FROM code.forgejo.org/forgejo/runner:6.3.1

USER root

# Install packages needed for rootless Podman
RUN apk add --no-cache \
    podman \
    fuse-overlayfs \
    shadow-uidmap \
    crun

# Create runner user and configure for rootless containers
RUN adduser -D -u 1000 runner \
    && echo "runner:100000:65536" >> /etc/subuid \
    && echo "runner:100000:65536" >> /etc/subgid

# Configure Podman for rootless operation
USER runner
WORKDIR /home/runner

# Create necessary directories and configuration
RUN mkdir -p ~/.config/containers ~/.local/share/containers \
    && echo 'unqualified-search-registries = ["docker.io"]' > ~/.config/containers/registries.conf \
    && echo '[storage]' > ~/.config/containers/storage.conf \
    && echo 'driver = "overlay"' >> ~/.config/containers/storage.conf \
    && echo 'runroot = "/tmp/containers-user-1000/storage"' >> ~/.config/containers/storage.conf \
    && echo 'graphroot = "/home/runner/.local/share/containers/storage"' >> ~/.config/containers/storage.conf \
    && echo '[storage.options.overlay]' >> ~/.config/containers/storage.conf \
    && echo 'mount_program = "/usr/bin/fuse-overlayfs"' >> ~/.config/containers/storage.conf

ENV XDG_RUNTIME_DIR=/tmp/runtime-runner
ENV TMPDIR=/tmp

# Create runtime directory
RUN mkdir -p $XDG_RUNTIME_DIR && chmod 0700 $XDG_RUNTIME_DIR

ENTRYPOINT ["/bin/forgejo-runner"]