snapshot

artifacts/ToolboxStack/toolbox-base/Dockerfile

@@ -0,0 +1,80 @@
+FROM ubuntu:24.04
+
+ARG USER_ID=1000
+ARG GROUP_ID=1000
+ARG USERNAME=toolbox
+
+ENV DEBIAN_FRONTEND=noninteractive
+
+RUN apt-get update \
+    && apt-get install -y --no-install-recommends \
+        ca-certificates \
+        curl \
+        fish \
+        fzf \
+        git \
+        jq \
+        locales \
+        openssh-client \
+        ripgrep \
+        tmux \
+        fd-find \
+        bat \
+        wget \
+        zsh \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
+
+# Provide common aliases for fd and bat binaries
+RUN ln -sf /usr/bin/fdfind /usr/local/bin/fd \
+    && ln -sf /usr/bin/batcat /usr/local/bin/bat
+
+# Configure locale to ensure consistent tool behavior
+RUN locale-gen en_US.UTF-8
+ENV LANG=en_US.UTF-8 \
+    LANGUAGE=en_US:en \
+    LC_ALL=en_US.UTF-8
+
+# Install Starship prompt
+RUN curl -fsSL https://starship.rs/install.sh | sh -s -- -y -b /usr/local/bin
+
+# Install aqua package manager (manages additional CLI tooling)
+RUN curl -sSfL https://raw.githubusercontent.com/aquaproj/aqua-installer/v2.3.1/aqua-installer | AQUA_ROOT_DIR=/usr/local/share/aquaproj-aqua bash \
+    && ln -sf /usr/local/share/aquaproj-aqua/bin/aqua /usr/local/bin/aqua
+
+# Create non-root user with matching UID/GID for host mapping
+RUN if getent passwd "${USER_ID}" >/dev/null; then \
+        existing_user="$(getent passwd "${USER_ID}" | cut -d: -f1)"; \
+        userdel --remove "${existing_user}"; \
+    fi \
+    && if ! getent group "${GROUP_ID}" >/dev/null; then \
+        groupadd --gid "${GROUP_ID}" "${USERNAME}"; \
+    fi \
+    && useradd --uid "${USER_ID}" --gid "${GROUP_ID}" --shell /usr/bin/zsh --create-home "${USERNAME}"
+
+# Install Oh My Zsh for the unprivileged user
+RUN su - "${USERNAME}" -c 'git clone --depth=1 https://github.com/ohmyzsh/ohmyzsh.git ~/.oh-my-zsh' \
+    && su - "${USERNAME}" -c 'cp ~/.oh-my-zsh/templates/zshrc.zsh-template ~/.zshrc' \
+    && su - "${USERNAME}" -c 'mkdir -p ~/.config' \
+    && su - "${USERNAME}" -c 'sed -i "s/^plugins=(git)$/plugins=(git fzf)/" ~/.zshrc' \
+    && su - "${USERNAME}" -c 'printf "\nexport PATH=\"\$HOME/.local/share/aquaproj-aqua/bin:\$HOME/.local/bin:\$PATH\"\n" >> ~/.zshrc' \
+    && su - "${USERNAME}" -c 'printf "\n# Starship prompt\neval \"\$(starship init zsh)\"\n" >> ~/.zshrc'
+
+COPY aqua.yaml /tmp/aqua.yaml
+
+RUN chown "${USER_ID}:${GROUP_ID}" /tmp/aqua.yaml \
+    && su - "${USERNAME}" -c 'mkdir -p ~/.config/aquaproj-aqua' \
+    && su - "${USERNAME}" -c 'cp /tmp/aqua.yaml ~/.config/aquaproj-aqua/aqua.yaml' \
+    && su - "${USERNAME}" -c 'AQUA_GLOBAL_CONFIG=~/.config/aquaproj-aqua/aqua.yaml aqua install'
+
+# Prepare workspace directory with appropriate ownership
+RUN mkdir -p /workspace \
+    && chown "${USER_ID}:${GROUP_ID}" /workspace
+
+ENV SHELL=/usr/bin/zsh \
+    PATH=/home/${USERNAME}/.local/share/aquaproj-aqua/bin:/home/${USERNAME}/.local/bin:${PATH}
+
+WORKDIR /workspace
+USER ${USERNAME}
+
+CMD ["/usr/bin/zsh"]