name: Update Arch Repository on: push: paths: - 'x86_64/*.pkg.tar.zst' workflow_dispatch: jobs: update-db: runs-on: linux steps: - name: Checkout code uses: actions/checkout@v4 with: fetch-depth: 0 - name: Setup tools run: sudo apt-get update && sudo apt-get install -y libarchive-tools gpg - name: Import GPG Key run: | if [ -z "${{ secrets.GPG_PRIVATE_KEY }}" ]; then echo "ERROR: GPG_PRIVATE_KEY secret is empty!" exit 1 fi echo "${{ secrets.GPG_PRIVATE_KEY }}" > private_key.gpg gpg --batch --import private_key.gpg rm private_key.gpg - name: Update Repository Database run: | cd x86_64 rm -f hyprarch-repo.db* hyprarch-repo.files* mkdir -p db_temp export GPG_TTY=$(tty) # Export public key to the folder so it is accessible via URL gpg --export --armor 236328A7F2C2001E > pubkey.gpg for pkg in *.pkg.tar.zst; do # 1. Sign the package file echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --batch --yes --pinentry-mode loopback --local-user 236328A7F2C2001E --passphrase-fd 0 --detach-sign --no-armor "$pkg" # 2. Extract Metadata pkgname=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgname =" | cut -d' ' -f3) pkgver=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgver =" | cut -d' ' -f3) pkgdesc=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgdesc =" | cut -d' ' -f3- | sed "s/['\"]//g") mkdir -p "db_temp/$pkgname-$pkgver" { echo "%NAME%" echo "$pkgname" echo "" echo "%VERSION%" echo "$pkgver" echo "" echo "%DESC%" echo "$pkgdesc" echo "" echo "%FILENAME%" echo "$pkg" echo "" echo "%CSIZE%" echo "$(stat -c%s "$pkg")" echo "" echo "%ISIZE%" echo "$(bsdtar -xOf "$pkg" .PKGINFO | grep "^size =" | cut -d' ' -f3)" echo "" echo "%PGPSIG%" echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --batch --yes --pinentry-mode loopback --local-user 236328A7F2C2001E --passphrase-fd 0 --detach-sign --stdout --no-armor "$pkg" | base64 | tr -d '\n' echo "" } > "db_temp/$pkgname-$pkgver/desc" done # 3. Pack and Sign DB cd db_temp tar -c * | gzip -9 > ../hyprarch-repo.db.tar.gz cd .. echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --batch --yes --pinentry-mode loopback --local-user 236328A7F2C2001E --passphrase-fd 0 --detach-sign --no-armor hyprarch-repo.db.tar.gz # 4. Finalize cp hyprarch-repo.db.tar.gz hyprarch-repo.db cp hyprarch-repo.db.tar.gz.sig hyprarch-repo.db.sig cp hyprarch-repo.db.tar.gz hyprarch-repo.files cp hyprarch-repo.db.tar.gz hyprarch-repo.files.tar.gz rm -rf db_temp - name: Generate Subfolder Index run: | cd x86_64 echo "Index of /x86_64/" > index.html echo "

Index of /x86_64/

" >> index.html
          echo "../" >> index.html
          for file in *; do
            if [[ "$file" != "index.html" ]]; then
              size=$(du -sh "$file" | cut -f1)
              date=$(date -r "$file" '+%d-%b-%Y %H:%M')
              printf "%s%-$(($(printf '%s' "$file" | wc -c) > 50 ? 1 : 50 - $(printf '%s' "$file" | wc -c)))s %s %8s\n" "$file" "$file" "" "$date" "$size" >> index.html
            fi
          done
          echo "

" >> index.html - name: Generate Root Landing Page run: | echo ' HyprArch Repository

HyprArch Custom Repository

1. Add the GPG Key

Run this command to trust the repository maintainer (Mitsuba100):

curl -s https://hyprarch-repo.stuple.net/x86_64/pubkey.gpg | sudo pacman-key -a - && sudo pacman-key --lsign-key 236328A7F2C2001E

2. Configure Pacman

Add the following to the bottom of /etc/pacman.conf:

[hyprarch-repo]
          SigLevel = Required DatabaseOptional
          Server = https://hyprarch-repo.stuple.net/$arch

3. Sync

sudo pacman -Sy

📁 Browse File Index

Automated by GitHub Actions • Last updated: '$(date)'

' > index.html - name: Commit and Push run: | git config --global user.name "github-actions[bot]" git config --global user.email "github-actions[bot]@users.noreply.github.com" git add . if ! git diff-index --quiet HEAD; then git commit -m "Add GPG trust command to landing page" git push else echo "Nothing to change." fi