name: Host Maintenance

on:
  schedule:
    - cron: "0 3 * * *"   # täglich 03:00
  workflow_dispatch:      # manuell startbar

jobs:
  maintenance:
    name: Update host system
    runs-on: gitea-runner   # MUSS exakt zum Runner-Label passen

    steps:
      # --- Debug / Sicherheit ---
      - name: Show workflow context
        run: |
          echo "User:       $(whoami)"
          echo "Host:       $(hostname)"
          echo "Date:       $(date)"

      # --- Aufräumen ---
      - name: Cleanup
        run: |
          sudo apt -y autoremove
          sudo apt -y autoclean

      # --- System Update ---
      - name: Update packages
        run: |
          apt update
          DEBIAN_FRONTEND=noninteractive apt-get --yes --assume-yes --allow-change-held-packages -o DPkg::options::="--force-confdef" -o DPkg::options::="--force-confold" --only-upgrade upgrade
          sudo apt -y install needrestart

      # reboot
      - name: Reboot
        run: |
           cmd="needrestart -b -k -q -m e" && [ "$($cmd | grep NEEDRESTART-KCUR | awk '{print $2}')" != "$($cmd | grep NEEDRESTART-KEXP | awk '{print $2'})" ] && echo "Kernel unterschiedlich!" && reboot | at now + 3 minutes