diff --git a/.github/workflows/ubuntu-backports.yml b/.github/workflows/ubuntu-backports.yml new file mode 100644 index 0000000..4f091f9 --- /dev/null +++ b/.github/workflows/ubuntu-backports.yml @@ -0,0 +1,49 @@ +name: PikaOS Ubuntu Repo Sync (Backports) + +on: + workflow_dispatch: + schedule: + - cron: '10 1 * * *' + +jobs: + build: + runs-on: self-hosted + container: + image: ubuntu:23.04 + volumes: + - /proc:/proc + options: --privileged -it + + steps: + - uses: actions/checkout@v3 + + - name: APT + run: apt update && apt install gnupg -y + + - name: Import GPG key + id: import_gpg + uses: crazy-max/ghaction-import-gpg@v5 + with: + gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} + passphrase: ${{ secrets.PASSPHRASE }} + + - name: Install SSH key + uses: shimataro/ssh-key-action@v2 + with: + key: ${{ secrets.SSH_KEY }} + name: id_rsa + known_hosts: ${{ secrets.KNOWN_HOSTS }} + if_key_exists: replace + + - name: Sync Repository + run: chmod +x ./ubuntu-backports.sh && ./ubuntu-backports.sh + + - name: Purge cache + uses: jakejarvis/cloudflare-purge-action@master + env: + # Zone is required by both authentication methods + CLOUDFLARE_ZONE: ${{ secrets.CLOUDFLARE_ZONE }} + + CLOUDFLARE_TOKEN: ${{ secrets.CLOUDFLARE_TOKEN }} + PURGE_URLS: ${{ vars.PURGE_URLS }} + diff --git a/.github/workflows/ubuntu-proposed.yml b/.github/workflows/ubuntu-proposed.yml new file mode 100644 index 0000000..9b84b3c --- /dev/null +++ b/.github/workflows/ubuntu-proposed.yml @@ -0,0 +1,49 @@ +name: PikaOS Ubuntu Repo Sync (Proposed) + +on: + workflow_dispatch: + schedule: + - cron: '55 0 * * *' + +jobs: + build: + runs-on: self-hosted + container: + image: ubuntu:23.04 + volumes: + - /proc:/proc + options: --privileged -it + + steps: + - uses: actions/checkout@v3 + + - name: APT + run: apt update && apt install gnupg -y + + - name: Import GPG key + id: import_gpg + uses: crazy-max/ghaction-import-gpg@v5 + with: + gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} + passphrase: ${{ secrets.PASSPHRASE }} + + - name: Install SSH key + uses: shimataro/ssh-key-action@v2 + with: + key: ${{ secrets.SSH_KEY }} + name: id_rsa + known_hosts: ${{ secrets.KNOWN_HOSTS }} + if_key_exists: replace + + - name: Sync Repository + run: chmod +x ./ubuntu-proposed.sh && ./ubuntu-proposed.sh + + - name: Purge cache + uses: jakejarvis/cloudflare-purge-action@master + env: + # Zone is required by both authentication methods + CLOUDFLARE_ZONE: ${{ secrets.CLOUDFLARE_ZONE }} + + CLOUDFLARE_TOKEN: ${{ secrets.CLOUDFLARE_TOKEN }} + PURGE_URLS: ${{ vars.PURGE_URLS }} + diff --git a/.github/workflows/ubuntu-security.yml b/.github/workflows/ubuntu-security.yml new file mode 100644 index 0000000..8c146ba --- /dev/null +++ b/.github/workflows/ubuntu-security.yml @@ -0,0 +1,49 @@ +name: PikaOS Ubuntu Repo Sync (Security) + +on: + workflow_dispatch: + schedule: + - cron: '50 0 * * *' + +jobs: + build: + runs-on: self-hosted + container: + image: ubuntu:23.04 + volumes: + - /proc:/proc + options: --privileged -it + + steps: + - uses: actions/checkout@v3 + + - name: APT + run: apt update && apt install gnupg -y + + - name: Import GPG key + id: import_gpg + uses: crazy-max/ghaction-import-gpg@v5 + with: + gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} + passphrase: ${{ secrets.PASSPHRASE }} + + - name: Install SSH key + uses: shimataro/ssh-key-action@v2 + with: + key: ${{ secrets.SSH_KEY }} + name: id_rsa + known_hosts: ${{ secrets.KNOWN_HOSTS }} + if_key_exists: replace + + - name: Sync Repository + run: chmod +x ./ubuntu-security.sh && ./ubuntu-security.sh + + - name: Purge cache + uses: jakejarvis/cloudflare-purge-action@master + env: + # Zone is required by both authentication methods + CLOUDFLARE_ZONE: ${{ secrets.CLOUDFLARE_ZONE }} + + CLOUDFLARE_TOKEN: ${{ secrets.CLOUDFLARE_TOKEN }} + PURGE_URLS: ${{ vars.PURGE_URLS }} + diff --git a/.github/workflows/ubuntu-updates.yml b/.github/workflows/ubuntu-updates.yml new file mode 100644 index 0000000..d16e691 --- /dev/null +++ b/.github/workflows/ubuntu-updates.yml @@ -0,0 +1,49 @@ +name: PikaOS Ubuntu Repo Sync (Updates) + +on: + workflow_dispatch: + schedule: + - cron: '45 0 * * *' + +jobs: + build: + runs-on: self-hosted + container: + image: ubuntu:23.04 + volumes: + - /proc:/proc + options: --privileged -it + + steps: + - uses: actions/checkout@v3 + + - name: APT + run: apt update && apt install gnupg -y + + - name: Import GPG key + id: import_gpg + uses: crazy-max/ghaction-import-gpg@v5 + with: + gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} + passphrase: ${{ secrets.PASSPHRASE }} + + - name: Install SSH key + uses: shimataro/ssh-key-action@v2 + with: + key: ${{ secrets.SSH_KEY }} + name: id_rsa + known_hosts: ${{ secrets.KNOWN_HOSTS }} + if_key_exists: replace + + - name: Sync Repository + run: chmod +x ./ubuntu-updates.sh && ./ubuntu-updates.sh + + - name: Purge cache + uses: jakejarvis/cloudflare-purge-action@master + env: + # Zone is required by both authentication methods + CLOUDFLARE_ZONE: ${{ secrets.CLOUDFLARE_ZONE }} + + CLOUDFLARE_TOKEN: ${{ secrets.CLOUDFLARE_TOKEN }} + PURGE_URLS: ${{ vars.PURGE_URLS }} + diff --git a/ubuntu-backports.sh b/ubuntu-backports.sh new file mode 100644 index 0000000..9b8cc36 --- /dev/null +++ b/ubuntu-backports.sh @@ -0,0 +1,71 @@ +#! /bin/bash +set -e + +# Give correct perms to Apt version checker +chmod 755 ./ppp + +# output folders +mkdir -p ./output/output +cd ./output/output + +# temp +apt update +apt upgrade -y +# end of temp + +apt install dpkg-sig wget rsync ssh -y + +# Get ubuntu main pool +echo "Getting ubuntu main pool 32bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-i386/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-backports/main/binary-i386/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ +echo "Getting ubuntu main pool 64bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-amd64/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-backports/main/binary-amd64/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ + +# Get ubuntu multiverse pool +echo "Getting ubuntu multiverse pool 32bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-i386/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-backports/multiverse/binary-i386/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ +echo "Getting ubuntu multiverse pool 64bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-amd64/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-backports/multiverse/binary-amd64/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ + +# Get ubuntu restricted pool +echo "Getting ubuntu restricted pool 32bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-i386/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-backports/restricted/binary-i386/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ +echo "Getting ubuntu restricted pool 64bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-amd64/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-backports/restricted/binary-amd64/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ + +# Get ubuntu universe pool +echo "Getting ubuntu universe pool 32bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-i386/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-backports/universe/binary-i386/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ +echo "Getting ubuntu universe pool 64bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-amd64/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-backports/universe/binary-amd64/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ + +cd ../ + +if [ $(ls ./output/ | wc -l) -lt 1 ]; then +echo "Repos are synced" + exit 0 +fi + +# Sign the packages +../ppp sign ./output/ + +# Pull down existing ppa repo db files etc +rsync -azP --exclude '*.deb' ferreo@direct.pika-os.com:/srv/www/pikappa/ ./output/repo + +# Check if the ubuntu component exists +if cat ./output/repo/conf/distributions | grep Components: | grep ubuntu +then + true +else + sed -i "s#Components:#Components: ubuntu#" ./output/repo/conf/distributions +fi + +apt remove reprepro -y +wget -nv https://launchpad.net/ubuntu/+archive/primary/+files/reprepro_5.3.0-1.4_amd64.deb +apt install -y ./reprepro_5.3.0-1.4_amd64.deb + +# Add the new packages to the repo +../ppp repoadd ./output/ "-C ubuntu -V --ignore=missingfield --basedir ./output/repo/ includedeb lunar" + +# Push the updated ppa repo to the server +rsync -azP ./output/repo/ ferreo@direct.pika-os.com:/srv/www/pikappa/ diff --git a/ubuntu-proposed.sh b/ubuntu-proposed.sh new file mode 100644 index 0000000..421ea54 --- /dev/null +++ b/ubuntu-proposed.sh @@ -0,0 +1,71 @@ +#! /bin/bash +set -e + +# Give correct perms to Apt version checker +chmod 755 ./ppp + +# output folders +mkdir -p ./output/output +cd ./output/output + +# temp +apt update +apt upgrade -y +# end of temp + +apt install dpkg-sig wget rsync ssh -y + +# Get ubuntu main pool +echo "Getting ubuntu main pool 32bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-i386/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-proposed/main/binary-i386/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ +echo "Getting ubuntu main pool 64bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-amd64/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-proposed/main/binary-amd64/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ + +# Get ubuntu multiverse pool +echo "Getting ubuntu multiverse pool 32bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-i386/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-proposed/multiverse/binary-i386/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ +echo "Getting ubuntu multiverse pool 64bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-amd64/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-proposed/multiverse/binary-amd64/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ + +# Get ubuntu restricted pool +echo "Getting ubuntu restricted pool 32bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-i386/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-proposed/restricted/binary-i386/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ +echo "Getting ubuntu restricted pool 64bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-amd64/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-proposed/restricted/binary-amd64/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ + +# Get ubuntu universe pool +echo "Getting ubuntu universe pool 32bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-i386/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-proposed/universe/binary-i386/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ +echo "Getting ubuntu universe pool 64bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-amd64/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-proposed/universe/binary-amd64/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ + +cd ../ + +if [ $(ls ./output/ | wc -l) -lt 1 ]; then +echo "Repos are synced" + exit 0 +fi + +# Sign the packages +../ppp sign ./output/ + +# Pull down existing ppa repo db files etc +rsync -azP --exclude '*.deb' ferreo@direct.pika-os.com:/srv/www/pikappa/ ./output/repo + +# Check if the ubuntu component exists +if cat ./output/repo/conf/distributions | grep Components: | grep ubuntu +then + true +else + sed -i "s#Components:#Components: ubuntu#" ./output/repo/conf/distributions +fi + +apt remove reprepro -y +wget -nv https://launchpad.net/ubuntu/+archive/primary/+files/reprepro_5.3.0-1.4_amd64.deb +apt install -y ./reprepro_5.3.0-1.4_amd64.deb + +# Add the new packages to the repo +../ppp repoadd ./output/ "-C ubuntu -V --ignore=missingfield --basedir ./output/repo/ includedeb lunar" + +# Push the updated ppa repo to the server +rsync -azP ./output/repo/ ferreo@direct.pika-os.com:/srv/www/pikappa/ diff --git a/ubuntu-security.sh b/ubuntu-security.sh new file mode 100644 index 0000000..d3408ce --- /dev/null +++ b/ubuntu-security.sh @@ -0,0 +1,71 @@ +#! /bin/bash +set -e + +# Give correct perms to Apt version checker +chmod 755 ./ppp + +# output folders +mkdir -p ./output/output +cd ./output/output + +# temp +apt update +apt upgrade -y +# end of temp + +apt install dpkg-sig wget rsync ssh -y + +# Get ubuntu main pool +echo "Getting ubuntu main pool 32bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-i386/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-security/main/binary-i386/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ +echo "Getting ubuntu main pool 64bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-amd64/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-security/main/binary-amd64/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ + +# Get ubuntu multiverse pool +echo "Getting ubuntu multiverse pool 32bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-i386/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-security/multiverse/binary-i386/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ +echo "Getting ubuntu multiverse pool 64bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-amd64/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-security/multiverse/binary-amd64/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ + +# Get ubuntu restricted pool +echo "Getting ubuntu restricted pool 32bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-i386/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-security/restricted/binary-i386/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ +echo "Getting ubuntu restricted pool 64bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-amd64/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-security/restricted/binary-amd64/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ + +# Get ubuntu universe pool +echo "Getting ubuntu universe pool 32bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-i386/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-security/universe/binary-i386/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ +echo "Getting ubuntu universe pool 64bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-amd64/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-security/universe/binary-amd64/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ + +cd ../ + +if [ $(ls ./output/ | wc -l) -lt 1 ]; then +echo "Repos are synced" + exit 0 +fi + +# Sign the packages +../ppp sign ./output/ + +# Pull down existing ppa repo db files etc +rsync -azP --exclude '*.deb' ferreo@direct.pika-os.com:/srv/www/pikappa/ ./output/repo + +# Check if the ubuntu component exists +if cat ./output/repo/conf/distributions | grep Components: | grep ubuntu +then + true +else + sed -i "s#Components:#Components: ubuntu#" ./output/repo/conf/distributions +fi + +apt remove reprepro -y +wget -nv https://launchpad.net/ubuntu/+archive/primary/+files/reprepro_5.3.0-1.4_amd64.deb +apt install -y ./reprepro_5.3.0-1.4_amd64.deb + +# Add the new packages to the repo +../ppp repoadd ./output/ "-C ubuntu -V --ignore=missingfield --basedir ./output/repo/ includedeb lunar" + +# Push the updated ppa repo to the server +rsync -azP ./output/repo/ ferreo@direct.pika-os.com:/srv/www/pikappa/ diff --git a/ubuntu-updates.sh b/ubuntu-updates.sh new file mode 100644 index 0000000..53a61e4 --- /dev/null +++ b/ubuntu-updates.sh @@ -0,0 +1,71 @@ +#! /bin/bash +set -e + +# Give correct perms to Apt version checker +chmod 755 ./ppp + +# output folders +mkdir -p ./output/output +cd ./output/output + +# temp +apt update +apt upgrade -y +# end of temp + +apt install dpkg-sig wget rsync ssh -y + +# Get ubuntu main pool +echo "Getting ubuntu main pool 32bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-i386/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-updates/main/binary-i386/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ +echo "Getting ubuntu main pool 64bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-amd64/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-updates/main/binary-amd64/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ + +# Get ubuntu multiverse pool +echo "Getting ubuntu multiverse pool 32bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-i386/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-updates/multiverse/binary-i386/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ +echo "Getting ubuntu multiverse pool 64bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-amd64/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-updates/multiverse/binary-amd64/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ + +# Get ubuntu restricted pool +echo "Getting ubuntu restricted pool 32bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-i386/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-updates/restricted/binary-i386/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ +echo "Getting ubuntu restricted pool 64bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-amd64/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-updates/restricted/binary-amd64/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ + +# Get ubuntu universe pool +echo "Getting ubuntu universe pool 32bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-i386/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-updates/universe/binary-i386/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ +echo "Getting ubuntu universe pool 64bit" +../../ppp https://ppa.pika-os.com/dists/lunar/ubuntu/binary-amd64/Packages.gz http://archive.ubuntu.com/ubuntu/dists/lunar-updates/universe/binary-amd64/Packages.xz http://archive.ubuntu.com/ubuntu/ ./ + +cd ../ + +if [ $(ls ./output/ | wc -l) -lt 1 ]; then +echo "Repos are synced" + exit 0 +fi + +# Sign the packages +../ppp sign ./output/ + +# Pull down existing ppa repo db files etc +rsync -azP --exclude '*.deb' ferreo@direct.pika-os.com:/srv/www/pikappa/ ./output/repo + +# Check if the ubuntu component exists +if cat ./output/repo/conf/distributions | grep Components: | grep ubuntu +then + true +else + sed -i "s#Components:#Components: ubuntu#" ./output/repo/conf/distributions +fi + +apt remove reprepro -y +wget -nv https://launchpad.net/ubuntu/+archive/primary/+files/reprepro_5.3.0-1.4_amd64.deb +apt install -y ./reprepro_5.3.0-1.4_amd64.deb + +# Add the new packages to the repo +../ppp repoadd ./output/ "-C ubuntu -V --ignore=missingfield --basedir ./output/repo/ includedeb lunar" + +# Push the updated ppa repo to the server +rsync -azP ./output/repo/ ferreo@direct.pika-os.com:/srv/www/pikappa/