diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml
new file mode 100644
index 0000000..5db84e5
--- /dev/null
+++ b/.gitea/workflows/deploy.yml
@@ -0,0 +1,53 @@
+# ==============================
+# OneMD 博客构建与部署工作流
+# 触发条件：推送代码到 main 分支
+# 流程：拉代码 → 装依赖 → 构建 → 通过 SSH + rsync 部署到服务器
+# ==============================
+name: Build and Deploy to Server
+
+# --- 触发器：main 分支有 push 时自动执行 ---
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  build-and-deploy:
+    runs-on: ubuntu-latest       # 运行环境：最新版 Ubuntu
+
+    steps:
+      # 1. 拉取仓库代码
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      # 2. 安装 Node.js 运行环境（版本 20，开启 npm 缓存加速）
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'npm'
+
+      # 3. 安装项目依赖（npm ci 比 npm install 更快更稳定）
+      - name: Install dependencies
+        run: npm ci
+
+      # 4. 构建静态站点（vite-ssg 生成 → dist/ 目录）
+      - name: Build
+        run: npm run build
+
+      # 5. 配置 SSH —— 写入私钥并信任目标服务器主机密钥
+      - name: Setup SSH
+        run: |
+          mkdir -p ~/.ssh
+          echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
+          chmod 600 ~/.ssh/id_rsa
+          ssh-keyscan -H ${{ secrets.SSH_HOST }} >> ~/.ssh/known_hosts
+
+      # 6. 通过 rsync 增量同步到目标服务器
+      # 显式加上了 -e "ssh -i ~/.ssh/id_rsa" 确保 100% 认领私钥
+      - name: Deploy to Server
+        run: |
+          rsync -avz --delete \
+            -e "ssh -i ~/.ssh/id_rsa" \
+            ./dist/ \
+            ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }}:${{ secrets.TARGET_DIR }}
\ No newline at end of file