# ====== Stage 1: Builder image ======
FROM fedora:latest AS builder

RUN dnf5 update -y && dnf install -y git golang

RUN git clone https://github.com/rfjakob/gocryptfs.git

WORKDIR /gocryptfs

RUN ./build-without-openssl.bash

# ====== Stage 2: Server image ======
FROM quay.io/fedora/fedora-silverblue:43

COPY --from=builder /gocryptfs/gocryptfs /usr/bin/gocryptfs

# Install ZFS repository & build deps & zfs
RUN dnf5 install -y https://github.com/zfsonlinux/zfsonlinux.github.com/raw/master/fedora/zfs-release-3-0$(rpm --eval "%{dist}").noarch.rpm && \
    dnf5 install -y \
      kernel-devel kernel-devel-matched kernel-headers kernel-srpm-macros && \
    dnf5 install -y zfs && \
    dkms autoinstall -k $(rpm -qa kernel --queryformat '%{VERSION}-%{RELEASE}.%{ARCH}') && \
    dnf5 clean all

# Install zrepl repository
COPY supermicro-x10drh/zrepl.asc /var/roothome/zrepl.asc
RUN rpm --import /var/roothome/zrepl.asc
COPY supermicro-x10drh/zrepl.repo /etc/yum.repos.d/zrepl.repo

# Install smallstep repository
COPY supermicro-x10drh/smallstep.repo /etc/yum.repos.d/smallstep.repo

RUN dnf5 install -y \
      ansible \
      borgbackup \
      certbot \
      distrobox \
      fail2ban \
      fuse-encfs \
      fuse-sshfs \
      hddtemp \
      htop \
      iftop \
      iotop \
      ipmitool \
      libvirt \
      lm_sensors \
      net-tools \
      netcat \
      nginx \
      nut \
      pv \
      python3-certbot-nginx \
      qemu-kvm \
      rclone \
      screen \
      smartmontools \
      step-cli \
      strace \
      stress-ng \
      telnet \
      vim \
      zrepl-v0.6.0-1.x86_64 && \
    dnf5 clean all

# Cleanup image for linting
RUN test -f /usr/lib/sysusers.d/libvirt.conf || echo -e 'g libvirt 963' > /usr/lib/sysusers.d/libvirt.conf && \
    test -f /usr/lib/sysusers.d/qat.conf || echo -e 'g qat 995' > /usr/lib/sysusers.d/qat.conf

# Cleanup image for linting & verify image is good
RUN rm -rf /var /boot && mkdir /var /boot && \
    bootc container lint --fatal-warnings --skip baseimage-composefs
