FROM quay.io/fedora/fedora-budgie-atomic:43

COPY gpg-keys/* /keys/

RUN wget -O /etc/udev/rules.d/42-logitech-unify-permissions.rules https://raw.githubusercontent.com/pwr-Solaar/Solaar/refs/heads/master/rules.d-uinput/42-logitech-unify-permissions.rules

RUN rpm --import \
      /keys/public_key_proton.asc \
      /keys/RPM-GPG-KEY-rpmfusion-free-fedora-2020 \
      /keys/RPM-GPG-KEY-rpmfusion-nonfree-fedora-2020 \
      /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-43-x86_64 && \
    rm -rf /keys && \
    dnf5 install -y https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm \
      https://mirrors.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm \
      https://repo.protonvpn.com/fedora-$(cat /etc/fedora-release | cut -d' ' -f 3)-stable/protonvpn-stable-release/protonvpn-stable-release-1.0.3-1.noarch.rpm && \
    dnf5 install -y \
      adobe-source-code-pro-fonts \
      akmods \
      android-tools \
      ansible \
      blueman \
      blueman-nemo \
      cinnamon \
      distrobox \
      fuse-sshfs \
      geany \
      git \
      gnome-terminal \
      htop \
      iftop \
      iotop \
      libva-nvidia-driver \
      libva-utils \
      numlockx \
      nvtop \
      qpdf \
      steam \
      syncthing \
      system-config-printer \
      vdpauinfo \
      vim \
      virt-manager \
      vulkan-tools && \
    dnf5 swap -y ffmpeg-free ffmpeg --allowerasing && \
    dnf5 swap -y mesa-va-drivers mesa-va-drivers-freeworld && \
    dnf5 swap -y mesa-vdpau-drivers mesa-vdpau-drivers-freeworld && \
    dnf5 clean all

# TODO: Remove this `|| true` hack once post scriptlets no longer make dnf exit with non-zero
RUN dnf5 install -y \
      akmod-nvidia \
      xorg-x11-drv-nvidia-cuda \
      proton-vpn-gnome-desktop || true && \
      dnf5 clean all
# TODO: Remove these unnecessary checks to make sure the packages above actually got installed. rpm exits non-zero if the package is not installed and aborts the Containerfile build
RUN rpm -q akmod-nvidia && \
    rpm -q xorg-x11-drv-nvidia-cuda && \
    rpm -q proton-vpn-gnome-desktop

# The first check makes sure that we have exactly 4 gpg pubkeys trusted in the rpmdb (the ones manually imported above).
# Any more than that means that dnf automatically added a new one, which is shady!
# Then: cleanup image for linting
# Finally: verify image is good
RUN [[ 4 -eq $(rpm -qa gpg-pubkey* | wc -l) ]] && \
    rm -rf /var /boot && mkdir /var /boot && \
    bootc container lint --fatal-warnings --skip baseimage-composefs