From 2cff5f93c921d9d375899eb64aba5e08cf0e8afa Mon Sep 17 00:00:00 2001
From: Keagan <keaganncollins@gmail.com>
Date: Fri, 27 Mar 2026 14:55:51 +0200
Subject: [PATCH 1/6] added github actions workflow for deploying to prod on
 merge to main

---
 .github/workflows/fly-deploy.yml  | 18 ------------------
 .github/workflows/prod-deploy.yml | 23 +++++++++++++++++++++++
 2 files changed, 23 insertions(+), 18 deletions(-)
 delete mode 100644 .github/workflows/fly-deploy.yml
 create mode 100644 .github/workflows/prod-deploy.yml

diff --git a/.github/workflows/fly-deploy.yml b/.github/workflows/fly-deploy.yml
deleted file mode 100644
index b0c246ed..00000000
--- a/.github/workflows/fly-deploy.yml
+++ /dev/null
@@ -1,18 +0,0 @@
-# See https://fly.io/docs/app-guides/continuous-deployment-with-github-actions/
-
-name: Fly Deploy
-on:
-  push:
-    branches:
-      - main
-jobs:
-  deploy:
-    name: Deploy app
-    runs-on: ubuntu-latest
-    concurrency: deploy-group    # optional: ensure only one action runs at a time
-    steps:
-      - uses: actions/checkout@v4
-      - uses: superfly/flyctl-actions/setup-flyctl@master
-      - run: flyctl deploy --remote-only
-        env:
-          FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }}
diff --git a/.github/workflows/prod-deploy.yml b/.github/workflows/prod-deploy.yml
new file mode 100644
index 00000000..88a1af92
--- /dev/null
+++ b/.github/workflows/prod-deploy.yml
@@ -0,0 +1,23 @@
+name: Prod Deploy
+on:
+  push:
+    branches:
+      - main
+jobs:
+  deploy:
+    name: Deploy to Prod
+    runs-on: ubuntu-latest
+    concurrency: deploy-group    # optional: ensure only one action runs at a time
+    steps:
+      - name: Execute remote SSH commands using password
+        uses: appleboy/ssh-action@v1
+        with:
+          host: ${{ secrets.HOST }}
+          username: ${{ secrets.USERNAME }}
+          password: ${{ secrets.PASSWORD }}
+          script: |
+            cd /home/keagan/source-be
+            git checkout main
+            git pull
+            ./build.sh
+            sudo /bin/systemctl restart source-be

From fae1dea461fd96ae093ed89fb208061b5e21af6b Mon Sep 17 00:00:00 2001
From: Keagan <keaganncollins@gmail.com>
Date: Mon, 30 Mar 2026 09:55:08 +0200
Subject: [PATCH 2/6] updated path in workflow

---
 .github/workflows/prod-deploy.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/prod-deploy.yml b/.github/workflows/prod-deploy.yml
index 88a1af92..f282b89b 100644
--- a/.github/workflows/prod-deploy.yml
+++ b/.github/workflows/prod-deploy.yml
@@ -16,7 +16,7 @@ jobs:
           username: ${{ secrets.USERNAME }}
           password: ${{ secrets.PASSWORD }}
           script: |
-            cd /home/keagan/source-be
+            cd /home/deploy/source-be
             git checkout main
             git pull
             ./build.sh

From e957a13f49f2fc96d784fe9bb9882b151358b4ec Mon Sep 17 00:00:00 2001
From: Keagan <keaganncollins@gmail.com>
Date: Mon, 30 Mar 2026 13:31:17 +0200
Subject: [PATCH 3/6] added github workflow for deploying to tailscale staging
 server

---
 .github/workflows/staging-deploy.yml | 26 ++++++++++++++++++++++++++
 .gitignore                           |  1 +
 2 files changed, 27 insertions(+)
 create mode 100644 .github/workflows/staging-deploy.yml

diff --git a/.github/workflows/staging-deploy.yml b/.github/workflows/staging-deploy.yml
new file mode 100644
index 00000000..26e76e43
--- /dev/null
+++ b/.github/workflows/staging-deploy.yml
@@ -0,0 +1,26 @@
+name: Staging Deply
+on:
+  push:
+    branches:
+      - dev
+jobs:
+  deploy:
+    name: Deploy to Staging
+    runs-on: ubuntu-latest
+    concurrency: deploy-group    # optional: ensure only one action runs at a time
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Connect to Tailscale
+        uses: tailscale/github-action@v4
+        with:
+          oauth-client-id: ${{ secrets.TS_OAUTH_CLIENT_ID }}
+          oauth-secret: ${{ secrets.TS_OAUTH_SECRET }}
+          tags: tag:ci
+
+      - name: Deploy via SSH
+        run: |
+          ssh -o StrictHostKeyChecking=no merv@mervstation.tail4f070.ts.net
+          cd /home/merv/Developer/source-be
+          git pull
+          systemctl restart source-be
diff --git a/.gitignore b/.gitignore
index 576bdd4f..11809f10 100644
--- a/.gitignore
+++ b/.gitignore
@@ -8,6 +8,7 @@ source-users
 dev/dev.clj
 .nrepl-port
 target/
+resources/admins_encrypted.json
 
 .db
 admins.json

From c7db4bed7c9080b873e68e8bff161e8c8ba371d5 Mon Sep 17 00:00:00 2001
From: Keagan <keaganncollins@gmail.com>
Date: Mon, 30 Mar 2026 13:34:28 +0200
Subject: [PATCH 4/6] updated systemctl command to use sudo

---
 .github/workflows/staging-deploy.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/staging-deploy.yml b/.github/workflows/staging-deploy.yml
index 26e76e43..e554e80e 100644
--- a/.github/workflows/staging-deploy.yml
+++ b/.github/workflows/staging-deploy.yml
@@ -23,4 +23,4 @@ jobs:
           ssh -o StrictHostKeyChecking=no merv@mervstation.tail4f070.ts.net
           cd /home/merv/Developer/source-be
           git pull
-          systemctl restart source-be
+          sudo /bin/systemctl restart source-be

From 49e44f19ffc4e797acd6cd4ceb0da4fdbb214dd5 Mon Sep 17 00:00:00 2001
From: Keagan <keaganncollins@gmail.com>
Date: Mon, 30 Mar 2026 14:53:47 +0200
Subject: [PATCH 5/6] fixed typo

---
 .github/workflows/staging-deploy.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/staging-deploy.yml b/.github/workflows/staging-deploy.yml
index e554e80e..eee1ce02 100644
--- a/.github/workflows/staging-deploy.yml
+++ b/.github/workflows/staging-deploy.yml
@@ -1,4 +1,4 @@
-name: Staging Deply
+name: Staging Deploy
 on:
   push:
     branches:

From 5e4554dda3e0f77baaa850c83bdad30fd576a359 Mon Sep 17 00:00:00 2001
From: Keagan <keaganncollins@gmail.com>
Date: Tue, 31 Mar 2026 12:44:44 +0200
Subject: [PATCH 6/6] updated tailscale workflow to use authkey instead of
 oauth2

---
 .github/workflows/staging-deploy.yml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/.github/workflows/staging-deploy.yml b/.github/workflows/staging-deploy.yml
index eee1ce02..1170aa1e 100644
--- a/.github/workflows/staging-deploy.yml
+++ b/.github/workflows/staging-deploy.yml
@@ -14,8 +14,7 @@ jobs:
       - name: Connect to Tailscale
         uses: tailscale/github-action@v4
         with:
-          oauth-client-id: ${{ secrets.TS_OAUTH_CLIENT_ID }}
-          oauth-secret: ${{ secrets.TS_OAUTH_SECRET }}
+          authKey: ${{ secrets.TS_AUTH_KEY }}
           tags: tag:ci
 
       - name: Deploy via SSH