Dockerfile

# Start with a clean, modern base image
FROM archlinux:latest

# --- 1. System Setup & Package Repositories (as root) ---
# Add repositories for a wider selection of packages, including the AUR
RUN echo -e "[multilib]\nInclude = /etc/pacman.d/mirrorlist" >> /etc/pacman.conf \
    && echo -e "[archlinuxcn]\nServer = https://mirrors.aliyun.com/archlinuxcn/\$arch" >> /etc/pacman.conf \
    && echo -e "[chaotic-aur]\nServer = https://geo-mirror.chaotic.cx/\$repo/\$arch" >> /etc/pacman.conf

# CORRECTED KEYRING SETUP (Final, Official Method):
# This uses the official documented procedure for bootstrapping trust.
RUN pacman -Syu --noconfirm --needed git \
    # First, receive and locally sign the key for the Chaotic-AUR maintainer.
    && pacman-key --init \
    && pacman-key --recv-key 3056513887B78AEB --keyserver keyserver.ubuntu.com \
    && pacman-key --lsign-key 3056513887B78AEB \
    # Then, use pacman -U to install the keyring and mirrorlist directly from the URL. This is the most robust method.
    && pacman -U --noconfirm 'https://cdn-mirror.chaotic.cx/chaotic-aur/chaotic-keyring.pkg.tar.zst' 'https://cdn-mirror.chaotic.cx/chaotic-aur/chaotic-mirrorlist.pkg.tar.zst' \
    # Now, handle the archlinuxcn keyring.
    && pacman-key --lsign-key "farseerfc@archlinux.org" \
    && pacman -Sy --noconfirm archlinuxcn-keyring \
    # Final sync and update to ensure everything is consistent
    && pacman -Syu --noconfirm

# --- 2. Install System-Level Packages (as root) ---
# Now that keys are trusted, install yay and all other essential development tools
RUN pacman -S --noconfirm yay \
    && yay -S --noconfirm \
    # --- The Core Application ---
    code-server \
    # --- Core Build & System Tools ---
    base-devel \
    clang \
    cmake \
    gcc \
    git \
    git-lfs \
    openssh \
    pkgconf \
    # --- Language Toolchains ---
    go \
    tinygo \
    rust \
    zig \
    deno \
    nodejs \
    npm \
    bun \
    python \
    python-pip \
    rye \
    # --- CLI Quality of Life ---
    aria2 \
    curl \
    direnv \
    fish \
    fisher \
    fzf \
    htop \
    jq \
    p7zip \
    ripgrep \
    screen \
    tldr \
    unzip \
    wget \
    zip \
    # --- AI & Cloud Tools ---
    github-cli \
    cloudflared \
    # --- Misc ---
    nix \
    pkgfile \
    && yay -Scc --noconfirm \
    && rm -rf /var/cache/pacman/*

# --- 3. Install Global NPM Packages (as root) ---
# Install global command-line tools using npm
RUN npm install -g \
    pnpm \
    @google/gemini-cli \
    @anthropic-ai/claude-code \
    @musistudio/claude-code-router \
    opencode-ai@latest

# --- 4. System Configuration (as root) ---
# Install git-lfs for large file support in git
RUN git lfs install
# Set up pnpm
RUN corepack prepare pnpm@latest && corepack enable pnpm
# Update pkgfile database
RUN pkgfile --update

# --- 5. User Setup (as root) ---
# Create the user 'arctic' with a home directory and set the default shell to fish
RUN useradd -m -s /usr/bin/fish arctic

# --- 6. Switch to User & User-Specific Setup ---
# All subsequent commands will run as the 'arctic' user
USER arctic
WORKDIR /home/arctic

# Create the .ssh directory to prevent warnings from fish plugins
RUN mkdir -p /home/arctic/.ssh

# Install plugins for the fish shell
RUN plugins=( \
    "danhper/fish-ssh-agent" \
    "jethrokuan/z" \
    "franciscolourenco/done" \
    "jorgebucaran/autopair.fish" \
) \
&& for plugin in "${plugins[@]}"; do \
    fish -c "fisher install $plugin"; \
done

# Set up rye (Python environment manager)
RUN rye toolchain register /usr/bin/python

# --- 7. VS Code / Code-Server Setup (as user) ---
# Create the config directory and file for code-server
RUN mkdir -p /home/arctic/.config/code-server/ \
    && touch /home/arctic/.config/code-server/config.yaml \
    && echo -e "bind-addr: 0.0.0.0:8080\nauth: password\ncert: false" > /home/arctic/.config/code-server/config.yaml

# Install the selected VS Code extensions
RUN extensions=( \
    # General & UI
    "aaron-bond.better-comments" \
    "alefragnani.bookmarks" \
    "antfu.browse-lite" \
    "codezombiech.gitignore" \
    "davidanson.vscode-markdownlint" \
    "dbaeumer.vscode-eslint" \
    "eamodio.gitlens" \
    "editorconfig.editorconfig" \
    "esbenp.prettier-vscode" \
    "formulahendry.auto-close-tag" \
    "formulahendry.auto-rename-tag" \
    "gruntfuggly.todo-tree" \
    "mhutchie.git-graph" \
    "mkhl.direnv" \
    "oderwat.indent-rainbow" \
    "redhat.vscode-yaml" \
    "tamasfe.even-better-toml" \
    "timonwong.shellcheck" \
    "wayou.vscode-todo-highlight" \
    # Python
    "ms-python.python" \
    "ms-python.vscode-pylance" \
    "ms-python.black-formatter" \
    "ms-toolsai.jupyter" \
    "ms-toolsai.jupyter-keymap" \
    "ms-toolsai.jupyter-renderers" \
    "njpwerner.autodocstring" \
    # AI Assistants
    "saoudrizwan.claude-dev" \
    "RooVeterinaryInc.roo-cline" \
    "Google.geminicodeassist" \
    "robertpiosik.gemini-coder" \
    # Git & GitHub
    "donjayamanne.githistory" \
    "github.codespaces" \
    "github.remotehub" \
    "github.vscode-github-actions" \
    # C/C++/Rust/Go
    "ms-vscode.cpptools-extension-pack" \
    "rust-lang.rust-analyzer" \
    "golang.go" \
    "msyrus.go-doc" \
    "swellaby.rust-pack" \
    "twxs.cmake" \
    # Web & Node.js
    "antfu.vite" \
    "christian-kohler.npm-intellisense" \
    "christian-kohler.path-intellisense" \
    "misterj.vue-volar-extention-pack" \
    "vue.volar" \
    # Other Tools
    "bbenoist.nix" \
    "jeff-hykin.better-dockerfile-syntax" \
    "redhat.vscode-xml" \
    "syler.sass-indented" \
    "visualstudioexptteam.vscodeintellicode" \
    "vitest.explorer" \
) \
&& for extension in "${extensions[@]}"; do \
    code-server --config /home/arctic/.config/code-server/config.yaml --install-extension "$extension"; \
done

# --- 8. Finalization ---
# Expose the port that code-server will run on
EXPOSE 8080

# The command to run when the container starts
CMD ["code-server", "--config", "/home/arctic/.config/code-server/config.yaml"]