From b62b61505cc4d40530ad18762be477e9d1d044ef Mon Sep 17 00:00:00 2001
From: "Torsten Schulz (local)" <tsschulz@gmx.net>
Date: Tue, 31 Mar 2026 15:50:13 +0200
Subject: [PATCH] fix(deploy): update SSH key handling in deployment workflow

- Changed the SSH key handling in the Gitea deployment workflow to use a base64 encoded key, improving security and compatibility.
- Updated the SSH connection commands to reference the new key file, ensuring successful deployment connections.
---
 .gitea/workflows/deploy.yml | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml
index 4acfed87..0db1cdec 100644
--- a/.gitea/workflows/deploy.yml
+++ b/.gitea/workflows/deploy.yml
@@ -25,14 +25,15 @@ jobs:
         run: |
           set -e
           mkdir -p ~/.ssh
-          printf "%s" "${{ secrets.PROD_SSH_KEY }}" > ~/.ssh/id_ed25519
-          chmod 600 ~/.ssh/id_ed25519
+          printf '%s' "${{ secrets.PROD_SSH_KEY_B64 }}" | base64 -d > ~/.ssh/id_deploy
+          chmod 600 ~/.ssh/id_deploy
+          ssh-keygen -l -f ~/.ssh/id_deploy
           ssh-keyscan -p "$SSH_PORT" "$SSH_HOST" >> ~/.ssh/known_hosts
 
       - name: Test SSH connection
         run: |
           set -e
-          ssh -i ~/.ssh/id_ed25519 \
+          ssh -i ~/.ssh/id_deploy \
             -o StrictHostKeyChecking=no \
             -o BatchMode=yes \
             -o ConnectTimeout=10 \
@@ -43,7 +44,7 @@ jobs:
       - name: Run deployment script
         run: |
           set -e
-          ssh -i ~/.ssh/id_ed25519 \
+          ssh -i ~/.ssh/id_deploy \
             -o StrictHostKeyChecking=no \
             -o BatchMode=yes \
             -o ConnectTimeout=10 \