toufy/taur
toufy/taur
1
Fork 0
Code Activity Actions

initial commit
All checks were successful
/ build (push) Successful in 10s
Details

Browse source
This commit is contained in:
toufic ar 2026-02-10 18:39:03 +02:00
commit a3ed447b0b
Signed by: toufic ar
SSH key fingerprint: SHA256:/NaO5I1nG3gYKzrzSiTYIdRyaIYxDWfr1U+d+yfJ/4k
4 changed files with 82 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

32
.forgejo/workflows/build.yaml Normal file
View file

@ -0,0 +1,32 @@
on:
workflow_dispatch:
push:
branches:
- main
schedule:
- cron: 0 0 * * 0
jobs:
build:
runs-on: archlinux-latest
steps:
- name: setup
run: |
pacman-key --init
pacman -Syu --noconfirm --needed base-devel git jq nodejs openssh rsync
sed -i -E 's/(^OPTIONS=\([^)]*)\b(debug)\b/\1!\2/' /etc/makepkg.conf
useradd -m builder
echo "${{ secrets.GPG_PRIVATE_KEY }}" > /home/builder/private.asc
echo "${{ secrets.GPG_KEY_PASSWD }}" > /home/builder/gpgpasswd
chown builder: /home/builder/private.asc /home/builder/gpgpasswd
- name: checkout repo
uses: actions/checkout@v6
- name: add ssh key
uses: actions/ssh-setup@v2
with:
ssh-key: ${{ secrets.ACTIONS_SSH_KEY }}
add-hosts: "toufy.me"
run-as: "builder"
- name: build
run: |
chown -R builder: .
su builder -c "./build.sh"

1
.gitignore vendored Normal file
View file

@ -0,0 +1 @@
.dist

42
build.sh Executable file
View file

@ -0,0 +1,42 @@
#!/usr/bin/env bash
set -e
BUILD_DIR=$(pwd)/.dist/build
SRC_DIR=$(pwd)/.dist/src
LONGKEY="4A0E47583568E4B11B5C2559BBA33017E29E74FB"
export GNUPGHOME=~/.gnupg
mkdir -p "$BUILD_DIR" "$SRC_DIR"
mkdir -p $GNUPGHOME
chmod -R 700 $GNUPGHOME
echo "allow-loopback-pinentry" >>$GNUPGHOME/gpg-agent.conf
gpg-connect-agent reloadagent /bye
gpg --batch --yes --pinentry-mode loopback --passphrase-file ~/gpgpasswd --import ~/private.asc
rsync -az root@toufy.me:/var/www/aur.toufy.me/builds "$BUILD_DIR"
jq -c '.[]' pkgbuilds.json | while IFS= read -r src; do
base=$(jq -r '.base' <<<"$src")
jq -r '.rm[]' <<<"$src" | while IFS= read -r rmv; do
find "$BUILD_DIR" -name "$rmv*.pkg.tar.zst" -exec \
repo-remove -Rsvk $LONGKEY \
"$BUILD_DIR"/taur.db.tar.zst "$rmv" \;
done
jq -r '.pkgs[]' <<<"$src" | while IFS= read -r pkg; do
git clone "$base/$pkg" "$SRC_DIR"/"$pkg" &&
cd "$SRC_DIR/$pkg" &&
makepkg -cCd --noconfirm --skippgpcheck --sign \
--key $LONGKEY &&
repo-add -Rpsvk $LONGKEY \
"$BUILD_DIR"/taur.db.tar.zst \
"$SRC_DIR"/"$pkg"/"$pkg"*.pkg.tar.zst &&
cp -rfv \
"$SRC_DIR"/"$pkg"/"$pkg"*.pkg.tar.zst "$SRC_DIR"/"$pkg"/"$pkg"*.pkg.tar.zst.sig \
"$BUILD_DIR"
done
done
rsync -az --delete "$BUILD_DIR/" root@toufy.me:/var/www/aur.toufy.me/builds

7
pkgbuilds.json Normal file
View file

@ -0,0 +1,7 @@
[
{
"base": "https://aur.archlinux.org",
"pkgs": [],
"rm": []
}
]