name: Update Arch Repository (Gitea) on: push: paths: - 'x86_64/*.pkg.tar.zst' workflow_dispatch: jobs: build-and-deploy: # Use 'host' so the runner can move files directly to /var/www/arch-repo runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v4 - name: Ensure Tools and Directories run: | sudo apt-get update && sudo apt-get install -y libarchive-tools gpg mkdir -p x86_64/db_temp # Path where your packages will be served to the web sudo mkdir -p /var/www/arch-repo/x86_64 sudo chown -R $USER:$USER /var/www/arch-repo - name: Import GPG Key run: | echo "${{ secrets.GPG_PRIVATE_KEY }}" | gpg --batch --import --yes - name: Build and Sign Repository run: | cd x86_64 rm -f hyprarch-repo.db* hyprarch-repo.files* # 1. Export Public Key for users gpg --export --armor 236328A7F2C2001E > pubkey.gpg # 2. Process Packages for pkg in *.pkg.tar.zst; do # Sign package (creates .sig file) echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --batch --yes --pinentry-mode loopback --local-user 236328A7F2C2001E --passphrase-fd 0 --detach-sign --no-armor "$pkg" # Extract Metadata pkgname=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgname =" | cut -d' ' -f3) pkgver=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgver =" | cut -d' ' -f3) pkgdesc=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgdesc =" | cut -d' ' -f3- | sed "s/['\"]//g") mkdir -p "db_temp/$pkgname-$pkgver" { echo "%NAME%"; echo "$pkgname"; echo "" echo "%VERSION%"; echo "$pkgver"; echo "" echo "%DESC%"; echo "$pkgdesc"; echo "" echo "%FILENAME%"; echo "$pkg"; echo "" echo "%CSIZE%"; echo "$(stat -c%s "$pkg")"; echo "" echo "%ISIZE%"; echo "$(bsdtar -xOf "$pkg" .PKGINFO | grep "^size =" | cut -d' ' -f3)"; echo "" echo "%PGPSIG%" # Fixed: Use --output - instead of --stdout echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --batch --yes --pinentry-mode loopback --local-user 236328A7F2C2001E --passphrase-fd 0 --detach-sign --no-armor --output - "$pkg" | base64 | tr -d '\n' echo "" } > "db_temp/$pkgname-$pkgver/desc" done # 3. Create Database cd db_temp tar -c * | gzip -9 > ../hyprarch-repo.db.tar.gz cd .. echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --batch --yes --pinentry-mode loopback --local-user 236328A7F2C2001E --passphrase-fd 0 --detach-sign --no-armor hyprarch-repo.db.tar.gz # 4. Finalize cp hyprarch-repo.db.tar.gz hyprarch-repo.db cp hyprarch-repo.db.tar.gz.sig hyprarch-repo.db.sig cp hyprarch-repo.db.tar.gz hyprarch-repo.files rm -rf db_temp - name: Generate Landing Page run: | cat < index.html HyprArch Repo

🚀 HyprArch Custom Repository

1. Trust the GPG Key

Run this to add the maintainer key to your pacman keyring:

curl -s https://repo.stuple.net/x86_64/pubkey.gpg | sudo pacman-key -a - && sudo pacman-key --lsign-key 236328A7F2C2001E

2. Add to pacman.conf

Add these lines to the bottom of /etc/pacman.conf:

[hyprarch-repo]
          SigLevel = Required DatabaseOptional
          Server = https://repo.stuple.net/\$arch

3. Update and Install

sudo pacman -Syy

📂 Browse File Index

Hosted on Raspberry Pi 4B • Automated via Gitea Actions

EOF - name: Deploy to Local Web Folder run: | # Copy current build to the Nginx root cp -r * /var/www/arch-repo/