---
kind: secret
name: password_authelia
get:
  path: secret/data/authelia/ssh
  name: root

---
kind: secret
name: password_matrix
get:
  path: secret/data/matrix/bot/drone-bot
  name: password
---
kind: secret
name: userid_matrix
get:
  path: secret/data/matrix/bot/drone-bot
  name: userid
---
kind: secret
name: roomid_matrix
get:
  path: secret/data/matrix/bot/drone-bot
  name: roomid


---
kind: pipeline
name: check_authelia

trigger:
  event:
    - cron
    - pull_request
    - push
  branch:
    - main

steps:
- name: ssh-check
  image: appleboy/drone-ssh
  settings:
    host: 10.0.4.18
    username: root
    password:
      from_secret: password_authelia
    port: 22
    command_timeout: 10m
    script: |
      set -e

      fetch -o /tmp/authelia-update.sh \
        https://git.familie-berner.de/Open/infra-maintenance/raw/branch/main/authelia/authelia-update.sh

      chmod +x /tmp/authelia-update.sh

      timeout 5m /tmp/authelia-update.sh

---
kind: pipeline
name: authelia_apply

trigger:
  event:
    - manual
  branch:
    - main
  
steps:
- name: ssh-apply
  image: appleboy/drone-ssh
  settings:
    host: 10.0.4.18
    username: root
    password:
      from_secret: password_authelia
    port: 22
    command_timeout: 15m
    script: |
      set -e

      echo "[INFO] Fetching authelia update script…"

      fetch -o /tmp/authelia-update.sh \
        https://git.familie-berner.de/Open/infra-maintenance/raw/branch/main/authelia/authelia-update.sh

      chmod +x /tmp/authelia-update.sh

      echo "[INFO] Applying authelia update…"

      timeout 10m /tmp/authelia-update.sh --apply --auto-revert

---
kind: pipeline
name: matrix_message

depends_on:
  - authelia_check
  - authelia_apply

trigger:
  status:
    - success
    - failure

steps:
  - name: notify
    image: spotlightkid/drone-matrixchat-notify
    settings:
      homeserver: 'https://matrix.familie-berner.de'
      roomid:
        from_secret: roomid_matrix
      userid:
        from_secret: userid_matrix
      password:
        from_secret: password_matrix
      markdown: 'yes'
      template: |
        **Authelia Update**
        repo: `${DRONE_REPO}`
        branch: `${DRONE_BRANCH}`
        build: `#${DRONE_BUILD_NUMBER}`
        status: **${DRONE_BUILD_STATUS}**

        event: `${DRONE_BUILD_EVENT}`
        commit: ${DRONE_COMMIT_LINK}

        pr: `${DRONE_PULL_REQUEST}`
        ${DRONE_PULL_REQUEST_TITLE}

    when:
      branch:
        - master
        - main