xdg-open ~ (Super+E) cold-starts Nautilus every time, causing
noticeable delay. A GApplication service keeps Nautilus warm in the
background so subsequent opens are near-instant. Follows the same
pattern as the existing walker.service.
Closes#2
The registry signing key was imported without verifying its fingerprint,
allowing a MITM or compromised server to inject a rogue key. Now checks
the downloaded key against a pinned fingerprint before import. Also adds
trap EXIT for tempfile cleanup and rejects empty curl responses.
libadwaita overrides application-level CSS, causing a visible
background behind the control center overlay. Setting cssPriority
to "user" ensures custom styles take precedence.
Both the pacman package registry and the paru PKGBUILD repo used
[moonarch] as section name, causing paru to fail resolving PKGBUILD
upgrade targets against the wrong repo. Renamed PKGBUILD repo to
[moonarch-pkgbuilds] and moved config from ~/.config/paru/paru.conf
to system-wide /etc/paru.conf.
Hand-converted @define-color CSS was not rendering correctly.
Replaced with pre-built release CSS, accent changed from Blue
to Lavender (#b4befe), font set to UbuntuSans Nerd Font.
The greeter runs as the greeter user, so user-level gsettings
don't apply. Explicit gtk-theme ensures Colloid-Grey-Dark-Catppuccin
is used in the login screen.
Import Gitea Arch registry key dynamically and configure pacman
with SigLevel = Required DatabaseOptional. Key ID is extracted
from the downloaded key file to avoid hardcoding.
Runner based on archlinux:base-devel with git, curl, makepkg.
Runs as non-root builder user so makepkg works natively without
permission workarounds. Registration data stored in /data volume.
The runner image is now built on archlinux:base-devel with git,
curl, makepkg and a non-root builder user baked in. This removes
the need for per-workflow pacman installs and enables host mode.
- Set kernels to linux-zen in user_configuration.json to skip
interactive kernel selection during install
- Add post-install step to append quiet to non-fallback systemd-boot
entries for clean boot output
Audit fixes for command injection risks in helper scripts:
- moonarch-cpugov: eval for quoted COMMANDS expansion (pkexec context)
- moonarch-btnote: while+read with process substitution, quoted vars
- moonarch-vpn: -- guard before connection name in nmcli calls
- post-install.sh: else-logging when USER_DEFAULTS dir missing
The greeter's niri session triggered D-Bus activation of
xdg-desktop-portal-gtk, which failed 17x on every boot because
WAYLAND_DISPLAY is not set in the greeter's D-Bus scope.
Setting GTK_USE_PORTAL=0 prevents GTK from requesting portal
services the greeter does not need.
- Source zsh-autosuggestions and zsh-syntax-highlighting from
/usr/share/zsh/plugins/ instead of oh-my-zsh custom dir
- Add both as official packages
- Remove waybar network and custom/vpn modules (nm-applet covers this)
- Move tray from modules-left to first position in modules-right
Remove prefixes and actions for providers not installed as
elephant packages: windows, symbols, websearch, archlinuxpkgs.
Add provider set for nirisessions.
These configs are owned by their respective packages in /etc/xdg/ so
the XDG copy loop installs the package defaults instead of ours.
Overwrite with moonarch versions from /usr/share/moonarch/ after the
loop.
walker-bin, elephant-bin, stasis, colloid-catppuccin-gtk-theme-git,
and waypaper are already pulled in as dependencies of moonarch-git.
Duplicating them in aur.txt caused package conflicts during transform.
cp -r from /etc/xdg/ preserved root ownership on directories,
causing rm -rf to fail on subsequent runs. Add --no-preserve=ownership
to cp and escalated rm fallback for existing root-owned dirs.
nm-applet replaces the foot terminal workaround for VPN authentication,
providing a proper NetworkManager secret agent. moonarch-vpn now handles
both VPN and WireGuard connection types. Waybar indicator switched from
tun0 interface check to nmcli active connection query with signal-based
instant refresh.
Port cd() wrapper (auto eza listing on directory change) and
extract() function (universal archive extraction) from active
user config into moonarch defaults.
Walker (GTK4 + Elephant backend) replaces rofi-lbonn-wayland-git as the
central launcher and menu framework.
Native Walker providers replace 5 custom rofi scripts:
- App launcher (desktopapplications provider)
- Clipboard (clipboard provider, replaces cliphist frontend)
- Bluetooth (bluetooth provider, replaces bluetoothctl script)
- Volume/audio (wireplumber provider)
- Sink switcher (wireplumber provider)
3 scripts ported to Walker dmenu mode:
- moonarch-vpn (nmcli)
- moonarch-cpugov (auto-cpufreq)
- moonarch-sink-switcher (pactl)
Settings menu (moonarch-setmen) removed — apps are findable via Walker
app search directly.
Walker theme (gtk-inherit) inherits all colors from the active GTK4
theme instead of hardcoding Catppuccin values.
Walker and Elephant run as systemd user services for instant startup.
Also standardizes GTK theme to Colloid-Grey-Dark-Catppuccin across all
config files (was inconsistent between gsettings and file configs).
Old rofi configs preserved in legacy/rofi/ for reference.
Extract common applet pattern (no-icon dmenu layout) into applet.rasi.
Reduce clipboard, vpn, cpugov, volume, and bluetooth themes to pure
overrides — eliminates ~380 lines of duplication. Also fixes broken
fonts.rasi import in bluetooth.rasi.
- Point dunst to /etc/xdg/dunst/dunstrc via -conf flag (dunst with
SYSCONFDIR=/etc does not search XDG_CONFIG_DIRS)
- Update dunstrc: fix legacy offset syntax, replace missing
Tela-purple-dark icon theme with Colloid-Grey-Catppuccin-Dark
- Replace dunstify with notify-send in moonarch-cpugov for
daemon-agnostic notifications, fix broken icon path
- Replace dbus-monitor based moonarch-dnd script with inline
waybar polling (interval 2s), fixing process accumulation bug
- Add #custom-dnd to waybar CSS padding rule
Bug fixes from quality and security audits:
- moonarch-capsnote: use value[0] instead of value[2]
- moonarch-btnote: guard empty PER_INT before integer comparison
- moonarch-clipboard + niri config: use XDG_RUNTIME_DIR instead of UID 1000
- moonarch-waybar-hidpp: use charging icon when charging
- moonarch-waybar-gpustat: find gpu_busy_percent dynamically across hwmon*
- post-install/transform: use systemctl --user cat for service detection
- post-install/transform: install paru from [extra] instead of AUR clone
Replace wlogout with moonset in niri keybind and waybar on-click.
Remove moonarch-session (dead code, replaced by moonset) and wlogout
layout config.
Refactor post-install.sh and transform.sh to install moonarch-git via
paru instead of manually copying configs, scripts, and themes. Remove
install-themes.sh (replaced by sweet-cursors-git dependency). Replace
update.sh with deprecation notice that forwards to the package-provided
moonarch-update in /usr/bin/.
Simplified updater that reads package lists from /usr/share/moonarch/
instead of syncing a git repo. Designed to be shipped by the
moonarch-git package as /usr/bin/moonarch-update.
Remove chown from archinstall custom-commands so the repo stays
root:root. Use sudo for git operations in update.sh. Any user with
sudo can now run moonarch-update without owning the repo.
Extract shared helpers into lib.sh (log, err, confirm, path constants)
and refactor post-install.sh + update.sh to source it.
New transform.sh converts an existing Arch+Wayland system to Moonarch:
pre-flight summary, config backup, DM conflict resolution, PulseAudio
removal, full package install, and hard overwrite of all configs.
Also migrate kanshi from niri spawn-at-startup to systemd user service.
