FROM mcr.microsoft.com/devcontainers/typescript-node:24-bookworm

# Arguments for the non-root user (provided by VS Code remote extensions)
ARG USERNAME=node

# Install system packages required by Tauri on Linux and packages for VNC/noVNC
RUN apt-get update \
  && apt-get install -y --no-install-recommends \
  git \
  ca-certificates \
  pkg-config \
  libgtk-3-dev \
  libgdk-pixbuf2.0-dev \
  libwebkit2gtk-4.1-dev \
  build-essential \
  curl \
  wget \
  file \
  libxdo-dev \
  libssl-dev \
  libayatana-appindicator3-dev \
  libgdk-pixbuf2.0-dev \
  librsvg2-dev \
  xvfb \
  xauth \
  dbus-x11 \
  xfce4 \
  xfce4-goodies \
  x11vnc \
  websockify \
  python3 \
  python3-pip \
  && rm -rf /var/lib/apt/lists/*

# Install rustup and the stable toolchain into the non-root user's home
ENV RUSTUP_HOME=/home/${USERNAME}/.rustup \
  CARGO_HOME=/home/${USERNAME}/.cargo \
  PATH=/home/${USERNAME}/.cargo/bin:/usr/local/cargo/bin:$PATH

RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs -o /tmp/rustup-init.sh \
  && chmod +x /tmp/rustup-init.sh \
  && su - ${USERNAME} -c "/tmp/rustup-init.sh -y" \
  && rm /tmp/rustup-init.sh

# Enable Corepack (for pnpm) and install latest pnpm shim
RUN corepack enable \
  && corepack prepare pnpm@latest --activate

# Install the JS Tauri CLI globally for convenience
RUN npm install -g @tauri-apps/cli

# Switch to the non-root user for user-local installs
USER ${USERNAME}

# Install `just` (task runner) into the user's cargo bin
RUN cargo install --locked just || true

WORKDIR /workspace

# Temporarily switch back to root to install noVNC into /opt (root-owned)
USER root

# clone noVNC so we can proxy VNC over WebSockets (browser access)
RUN git clone https://github.com/novnc/noVNC.git /opt/noVNC \
  && git clone https://github.com/novnc/websockify.git /opt/noVNC/utils/websockify \
  && chown -R ${USERNAME}:${USERNAME} /opt/noVNC

# Ensure novnc scripts are executable
RUN chmod +x /opt/noVNC/utils/novnc_proxy || true

# Return to the non-root user for the rest of the build
USER ${USERNAME}

# copy the VNC start script (added in devcontainer) and make it executable
COPY --chown=${USERNAME}:${USERNAME} start-vnc.sh /workspace/.devcontainer/start-vnc.sh
RUN chmod +x /workspace/.devcontainer/start-vnc.sh

EXPOSE 5900 6080