From a6e763c153b4fe68a3f0da1dbff0742ef4af3306 Mon Sep 17 00:00:00 2001
From: "exe.dev user" <exedev@love-tin.exe.xyz>
Date: Thu, 12 Feb 2026 15:22:18 +0000
Subject: [PATCH] Switch deploy to webhook-based approach

exe.dev SSH proxy blocks direct SSH from GitHub Actions.
Use webhook listener on port 9000 instead.

Co-authored-by: Shelley <shelley@exe.dev>
---
 .github/workflows/deploy.yml | 25 ++++++++++++++++++-------
 1 file changed, 18 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index d9b2c76..9451fdf 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -8,10 +8,21 @@ jobs:
   deploy:
     runs-on: ubuntu-latest
     steps:
-      - name: Deploy via SSH
-        uses: appleboy/ssh-action@v1
-        with:
-          host: love-tin.exe.xyz
-          username: exedev
-          key: ${{ secrets.DEPLOY_SSH_KEY }}
-          script: /home/exedev/deploy.sh
+      - name: Trigger deploy webhook
+        env:
+          WEBHOOK_SECRET: ${{ secrets.WEBHOOK_SECRET }}
+        run: |
+          # Build the payload
+          PAYLOAD='{"ref":"refs/heads/master","pusher":{"name":"github-actions"}}'
+          
+          # Compute HMAC signature
+          SIGNATURE="sha256=$(echo -n "$PAYLOAD" | openssl dgst -sha256 -hmac "$WEBHOOK_SECRET" | awk '{print $2}')"
+          
+          # Send webhook
+          curl -sf -X POST \
+            -H "Content-Type: application/json" \
+            -H "X-Hub-Signature-256: $SIGNATURE" \
+            -d "$PAYLOAD" \
+            https://love-tin.exe.xyz:9000/deploy
+          
+          echo "Deploy triggered successfully"