librelad e7659926db feat(switcher): hands-off data migration across a docker mode switch
Switching rooted<->rootless re-maps every container's on-disk UIDs (rootless
offsets them by the subuid base), so a stateful app's data no longer lines up
in the new mode and a chown can't carry it. The portable carry is backup
(old mode) -> switch -> restore (new mode): restoreAppStart wipes and re-lays
each tree and re-owns it to the new mode's install user, which is exactly the
remap needed.

Wire that into dockerSwitcherSwap:
- switchMigrateBackupApps <old_mode>: before the switch, back up every
  installed app except libreportal (reconcile already carries the control
  plane). CFG_DOCKER_INSTALL_TYPE is already the target mode by the time the
  switcher runs, so force it (and the resolved install user) back to the old
  mode for the backups, else backupAppStart would talk to the not-yet-running
  new daemon. Any backup failure aborts the switch before the daemon is
  touched (nothing changed). No backup location enabled -> skip and keep the
  manual warning.
- switchMigrateRestoreApps: after the new daemon is up, restore each captured
  app best-effort, re-resolving the install user first so data is owned
  correctly; failures are reported per app rather than blocking.

Subject to the existing backup-completeness limitation (restic-as-libreportal
can't read files owned by other UIDs unless the app declares container-side
file capture) — same caveat as the manual procedure this automates.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Signed-off-by: librelad <librelad@digitalangels.vip>
2026-05-24 13:26:24 +01:00
..