# ─────────────────── # Stage 1: Base Image # ─────────────────── FROM archlinux:base-devel-20250511.0.348143 as base ARG DEV_USER=devuser ARG DEV_UID=1000 ARG DEV_GID=1000 # Install all necessary packages and clean up cache RUN pacman -Sy --noconfirm && \ pacman -S --noconfirm --needed \ base-devel neovim git git-lfs fish tmux go-yq rust starship podman \ nodejs python fzf fd ripgrep jdk-openjdk fisher yazi less rust-analyzer \ lazygit luarocks python-pynvim npm bash-completion tree-sitter-cli kitty-terminfo \ lua51 openssh fortune-mod podman-compose podman-docker && \ pacman -Scc --noconfirm && \ rm -rf /var/cache/pacman/pkg/* /usr/bin/sshd /usr/lib/systemd/system/sshd.service # Create user/groups as per your script, with -l to avoid system user quirks RUN groupadd -g $DEV_GID $DEV_USER && \ useradd -l -ms /bin/fish -u $DEV_UID -g $DEV_GID $DEV_USER # ──────────────────────── # Stage 2: Workspace Image # ──────────────────────── FROM base as workspace ARG DEV_USER=devuser ARG DEV_UID=1000 ARG DEV_GID=1000 ARG DEV_HOME=/home/$DEV_USER ARG POD_USER=mypodmanuser ARG POD_UID=1002 # Use ADD for extracting archives ADD home.tar.gz $DEV_HOME COPY --chmod=755 start.sh $DEV_HOME/ # Prepare .ssh and known_hosts, and fix permissions only if dirs exist RUN mkdir -p $DEV_HOME/.ssh && \ touch /etc/containers/nodocker && \ ssh-keyscan -p 2222 10.88.0.1 >> $DEV_HOME/.ssh/known_hosts && \ ssh-keyscan -p 22 github.com >> $DEV_HOME/.ssh/known_hosts && \ for d in $DEV_HOME/.local \ $DEV_HOME/.config/fish/completions \ $DEV_HOME/.config/fish/functions \ $DEV_HOME/.config/fish/fish_variables \ $DEV_HOME/.ssh; do \ if [ -e "$d" ]; then chown -R $DEV_USER:$DEV_USER "$d"; fi; \ done && \ for d in $DEV_HOME/.local \ $DEV_HOME/.config \ $DEV_HOME/.config/fish \ $DEV_HOME/.config/tmux; do \ if [ -e "$d" ]; then chown $DEV_USER:$DEV_USER "$d"; fi; \ done WORKDIR /app USER $DEV_USER RUN podman system connection add my-remote --identity $DEV_HOME/.ssh/id_ed25519 \ ssh://$POD_USER@10.88.0.1/run/user/${POD_UID}/podman/podman.sock && \ podman system connection default my-remote CMD ["/home/devuser/start.sh"]