initial commit

2026-02-10 18:39:03 +02:00 · 2026-02-10 18:39:03 +02:00 · a3ed447b0b
commit a3ed447b0b
4 changed files with 82 additions and 0 deletions
--- a/.forgejo/workflows/build.yaml
+++ b/.forgejo/workflows/build.yaml
@ -0,0 +1,32 @@
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - main
+  schedule:
+    - cron: 0 0 * * 0
+jobs:
+  build:
+    runs-on: archlinux-latest
+    steps:
+      - name: setup
+        run: |
+          pacman-key --init
+          pacman -Syu --noconfirm --needed base-devel git jq nodejs openssh rsync
+          sed -i -E 's/(^OPTIONS=\([^)]*)\b(debug)\b/\1!\2/' /etc/makepkg.conf
+          useradd -m builder
+          echo "${{ secrets.GPG_PRIVATE_KEY }}" > /home/builder/private.asc
+          echo "${{ secrets.GPG_KEY_PASSWD }}" > /home/builder/gpgpasswd
+          chown builder: /home/builder/private.asc /home/builder/gpgpasswd
+      - name: checkout repo
+        uses: actions/checkout@v6
+      - name: add ssh key
+        uses: actions/ssh-setup@v2
+        with:
+          ssh-key: ${{ secrets.ACTIONS_SSH_KEY }}
+          add-hosts: "toufy.me"
+          run-as: "builder"
+      - name: build
+        run: |
+          chown -R builder: .
+          su builder -c "./build.sh"
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
+.dist
--- a/build.sh
+++ b/build.sh
@ -0,0 +1,42 @@
+#!/usr/bin/env bash
+
+set -e
+
+BUILD_DIR=$(pwd)/.dist/build
+SRC_DIR=$(pwd)/.dist/src
+LONGKEY="4A0E47583568E4B11B5C2559BBA33017E29E74FB"
+export GNUPGHOME=~/.gnupg
+
+mkdir -p "$BUILD_DIR" "$SRC_DIR"
+
+mkdir -p $GNUPGHOME
+chmod -R 700 $GNUPGHOME
+echo "allow-loopback-pinentry" >>$GNUPGHOME/gpg-agent.conf
+gpg-connect-agent reloadagent /bye
+gpg --batch --yes --pinentry-mode loopback --passphrase-file ~/gpgpasswd --import ~/private.asc
+
+rsync -az root@toufy.me:/var/www/aur.toufy.me/builds "$BUILD_DIR"
+
+jq -c '.[]' pkgbuilds.json | while IFS= read -r src; do
+    base=$(jq -r '.base' <<<"$src")
+    jq -r '.rm[]' <<<"$src" | while IFS= read -r rmv; do
+        find "$BUILD_DIR" -name "$rmv*.pkg.tar.zst" -exec \
+            repo-remove -Rsvk $LONGKEY \
+            "$BUILD_DIR"/taur.db.tar.zst "$rmv" \;
+
+    done
+    jq -r '.pkgs[]' <<<"$src" | while IFS= read -r pkg; do
+        git clone "$base/$pkg" "$SRC_DIR"/"$pkg" &&
+            cd "$SRC_DIR/$pkg" &&
+            makepkg -cCd --noconfirm --skippgpcheck --sign \
+                --key $LONGKEY &&
+            repo-add -Rpsvk $LONGKEY \
+                "$BUILD_DIR"/taur.db.tar.zst \
+                "$SRC_DIR"/"$pkg"/"$pkg"*.pkg.tar.zst &&
+            cp -rfv \
+                "$SRC_DIR"/"$pkg"/"$pkg"*.pkg.tar.zst "$SRC_DIR"/"$pkg"/"$pkg"*.pkg.tar.zst.sig \
+                "$BUILD_DIR"
+    done
+done
+
+rsync -az --delete "$BUILD_DIR/" root@toufy.me:/var/www/aur.toufy.me/builds
--- a/pkgbuilds.json
+++ b/pkgbuilds.json
@ -0,0 +1,7 @@
+[
+	{
+		"base": "https://aur.archlinux.org",
+		"pkgs": [],
+		"rm": []
+	}
+]