From a3ed447b0badcaac64dac38937b14beb588104b4 Mon Sep 17 00:00:00 2001 From: toufic ar Date: Tue, 10 Feb 2026 18:39:03 +0200 Subject: [PATCH] initial commit --- .forgejo/workflows/build.yaml | 32 ++++++++++++++++++++++++++ .gitignore | 1 + build.sh | 42 +++++++++++++++++++++++++++++++++++ pkgbuilds.json | 7 ++++++ 4 files changed, 82 insertions(+) create mode 100644 .forgejo/workflows/build.yaml create mode 100644 .gitignore create mode 100755 build.sh create mode 100644 pkgbuilds.json diff --git a/.forgejo/workflows/build.yaml b/.forgejo/workflows/build.yaml new file mode 100644 index 0000000..6ce0e79 --- /dev/null +++ b/.forgejo/workflows/build.yaml @@ -0,0 +1,32 @@ +on: + workflow_dispatch: + push: + branches: + - main + schedule: + - cron: 0 0 * * 0 +jobs: + build: + runs-on: archlinux-latest + steps: + - name: setup + run: | + pacman-key --init + pacman -Syu --noconfirm --needed base-devel git jq nodejs openssh rsync + sed -i -E 's/(^OPTIONS=\([^)]*)\b(debug)\b/\1!\2/' /etc/makepkg.conf + useradd -m builder + echo "${{ secrets.GPG_PRIVATE_KEY }}" > /home/builder/private.asc + echo "${{ secrets.GPG_KEY_PASSWD }}" > /home/builder/gpgpasswd + chown builder: /home/builder/private.asc /home/builder/gpgpasswd + - name: checkout repo + uses: actions/checkout@v6 + - name: add ssh key + uses: actions/ssh-setup@v2 + with: + ssh-key: ${{ secrets.ACTIONS_SSH_KEY }} + add-hosts: "toufy.me" + run-as: "builder" + - name: build + run: | + chown -R builder: . + su builder -c "./build.sh" diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..5dc9beb --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.dist diff --git a/build.sh b/build.sh new file mode 100755 index 0000000..589ad15 --- /dev/null +++ b/build.sh @@ -0,0 +1,42 @@ +#!/usr/bin/env bash + +set -e + +BUILD_DIR=$(pwd)/.dist/build +SRC_DIR=$(pwd)/.dist/src +LONGKEY="4A0E47583568E4B11B5C2559BBA33017E29E74FB" +export GNUPGHOME=~/.gnupg + +mkdir -p "$BUILD_DIR" "$SRC_DIR" + +mkdir -p $GNUPGHOME +chmod -R 700 $GNUPGHOME +echo "allow-loopback-pinentry" >>$GNUPGHOME/gpg-agent.conf +gpg-connect-agent reloadagent /bye +gpg --batch --yes --pinentry-mode loopback --passphrase-file ~/gpgpasswd --import ~/private.asc + +rsync -az root@toufy.me:/var/www/aur.toufy.me/builds "$BUILD_DIR" + +jq -c '.[]' pkgbuilds.json | while IFS= read -r src; do + base=$(jq -r '.base' <<<"$src") + jq -r '.rm[]' <<<"$src" | while IFS= read -r rmv; do + find "$BUILD_DIR" -name "$rmv*.pkg.tar.zst" -exec \ + repo-remove -Rsvk $LONGKEY \ + "$BUILD_DIR"/taur.db.tar.zst "$rmv" \; + + done + jq -r '.pkgs[]' <<<"$src" | while IFS= read -r pkg; do + git clone "$base/$pkg" "$SRC_DIR"/"$pkg" && + cd "$SRC_DIR/$pkg" && + makepkg -cCd --noconfirm --skippgpcheck --sign \ + --key $LONGKEY && + repo-add -Rpsvk $LONGKEY \ + "$BUILD_DIR"/taur.db.tar.zst \ + "$SRC_DIR"/"$pkg"/"$pkg"*.pkg.tar.zst && + cp -rfv \ + "$SRC_DIR"/"$pkg"/"$pkg"*.pkg.tar.zst "$SRC_DIR"/"$pkg"/"$pkg"*.pkg.tar.zst.sig \ + "$BUILD_DIR" + done +done + +rsync -az --delete "$BUILD_DIR/" root@toufy.me:/var/www/aur.toufy.me/builds diff --git a/pkgbuilds.json b/pkgbuilds.json new file mode 100644 index 0000000..8f30c36 --- /dev/null +++ b/pkgbuilds.json @@ -0,0 +1,7 @@ +[ + { + "base": "https://aur.archlinux.org", + "pkgs": [], + "rm": [] + } +]