.github/workflows/deploy-vpn-server.yml

name: Deploy VPN server(s)

on:
  workflow_dispatch:

jobs:
  build:
    runs-on: ubuntu-latest

    steps:

    - name: Checkout code
      uses: actions/checkout@v4

    - name: Setup ansible
      run: |
        pip3 install ansible
        pip3 install -r src/vpn/requirements.txt
        ansible-galaxy collection install --requirements-file ./src/vpn/requirements.yml

    - name: Run ansible
      run: |
        cd src/vpn
        echo Creating ANSIBLE_VAULT_PASSWORD_FILE
        TMPFILE=$(mktemp)
        trap "rm -f ${TMPFILE@Q}" EXIT
        echo -n "${{ secrets.ANSIBLE_VAULT_PASSWORD }}" > $TMPFILE
        export ANSIBLE_VAULT_PASSWORD_FILE=$TMPFILE
        
        echo Run deploy vpn playbook
        ansible-playbook -i inventory.ini -i inventory-vpn-servers-hcloud.yml playbooks/create-rebuild-vpn-server.yml
        rm $TMPFILE

    # Enable tmate debugging of manually-triggered workflows if the input option was provided
    - name: Setup tmate session
      uses: mxschmitt/action-tmate@v3
      if: ${{ failure() }}