From 9ab5fb67a607e05434fb15d98c6eab6bd3014c9c Mon Sep 17 00:00:00 2001 From: edsea Date: Wed, 8 Oct 2025 11:55:22 +0200 Subject: [PATCH] Fix build --- .gitea/workflows/deploy.yml | 31 ++++++++++++++++++++++++------- 1 file changed, 24 insertions(+), 7 deletions(-) diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml index 0958302..18e9f53 100644 --- a/.gitea/workflows/deploy.yml +++ b/.gitea/workflows/deploy.yml @@ -10,11 +10,20 @@ jobs: env: SSH_HOST: ${{ secrets.SSH_HOST }} SSH_USER: ${{ secrets.SSH_USER }} - SSH_KEY_PATH: ~/.ssh/deploy_stellaamor SSH_OPTS: >- - -o BatchMode=yes -o IdentitiesOnly=yes -o NumberOfPasswordPrompts=0 - -o ServerAliveInterval=15 -o ServerAliveCountMax=3 - -o ConnectTimeout=20 -o StrictHostKeyChecking=no + -F /dev/null + -o IdentitiesOnly=yes + -o IdentityAgent=none + -o PreferredAuthentications=publickey + -o PubkeyAuthentication=yes + -o PasswordAuthentication=no + -o NumberOfPasswordPrompts=0 + -o BatchMode=yes + -o ServerAliveInterval=15 + -o ServerAliveCountMax=3 + -o ConnectTimeout=20 + -o StrictHostKeyChecking=no + APP_ROOT: /var/www/stellaamor UPLOADS_DIR: uploads KEEP_N: "5" @@ -29,14 +38,22 @@ jobs: git fetch --depth=1 origin "$GITHUB_SHA" git checkout -q "$GITHUB_SHA" + - name: Prepare isolated SSH dir + run: | + set -e + SSH_DIR="$(mktemp -d)" + echo "SSH_DIR=$SSH_DIR" >> $GITHUB_ENV + echo "SSH_KEY_PATH=$SSH_DIR/key" >> $GITHUB_ENV + install -m 700 -d "$SSH_DIR" + - name: Write SSH key env: SSH_KEY_STELLAAMOR: ${{ secrets.SSH_KEY_STELLAAMOR }} run: | - install -m 700 -d ~/.ssh + set -e umask 177 - printf '%s' "$SSH_KEY_STELLAAMOR" > ~/.ssh/deploy_stellaamor - chmod 600 ~/.ssh/deploy_stellaamor + printf '%s' "$SSH_KEY_STELLAAMOR" > "$SSH_KEY_PATH" + chmod 600 "$SSH_KEY_PATH" - name: Validate private key & show fingerprint run: |