From d15a431aabf8f5996b5833f2c9cfa6ec68b7950a Mon Sep 17 00:00:00 2001
From: Marc Campbell <marc.e.campbell@gmail.com>
Date: Tue, 3 Feb 2026 00:20:42 +0000
Subject: [PATCH 1/2] Enable real deploys

- Remove dry run flags
- Build and push images to Artifact Registry
- Run Ansible without --check flag

Deploys will now happen automatically on merge to main.

Signed-off-by: Marc Campbell <marc.e.campbell@gmail.com>
---
 .github/workflows/deploy.yml | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index 0561b8a..7afe6b4 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -1,4 +1,4 @@
-name: Deploy ttl.sh (DRY RUN)
+name: Deploy ttl.sh
 
 on:
   push:
@@ -34,10 +34,10 @@ jobs:
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
 
-      - name: Build images (dry run - no push)
+      - name: Build and push images
         run: |
           docker compose build
-          echo "✅ Build succeeded - skipping push (dry run mode)"
+          docker compose push
         env:
           DOPPLER_TOKEN: ${{ secrets.DOPPLER_TOKEN }}
 
@@ -65,13 +65,12 @@ jobs:
           chmod 600 ~/.ssh/id_rsa
           ssh-keyscan -H 178.156.198.215 >> ~/.ssh/known_hosts
 
-      - name: Run Ansible deployment (dry run)
+      - name: Run Ansible deployment
         working-directory: ./ansible
         env:
           DOPPLER_TOKEN: ${{ secrets.DOPPLER_TOKEN }}
         run: |
-          echo "🔍 Running Ansible in check mode (dry run - no changes will be made)"
-          ansible-playbook --check \
+          ansible-playbook \
             -e "cloudflare_api_token=$(doppler secrets get CF_API_TOKEN --plain)" \
             -e "cloudflare_zone_id=$(doppler secrets get CF_ZONE_ID --plain)" \
             -e "cloudflare_email=$(doppler secrets get LE_EMAIL --plain)" \

From fa9959bff137df1871af246da7106b1ecc02588d Mon Sep 17 00:00:00 2001
From: Marc Campbell <marc.e.campbell@gmail.com>
Date: Tue, 3 Feb 2026 11:02:50 +0000
Subject: [PATCH 2/2] Target prerelease branch for deployment testing

Temporarily deploy on merge to prerelease branch instead of main.
This allows testing the deploy workflow without requiring PR approval.

TODO: Switch back to main after testing is complete.
Signed-off-by: Marc Campbell <marc.e.campbell@gmail.com>
---
 .github/workflows/deploy.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index 7afe6b4..9c57626 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -3,7 +3,8 @@ name: Deploy ttl.sh
 on:
   push:
     branches:
-      - main
+      - prerelease  # Temporary: deploy on prerelease for testing
+      # - main      # TODO: Switch back to main after testing
   workflow_dispatch:  # Manual trigger for emergencies
 
 concurrency: