ostree-native-containers/Dockerfile.gnome

FROM quay.io/fedora-ostree-desktops/silverblue:42 AS mpv-build

RUN dnf5 -y install --setopt install_weak_deps=false git-core meson g++ autoconf cmake automake libtool freetype-devel fribidi-devel nasm pipewire-devel wayland-devel wayland-protocols-devel libshaderc-devel libxkbcommon-devel vulkan-loader-devel compat-lua-devel libva-devel openssl-devel

RUN mkdir /build && cd /build && git clone https://github.com/mpv-player/mpv-build.git

COPY ./mpv_options /build/mpv-build/mpv_options

RUN cd /build/mpv-build && ./rebuild -j$(nproc)


FROM quay.io/fedora-ostree-desktops/silverblue:42

COPY --from=mpv-build /build/mpv-build/mpv/build/mpv /bin/mpv

# dnf configuration has to be in effect during build
COPY etc/dnf /etc/dnf

# Add rpmfusion repositories
RUN dnf5 -y install https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm https://mirrors.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm

# Install ffmpeg (removing all the -free replacements is required)
RUN dnf5 -y install --allowerasing ffmpeg

# Install hardware codecs
RUN dnf5 -y install intel-media-driver

# Install gpu utilities
RUN dnf5 -y install igt-gpu-tools

# Install openh264
RUN dnf5 -y swap noopenh264 openh264 && dnf5 -y install mozilla-openh264

# Bulk of layered packages
RUN dnf5 -y install vim bat btop pv restic zstd nmap-ncat yt-dlp

# Set vim as default editor
RUN dnf5 -y swap nano-default-editor vim-default-editor

# Remove default color prompt (is replaced with a custom one)
RUN dnf5 -y remove bash-color-prompt

# Apply configuration
COPY etc /etc
COPY usr /usr

# Apply hardened firewall configuration
RUN firewall-offline-cmd --set-default-zone public
RUN firewall-offline-cmd --remove-service ssh

# Restrict permissions on quadlet directory
RUN chmod 700 /etc/containers/systemd

# https://github.com/ostreedev/ostree-rs-ext/issues/159
RUN ostree container commit

LABEL quay.expires-after=""