Fix build

.gitea/workflows/deploy.yml

@@ -10,11 +10,20 @@ jobs:
     env:
       SSH_HOST: ${{ secrets.SSH_HOST }}
       SSH_USER: ${{ secrets.SSH_USER }}
-      SSH_KEY_PATH: ~/.ssh/deploy_stellaamor
       SSH_OPTS: >-
-        -o BatchMode=yes -o IdentitiesOnly=yes -o NumberOfPasswordPrompts=0
+        -F /dev/null
-        -o ServerAliveInterval=15 -o ServerAliveCountMax=3
+        -o IdentitiesOnly=yes
-        -o ConnectTimeout=20 -o StrictHostKeyChecking=no
+        -o IdentityAgent=none
+        -o PreferredAuthentications=publickey
+        -o PubkeyAuthentication=yes
+        -o PasswordAuthentication=no
+        -o NumberOfPasswordPrompts=0
+        -o BatchMode=yes
+        -o ServerAliveInterval=15
+        -o ServerAliveCountMax=3
+        -o ConnectTimeout=20
+        -o StrictHostKeyChecking=no
+
       APP_ROOT: /var/www/stellaamor
       UPLOADS_DIR: uploads
       KEEP_N: "5"
@@ -29,14 +38,22 @@ jobs:
           git fetch --depth=1 origin "$GITHUB_SHA"
           git checkout -q "$GITHUB_SHA"
 
+      - name: Prepare isolated SSH dir
+        run: |
+          set -e
+          SSH_DIR="$(mktemp -d)"
+          echo "SSH_DIR=$SSH_DIR" >> $GITHUB_ENV
+          echo "SSH_KEY_PATH=$SSH_DIR/key" >> $GITHUB_ENV
+          install -m 700 -d "$SSH_DIR"
+
       - name: Write SSH key
         env:
           SSH_KEY_STELLAAMOR: ${{ secrets.SSH_KEY_STELLAAMOR }}
         run: |
-          install -m 700 -d ~/.ssh
+          set -e
           umask 177
-          printf '%s' "$SSH_KEY_STELLAAMOR" > ~/.ssh/deploy_stellaamor
+          printf '%s' "$SSH_KEY_STELLAAMOR" > "$SSH_KEY_PATH"
-          chmod 600 ~/.ssh/deploy_stellaamor
+          chmod 600 "$SSH_KEY_PATH"
 
       - name: Validate private key & show fingerprint
         run: |