ARG BASE_IMAGE=sandbox-registry.cn-zhangjiakou.cr.aliyuncs.com/opensandbox/desktop:latest
FROM ${BASE_IMAGE}

ARG NODE_MAJOR=24

ENV DEBIAN_FRONTEND=noninteractive \
    LANG=C.UTF-8 \
    LC_ALL=C.UTF-8 \
    DOTNET_ROOT=/usr/share/dotnet \
    DOTNET_CLI_TELEMETRY_OPTOUT=1 \
    DOTNET_SKIP_FIRST_TIME_EXPERIENCE=1 \
    NUGET_XMLDOC_MODE=skip \
    NODE_PATH=/usr/lib/node_modules \
    PIPX_HOME=/opt/pipx \
    PIPX_BIN_DIR=/usr/local/bin \
    PLAYWRIGHT_BROWSERS_PATH=/ms-playwright \
    PATH=/opt/browser-venv/bin:/usr/local/bin:/usr/local/sbin:/usr/sbin:/usr/bin:/sbin:/bin \
    GTK_IM_MODULE=fcitx \
    QT_IM_MODULE=fcitx \
    XMODIFIERS=@im=fcitx \
    INPUT_METHOD=fcitx \
    SDL_IM_MODULE=fcitx \
    TA_SANDBOX_DNS_SERVERS=1.1.1.1,8.8.8.8,223.5.5.5 \
    UV_LINK_MODE=copy

SHELL ["/bin/bash", "-o", "pipefail", "-c"]

USER root

RUN apt-get update \
    && apt-get install -y --no-install-recommends \
        ca-certificates \
        curl \
        gnupg \
    && install -d -m 0755 /etc/apt/keyrings \
    && curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key \
        | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg \
    && echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_${NODE_MAJOR}.x nodistro main" \
        > /etc/apt/sources.list.d/nodesource.list \
    && curl -fsSL https://packages.microsoft.com/config/ubuntu/22.04/packages-microsoft-prod.deb \
        -o /tmp/packages-microsoft-prod.deb \
    && dpkg -i /tmp/packages-microsoft-prod.deb \
    && apt-get update \
    && apt-get install -y --no-install-recommends \
      dbus-x11 \
      dotnet-sdk-8.0 \
      fcitx5 \
      fcitx5-chinese-addons \
      fcitx5-frontend-gtk3 \
      fcitx5-frontend-gtk4 \
      fcitx5-frontend-qt5 \
        fonts-dejavu-core \
        fonts-liberation \
      fonts-noto-cjk \
      fonts-noto-cjk-extra \
      fonts-wqy-microhei \
      fonts-wqy-zenhei \
      fonts-arphic-ukai \
      fonts-arphic-uming \
        git \
      im-config \
        jq \
        less \
        libreoffice-writer \
        locales \
        mousepad \
        nano \
        nodejs \
        pipx \
        procps \
        python3 \
        python3-pip \
        python3-venv \
        unzip \
        vim \
        wget \
        pandoc \
        xdotool \
        zip \
    && sed -i 's/DEFAULT_LOCALE = null;/DEFAULT_LOCALE = "zh_CN";/' /usr/share/novnc/app/localization.js \
    && locale-gen C.UTF-8 \
      && python3 -m venv /opt/browser-venv \
      && /opt/browser-venv/bin/pip install --no-cache-dir --upgrade pip \
      && /opt/browser-venv/bin/pip install --no-cache-dir playwright \
      && /opt/browser-venv/bin/playwright install --with-deps chromium \
    && PIPX_HOME=/opt/pipx PIPX_BIN_DIR=/usr/local/bin pipx install uv \
    && npm install -g npm@latest corepack rebrowser-patches \
    && corepack enable \
    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

COPY fonts/ /tmp/turbo-agent-fonts/
COPY fontconfig/local.conf /etc/fonts/local.conf

RUN install -d -m 0755 /usr/local/share/fonts/turbo-agent /etc/fonts/conf.d \
    && find /tmp/turbo-agent-fonts -type f \
        \( -iname '*.ttf' -o -iname '*.ttc' -o -iname '*.otf' \) \
        -exec cp -v {} /usr/local/share/fonts/turbo-agent/ \; \
    && fc-cache -f -v \
    && rm -rf /tmp/turbo-agent-fonts

RUN mkdir -p /tmp/.X11-unix /workspace /home/desktop \
    && chmod 1777 /tmp/.X11-unix \
    && (getent group desktop >/dev/null || groupadd -r desktop) \
    && (id desktop >/dev/null 2>&1 || useradd -m -s /bin/bash -r -g desktop -G audio,video desktop) \
    && chown -R desktop:desktop /workspace /home/desktop

COPY scripts/google-chrome /usr/local/bin/google-chrome
COPY scripts/ta-open-browser /usr/local/bin/ta-open-browser
COPY applications/turbo-agent-browser.desktop /usr/share/applications/turbo-agent-browser.desktop
COPY xfce-helpers/turbo-agent-browser.desktop /usr/share/xfce4/helpers/turbo-agent-browser.desktop

RUN chmod +x /usr/local/bin/google-chrome /usr/local/bin/ta-open-browser \
    && ln -sf /usr/local/bin/google-chrome /usr/local/bin/chromium \
    && ln -sf /usr/local/bin/google-chrome /usr/local/bin/chromium-browser \
    && update-alternatives --install /usr/bin/x-www-browser x-www-browser /usr/local/bin/google-chrome 100 \
    && update-alternatives --install /usr/bin/editor editor /usr/bin/vim 80 \
    && update-alternatives --install /usr/bin/editor editor /usr/bin/nano 60 \
    && xdg-mime default turbo-agent-browser.desktop x-scheme-handler/http x-scheme-handler/https text/html || true \
    && mkdir -p /root/.config/xfce4 /home/desktop/.config/xfce4 /root/Desktop /home/desktop/Desktop \
    && printf 'WebBrowser=turbo-agent-browser\n' > /root/.config/xfce4/helpers.rc \
    && printf 'WebBrowser=turbo-agent-browser\n' > /home/desktop/.config/xfce4/helpers.rc \
    && cp /usr/share/applications/turbo-agent-browser.desktop /root/Desktop/turbo-agent-browser.desktop \
    && cp /usr/share/applications/turbo-agent-browser.desktop /home/desktop/Desktop/turbo-agent-browser.desktop \
    && chmod +x /root/Desktop/turbo-agent-browser.desktop /home/desktop/Desktop/turbo-agent-browser.desktop \
    && chown -R desktop:desktop /home/desktop

USER root
WORKDIR /workspace

CMD ["bash"]
