diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml index 799ed3e2..a56e7665 100644 --- a/.gitea/workflows/deploy.yml +++ b/.gitea/workflows/deploy.yml @@ -360,13 +360,34 @@ jobs: else echo "🎯 Ubuntu detected - adding xtradeb PPA" mkdir -p /etc/apt/keyrings + KEY_ID="82BB6851C64F6880" - # Use direct HTTPS fetch for GPG key (most reliable in Docker) - wget -qO- "https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x290d73d2240900b5" | gpg --dearmor > /etc/apt/keyrings/xtradeb.gpg || true + # Multi-method Key Fetch + SUCCESS=false + echo "Fetching key $KEY_ID..." - echo "deb [signed-by=/etc/apt/keyrings/xtradeb.gpg] http://ppa.launchpad.net/xtradeb/apps/ubuntu $CODENAME main" > /etc/apt/sources.list.d/xtradeb-ppa.list + # Method 1: gpg --recv-keys (standard) + for server in "hkp://keyserver.ubuntu.com:80" "hkp://keyserver.ubuntu.com:11371"; do + if gpg --no-default-keyring --keyring /tmp/xtradeb.gpg --keyserver "$server" --recv-keys "$KEY_ID"; then + gpg --no-default-keyring --keyring /tmp/xtradeb.gpg --export > /etc/apt/keyrings/xtradeb.gpg + SUCCESS=true && break + fi + done - # PRIORITY PINNING: Force Apt to use the PPA version over the Snap-filler + # Method 2: Direct wget (fallback) + if [ "$SUCCESS" = false ]; then + wget -qO- "https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x$KEY_ID" | gpg --dearmor > /etc/apt/keyrings/xtradeb.gpg && SUCCESS=true + fi + + if [ "$SUCCESS" = true ]; then + echo "deb [signed-by=/etc/apt/keyrings/xtradeb.gpg] http://ppa.launchpad.net/xtradeb/apps/ubuntu $CODENAME main" > /etc/apt/sources.list.d/xtradeb-ppa.list + else + echo "⚠️ GPG fetch failed, using legacy apt-key as last resort..." + apt-key adv --keyserver keyserver.ubuntu.com --recv-keys "$KEY_ID" || true + echo "deb http://ppa.launchpad.net/xtradeb/apps/ubuntu $CODENAME main" > /etc/apt/sources.list.d/xtradeb-ppa.list + fi + + # PRIORITY PINNING: Force PPA over Snap-dummy printf "Package: *\nPin: release o=LP-PPA-xtradeb-apps\nPin-Priority: 1001\n" > /etc/apt/preferences.d/xtradeb apt-get update