- Add EnvironmentFile=/home/txeo/Git/yo/cv/.env to systemd unit
- Add production overrides (GO_ENV, BEHIND_PROXY, ALLOWED_ORIGINS)
- Deploy workflow now auto-updates systemd service file on each deploy
- Fix golangci-lint errcheck errors by using t.Setenv() instead of os.Setenv()
- Add CSS bundle build step to deploy workflow for production
- Add graceful fallback to modular CSS if bundle doesn't exist
- Remove unused os import from preferences_test.go
- Check for uncommitted changes (both staged and unstaged)
- Auto-stash with timestamp before pulling
- Prevents "Your local changes would be overwritten" errors
- Commented-out option to reapply stash after pull if needed
Server changes are preserved in git stash for recovery if needed.
Fixes: "error: Your local changes to the following files would be overwritten by merge"
- Change from fixing only .git/ to fixing entire repository (.)
- Prevents "unable to unlink" errors on workflow files
- Ensures deployment user has write access to all files
- Run unconditionally as it's fast and prevents all permission issues
Fixes: "error: unable to unlink old '.github/workflows/deploy.yml': Permission denied"
Replace manual SSH setup with proven appleboy/ssh-action@v1.0.3
- Automatically handles SSH key formatting and permissions
- No manual key validation or cleanup needed
- Consistent with working commando-web deployment
- Pass environment variables via 'envs' parameter
- Simplifies both deploy and verify steps
This eliminates "error in libcrypto" and permission issues.
- Use printf instead of echo for proper SSH key formatting
- Add ssh-keygen validation before attempting connection
- Show first 50 chars of key on validation failure for debugging
- Maintains proper line endings and key structure
This will help identify if the SSH_PRIVATE_KEY secret is malformed.
Test workflow:
- Upgrade golangci-lint-action from v6 to v7
- v7 is required for golangci-lint v2.x support
- Remove skip-cache as v7 handles caching better
Deploy workflow:
- Fix SSH heredoc to use unquoted ENDSSH delimiter
- Allows environment variables to expand in remote session
- Fixes "Permission denied" by properly passing REPO_PATH and SERVICE_NAME
juanatsap
root