# Extend from the toolbox-base image
# NOTE: Always use the full image name to ensure compatibility in standalone builds
FROM tsysdevstack-toolboxstack-toolbox-base:dev

# Set build arguments (these can be overridden at build time)
ARG USER_ID=1000
ARG GROUP_ID=1000
ARG USERNAME=toolbox

# Ensure the non-root user exists with the correct UID/GID
RUN if getent passwd "${USER_ID}" >/dev/null; then \
        existing_user="$(getent passwd "${USER_ID}" | cut -d: -f1)"; \
        userdel --remove "${existing_user}" 2>/dev/null || true; \
    fi \
    && if ! getent group "${GROUP_ID}" >/dev/null; then \
        groupadd --gid "${GROUP_ID}" "${USERNAME}"; \
    fi \
    && useradd --uid "${USER_ID}" --gid "${GROUP_ID}" --shell /usr/bin/zsh --create-home "${USERNAME}"

# Switch to root user to install packages
USER root

# Install documentation-specific packages here
# Adding pandoc, plantuml, graphviz, and other documentation tools
RUN apt-get update && apt-get install -y --no-install-recommends \
    pandoc \
    plantuml \
    default-jre \
    graphviz \
    texlive-xetex \
    texlive-fonts-recommended \
    texlive-latex-extra \
    librsvg2-bin \
    npm \
    nodejs \
    python3 \
    python3-pip \
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/*

# Install additional documentation tools
# Adding Quarto, mdBook, Marp, Typst, and Markwhen
RUN npm install -g @quarto/quarto@1.4.549 \
    && npm install -g @marp-team/marp-cli@3.4.0 \
    && npm install -g @markwhen/mw@0.4.0 \
    && npm install -g joplin-cli@latest

# Install mdBook
RUN curl -sSL https://github.com/rust-lang/mdBook/releases/download/v0.4.41/mdbook-v0.4.41-x86_64-unknown-linux-gnu.tar.gz | tar -xz -C /usr/local/bin

# Install Typst
RUN curl -sSL https://github.com/typst/typst/releases/download/v0.12.0/typst-x86_64-unknown-linux-musl.tar.gz | tar -xz -C /usr/local/bin

# Add toolbox-specific aqua packages to the existing configuration
COPY aqua.yaml /tmp/aqua.additions
RUN su - "${USERNAME}" -c ' \
    cat /tmp/aqua.additions | grep -v "^version\|^registries" >> ~/.config/aquaproj-aqua/aqua.yaml && \
    AQUA_GLOBAL_CONFIG=/home/${USERNAME}/.config/aquaproj-aqua/aqua.yaml aqua install \
    '

# Install toolbox-specific npm packages here
# Example:
# RUN mise exec -- npm install -g @scope/package@version

# Remove sudo to ensure no root escalation is possible at runtime
RUN apt-get remove -y sudo 2>/dev/null || true && apt-get autoremove -y 2>/dev/null || true && rm -rf /var/lib/apt/lists/* 2>/dev/null || true

# Switch back to the non-root user
USER ${USERNAME}
WORKDIR /workspace

# Default command
CMD ["/usr/bin/zsh"]

# Ensure container runs as the toolbox user
USER toolbox