# Use latest Debian stable as base image FROM debian:stable-slim # Build arguments for version pinning ARG DEBIAN_FRONTEND=noninteractive ARG TSDS_USER=tsysdevstack ARG TSDS_UID=1000 ARG TSDS_GID=1000 # Install dependencies for system packages (apt-get) - pin all versions RUN apt-get update && \ apt-get install -y --no-install-recommends \ ca-certificates=20240224 \ curl=8.6.0-1 \ wget=1.21.4-1 \ gnupg=2.2.41-1 \ gosu=1.12-5 \ git=1:2.43.0-1 \ unzip=6.0-28 \ zip=3.0-13 \ python3=3.11.2-1+b1 \ python3-pip=23.3.1+dfsg-1 \ python3-venv=3.11.2-1+b1 \ openssh-client=1:9.6p1-3 \ dumb-init=1.2.5-2 \ build-essential=12.9 \ texlive-full=2023.20230707-5 \ fonts-noto=20231023-1 \ fonts-noto-cjk=1:20221122+urwcyr1.0.7~dfsg-6 \ fonts-noto-color-emoji=20231023-1 \ fonts-liberation2=2.1.5-1 \ fonts-roboto=2:20230915-1 \ fonts-dejavu=2.37-6 \ fonts-opensymbol=2:102.12+LibO7.4.7-1 \ fonts-liberation=1:1.07.4-12 \ jq=1.6-2.1 \ yq=4.25.2+ds1-1 \ nodejs=1:21.7.3-1nodesource1 \ npm=10.2.4+ds-4 \ && \ apt-get clean && \ rm -rf /var/lib/apt/lists/* # Create group and user with specific UID/GID RUN groupadd -g ${TSDS_GID} ${TSDS_USER} && \ useradd -u ${TSDS_UID} -g ${TSDS_GID} -m -s /bin/bash -l ${TSDS_USER} # Install mise as the tsysdevstack user USER ${TSDS_USER} WORKDIR /home/${TSDS_USER} # Install mise (version-pinned) RUN curl -fsSL https://mise.run | bash -s -- -y && \ echo 'eval "$(~/.local/bin/mise activate bash)"' >> ~/.bashrc # Add mise to PATH and activate ENV PATH="/home/${TSDS_USER}/.local/bin:${PATH}" SHELL ["/bin/bash", "-o", "pipefail", "-c"] RUN echo 'eval "$(~/.local/bin/mise activate bash)"' >> ~/.bashrc && \ bash -c 'source ~/.bashrc' # Create a directory structure for the tools RUN mkdir -p ~/tools # Install fish, bash, and zsh shells and set fish as default for the user USER root RUN apt-get update && \ apt-get install -y --no-install-recommends \ fish=3.7.0-1+b4 \ zsh=5.9-4+b2 \ && \ apt-get clean && \ rm -rf /var/lib/apt/lists/* && \ chsh -s /usr/bin/fish ${TSDS_USER} # Install additional fonts and tools for document generation USER ${TSDS_USER} RUN mkdir -p ~/.config/fish && \ echo "set -g fish_greeting" > ~/.config/fish/config.fish # Install Rust via mise to support various tools RUN ~/.local/bin/mise use --global rust@1.78.0 && \ ~/.local/bin/mise exec -- rustup component add rust-src # Install Node.js via mise RUN ~/.local/bin/mise use --global node@21.7.3 # Install Python via mise RUN ~/.local/bin/mise use --global python@3.11.9 # Install Ruby via mise RUN ~/.local/bin/mise install ruby@3.3.0 # Install tools via npm (using mise-managed Node) and Pandoc USER root RUN ~/.local/bin/mise exec -- npm install -g \ mdbook@0.4.36 \ @marp-team/marp-cli@3.3.0 \ quarto-cli@1.5.57 \ kroki-cli@0.7.0 \ markwhen@0.7.10 \ vale@3.0.6 && \ curl -L -o pandoc.deb https://github.com/jgm/pandoc/releases/download/3.1.11.1/pandoc-3.1.11.1-1-amd64.deb && \ dpkg -i pandoc.deb && \ rm pandoc.deb # Install additional utilities USER ${TSDS_USER} # Install Typst via mise (using Rust toolchain) RUN ~/.local/bin/mise exec -- cargo install typst --version 0.12.0 # Install wkhtmltopdf USER root RUN apt-get update && \ apt-get install -y --no-install-recommends \ wkhtmltopdf=0.12.6.1-2 \ && \ apt-get clean && \ rm -rf /var/lib/apt/lists/* # Install bibtool USER root RUN apt-get update && \ apt-get install -y --no-install-recommends \ bibtool=2.72-2 \ && \ apt-get clean && \ rm -rf /var/lib/apt/lists/* # Set up working directory for documents USER ${TSDS_USER} WORKDIR /home/${TSDS_USER}/docs # Set up entrypoint with dumb-init for proper signal handling ENTRYPOINT ["/usr/bin/dumb-init", "--"] CMD ["/bin/fish"]