name: Update Cloudflare IPs

on:
  schedule:
    - cron: '0 10 * * *'
  workflow_dispatch: # manual trigger

permissions:
  contents: write  # to push

jobs:
  update_cf_ips:
    runs-on: ubuntu-latest

    steps:
    - name: Checkout repository
      uses: actions/checkout@v3

    - name: Ensure get_cf_ips.sh is executable
      run: chmod +x .github/scripts/get_cf_ips.sh
      
    - name: Install jq
      run: sudo apt-get install -y jq

    - name: Run get_cf_ips.sh
      run: .github/scripts/get_cf_ips.sh

    - name: Commit and push changes
      run: |
        git config --global user.name "github-actions[bot]"
        git config --global user.email "github-actions[bot]@users.noreply.github.com"
        git add nginx/cloudflare.inc
        git commit -m "Update Cloudflare IPs" || echo "No changes to commit"
        git push
      env:
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}