Update deploy action to not trigger on pull requests

.github/workflows/deploy.yml

@@ -1,9 +1,10 @@
-name: Deploy app to demo server (demo.archtika.com)
+name: Deploy app to server
 
 on:
   workflow_run:
     workflows: [ 'Playwright tests' ]
     types: [ completed ]
+    branches: [ devel, main ]
 env:
   SERVER_USER: root
   SERVER_IP: 128.140.75.240
@@ -11,7 +12,9 @@ env:
 jobs:
   deploy:
     runs-on: ubuntu-latest
-    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    if: |
+      github.event.workflow_run.conclusion == 'success' &&
+      github.event.workflow_run.event == 'push'
     steps:
     - uses: actions/checkout@v4
 

.github/workflows/test.yml

@@ -2,9 +2,9 @@ name: Playwright tests
 
 on:
   push:
-    branches: [ main ]
+    branches: [ devel, main ]
   pull_request:
-    branches: [ main ]
+    branches: [ devel, main ]
 
 jobs:
   test:

flake.nix

@@ -61,7 +61,7 @@
           api = {
             type = "app";
             program = "${pkgs.writeShellScriptBin "api-setup" ''
-              JWT_SECRET=$(head -c 64 /dev/urandom | base64 | tr -d '/+=' | head -c 64)
+              JWT_SECRET=$(tr -dc 'A-Za-z0-9' < /dev/urandom | head -c64)
 
               ${pkgs.postgresql_16}/bin/psql postgres://postgres@localhost:15432/archtika -c "ALTER DATABASE archtika SET \"app.jwt_secret\" TO '$JWT_SECRET'"
 

nix/module.nix

@@ -102,7 +102,7 @@ in
       };
 
       script = ''
-        JWT_SECRET=$(head -c 64 /dev/urandom | base64 | tr -d '/+=' | head -c 64)
+        JWT_SECRET=$(tr -dc 'A-Za-z0-9' < /dev/urandom | head -c64)
 
         ${pkgs.postgresql_16}/bin/psql postgres://postgres@localhost:5432/${cfg.databaseName} -c "ALTER DATABASE ${cfg.databaseName} SET \"app.jwt_secret\" TO '$JWT_SECRET'"