ARG REGISTRY_DOMAIN

ARG NAMESPACE

FROM ${REGISTRY_DOMAIN}/${NAMESPACE}/onc-kde:main-nvidia

# Install virtualization tools
RUN dnf5 -y install libvirt libvirt-daemon-kvm virt-manager openvswitch NetworkManager-ovs

# Install general utilities
RUN dnf5 -y install croc solaar openrgb wireguard-tools

# Install general purpose development tools
RUN dnf5 -y install codium neovim wl-clipboard ansible python3-ansible-lint uv butane coreos-installer java-21-openjdk-devel

# Remove unwanted packages
RUN dnf5 -y remove kde-connect plasma-discover plasma-discover-libs

# Remove Firefox rpm (superseded by flatpak Firefox)
RUN dnf5 -y remove firefox firefox-langpacks

# Remove unneeded packages (currently doesn't actually reduce space, but reduces clutter)
RUN dnf5 -y autoremove

# Remove setuid/setgid binaries
# Except for polkit-agent-helper-1, it's currently required for interactive authentication with polkit.
RUN find /usr -mindepth 1 -type f -perm /6000 -regextype posix-extended -not -regex '^/usr/lib/polkit-1/polkit-agent-helper-1$|^/usr/s?bin/unix_chkpwd$|^/usr/s?bin/fusermount[0-9]?$' -exec sh -c "chmod ug-s '{}' && echo \"Removed setuid/setgid bit(s) from '{}'\"" \;

COPY ./selinux-policies /tmp/selinux-policies
RUN checkmodule -M -m -o /tmp/selinux-policies/ver4a-selinux.mod /tmp/selinux-policies/ver4a-selinux.te
RUN semodule_package -m /tmp/selinux-policies/ver4a-selinux.mod -o /tmp/selinux-policies/ver4a-selinux.pp
RUN semodule -i /tmp/selinux-policies/ver4a-selinux.pp

# https://github.com/ostreedev/ostree-rs-ext/issues/159
RUN ostree container commit

LABEL quay.expires-after=""