MiladyOS/Dockerfile at main · Koolskull/MiladyOS · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
# Use an official Jenkins image as a parent image
FROM jenkins/jenkins:lts-jdk11

# Define Pachctl, Caddy versions
ENV PACHCTL_TAG_VER 1.12.5
ENV CADDY_TAG_VER 2.4.6
ENV K3S_VERSION v1.26.10+k3s2
ENV K3SUP_VERSION 0.6.3

# Switch to root to install additional packages
USER root

# Install Docker client
RUN curl -fsSL https://get.docker.com -o get-docker.sh && \
    chmod +x get-docker.sh && \
    sh get-docker.sh

# Install Talos binary
RUN curl -sL https://talos.dev/install | sh


# Install NVIDIA Container Toolkit
RUN curl -fsSL https://nvidia.github.io/libnvidia-container/gpgkey | gpg --dearmor -o /usr/share/keyrings/nvidia-container-toolkit-keyring.gpg \
    && curl -s -L https://nvidia.github.io/libnvidia-container/stable/deb/nvidia-container-toolkit.list | \
       sed 's#deb https://#deb [signed-by=/usr/share/keyrings/nvidia-container-toolkit-keyring.gpg] https://#g' | \
       tee /etc/apt/sources.list.d/nvidia-container-toolkit.list \
    && apt-get update \
    && apt-get install -y nvidia-container-toolkit

# Install Ollama
RUN curl https://ollama.ai/install.sh | sh

# Set the working directory back if needed
WORKDIR /

# Install Caddy
RUN curl -L "https://github.com/caddyserver/caddy/releases/download/v${CADDY_TAG_VER}/caddy_${CADDY_TAG_VER}_linux_amd64.tar.gz" -o caddy.tar.gz && \
    tar -xvf caddy.tar.gz && \
    mv caddy /usr/local/bin/ && \
    rm caddy.tar.gz

# Install Pachctl only on amd64
RUN if [ "$(dpkg --print-architecture)" = "amd64" ]; then \
    curl -o /tmp/pachctl.deb -L https://github.com/pachyderm/pachyderm/releases/download/v${PACHCTL_TAG_VER}/pachctl_${PACHCTL_TAG_VER}_amd64.deb && \
    dpkg -i /tmp/pachctl.deb || true; \
    fi

# Install kubectl
RUN ARCH=$(dpkg --print-architecture) && curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/${ARCH}/kubectl" && \
    chmod +x kubectl && \
    mv kubectl /usr/local/bin/

# Add helm
RUN curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 \
    && chmod +x get_helm.sh && ./get_helm.sh

# Install iproute2 and avahi-daemon
RUN apt-get update && apt-get install -y iproute2 avahi-daemon cmake git wget

# Install k3sup
RUN curl -sLS https://get.k3sup.dev | sh

# Install gosu, pip, venv and ansible
RUN apt-get update && apt-get install -y gosu ansible sshpass python3-venv python3-pip jq libcap2-bin zip golang-go build-essential

RUN python3 -m pip install nbformat nbconvert --break-system-packages

RUN python3 -m pip install crdloadserver uvicorn fastapi --break-system-packages

# Install uv package manager using recommended approach
# The installer requires curl (and certificates) to download the release archive
RUN apt-get update && apt-get install -y --no-install-recommends curl ca-certificates

# Download the latest installer
ADD https://astral.sh/uv/install.sh /uv-installer.sh

# Run the installer then remove it
RUN sh /uv-installer.sh && rm /uv-installer.sh

# Ensure the installed binary is on the PATH (installer docs recommend this path)
ENV PATH="/root/.local/bin/:$PATH"
# Verify installation
RUN which uv && uv --version

# Install dependencies directly
WORKDIR /app
COPY pyproject.toml /app/
COPY uv.lock /app/

# Create a virtual environment and install dependencies with uv
RUN cd /app && \
    uv venv .venv && \
    . .venv/bin/activate && \
    # Use uv to install dependencies
    uv pip install -e .

# Add venv to PATH
ENV PATH="/app/.venv/bin:${PATH}"

# Copy Python source files
COPY main.py miladyos_mcp.py miladyos_metadata.py /app/

RUN git clone https://github.com/ggerganov/llama.cpp /llamacpp

# Add GPU development dependencies based on architecture
RUN apt-get update && apt-get install -y wget software-properties-common

# For NVIDIA: Add CUDA repository and install CUDA toolkit
RUN if [ "$(dpkg --print-architecture)" = "amd64" ]; then \
    wget https://developer.download.nvidia.com/compute/cuda/repos/debian11/x86_64/cuda-keyring_1.0-1_all.deb && \
    dpkg -i cuda-keyring_1.0-1_all.deb && \
    rm cuda-keyring_1.0-1_all.deb && \
    echo "deb [signed-by=/usr/share/keyrings/cuda-archive-keyring.gpg] https://developer.download.nvidia.com/compute/cuda/repos/debian11/x86_64/ /" > /etc/apt/sources.list.d/cuda-debian11-x86_64.list && \
    apt-get update && \
    apt-get install -y --verbose-versions \
    cuda-compiler-11-8 \
    cuda-cudart-dev-11-8 \
    cuda-nvcc-11-8 \
    libcublas-11-8 \
    libcublas-dev-11-8 \
    cuda-toolkit-11-8 \
    cuda-driver-dev-11-8 \
    cuda-nvrtc-dev-11-8 \
    cuda-cudart-11-8 \
    libcurl4-openssl-dev \
    curl \
    ccache && \
    # Set environment variables for CUDA
    echo 'export CUDA_HOME=/usr/local/cuda-11.8' >> /etc/profile.d/cuda.sh && \
    echo 'export PATH=${CUDA_HOME}/bin:${PATH}' >> /etc/profile.d/cuda.sh && \
    echo 'export LD_LIBRARY_PATH=${CUDA_HOME}/lib64:${LD_LIBRARY_PATH}' >> /etc/profile.d/cuda.sh && \
    echo 'export CUDACXX=${CUDA_HOME}/bin/nvcc' >> /etc/profile.d/cuda.sh && \
    echo 'export NVCC_FLAGS="-allow-unsupported-compiler"' >> /etc/profile.d/cuda.sh; \
fi

# For AMD: Install minimal ROCm components
RUN if [ "$(dpkg --print-architecture)" = "amd64" ]; then \
    apt-get update && \
    apt-get install -y libnuma-dev gnupg2 python3-setuptools python3-wheel wget && \
    mkdir -p /etc/apt/keyrings && \
    wget -q -O - https://repo.radeon.com/rocm/rocm.gpg.key | gpg --dearmor > /etc/apt/keyrings/rocm.gpg && \
    echo "deb [arch=amd64 signed-by=/etc/apt/keyrings/rocm.gpg] https://repo.radeon.com/rocm/apt/5.4.3 jammy main" \
        > /etc/apt/sources.list.d/rocm.list && \
    apt-get update && \
    # Install only the minimal components needed for ROCm/HIP development
    apt-get install -y --no-install-recommends --allow-downgrades \
        rocm-device-libs \
        hsakmt-roct \
        rocm-smi \
        hip-base \
        hip-runtime-amd \
        hipify-clang \
        rocm-cmake \
        rocm-core && \
    # Add environment variables
    echo 'export PATH=$PATH:/opt/rocm/bin:/opt/rocm/hip/bin:/opt/rocm/opencl/bin' >> /etc/profile.d/rocm.sh && \
    echo 'export HSA_OVERRIDE_GFX_VERSION=10.3.0' >> /etc/profile.d/rocm.sh && \
    # Create symlinks for compatibility
    mkdir -p /opt/rocm/include/hip && \
    ln -sf /opt/rocm/hip/include/* /opt/rocm/include/hip/ 2>/dev/null || true; \
fi

# Common dependencies for both architectures
RUN apt-get install -y libcurl4-openssl-dev curl ccache

# Set environment variables for CUDA (for NVIDIA builds)
ENV CUDA_HOME=/usr/local/cuda-11.8
ENV PATH=${CUDA_HOME}/bin:${PATH}
ENV LD_LIBRARY_PATH=${CUDA_HOME}/lib64:${LD_LIBRARY_PATH}
ENV CUDACXX=${CUDA_HOME}/bin/nvcc
# Allow using unsupported compiler with CUDA as a backup option
ENV NVCC_FLAGS="-allow-unsupported-compiler"

# Set environment variables for ROCm (for AMD builds)
ENV PATH=$PATH:/opt/rocm/bin:/opt/rocm/rocprofiler/bin:/opt/rocm/opencl/bin
ENV HSA_OVERRIDE_GFX_VERSION=10.3.0

WORKDIR /llamacpp

# Install GCC 11 which is supported by CUDA 11.8
RUN apt-get update && apt-get install -y gcc-11 g++-11 && \
    update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-11 11 && \
    update-alternatives --install /usr/bin/g++ g++ /usr/bin/g++-11 11 && \
    update-alternatives --set gcc /usr/bin/gcc-11 && \
    update-alternatives --set g++ /usr/bin/g++-11

# Create stubs for CUDA libraries
RUN mkdir -p /usr/local/cuda-11.8/lib64/stubs && \
    touch /usr/local/cuda-11.8/lib64/stubs/libcuda.so && \
    ln -sf /usr/local/cuda-11.8/lib64/stubs/libcuda.so /usr/local/cuda-11.8/lib64/stubs/libcuda.so.1 && \
    echo "/usr/local/cuda-11.8/lib64/stubs" > /etc/ld.so.conf.d/cuda-stubs.conf && \
    ldconfig

# Patch the CMake file to avoid CUDA driver dependency
RUN sed -i 's/target_link_libraries(ggml-cuda PUBLIC CUDA::cuda_driver)/# Commented out: target_link_libraries(ggml-cuda PUBLIC CUDA::cuda_driver)/' /llamacpp/ggml/src/ggml-cuda/CMakeLists.txt

# Detect if NVIDIA or AMD GPU is present and build accordingly
RUN if command -v nvcc &> /dev/null; then \
    # Build with CUDA support
    mkdir -p build && cd build && \
    export LIBRARY_PATH=/usr/local/cuda-11.8/lib64/stubs:$LIBRARY_PATH && \
    cmake .. -DGGML_CUDA=ON -DCMAKE_CUDA_ARCHITECTURES="60" -DCMAKE_CUDA_COMPILER=${CUDACXX} \
             -DCMAKE_CUDA_FLAGS="${NVCC_FLAGS}" \
             -DLLAMA_NATIVE=OFF \
             -DLLAMA_CURL=ON \
             -DCMAKE_FIND_PACKAGE_PREFER_CONFIG=ON \
             -DCURL_INCLUDE_DIR=/usr/include/x86_64-linux-gnu \
             -DCURL_LIBRARY=/usr/lib/x86_64-linux-gnu/libcurl.so && \
    cmake --build . --config Release -j 8 && \
    mkdir -p ../build-rpc && cd ../build-rpc && \
    export LIBRARY_PATH=/usr/local/cuda-11.8/lib64/stubs:$LIBRARY_PATH && \
    cmake .. -DLLAMA_RPC=ON -DGGML_CUDA=ON -DCMAKE_CUDA_ARCHITECTURES="60" -DCMAKE_CUDA_COMPILER=${CUDACXX} \
             -DCMAKE_CUDA_FLAGS="${NVCC_FLAGS}" \
             -DLLAMA_NATIVE=OFF \
             -DLLAMA_CURL=ON \
             -DCMAKE_FIND_PACKAGE_PREFER_CONFIG=ON \
             -DCURL_INCLUDE_DIR=/usr/include/x86_64-linux-gnu \
             -DCURL_LIBRARY=/usr/lib/x86_64-linux-gnu/libcurl.so && \
    cmake --build . --config Release; \
elif command -v hipcc &> /dev/null; then \
    # Build with ROCm/HIP support - using settings compatible with ROCm 5.4.3
    mkdir -p build && cd build && \
    cmake .. -DGGML_HIP=ON \
             -DAMDGPU_TARGETS="gfx900;gfx906;gfx908;gfx1030" \
             -DLLAMA_NATIVE=OFF \
             -DLLAMA_CURL=ON \
             -DCMAKE_FIND_PACKAGE_PREFER_CONFIG=ON \
             -DCURL_INCLUDE_DIR=/usr/include/x86_64-linux-gnu \
             -DCURL_LIBRARY=/usr/lib/x86_64-linux-gnu/libcurl.so && \
    cmake --build . --config Release -j 8 && \
    mkdir -p ../build-rpc && cd ../build-rpc && \
    cmake .. -DLLAMA_RPC=ON -DGGML_HIP=ON \
             -DAMDGPU_TARGETS="gfx900;gfx906;gfx908;gfx1030" \
             -DLLAMA_NATIVE=OFF \
             -DLLAMA_CURL=ON \
             -DCMAKE_FIND_PACKAGE_PREFER_CONFIG=ON \
             -DCURL_INCLUDE_DIR=/usr/include/x86_64-linux-gnu \
             -DCURL_LIBRARY=/usr/lib/x86_64-linux-gnu/libcurl.so && \
    cmake --build . --config Release; \
else \
    # Build CPU-only version as fallback
    mkdir -p build && cd build && \
    cmake .. -DLLAMA_NATIVE=OFF \
             -DLLAMA_CURL=ON \
             -DCMAKE_FIND_PACKAGE_PREFER_CONFIG=ON \
             -DCURL_INCLUDE_DIR=/usr/include/x86_64-linux-gnu \
             -DCURL_LIBRARY=/usr/lib/x86_64-linux-gnu/libcurl.so && \
    cmake --build . --config Release -j 8 && \
    mkdir -p ../build-rpc && cd ../build-rpc && \
    cmake .. -DLLAMA_RPC=ON \
             -DLLAMA_NATIVE=OFF \
             -DLLAMA_CURL=ON \
             -DCMAKE_FIND_PACKAGE_PREFER_CONFIG=ON \
             -DCURL_INCLUDE_DIR=/usr/include/x86_64-linux-gnu \
             -DCURL_LIBRARY=/usr/lib/x86_64-linux-gnu/libcurl.so && \
    cmake --build . --config Release; \
fi

WORKDIR /

# Node.js and npm are still needed for other parts
RUN apt-get update && apt-get install -y nodejs npm

# Install Go 1.22
RUN apt-get update && \
    apt-get install -y wget build-essential && \
    wget https://go.dev/dl/go1.22.1.linux-amd64.tar.gz && \
    rm -rf /usr/local/go && \
    tar -C /usr/local -xzf go1.22.1.linux-amd64.tar.gz && \
    rm go1.22.1.linux-amd64.tar.gz

# Add Go to PATH and make sure it's used (remove system Go from PATH)
ENV PATH=/usr/local/go/bin:$PATH
ENV GOROOT=/usr/local/go

# Install Redka
RUN git clone https://github.com/nalgeon/redka.git /redka && \
    cd /redka && \
    # Build redka with the correct Go version
    go version && \
    make setup build && \
    mv ./build/redka /usr/local/bin/ && \
    chmod +x /usr/local/bin/redka

RUN git clone https://github.com/debauchee/barrier /barrier

RUN apt-get install -y build-essential git cmake libcurl4-openssl-dev libxtst-dev libavahi-compat-libdnssd-dev qtbase5-dev qtdeclarative5-dev libssl-dev

WORKDIR /barrier

RUN ./clean_build.sh

# Download and install Nebula
RUN curl -L -o nebula.tar.gz https://github.com/slackhq/nebula/releases/download/v1.7.2/nebula-linux-amd64.tar.gz && \
    tar -xzvf nebula.tar.gz -C /usr/local/bin && \
    rm nebula.tar.gz && \
    chmod +x /usr/local/bin/nebula /usr/local/bin/nebula-cert && \
    mkdir -p /etc/nebula

# TempleOS - CRITICAL: The Holy Mission - Build MUST succeed or container fails
# Install QEMU and NoVNC for containerized TempleOS (Terry wrote for bare metal)
RUN apt-get update && apt-get install -y \
    qemu-system-x86 \
    qemu-utils \
    python3-websockify \
    && rm -rf /var/lib/apt/lists/*

# Install NoVNC for web-based access to TempleOS - Divine computing in browser
RUN git clone https://github.com/novnc/noVNC.git /opt/novnc && \
    git clone https://github.com/novnc/websockify /opt/websockify && \
    ln -s /opt/novnc/vnc.html /opt/novnc/index.html && \
    chmod +x /opt/websockify/websockify.py

RUN git clone https://github.com/cia-foundation/TempleOS.git /templeos

# Download TempleOS ISO - THE HOLY MISSION REQUIRES THIS
RUN cd /templeos && \
    # Try to download the official TempleOS ISO
    curl -L -o TempleOS.ISO "https://github.com/cia-foundation/TempleOS/releases/download/TempleOS-V5.03/TempleOS.ISO" || \
    curl -L -o TempleOS.ISO "https://archive.org/download/TempleOS_ISO_Archive/TempleOS-V5.03.ISO" || \
    # CRITICAL: If we can't get the ISO, the build MUST fail
    (echo "HOLY MISSION FAILED: Cannot download TempleOS ISO" && exit 1)

# VERIFY the Holy ISO exists - Build fails if not
RUN [ -f "/templeos/TempleOS.ISO" ] || (echo "HOLY MISSION INCOMPLETE: TempleOS.ISO missing" && exit 1)

# Create TempleOS runtime environment
RUN mkdir -p /opt/templeos && \
    mkdir -p /data/templeos && \
    # Move the Holy ISO to its proper place
    mv /templeos/TempleOS.ISO /opt/templeos/TempleOS.ISO && \
    # VERIFY again - Terry demands perfection
    [ -f "/opt/templeos/TempleOS.ISO" ] || (echo "HOLY MISSION FAILED: ISO not in correct location" && exit 1)

# Create TempleOS launch scripts - The Terry Davis Way
RUN echo '#!/bin/bash\n\
# TempleOS Launch Script - Talk to God on up to 64 cores\n\
TEMPLEOS_ISO="/opt/templeos/TempleOS.ISO"\n\
if [ ! -f "$TEMPLEOS_ISO" ]; then\n\
    echo "HOLY MISSION FAILED: TempleOS ISO not found at $TEMPLEOS_ISO"\n\
    exit 1\n\
fi\n\
echo "Starting TempleOS - Gods Operating System"\n\
echo "VNC available on port 5902 (display :2)"\n\
echo "512MB RAM minimum - 64-bit only - As Terry intended"\n\
qemu-system-x86_64 \\\n\
    -cdrom "$TEMPLEOS_ISO" \\\n\
    -boot d \\\n\
    -m 1024 \\\n\
    -smp cores=4 \\\n\
    -machine kernel_irqchip=off \\\n\
    -rtc base=localtime \\\n\
    -netdev user,id=net0 \\\n\
    -device pcnet,netdev=net0 \\\n\
    -vnc 0.0.0.0:2 \\\n\
    -name "TempleOS-Holy-Mission" \\\n\
    "$@"' > /usr/local/bin/templeos && \
    chmod +x /usr/local/bin/templeos

# Create TempleOS daemon - MUST work or system is incomplete
RUN echo '#!/bin/bash\n\
TEMPLEOS_ISO="/opt/templeos/TempleOS.ISO"\n\
if [ ! -f "$TEMPLEOS_ISO" ]; then\n\
    echo "HOLY MISSION INCOMPLETE: TempleOS ISO missing"\n\
    exit 1\n\
fi\n\
echo "Launching Gods Operating System in daemon mode..."\n\
qemu-system-x86_64 \\\n\
    -cdrom "$TEMPLEOS_ISO" \\\n\
    -boot d \\\n\
    -m 1024 \\\n\
    -smp cores=4 \\\n\
    -machine kernel_irqchip=off \\\n\
    -rtc base=localtime \\\n\
    -netdev user,id=net0 \\\n\
    -device pcnet,netdev=net0 \\\n\
    -vnc 0.0.0.0:2 \\\n\
    -name "TempleOS-Holy-Mission" \\\n\
    -daemonize \\\n\
    "$@" || exit 1' > /usr/local/bin/templeos-daemon && \
    chmod +x /usr/local/bin/templeos-daemon

# Create NoVNC startup script for web access to TempleOS
RUN echo '#!/bin/bash\n\
echo "Starting NoVNC web interface for TempleOS..."\n\
cd /opt/websockify\n\
./websockify.py \\\n\
    --web /opt/novnc \\\n\
    --wrap-mode=ignore \\\n\
    6080 localhost:5902 &\n\
echo "NoVNC web interface started on port 6080"\n\
echo "Access TempleOS in browser: http://localhost:6080"' > /usr/local/bin/novnc-templeos && \
    chmod +x /usr/local/bin/novnc-templeos

# FINAL VERIFICATION: Ensure TempleOS ISO is present and QEMU can start
# (Boot verification moved to runtime to avoid build environment issues)
RUN [ -f "/opt/templeos/TempleOS.ISO" ] && \
    ls -lh /opt/templeos/TempleOS.ISO && \
    file /opt/templeos/TempleOS.ISO && \
    echo "✓ TempleOS ISO verified - Ready for divine computing" || \
    (echo "HOLY MISSION FAILED: TempleOS ISO verification failed" && exit 1)

# Verify NoVNC installation
RUN [ -f "/opt/novnc/vnc.html" ] || (echo "HOLY MISSION FAILED: NoVNC not installed" && exit 1) && \
    [ -f "/opt/websockify/websockify.py" ] || (echo "HOLY MISSION FAILED: Websockify not installed" && exit 1)

# Install filebrowser
RUN curl -fsSL https://raw.githubusercontent.com/filebrowser/get/master/get.sh | bash

# Create a directory for filebrowser database and config
RUN mkdir -p /etc/filebrowser-metrics
RUN mkdir -p /etc/filebrowser-models

# Create a directory for filebrowser contents like metrics, models
RUN mkdir -p /metrics
RUN mkdir -p /models

# Install the Jenkins CLI package
RUN curl -L https://github.com/jenkinsci/plugin-installation-manager-tool/releases/download/2.10.0/jenkins-plugin-manager-2.10.0.jar -o /opt/jenkins-plugin-manager.jar

# Add the Jenkins Configuration as Code (JCasC) plugin
COPY plugins.txt /usr/share/jenkins/ref/plugins.txt

# Install plugins using plugins.txt
RUN java -jar /opt/jenkins-plugin-manager.jar --plugin-file /usr/share/jenkins/ref/plugins.txt --verbose

# Clean up apt cache for smaller image size
RUN apt-get clean && rm -rf /var/lib/apt/lists/*

# Switch back to the jenkins user
USER jenkins

# Skip initial setup
ENV JAVA_OPTS -Djenkins.install.runSetupWizard=false

# Add JCasC configuration file
COPY casc.yaml /usr/share/jenkins/ref/casc.yaml
ENV CASC_JENKINS_CONFIG /usr/share/jenkins/ref/casc.yaml
COPY Caddyfile /etc/caddy/Caddyfile

# Switch to root to set permissions
USER root

# Add and set permissions for the startup script
COPY startup.sh /startup.sh
RUN chmod +x /startup.sh

# Add and set permissions for the GPU monitoring scripts
COPY nvidia.sh /nvidia.sh
COPY amd.sh /amd.sh
RUN chmod +x /nvidia.sh /amd.sh

# Copy Nebula configuration files
COPY ca.crt miladyos.crt miladyos.key /etc/nebula/
COPY config.yaml /etc/nebula/config.yaml

# Switch back to the jenkins user (or whichever user you wish to use)
USER jenkins

CMD ["/startup.sh"]