# Use latest Debian stable as base image FROM debian:stable-slim AS build # Set environment variables ENV DEBIAN_FRONTEND=noninteractive ENV HOME=/home/tsysdevstack ENV USER=tsysdevstack ENV MISE_DATA_DIR=/home/tsysdevstack/.local/share/mise ENV MISE_CONFIG_DIR=/home/tsysdevstack/.config/mise ENV PATH=/home/tsysdevstack/.local/share/mise/shims:/home/tsysdevstack/.local/bin:/usr/local/bin:$PATH # Install system dependencies (as root only during build time) RUN apt-get update && \ apt-get install -y --no-install-recommends \ ca-certificates \ curl \ wget \ gnupg \ lsb-release \ git \ unzip \ zip \ build-essential \ python3 \ python3-pip \ python3-dev \ nodejs \ npm \ sudo \ locales \ fonts-noto \ fonts-noto-cjk \ fonts-noto-color-emoji \ fontconfig \ && rm -rf /var/lib/apt/lists/* \ && apt-get clean # Set up locale RUN echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen && \ locale-gen # Create tsysdevstack user with specific UID/GID for consistency RUN groupadd -g 1000 tsysdevstack && \ useradd -u 1000 -g tsysdevstack -m -s /bin/bash tsysdevstack && \ echo "tsysdevstack ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/tsysdevstack && \ chmod 0440 /etc/sudoers.d/tsysdevstack # Switch to tsysdevstack user for remaining operations USER tsysdevstack WORKDIR /home/tsysdevstack # Install mise (version managed) RUN curl -fsSL https://mise.run | sh -s -- -y && \ # Add mise to PATH and source it in .bashrc echo 'eval "$(~/.local/bin/mise activate bash)"' >> ~/.bashrc && \ echo 'eval "$(~/.local/bin/mise activate zsh)"' >> ~/.zshrc # Install TeXLive for document generation RUN mkdir -p /tmp/texlive && \ cd /tmp/texlive && \ wget http://mirror.ctan.org/systems/texlive/tlnet/install-tl-unx.tar.gz && \ tar -xzf install-tl-unx.tar.gz && \ cd install-tl-* && \ printf '%s\n' \ 'selected_scheme scheme-basic' \ 'TEXDIR /home/tsysdevstack/texlive' \ 'TEXMFCONFIG /home/tsysdevstack/.texmf-config' \ 'TEXMFVAR /home/tsysdevstack/.texmf-var' \ 'option_doc 0' \ 'option_src 0' \ > texlive.profile && \ ./install-tl --profile=texlive.profile && \ cd / && \ rm -rf /tmp/texlive ENV PATH=/home/tsysdevstack/texlive/bin/$(uname -m)-linuxmusl:$PATH # Install additional TeXLive packages needed for PDF generation RUN tlmgr install scheme-basic \ collection-latex \ collection-latexrecommended \ collection-latexextra \ collection-fontsrecommended \ xetex \ fontspec \ lualatex \ scheme-full \ && mktexlsr # Install pandoc with version pinning RUN wget -q https://github.com/jgm/pandoc/releases/download/3.2/pandoc-3.2-1-amd64.deb -O /tmp/pandoc.deb && \ dpkg-deb -x /tmp/pandoc.deb /tmp/pandoc && \ cp -r /tmp/pandoc/usr/* /usr/local/ && \ rm /tmp/pandoc.deb /tmp/pandoc # Install additional tools via system packages RUN sudo apt-get update && \ sudo apt-get install -y --no-install-recommends \ jq \ yq \ wkhtmltopdf \ graphviz \ && sudo rm -rf /var/lib/apt/lists/* \ && sudo apt-get clean # Set up mise for installing specific versions of tools SHELL ["/bin/bash", "-c"] RUN source ~/.bashrc && \ mise use --global python@3.12.6 && \ mise use --global node@21.7.3 && \ mise install # Install tools via npm (using mise-managed Node.js) RUN source ~/.bashrc && \ npm install -g mdbook@0.4.40 && \ npm install -g typst@0.12.0 && \ npm install -g @marp-team/marp-cli@3.4.0 && \ npm install -g markwhen@0.9.1 && \ npm install -g quarto-cli@1.6.17 && \ npm install -g vale@3.4.2 # Install tools via pip (using mise-managed Python) RUN source ~/.bashrc && \ pip3 install --user kroki-cli==0.6.0 && \ pip3 install --user bibtool==3.2 # Install Rust-based tools RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y ENV PATH=/home/tsysdevstack/.cargo/bin:$PATH RUN source ~/.bashrc && \ cargo install --version 0.8.0 ripgrep # Install fish shell, zsh and other utilities RUN sudo apt-get update && \ sudo apt-get install -y --no-install-recommends \ fish \ zsh \ && sudo rm -rf /var/lib/apt/lists/* \ && sudo apt-get clean # Set up oh-my-zsh RUN sh -c "$(curl -fsSL https://raw.github.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" "" --unattended # Final stage - create minimal runtime image FROM debian:stable-slim # Set environment variables ENV DEBIAN_FRONTEND=noninteractive ENV HOME=/home/tsysdevstack ENV USER=tsysdevstack ENV MISE_DATA_DIR=/home/tsysdevstack/.local/share/mise ENV MISE_CONFIG_DIR=/home/tsysdevstack/.config/mise ENV PATH=/home/tsysdevstack/.local/share/mise/shims:/home/tsysdevstack/.local/bin:/usr/local/bin:/home/tsysdevstack/texlive/bin/$(uname -m)-linuxmusl:$PATH # Install minimal runtime dependencies RUN apt-get update && \ apt-get install -y --no-install-recommends \ ca-certificates \ curl \ wget \ git \ python3 \ python3-pip \ nodejs \ npm \ sudo \ locales \ fonts-noto \ fonts-noto-cjk \ fonts-noto-color-emoji \ fontconfig \ wkhtmltopdf \ graphviz \ jq \ yq \ && rm -rf /var/lib/apt/lists/* \ && apt-get clean # Set up locale RUN echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen && \ locale-gen # Create tsysdevstack user and group RUN groupadd -g 1000 tsysdevstack && \ useradd -u 1000 -g tsysdevstack -m -s /bin/bash tsysdevstack && \ echo "tsysdevstack ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/tsysdevstack && \ chmod 0440 /etc/sudoers.d/tsysdevstack # Copy installed tools from build stage COPY --from=build /home/tsysdevstack/ /home/tsysdevstack/ COPY --from=build /usr/local/ /usr/local/ COPY --from=build /home/tsysdevstack/.cargo/bin/ /home/tsysdevstack/.cargo/bin/ # Set up workspace directory RUN mkdir -p /home/tsysdevstack/TSYSDevStack/Toolbox/docs/output && \ chown -R tsysdevstack:tsysdevstack /home/tsysdevstack/TSYSDevStack # Switch to tsysdevstack user USER tsysdevstack WORKDIR /home/tsysdevstack # Expose output directory VOLUME ["/home/tsysdevstack/TSYSDevStack/Toolbox/docs/output"] # Default command CMD ["/bin/bash"]