# Daily rebuild so date-scheduled posts go live on their pubDate. # # The site is static, so "now" is frozen at build time. This cron triggers a # fresh Coolify deploy once a day; the rebuild re-evaluates the pubDate gate in # src/utils/posts.ts, and any post whose date has arrived (and draft: false) # appears. No file is mutated and no repo write access is needed — the job only # pings the deploy hook. # # Setup (once): # - Uses the shared `docker`-labelled runners. If those labels change, update # `runs-on` below to match a runner that is online. # - Add a repo secret COOLIFY_DEPLOY_HOOK = the app's deploy URL from Coolify # (app → Webhooks → "Deploy Webhook", e.g. # https://coolify.example.com/api/v1/deploy?uuid=&force=false). # - Add a repo secret COOLIFY_TOKEN = a Coolify API token (Bearer) with deploy # permission. Required for the /api/v1/deploy endpoint. # # Your normal push-to-main deploy still runs independently; this only covers the # "a new day rolled over" case. Trigger it by hand from the Actions tab (this # workflow has workflow_dispatch) to smoke-test before relying on the cron. name: scheduled-deploy on: schedule: # 06:15 Europe/Berlin daily. Posts are eligible from 00:00 UTC on their # pubDate; this morning rebuild publishes them. Adjust the time to taste. - cron: 'TZ=Europe/Berlin 15 6 * * *' workflow_dispatch: {} jobs: trigger-deploy: runs-on: docker steps: - name: Ping Coolify deploy hook env: COOLIFY_DEPLOY_HOOK: ${{ secrets.COOLIFY_DEPLOY_HOOK }} COOLIFY_TOKEN: ${{ secrets.COOLIFY_TOKEN }} run: | if [ -z "$COOLIFY_DEPLOY_HOOK" ]; then echo "COOLIFY_DEPLOY_HOOK secret is not set." >&2 exit 1 fi # Coolify's /api/v1/deploy endpoint is a GET authenticated with a # Bearer token. -f makes curl exit non-zero on HTTP errors. curl -fsS -X GET "$COOLIFY_DEPLOY_HOOK" \ ${COOLIFY_TOKEN:+-H "Authorization: Bearer $COOLIFY_TOKEN"} echo "Deploy triggered."