name: Nix Web Proxy Worker
run-name: Web Proxy - Nix
on: [push, merge]

jobs:
  setup-nixos-runner:
    run-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      
      - uses: webfactory/ssh-agent@v0.9.0
        with:
          ssh-private-key: ${{ secrets.WEB_PROXY_SSH_PRIVATE_KEY }}
      
      - name: Ensure known host name
        run: ssh-keyscan ${{ vars.WEB_PROXY_IP }} >> ~/.ssh/known_hosts

      - name: Restore cached Nix Store
        id: cached-nix-store
        uses: actions/cache/restore@v3
        with:
          path: |
            /nix
          key: ${{ runner.os }}-nix-infrastructure

      - uses: cachix/install-nix-action@v31

      - name: Apply Nix build to Web Proxy host
        run: nix-shell shell.nix --run "nixos-rebuild switch --no-flake --target-host ${{ vars.WEB_PROXY_TARGET_HOST }}"

      - name: Save Primes
        id: cache-primes-save
        uses: actions/cache/save@v3
        with:
          path: |
            /nix
          key: ${{ runner.os }}-nix-infrastructure