161 lines
6.5 KiB
YAML
161 lines
6.5 KiB
YAML
name: Update Arch Repository
|
|
|
|
on:
|
|
push:
|
|
paths:
|
|
- 'x86_64/*.pkg.tar.zst'
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
update-db:
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: Setup tools
|
|
run: sudo apt-get update && sudo apt-get install -y libarchive-tools gpg
|
|
|
|
- name: Import GPG Key
|
|
run: |
|
|
if [ -z "${{ secrets.GPG_PRIVATE_KEY }}" ]; then
|
|
echo "ERROR: GPG_PRIVATE_KEY secret is empty!"
|
|
exit 1
|
|
fi
|
|
echo "${{ secrets.GPG_PRIVATE_KEY }}" > private_key.gpg
|
|
gpg --batch --import private_key.gpg
|
|
rm private_key.gpg
|
|
|
|
- name: Update Repository Database
|
|
run: |
|
|
cd x86_64
|
|
rm -f hyprarch-repo.db* hyprarch-repo.files*
|
|
mkdir -p db_temp
|
|
export GPG_TTY=$(tty)
|
|
|
|
# Export public key to the folder so it is accessible via URL
|
|
gpg --export --armor 236328A7F2C2001E > pubkey.gpg
|
|
|
|
for pkg in *.pkg.tar.zst; do
|
|
# 1. Sign the package file
|
|
echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --batch --yes --pinentry-mode loopback --local-user 236328A7F2C2001E --passphrase-fd 0 --detach-sign --no-armor "$pkg"
|
|
|
|
# 2. Extract Metadata
|
|
pkgname=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgname =" | cut -d' ' -f3)
|
|
pkgver=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgver =" | cut -d' ' -f3)
|
|
pkgdesc=$(bsdtar -xOf "$pkg" .PKGINFO | grep "^pkgdesc =" | cut -d' ' -f3- | sed "s/['\"]//g")
|
|
|
|
mkdir -p "db_temp/$pkgname-$pkgver"
|
|
|
|
{
|
|
echo "%NAME%"
|
|
echo "$pkgname"
|
|
echo ""
|
|
echo "%VERSION%"
|
|
echo "$pkgver"
|
|
echo ""
|
|
echo "%DESC%"
|
|
echo "$pkgdesc"
|
|
echo ""
|
|
echo "%FILENAME%"
|
|
echo "$pkg"
|
|
echo ""
|
|
echo "%CSIZE%"
|
|
echo "$(stat -c%s "$pkg")"
|
|
echo ""
|
|
echo "%ISIZE%"
|
|
echo "$(bsdtar -xOf "$pkg" .PKGINFO | grep "^size =" | cut -d' ' -f3)"
|
|
echo ""
|
|
echo "%PGPSIG%"
|
|
echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --batch --yes --pinentry-mode loopback --local-user 236328A7F2C2001E --passphrase-fd 0 --detach-sign --stdout --no-armor "$pkg" | base64 | tr -d '\n'
|
|
echo ""
|
|
} > "db_temp/$pkgname-$pkgver/desc"
|
|
done
|
|
|
|
# 3. Pack and Sign DB
|
|
cd db_temp
|
|
tar -c * | gzip -9 > ../hyprarch-repo.db.tar.gz
|
|
cd ..
|
|
echo "${{ secrets.GPG_PASSPHRASE }}" | gpg --batch --yes --pinentry-mode loopback --local-user 236328A7F2C2001E --passphrase-fd 0 --detach-sign --no-armor hyprarch-repo.db.tar.gz
|
|
|
|
# 4. Finalize
|
|
cp hyprarch-repo.db.tar.gz hyprarch-repo.db
|
|
cp hyprarch-repo.db.tar.gz.sig hyprarch-repo.db.sig
|
|
cp hyprarch-repo.db.tar.gz hyprarch-repo.files
|
|
cp hyprarch-repo.db.tar.gz hyprarch-repo.files.tar.gz
|
|
rm -rf db_temp
|
|
|
|
- name: Generate Subfolder Index
|
|
run: |
|
|
cd x86_64
|
|
echo "<html><head><title>Index of /x86_64/</title></head><body style='font-family: monospace;'>" > index.html
|
|
echo "<h1>Index of /x86_64/</h1><hr><pre>" >> index.html
|
|
echo "<a href='../'>../</a>" >> index.html
|
|
for file in *; do
|
|
if [[ "$file" != "index.html" ]]; then
|
|
size=$(du -sh "$file" | cut -f1)
|
|
date=$(date -r "$file" '+%d-%b-%Y %H:%M')
|
|
printf "<a href='%s'>%s</a>%-$(($(printf '%s' "$file" | wc -c) > 50 ? 1 : 50 - $(printf '%s' "$file" | wc -c)))s %s %8s\n" "$file" "$file" "" "$date" "$size" >> index.html
|
|
fi
|
|
done
|
|
echo "</pre><hr></body></html>" >> index.html
|
|
|
|
- name: Generate Root Landing Page
|
|
run: |
|
|
echo '<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<title>HyprArch Repository</title>
|
|
<style>
|
|
body { font-family: sans-serif; margin: 40px; line-height: 1.6; background: #2e3440; color: #eceff4; }
|
|
a { color: #88c0d0; text-decoration: none; }
|
|
a:hover { text-decoration: underline; }
|
|
.container { max-width: 900px; margin: auto; background: #3b4252; padding: 20px; border-radius: 8px; }
|
|
h1 { border-bottom: 2px solid #4c566a; padding-bottom: 10px; color: #81a1c1; }
|
|
h2 { color: #a3be8c; margin-top: 30px; }
|
|
pre { background: #2e3440; padding: 15px; border-radius: 5px; color: #ebcb8b; overflow-x: auto; border: 1px solid #4c566a; }
|
|
code { color: #d08770; }
|
|
.step { background: #434c5e; padding: 10px 15px; border-left: 4px solid #81a1c1; margin: 10px 0; }
|
|
</style>
|
|
</head>
|
|
<body>
|
|
<div class="container">
|
|
<h1>HyprArch Custom Repository</h1>
|
|
|
|
<h2>1. Add the GPG Key</h2>
|
|
<p>Run this command to trust the repository maintainer (Mitsuba100):</p>
|
|
<pre>curl -s https://hyprarch-repo.stuple.net/x86_64/pubkey.gpg | sudo pacman-key -a - && sudo pacman-key --lsign-key 236328A7F2C2001E</pre>
|
|
|
|
<h2>2. Configure Pacman</h2>
|
|
<p>Add the following to the bottom of <code>/etc/pacman.conf</code>:</p>
|
|
<pre>[hyprarch-repo]
|
|
SigLevel = Required DatabaseOptional
|
|
Server = https://hyprarch-repo.stuple.net/$arch</pre>
|
|
|
|
<h2>3. Sync</h2>
|
|
<div class="step">
|
|
<code>sudo pacman -Sy</code>
|
|
</div>
|
|
|
|
<hr style="margin-top:40px; border: 0; border-top: 1px solid #4c566a;">
|
|
<p><a href="./x86_64/">📁 Browse File Index</a></p>
|
|
<p><small>Automated by GitHub Actions • Last updated: '$(date)'</small></p>
|
|
</div>
|
|
</body>
|
|
</html>' > index.html
|
|
|
|
- name: Commit and Push
|
|
run: |
|
|
git config --global user.name "github-actions[bot]"
|
|
git config --global user.email "github-actions[bot]@users.noreply.github.com"
|
|
git add .
|
|
if ! git diff-index --quiet HEAD; then
|
|
git commit -m "Add GPG trust command to landing page"
|
|
git push
|
|
else
|
|
echo "Nothing to change."
|
|
fi
|