#!/bin/bash

## Copyright (C) 2025 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
## See the file COPYING for copying conditions.

## This script is executed inside the container and provides basic commands to
## prepare and configure a minimal debian docker image.

set -x
set -o errexit
set -o nounset
set -o errtrace
set -o pipefail

## TODO: root check or use sudo

apt-get update

## TODO: remove
## 'build-steps.d/1100_sanity-tests' function 'check_required_packages_installed' already installs
## '$required_packages_list' which contains packages such as 'approx'. Any missing packages should
## be installed using 'build-steps.d/1100_sanity-tests' not using docker.
## This is difficult, because 'build-steps.d/1100_sanity-tests' assumes some
## dependencies like 'sudo' are already installed. 'ca-certificates' may also
## be required before packages can be installed in some configurations.
DEBIAN_FRONTEND=noninteractive \
  apt-get install \
    --no-install-recommends \
    --yes \
    dbus gpg gpg-agent dbus-user-session ca-certificates git time curl lsb-release fakeroot \
    dpkg-dev fasttrack-archive-keyring safe-rm adduser sudo approx docker.io

## Fails if '${USER}' already exists, hence overwriting with '|| true'.
adduser --quiet --disabled-password --home "${HOME}" --gecos "${USER},,,," "${USER}" || true

printf '%s\n' "${USER} ALL=(ALL) NOPASSWD:ALL" | tee -- /etc/sudoers.d/passwordless_sudo >/dev/null

chmod 440 -- /etc/sudoers.d/passwordless_sudo

apt-get clean

safe-rm -r -f -- /var/lib/apt/lists/* /var/cache/apt/*
