workspaces/Containerfile

# ───────────────────
# Stage 1: Base Image
# ───────────────────
FROM archlinux:base-devel-20250511.0.348143 as base

ARG DEV_USER=devuser
ARG DEV_UID=1000
ARG DEV_GID=1000

# Install all necessary packages and clean up cache
RUN pacman -Sy --noconfirm && \
  pacman -S --noconfirm --needed \
  base-devel neovim git git-lfs fish tmux go-yq rust starship podman \
  nodejs python fzf fd ripgrep jdk-openjdk fisher yazi less rust-analyzer \
  lazygit luarocks python-pynvim npm bash-completion tree-sitter-cli kitty-terminfo \
  lua51 openssh fortune-mod podman-compose podman-docker && \
  pacman -Scc --noconfirm && \
  rm -rf /var/cache/pacman/pkg/* /usr/bin/sshd /usr/lib/systemd/system/sshd.service

# Create user/groups as per your script, with -l to avoid system user quirks
RUN groupadd -g $DEV_GID $DEV_USER && \
  useradd -l -ms /bin/fish -u $DEV_UID -g $DEV_GID $DEV_USER

# ────────────────────────
# Stage 2: Workspace Image
# ────────────────────────
FROM base as workspace

ARG DEV_USER=devuser
ARG DEV_UID=1000
ARG DEV_GID=1000
ARG DEV_HOME=/home/$DEV_USER
ARG POD_USER=mypodmanuser
ARG POD_UID=1002

# Use ADD for extracting archives
ADD home.tar.gz $DEV_HOME
COPY --chmod=755 start.sh $DEV_HOME/

# Prepare .ssh and known_hosts, and fix permissions only if dirs exist
RUN mkdir -p $DEV_HOME/.ssh && \
  touch /etc/containers/nodocker && \
  ssh-keyscan -p 2222 10.88.0.1 >> $DEV_HOME/.ssh/known_hosts && \
  ssh-keyscan -p 22 github.com >> $DEV_HOME/.ssh/known_hosts && \
  for d in $DEV_HOME/.local \
  $DEV_HOME/.config/fish/completions \
  $DEV_HOME/.config/fish/functions \
  $DEV_HOME/.config/fish/fish_variables \
  $DEV_HOME/.ssh; do \
  if [ -e "$d" ]; then chown -R $DEV_USER:$DEV_USER "$d"; fi; \
  done && \
  for d in $DEV_HOME/.local \
  $DEV_HOME/.config \
  $DEV_HOME/.config/fish \
  $DEV_HOME/.config/tmux; do \
  if [ -e "$d" ]; then chown $DEV_USER:$DEV_USER "$d"; fi; \
  done

WORKDIR /app
USER $DEV_USER

RUN  podman system connection add my-remote --identity $DEV_HOME/.ssh/id_ed25519 \
  ssh://$POD_USER@10.88.0.1/run/user/${POD_UID}/podman/podman.sock && \
  podman system connection default my-remote

CMD ["/home/devuser/start.sh"]
feat: add containerfile for our builds 2025-05-17 13:00:41 +00:00			`# ───────────────────`
			`# Stage 1: Base Image`
			`# ───────────────────`
			`FROM archlinux:base-devel-20250511.0.348143 as base`

			`ARG DEV_USER=devuser`
feat: modify UID:GID to 1000:1000 for container 2025-05-22 16:49:48 +00:00			`ARG DEV_UID=1000`
			`ARG DEV_GID=1000`
feat: add containerfile for our builds 2025-05-17 13:00:41 +00:00
			`# Install all necessary packages and clean up cache`
			`RUN pacman -Sy --noconfirm && \`
			`pacman -S --noconfirm --needed \`
feat: add podman package and connection settings 2025-05-20 18:27:19 +00:00			`base-devel neovim git git-lfs fish tmux go-yq rust starship podman \`
feat: add package rust-analyzer 2025-05-20 08:52:50 +00:00			`nodejs python fzf fd ripgrep jdk-openjdk fisher yazi less rust-analyzer \`
feat: add containerfile for our builds 2025-05-17 13:00:41 +00:00			`lazygit luarocks python-pynvim npm bash-completion tree-sitter-cli kitty-terminfo \`
feat: add packages podman-compose and podman-docker 2025-05-20 20:42:50 +00:00			`lua51 openssh fortune-mod podman-compose podman-docker && \`
feat: add containerfile for our builds 2025-05-17 13:00:41 +00:00			`pacman -Scc --noconfirm && \`
feat: remove sshd from openssh package 2025-05-21 10:36:38 +00:00			`rm -rf /var/cache/pacman/pkg/* /usr/bin/sshd /usr/lib/systemd/system/sshd.service`
feat: add containerfile for our builds 2025-05-17 13:00:41 +00:00
			`# Create user/groups as per your script, with -l to avoid system user quirks`
			`RUN groupadd -g $DEV_GID $DEV_USER && \`
feat: remove secproc group and copy start.sh separately 2025-05-23 11:59:44 +00:00			`useradd -l -ms /bin/fish -u $DEV_UID -g $DEV_GID $DEV_USER`
feat: add containerfile for our builds 2025-05-17 13:00:41 +00:00
			`# ────────────────────────`
			`# Stage 2: Workspace Image`
			`# ────────────────────────`
			`FROM base as workspace`

			`ARG DEV_USER=devuser`
feat: modify UID:GID to 1000:1000 for container 2025-05-22 16:49:48 +00:00			`ARG DEV_UID=1000`
			`ARG DEV_GID=1000`
feat: add containerfile for our builds 2025-05-17 13:00:41 +00:00			`ARG DEV_HOME=/home/$DEV_USER`
feat: add podman package and connection settings 2025-05-20 18:27:19 +00:00			`ARG POD_USER=mypodmanuser`
			`ARG POD_UID=1002`
feat: add containerfile for our builds 2025-05-17 13:00:41 +00:00
			`# Use ADD for extracting archives`
			`ADD home.tar.gz $DEV_HOME`
feat: remove secproc group and copy start.sh separately 2025-05-23 11:59:44 +00:00			`COPY --chmod=755 start.sh $DEV_HOME/`
feat: add containerfile for our builds 2025-05-17 13:00:41 +00:00
			`# Prepare .ssh and known_hosts, and fix permissions only if dirs exist`
			`RUN mkdir -p $DEV_HOME/.ssh && \`
feat: supress podman-compose warning 2025-05-20 20:59:24 +00:00			`touch /etc/containers/nodocker && \`
feat: add containerfile for our builds 2025-05-17 13:00:41 +00:00			`ssh-keyscan -p 2222 10.88.0.1 >> $DEV_HOME/.ssh/known_hosts && \`
			`ssh-keyscan -p 22 github.com >> $DEV_HOME/.ssh/known_hosts && \`
			`for d in $DEV_HOME/.local \`
			`$DEV_HOME/.config/fish/completions \`
			`$DEV_HOME/.config/fish/functions \`
			`$DEV_HOME/.config/fish/fish_variables \`
			`$DEV_HOME/.ssh; do \`
			`if [ -e "$d" ]; then chown -R $DEV_USER:$DEV_USER "$d"; fi; \`
			`done && \`
			`for d in $DEV_HOME/.local \`
			`$DEV_HOME/.config \`
			`$DEV_HOME/.config/fish \`
			`$DEV_HOME/.config/tmux; do \`
			`if [ -e "$d" ]; then chown $DEV_USER:$DEV_USER "$d"; fi; \`
			`done`

			`WORKDIR /app`
			`USER $DEV_USER`

fix: run podman as user and correct default command 2025-05-20 18:37:17 +00:00			`RUN podman system connection add my-remote --identity $DEV_HOME/.ssh/id_ed25519 \`
			`ssh://$POD_USER@10.88.0.1/run/user/${POD_UID}/podman/podman.sock && \`
			`podman system connection default my-remote`

feat: add containerfile for our builds 2025-05-17 13:00:41 +00:00			`CMD ["/home/devuser/start.sh"]`