x for more verbose output ---"
          /bin/bash -x /var/run/act/actions/https---code.forgejo.org-sheik-forgejo-release@v2.6.0/forgejo-release.sh || true
          # The '|| true' allows the workflow to continue even if this fails
        shell: bash

      - name: Create Forgejo Release
        uses: actions/forgejo-release@v2
        with:
          title: "NixOS Base Image ${{ steps.version.outputs.tag }}"
          prerelease: ${{ github.ref_type != 'tag' }}
          tag: ${{ steps.version.outputs.tag_name }}
          direction: upload
          release-notes: |
            ✅ **Base NixOS image uploaded**

            **🧱 Image File:**
            `/var/lib/vz/dump/${{ steps.image.outputs.filename }}`

            **🔗 Build Logs:**
            [View Actions Run](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }})

            **🔐 Flake Revision:**
            `${{ github.sha }}`

          release-dir: "result/nix-support"