From a6b677b08bbcaf63c32ddfdb3a67f0e5fbd0e615 Mon Sep 17 00:00:00 2001
From: Alexander Sergeevich <7339834@gmail.com>
Date: Sun, 8 Feb 2026 00:23:38 +0300
Subject: [PATCH] Add CI/CD stuff

---
 .gitea/workflows/deploy-my-vpn.yml | 63 ++++++++++++++++++++++++++++++
 1 file changed, 63 insertions(+)
 create mode 100644 .gitea/workflows/deploy-my-vpn.yml

diff --git a/.gitea/workflows/deploy-my-vpn.yml b/.gitea/workflows/deploy-my-vpn.yml
new file mode 100644
index 0000000..c8d5956
--- /dev/null
+++ b/.gitea/workflows/deploy-my-vpn.yml
@@ -0,0 +1,63 @@
+name: Deploy to my-vpn
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      # BLOCK 1: checkout + tests
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Unit tests
+        run: |
+          go test ./...
+
+      # BLOCK 2: deploy via SSH
+      - name: Deploy
+        env:
+          VPN_HOST: ${{ secrets.VPN_HOST }}
+          VPN_USER: ${{ secrets.VPN_USER }}
+          VPN_SSH_KEY: ${{ secrets.TEST_KEY }}
+        run: |
+          set -euo pipefail
+          mkdir -p ~/.ssh
+          chmod 700 ~/.ssh
+          printf '%s' "$VPN_SSH_KEY" > ~/.ssh/id_ci_runner
+          chmod 600 ~/.ssh/id_ci_runner
+          VPN_USER="$(printf '%s' "$VPN_USER" | tr -d '\r\n')"
+          VPN_HOST="$(printf '%s' "$VPN_HOST" | tr -d '\r\n')"
+          ssh -o BatchMode=yes -o ConnectTimeout=10 -o IdentitiesOnly=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ~/.ssh/id_ci_runner "${VPN_USER}@${VPN_HOST}" \
+            "cd /srv/proxyfier && bash deploy/my-vpn/deploy.sh"
+
+      # BLOCK 3: smoke check
+      - name: Smoke check
+        env:
+          VPN_HOST: ${{ secrets.VPN_HOST }}
+          VPN_USER: ${{ secrets.VPN_USER }}
+          PROXY_USER: ${{ secrets.PROXY_USER }}
+          PROXY_PASS: ${{ secrets.PROXY_PASS }}
+        run: |
+          set -euo pipefail
+          VPN_HOST="$(printf '%s' "$VPN_HOST" | tr -d '\r\n')"
+          PROXY_USER="$(printf '%s' "$PROXY_USER" | tr -d '\r\n')"
+          PROXY_PASS="$(printf '%s' "$PROXY_PASS" | tr -d '\r\n')"
+          for i in $(seq 1 10); do
+            if curl -fsS -u "${PROXY_USER}:${PROXY_PASS}" "http://${VPN_HOST}:9000/creds?service=telegram" -o /tmp/resp.json; then
+              break
+            fi
+            sleep 2
+          done
+          python3 - <<'PY'
+          import json, sys
+          with open("/tmp/resp.json","r",encoding="utf-8") as f:
+              data=json.load(f)
+          required=["service","username","password","note","issued_at"]
+          for key in required:
+              if key not in data:
+                  print("missing", key)
+                  sys.exit(1)
+          print("smoke ok")
+          PY