Make /opt/moonarch root-owned for multi-user support

Remove chown from archinstall custom-commands so the repo stays root:root. Use sudo for git operations in update.sh. Any user with sudo can now run moonarch-update without owning the repo.
2026-03-29 15:23:39 +02:00 · 2026-03-29 15:23:39 +02:00 · 1679fcfb30
commit 1679fcfb30
parent 6ca8931f04
5 changed files with 21 additions and 10 deletions
--- a/CLAUDE.md
+++ b/CLAUDE.md
@ -4,7 +4,7 @@ Reproduzierbares Arch-Linux-Setup basierend auf archinstall + Post-Install-Autom

 ## Projektstruktur

- `config/` — archinstall-Konfiguration (inkl. custom-commands die das Repo nach /opt/moonarch klonen)
+- `config/` — archinstall-Konfiguration (inkl. custom-commands die das Repo nach /opt/moonarch klonen, root-owned)
 - `scripts/` — Post-Install- und Helper-Scripts
 - `packages/` — Paketlisten (offiziell + AUR), getrennt gepflegt
 - `defaults/` — XDG-Configs, Shell-Config, Helper-Binaries, greetd/moongreet-Config, Wallpaper
--- a/DECISIONS.md
+++ b/DECISIONS.md
@ -0,0 +1,13 @@
+# Decisions
+
+## 2026-03-29 – /opt/moonarch stays root-owned, no chown to user
+- **Who**: Dominik, Ragnar
+- **Why**: Multi-user system — chown to UID 1000 locks out other users from moonarch-update
+- **Tradeoffs**: sudo required for git operations in update.sh vs. simpler user-owned repo
+- **How**: Repo stays at /opt/moonarch owned by root:root. update.sh uses `sudo git` for fetch/pull. All scripts already use sudo for system-level operations, so this is consistent.
+
+## 2026-03-29 – Add transform.sh for existing Arch+Wayland systems
+- **Who**: Dominik, Ragnar
+- **Why**: Users with existing Arch+Wayland setups should be able to adopt Moonarch without reinstalling
+- **Tradeoffs**: Hard overwrite of all configs (user + system) vs. selective/merge approach — chose hard overwrite for simplicity and consistency
+- **How**: New transform.sh with pre-flight summary, backup, DM conflict resolution, and --dry-run flag. Shared helpers extracted to lib.sh.
--- a/README.md
+++ b/README.md
@ -63,7 +63,6 @@ Transform converts your system to Moonarch without reinstalling.
 ```bash
 # Clone the repo
 sudo git clone https://gitea.moonarch.de/nevaforget/moonarch.git /opt/moonarch
-sudo chown -R $(whoami):$(whoami) /opt/moonarch

 # Preview what will happen (no changes made)
 /opt/moonarch/scripts/transform.sh --dry-run
--- a/config/user_configuration.json
+++ b/config/user_configuration.json
@ -70,7 +70,6 @@
    "timezone": "Europe/Berlin",

    "custom-commands": [
-        "git clone https://gitea.moonarch.de/nevaforget/moonarch.git /opt/moonarch",
-        "chown -R 1000:1000 /opt/moonarch"
+        "git clone https://gitea.moonarch.de/nevaforget/moonarch.git /opt/moonarch"
    ]
 }
--- a/scripts/update.sh
+++ b/scripts/update.sh
@ -15,17 +15,17 @@ check_not_root
 log "=== Update Moonarch repo ==="

 cd "$PROJECT_DIR"
-if git rev-parse --is-inside-work-tree &>/dev/null; then
-    LOCAL=$(git rev-parse HEAD)
-    git fetch origin
-    REMOTE=$(git rev-parse @{u} 2>/dev/null || echo "$LOCAL")
+if sudo git rev-parse --is-inside-work-tree &>/dev/null; then
+    LOCAL=$(sudo git rev-parse HEAD)
+    sudo git fetch origin
+    REMOTE=$(sudo git rev-parse @{u} 2>/dev/null || echo "$LOCAL")

    if [[ "$LOCAL" != "$REMOTE" ]]; then
        log "Updates available."
-        git --no-pager log --oneline "$LOCAL".."$REMOTE"
+        sudo git --no-pager log --oneline "$LOCAL".."$REMOTE"
        echo ""
        if confirm "Update repo?"; then
-            git pull --ff-only
+            sudo git pull --ff-only
            log "Repo updated."
        else
            log "Repo update skipped."