Update .github/workflows/update-repo.yml

.github/workflows/update-repo.yml

@@ -1,4 +1,4 @@
-name: Update Arch Repository (Gitea)
+name: Update Arch Repository (Host stui)
 
 on:
   push:
@@ -8,20 +8,15 @@ on:
 
 jobs:
   build-and-deploy:
-    # Use 'host' so the runner can move files directly to /var/www/arch-repo
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-latest 
     
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
 
-      - name: Ensure Tools and Directories
+      - name: Ensure Tools
         run: |
           sudo apt-get update && sudo apt-get install -y libarchive-tools gpg
-          mkdir -p x86_64/db_temp
-          # Path where your packages will be served to the web
-          sudo mkdir -p /var/www/arch-repo/x86_64
-          sudo chown -R $USER:$USER /var/www/arch-repo
 
       - name: Import GPG Key
         run: |
@@ -30,43 +25,63 @@ jobs:
       - name: Build and Sign Repository
         run: |
           cd x86_64
+          # Clean up old database files
           rm -f hyprarch-repo.db* hyprarch-repo.files*
+          mkdir -p db_temp
           
-          # 1. Export Public Key for users
+          # Export Public Key for the landing page link
           gpg --export --armor 236328A7F2C2001E > pubkey.gpg
 
-          # 2. Process Packages
           for pkg in *.pkg.tar.zst; do
-            # Sign package (creates .sig file)
+            # 1. Generate detached signature file (.sig)
             echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --batch --yes --pinentry-mode loopback --local-user 236328A7F2C2001E --passphrase-fd 0 --detach-sign --no-armor "$pkg"
             
-            # Extract Metadata
+            # 2. Extract Metadata for DB
             pkgname=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgname =" | cut -d' ' -f3)
             pkgver=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgver =" | cut -d' ' -f3)
             pkgdesc=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgdesc =" | cut -d' ' -f3- | sed "s/['\"]//g")
+            pkgsize=$(stat -c%s "$pkg")
+            instsize=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^size =" | cut -d' ' -f3)
             
             mkdir -p "db_temp/$pkgname-$pkgver"
+            
+            # 3. Create the 'desc' file (The heart of the .db)
             {
-              echo "%NAME%"; echo "$pkgname"; echo ""
-              echo "%VERSION%"; echo "$pkgver"; echo ""
-              echo "%DESC%"; echo "$pkgdesc"; echo ""
-              echo "%FILENAME%"; echo "$pkg"; echo ""
-              echo "%CSIZE%"; echo "$(stat -c%s "$pkg")"; echo ""
-              echo "%ISIZE%"; echo "$(bsdtar -xOf "$pkg" .PKGINFO | grep "^size =" | cut -d' ' -f3)"; echo ""
+              echo "%NAME%"
+              echo "$pkgname"
+              echo ""
+              echo "%VERSION%"
+              echo "$pkgver"
+              echo ""
+              echo "%DESC%"
+              echo "$pkgdesc"
+              echo ""
+              echo "%FILENAME%"
+              echo "$pkg"
+              echo ""
+              echo "%CSIZE%"
+              echo "$pkgsize"
+              echo ""
+              echo "%ISIZE%"
+              echo "$instsize"
+              echo ""
               echo "%PGPSIG%"
-              # Fixed: Use --output - instead of --stdout
+              # Pipe the signature directly into the DB as a base64 string
               echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --batch --yes --pinentry-mode loopback --local-user 236328A7F2C2001E --passphrase-fd 0 --detach-sign --no-armor --output - "$pkg" | base64 | tr -d '\n'
               echo ""
+              echo ""
             } > "db_temp/$pkgname-$pkgver/desc"
           done
           
-          # 3. Create Database
+          # 4. Bundle everything into the .db file
           cd db_temp
           tar -c * | gzip -9 > ../hyprarch-repo.db.tar.gz
           cd ..
+          
+          # 5. Sign the database itself
           echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --batch --yes --pinentry-mode loopback --local-user 236328A7F2C2001E --passphrase-fd 0 --detach-sign --no-armor hyprarch-repo.db.tar.gz
           
-          # 4. Finalize
+          # 6. Finalize symlinks/copies
           cp hyprarch-repo.db.tar.gz hyprarch-repo.db
           cp hyprarch-repo.db.tar.gz.sig hyprarch-repo.db.sig
           cp hyprarch-repo.db.tar.gz hyprarch-repo.files
@@ -80,36 +95,24 @@ jobs:
           <head>
               <title>HyprArch Repo</title>
               <style>
-                  body { font-family: sans-serif; background: #2e3440; color: #eceff4; padding: 40px; line-height: 1.6; }
-                  .container { max-width: 800px; margin: auto; background: #3b4252; padding: 30px; border-radius: 10px; box-shadow: 0 4px 15px rgba(0,0,0,0.3); }
-                  pre { background: #2e3440; padding: 15px; border-radius: 5px; color: #ebcb8b; overflow-x: auto; border: 1px solid #4c566a; }
-                  h1 { color: #81a1c1; border-bottom: 2px solid #4c566a; padding-bottom: 10px; }
-                  h2 { color: #a3be8c; }
+                  body { font-family: sans-serif; background: #2e3440; color: #eceff4; padding: 40px; }
+                  .container { max-width: 800px; margin: auto; background: #3b4252; padding: 30px; border-radius: 10px; }
+                  pre { background: #2e3440; padding: 15px; border-radius: 5px; color: #ebcb8b; border: 1px solid #4c566a; }
+                  h1 { color: #81a1c1; }
                   a { color: #88c0d0; text-decoration: none; }
-                  a:hover { text-decoration: underline; }
-                  code { color: #d08770; }
               </style>
           </head>
           <body>
               <div class="container">
-                  <h1>🚀 HyprArch Custom Repository</h1>
-                  
-                  <h2>1. Trust the GPG Key</h2>
-                  <p>Run this to add the maintainer key to your pacman keyring:</p>
+                  <h1>🚀 HyprArch Pi Repository</h1>
+                  <p>Trust Key:</p>
                   <pre>curl -s https://repo.stuple.net/x86_64/pubkey.gpg | sudo pacman-key -a - && sudo pacman-key --lsign-key 236328A7F2C2001E</pre>
-
-                  <h2>2. Add to pacman.conf</h2>
-                  <p>Add these lines to the bottom of <code>/etc/pacman.conf</code>:</p>
+                  <p>Add to /etc/pacman.conf:</p>
                   <pre>[hyprarch-repo]
           SigLevel = Required DatabaseOptional
           Server = https://repo.stuple.net/\$arch</pre>
-                  
-                  <h2>3. Update and Install</h2>
-                  <p><code>sudo pacman -Syy</code></p>
-                  
-                  <hr style="border:0; border-top:1px solid #4c566a; margin: 20px 0;">
+                  <hr>
                   <p><a href="./x86_64/">📂 Browse File Index</a></p>
-                  <p><small>Hosted on Raspberry Pi 4B • Automated via Gitea Actions</small></p>
               </div>
           </body>
           </html>
@@ -117,5 +120,8 @@ jobs:
 
       - name: Deploy to Local Web Folder
         run: |
-          # Copy current build to the Nginx root
-          cp -r * /var/www/arch-repo/
+          # Use sudo (configured in visudo previously) to move to Nginx root
+          sudo mkdir -p /var/www/hyprarch-repo/x86_64
+          sudo cp -rf . /var/www/hyprarch-repo/
+          sudo chown -R www-data:www-data /var/www/hyprarch-repo
+          sudo chmod -R 755 /var/www/hyprarch-repo