FROM node:24

RUN apt-get update && apt-get upgrade -y && \
    apt-get install -y --no-install-recommends \
      podman \
      uidmap \
      slirp4netns \
      fuse-overlayfs \
      dbus-user-session \
      containernetworking-plugins \
      netavark \
      aardvark-dns \
      iptables \
      ca-certificates && \
    rm -rf /var/lib/apt/lists/*

RUN set -eux; \
    userdel -r node; \
    groupadd -g 1000 opencode; \
    useradd -m -u 1000 -g 1000 -s /usr/bin/bash opencode; \
    awk -F: '!seen[$1":"$2":"$3]++' /etc/subuid > /etc/subuid.tmp; \
    mv /etc/subuid.tmp /etc/subuid; \
    awk -F: '!seen[$1":"$2":"$3]++' /etc/subgid > /etc/subgid.tmp; \
    mv /etc/subgid.tmp /etc/subgid; \
    mkdir -p /home/opencode/.config/containers /home/opencode/.local/share/containers; \
    printf '%s\n' '[storage]' 'driver = "vfs"' > /home/opencode/.config/containers/storage.conf; \
    printf '%s\n' '[engine]' 'cgroup_manager = "cgroupfs"' 'events_logger = "file"' > /home/opencode/.config/containers/containers.conf; \
    chown -R 1000:1000 /home/opencode/.config /home/opencode/.local; \
    npm update -g && \
    npm install -g opencode-ai n2-soul@9.0.8 && \
    npm cache clean --force

COPY --chmod=755 opencode-attach /usr/local/bin/opencode-attach

ENV XDG_RUNTIME_DIR=/tmp/run-user/1000
ENV _CONTAINERS_USERNS_CONFIGURED=""

RUN mkdir -p /tmp/run-user/1000 && chown -R 1000:1000 /tmp/run-user

USER opencode
WORKDIR /home/opencode

RUN opencode --version
RUN podman --version

ENTRYPOINT ["opencode"]
