name: Deploy to VPS

on:
  push:
    branches: [main]

jobs:
  deploy:
    runs-on: self-hosted

    steps:
      - uses: actions/checkout@v4

      - name: Write .env.prod
        run: |
          cat > .env.prod << 'ENVEOF'
          POSTGRES_USER=${{ secrets.POSTGRES_USER }}
          POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }}
          POSTGRES_DB=${{ secrets.POSTGRES_DB }}
          OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}
          SECRET_KEY=${{ secrets.SECRET_KEY }}
          VAPID_PRIVATE_KEY=${{ secrets.VAPID_PRIVATE_KEY }}
          VAPID_PUBLIC_KEY=${{ secrets.VAPID_PUBLIC_KEY }}
          VAPID_MAILTO=${{ secrets.VAPID_MAILTO }}
          CORS_ORIGINS=${{ secrets.CORS_ORIGINS }}
          VITE_API_URL=${{ secrets.VITE_API_URL }}
          ENVEOF

      - name: Build and deploy
        run: |
          docker compose -f docker-compose.prod.yml --env-file .env.prod build
          docker compose -f docker-compose.prod.yml --env-file .env.prod up -d --remove-orphans

      - name: Wait for health
        run: |
          echo "Waiting for backend..."
          for i in $(seq 1 30); do
            if docker inspect healthyfit-backend-prod --format '{{.State.Health.Status}}' 2>/dev/null | grep -q healthy; then
              echo "Backend is healthy"
              break
            fi
            sleep 2
          done

      - name: Prune old images
        run: docker image prune -f

      - name: Cleanup
        if: always()
        run: rm -f .env.prod