nevaforget/moonarch
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: nevaforget:7f06c8e50171ec216fea4ba8ea0eed4895e4bad2
Branches Tags
nevaforget:main
...
compare: nevaforget:18357384e67c379c19dee074e607ab8cb1c3d6a5
Branches Tags
nevaforget:main

13 Commits
7f06c8e501 ... 18357384e6

Author SHA1 Message Date
nevaforget
18357384e6 Add Moonarch package registry setup with signed packages
All checks were successful
Update PKGBUILD version / update-pkgver (push) Successful in 2s
Details 
Import Gitea Arch registry key dynamically and configure pacman
with SigLevel = Required DatabaseOptional. Key ID is extracted
from the downloaded key file to avoid hardcoding.
 2026-04-01 18:07:07 +02:00
nevaforget
4d4b2221aa ci: test with updated registry token
All checks were successful
Update PKGBUILD version / update-pkgver (push) Successful in 1s
Details
2026-04-01 17:58:35 +02:00
nevaforget
792f6b9931 ci: trigger build with debug logging
All checks were successful
Update PKGBUILD version / update-pkgver (push) Successful in 2s
Details
2026-04-01 17:55:58 +02:00
nevaforget
6dd98ed25d ci: trigger pkgver bump
All checks were successful
Update PKGBUILD version / update-pkgver (push) Successful in 2s
Details
2026-04-01 17:49:30 +02:00
nevaforget
24df4b3994 Add custom Arch-based act_runner image
All checks were successful
Update PKGBUILD version / update-pkgver (push) Successful in 1s
Details 
Runner based on archlinux:base-devel with git, curl, makepkg.
Runs as non-root builder user so makepkg works natively without
permission workarounds. Registration data stored in /data volume.
 2026-04-01 17:45:39 +02:00
nevaforget
b5e9bce9a1 ci: trigger pkgver bump
All checks were successful
Update PKGBUILD version / update-pkgver (push) Successful in 1s
Details
2026-04-01 16:55:07 +02:00
nevaforget
e55bab4816 ci: trigger build-and-publish test
All checks were successful
Update PKGBUILD version / update-pkgver (push) Successful in 2s
Details
2026-04-01 16:44:25 +02:00
nevaforget
aba7ffede1 Add custom Arch-based act_runner image, revert workflow workaround
All checks were successful
Update PKGBUILD version / update-pkgver (push) Successful in 2s
Details 
The runner image is now built on archlinux:base-devel with git,
curl, makepkg and a non-root builder user baked in. This removes
the need for per-workflow pacman installs and enables host mode.
 2026-04-01 16:42:53 +02:00
nevaforget
e8eb383eac Fix CI: install git in Arch container for update-pkgver
Some checks failed
Update PKGBUILD version / update-pkgver (push) Failing after 5s
Details 
The runner now uses docker mode with archlinux:base-devel which
does not include git by default.
 2026-04-01 16:00:31 +02:00
nevaforget
92aa2f9190 ci: test with info endpoint enabled
Some checks failed
Update PKGBUILD version / update-pkgver (push) Failing after 2s
Details
2026-04-01 15:59:32 +02:00
nevaforget
5d1a7b61e4 ci: test container networking
Some checks failed
Update PKGBUILD version / update-pkgver (push) Failing after 1s
Details
2026-04-01 15:57:44 +02:00
nevaforget
0a709cedb6 ci: test arch container build
Some checks failed
Update PKGBUILD version / update-pkgver (push) Failing after 28s
Details
2026-04-01 15:55:06 +02:00
nevaforget
45165204a6 ci: trigger pkgver bump
All checks were successful
Update PKGBUILD version / update-pkgver (push) Successful in 2s
Details
2026-04-01 15:44:41 +02:00
3 changed files with 65 additions and 0 deletions
Show Stats Expand all files Collapse all files

10
ci/act-runner/Dockerfile Normal file
View File

@ -0,0 +1,10 @@
FROM archlinux:base-devel
RUN pacman -Sy --noconfirm git curl && pacman -Scc --noconfirm
RUN useradd -m builder && echo "builder ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
ADD https://gitea.com/gitea/act_runner/releases/download/v0.3.1/act_runner-0.3.1-linux-amd64 /usr/local/bin/act_runner
RUN chmod +x /usr/local/bin/act_runner
COPY --from=gitea/act_runner:latest /usr/local/bin/run.sh /usr/local/bin/run.sh
RUN mkdir -p /data && chown builder:builder /data
USER builder
ENV HOME=/home/builder
ENTRYPOINT ["/usr/local/bin/run.sh"]

28
scripts/post-install.sh
View File

@ -20,6 +20,34 @@ else
log "paru already installed."
fi
# --- Set up Moonarch package registry ---
log "Setting up Moonarch package registry..."
if ! grep -q '\[moonarch\]' /etc/pacman.conf 2>/dev/null; then
sudo tee -a /etc/pacman.conf > /dev/null <<'EOCONF'
[moonarch]
SigLevel = Required DatabaseOptional
Server = https://gitea.moonarch.de/api/packages/nevaforget/arch/$repo/$arch
EOCONF
log " + Moonarch repo added to pacman.conf."
else
log " ~ Moonarch repo already in pacman.conf."
fi
log "Importing Moonarch registry signing key..."
KEY_FILE=$(mktemp)
curl -sf https://gitea.moonarch.de/api/packages/nevaforget/arch/repository.key -o "$KEY_FILE"
KEY_ID=$(gpg --show-keys --with-colons "$KEY_FILE" 2>/dev/null | awk -F: '/^pub/{print $5}')
if [[ -n "$KEY_ID" ]] && ! sudo pacman-key --list-keys "$KEY_ID" &>/dev/null; then
sudo pacman-key --add "$KEY_FILE"
sudo pacman-key --lsign-key "$KEY_ID"
log " + Registry key $KEY_ID imported and locally signed."
else
log " ~ Registry key already imported."
fi
rm -f "$KEY_FILE"
# --- Set up Moonarch custom paru repo ---
log "Setting up Moonarch paru repo..."

27
scripts/transform.sh
View File

@ -206,6 +206,33 @@ else
log "paru already installed."
fi
# Moonarch package registry
log "Setting up Moonarch package registry..."
if ! grep -q '\[moonarch\]' /etc/pacman.conf 2>/dev/null; then
sudo tee -a /etc/pacman.conf > /dev/null <<'EOCONF'
[moonarch]
SigLevel = Required DatabaseOptional
Server = https://gitea.moonarch.de/api/packages/nevaforget/arch/$repo/$arch
EOCONF
log " + Moonarch repo added to pacman.conf."
else
log " ~ Moonarch repo already in pacman.conf."
fi
log "Importing Moonarch registry signing key..."
KEY_FILE=$(mktemp)
curl -sf https://gitea.moonarch.de/api/packages/nevaforget/arch/repository.key -o "$KEY_FILE"
KEY_ID=$(gpg --show-keys --with-colons "$KEY_FILE" 2>/dev/null | awk -F: '/^pub/{print $5}')
if [[ -n "$KEY_ID" ]] && ! sudo pacman-key --list-keys "$KEY_ID" &>/dev/null; then
sudo pacman-key --add "$KEY_FILE"
sudo pacman-key --lsign-key "$KEY_ID"
log " + Registry key $KEY_ID imported and locally signed."
else
log " ~ Registry key already imported."
fi
rm -f "$KEY_FILE"
# Moonarch custom paru repo
log "Setting up Moonarch paru repo..."
PARU_CONF="$HOME/.config/paru/paru.conf"