FROM ghcr.io/benradey/workstation-nvidia-base:latest

RUN dnf5 install -y \
      inotify-tools && \
    dnf5 clean all

# Build nvidia akmod with flag that produces proprietary kernal driver for older hardware
RUN echo "%_without_kmod_nvidia_detect 1" > /etc/rpm/macros.nvidia-kmod && \
    mkdir -p /var/log/akmods /var/cache/akmods/nvidia /var/tmp && \
    chmod 777 /var/tmp && \
    /usr/sbin/akmods --force --kernels "$(rpm -qa kernel --queryformat '%{VERSION}-%{RELEASE}.%{ARCH}')"

# The first check makes sure that we have exactly 4 gpg pubkeys trusted in the rpmdb (the ones from the base image).
# Any more than that means that dnf automatically added a new one, which is shady!
# Then: cleanup image for linting
# Finally: verify image is good
RUN [[ 4 -eq $(rpm -qa gpg-pubkey* | wc -l) ]] && \
    rm -rf /var /boot && mkdir /var /boot && \
    bootc container lint --fatal-warnings --skip baseimage-composefs
