# syntax=docker/dockerfile:1
FROM ubuntu:noble AS builder

RUN export DEBIAN_FRONTEND=noninteractive \
    && apt-get update \
    && apt-get install -y --no-install-recommends \
        ca-certificates \
        curl \
        gnupg \
    && install -m 0755 -d /etc/apt/keyrings \
    && curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg \
    && chmod a+r /etc/apt/keyrings/docker.gpg \
    && echo \
        "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
        "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
        tee /etc/apt/sources.list.d/docker.list > /dev/null \
    && apt-get update \
    && apt-get install -y --no-install-recommends \
        docker-ce \
        docker-ce-cli \
        containerd.io \
        docker-compose-plugin \
    && dcver=$(docker compose version | grep v2.19 | wc -l) \
    && if [ "$dcver" != "0" ]; then \
            dc18=$(apt list docker-compose-plugin -a 2>/dev/null | grep 2.18 | cut -d ' ' -f 2); \
            apt install -y --allow-downgrades docker-compose-plugin=${dc18}; \
        fi \
    && rm -rf /var/lib/apt/lists/*

FROM ubuntu:noble

RUN apt-get update && \
    apt-get install -y --no-install-recommends \
        ca-certificates \
        softhsm2 \
        tzdata \
        unzip \
        zip \
    && rm -rf /var/lib/apt/lists/*

COPY --from=builder /usr/bin/docker /usr/bin/docker
COPY --from=builder /usr/libexec/docker/cli-plugins/docker-compose /usr/libexec/docker/cli-plugins/docker-compose

COPY tmp/labca-gui /opt/labca/bin/
COPY tmp/admin/setup.sh /opt/labca/
COPY tmp/admin/apply /opt/labca/
COPY tmp/admin/apply-boulder /opt/labca/
COPY tmp/admin/apply-nginx /opt/labca/
COPY tmp/admin/restart_control /opt/labca/
COPY tmp/admin/templates /opt/labca/templates/

COPY tmp/bin/ceremony /opt/boulder/bin/
COPY tmp/bin/nameid /opt/boulder/bin/