Stuple-Networks/hyprarch-repo
1
0
Fork 0
Code Pull Requests Actions Activity

Update .github/workflows/update-repo.yml

Browse Source
This commit is contained in:
Mitsuba100
2026-04-14 21:23:41 +02:00
parent 4c40f57455
commit 521b2ad8e7
1 changed files with 35 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
.github/workflows/update-repo.yml vendored
View File

@@ -1,4 +1,4 @@
name: Update Arch Repository (Binary Sigs)
name: Update Arch Repository
on:
push:
@@ -8,7 +8,7 @@ on:
jobs:
build-and-deploy:
runs-on: local
runs-on: local # Ensure your runner has the 'local:host' label
steps:
- name: Checkout code
@@ -24,14 +24,13 @@ jobs:
rm -f hyprarch-repo.db* hyprarch-repo.files*
mkdir -p db_temp
# We still use --armor for the public key (that's for humans)
gpg --export --armor 236328A7F2C2001E > pubkey.gpg
for pkg in *.pkg.tar.zst; do
# 1. Create BINARY detached signature (REMOVED --armor)
# Create BINARY detached signature
echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --batch --yes --pinentry-mode loopback --local-user 236328A7F2C2001E --passphrase-fd 0 --detach-sign --output "$pkg.sig" "$pkg"
# 2. Extract Metadata
# Extract Metadata
pkgname=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgname =" | cut -d' ' -f3 | tr -d '\r')
pkgver=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgver =" | cut -d' ' -f3 | tr -d '\r')
pkgdesc=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgdesc =" | cut -d' ' -f3- | sed "s/['\"]//g" | tr -d '\r')
@@ -40,7 +39,6 @@ jobs:
mkdir -p "db_temp/$pkgname-$pkgver"
# 3. Build 'desc' with internal PGP SIG (Base64 of the binary sig)
{
echo "%NAME%"; echo "$pkgname"; echo ""
echo "%VERSION%"; echo "$pkgver"; echo ""
@@ -55,7 +53,6 @@ jobs:
} > "db_temp/$pkgname-$pkgver/desc"
done
# 4. Pack and Sign DB (Signatures here should also be binary)
cd db_temp
tar --owner=0 --group=0 -c * | gzip -n -9 > ../hyprarch-repo.db.tar.gz
cd ..
@@ -64,9 +61,35 @@ jobs:
echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --batch --yes --pinentry-mode loopback --local-user 236328A7F2C2001E --passphrase-fd 0 --detach-sign --output hyprarch-repo.db.sig hyprarch-repo.db
rm -rf db_temp
- name: Deploy
- name: Generate Landing Page
run: |
sudo mkdir -p /var/www/hyprarch-repo/x86_64
sudo cp -rf . /var/www/hyprarch-repo/
sudo chown -R www-data:www-data /var/www/hyprarch-repo
sudo chmod -R 755 /var/www/hyprarch-repo
cat <<EOF > index.html
<!DOCTYPE html>
<html>
<head>
<title>HyprArch Repo</title>
<style>
body { font-family: sans-serif; background: #2e3440; color: #eceff4; padding: 40px; }
.container { max-width: 800px; margin: auto; background: #3b4252; padding: 30px; border-radius: 10px; }
pre { background: #2e3440; padding: 15px; border-radius: 5px; color: #ebcb8b; }
a { color: #88c0d0; }
</style>
</head>
<body>
<div class="container">
<h1>🚀 HyprArch Pi Repository</h1>
<pre>curl -s https://repo.stuple.net/x86_64/pubkey.gpg | sudo pacman-key -a - && sudo pacman-key --lsign-key 236328A7F2C2001E</pre>
<pre>[hyprarch-repo]
SigLevel = Required DatabaseOptional
Server = https://repo.stuple.net/\$arch</pre>
<p><a href="./x86_64/">📂 Browse File Index</a></p>
</div>
</body>
</html>
EOF
- name: Deploy to Local Web Folder
run: |
# Since stui now owns the folder, we don't need sudo here
mkdir -p /var/www/hyprarch-repo/x86_64
cp -rf . /var/www/hyprarch-repo/