# Build zero-claw (minimal Rust agent runtime); only binary copied into main image
FROM rust:1-bookworm AS zeroclaw-builder
RUN cargo install zero-claw

# Kasm workspace with OpenClaw pre-installed
# Gateway runs on port 18789; expose in Kasm Workspace config
FROM kasmweb/debian-bookworm-desktop:1.18.0-rolling-daily

USER root
ENV HOME=/home/kasm-default-profile
ENV STARTUPDIR=/dockerstartup
ENV INST_SCRIPTS=$STARTUPDIR/install
ENV KASM_SVC_NO_SSL=1
WORKDIR $HOME

######### Customize Container Here ###########
# Node 22 (OpenClaw requirement)
RUN curl -fsSL https://deb.nodesource.com/setup_22.x | bash - \
    && apt-get install -y nodejs \
    && apt-get clean && rm -rf /var/lib/apt/lists/*

# OpenClaw + terminal coding CLIs
RUN npm install -g openclaw@latest opencode-ai @anthropic-ai/claude-code
RUN apt-get update && apt-get install -y git \
    && apt-get clean && rm -rf /var/lib/apt/lists/*
RUN curl -fsSL https://bun.sh/install | bash - \
    && export PATH="$HOME/.bun/bin:$PATH" \
    && git clone --depth 1 https://github.com/FoundDream/miniclawd.git /opt/miniclawd \
    && cd /opt/miniclawd && bun install && bun run build \
    && npm install -g . \
    && rm -rf /opt/miniclawd "$HOME/.bun"

# zero-claw / 0claw (binary + default config baked in)
COPY --from=zeroclaw-builder /usr/local/cargo/bin/0claw /usr/local/bin/0claw
RUN ln -sf /usr/local/bin/0claw /usr/local/bin/zero-claw
COPY 0claw.toml /home/kasm-user/0claw.toml
RUN chown 1000:1000 /home/kasm-user/0claw.toml
ENV ZEROCLAW_CONFIG=/home/kasm-user/0claw.toml

# Pre-create OpenClaw directories with correct ownership (1000:1000 = kasm-user)
RUN mkdir -p $HOME/.openclaw/canvas $HOME/.openclaw/cron $HOME/.openclaw/workspace \
    && chown -R 1000:1000 $HOME/.openclaw

# Anthropic Python SDK (Claude API)
RUN apt-get update && apt-get install -y python3-pip \
    && pip3 install --break-system-packages anthropic \
    && apt-get clean && rm -rf /var/lib/apt/lists/*

# Google Antigravity (apt repo)
RUN mkdir -p /etc/apt/keyrings \
    && curl -fsSL https://us-central1-apt.pkg.dev/doc/repo-signing-key.gpg | gpg --dearmor --yes -o /etc/apt/keyrings/antigravity-repo-key.gpg \
    && echo "deb [signed-by=/etc/apt/keyrings/antigravity-repo-key.gpg] https://us-central1-apt.pkg.dev/projects/antigravity-auto-updater-dev/ antigravity-debian main" > /etc/apt/sources.list.d/antigravity.list \
    && apt-get update && apt-get install -y antigravity \
    && apt-get clean && rm -rf /var/lib/apt/lists/*

# Cursor IDE (deb by arch)
RUN ARCH=$(dpkg --print-architecture) \
    && if [ "$ARCH" = "arm64" ]; then CURSOR_URL="https://api2.cursor.sh/updates/download/golden/linux-arm64-deb/cursor/2.4"; else CURSOR_URL="https://api2.cursor.sh/updates/download/golden/linux-x64-deb/cursor/2.4"; fi \
    && curl -fsSL -L -o /tmp/cursor.deb "$CURSOR_URL" \
    && apt-get update && dpkg -i /tmp/cursor.deb || apt-get install -f -y \
    && rm -f /tmp/cursor.deb \
    && apt-get clean && rm -rf /var/lib/apt/lists/*

# Launcher scripts so desktop can find code/cursor (PATH often minimal when launched from GUI)
RUN echo '#!/bin/sh\nexec /usr/bin/env PATH=/usr/bin:/usr/local/bin:"$PATH" code --no-sandbox "$@"' > /usr/local/bin/launch-vscode \
    && chmod +x /usr/local/bin/launch-vscode \
    && echo '#!/bin/sh\nexec /usr/bin/env PATH=/usr/bin:/usr/local/bin:"$PATH" cursor --no-sandbox "$@"' > /usr/local/bin/launch-cursor \
    && chmod +x /usr/local/bin/launch-cursor

# Create desktop shortcuts (proper newlines; use launchers for code/cursor)
RUN mkdir -p $HOME/Desktop \
    && printf '%s\n' '[Desktop Entry]' 'Version=1.0' 'Type=Link' 'Name=OpenClaw Control' \
       'Comment=OpenClaw Gateway Control UI' 'Icon=applications-development' 'URL=http://localhost:18789' \
       > $HOME/Desktop/openclaw-gateway.desktop \
    && printf '%s\n' '[Desktop Entry]' 'Version=1.0' 'Type=Application' 'Name=VS Code' \
       'Comment=Visual Studio Code Editor' 'Exec=/usr/local/bin/launch-vscode' 'Icon=code' \
       'Terminal=false' 'Categories=Development;IDE;' \
       > $HOME/Desktop/vscode.desktop \
    && printf '%s\n' '[Desktop Entry]' 'Version=1.0' 'Type=Application' 'Name=Cursor' \
       'Comment=Cursor AI IDE' 'Exec=/usr/local/bin/launch-cursor' 'Icon=cursor' \
       'Terminal=false' 'Categories=Development;IDE;' \
       > $HOME/Desktop/cursor.desktop \
    && printf '%s\n' '[Desktop Entry]' 'Version=1.0' 'Type=Application' 'Name=Antigravity' \
       'Comment=Google Antigravity AI IDE' 'Exec=/usr/bin/antigravity' 'Icon=antigravity' \
       'Terminal=false' 'Categories=Development;IDE;' \
       > $HOME/Desktop/antigravity.desktop \
    && chmod +x $HOME/Desktop/*.desktop \
    && chown -R 1000:1000 $HOME/Desktop

# Copy OpenClaw setup guide to desktop
COPY --chown=1000:1000 OPENCLAW-SETUP.md $HOME/Desktop/

# Disable authentication but keep HTTPS
RUN sed -i 's/vncserver/vncserver -SecurityTypes None -DisableBasicAuth 1/g' /dockerstartup/vnc_startup.sh \
    && sed -i 's/kasm_password_file:.*$/kasm_password_file:/g' /usr/share/kasmvnc/kasmvnc_defaults.yaml

# Auto-start gateway when session starts (--bind lan for browser access)
RUN echo '#!/bin/bash' > $STARTUPDIR/custom_startup.sh \
    && echo '/usr/bin/desktop_ready && openclaw gateway --bind lan --allow-unconfigured &' >> $STARTUPDIR/custom_startup.sh \
    && chmod +x $STARTUPDIR/custom_startup.sh
######### End Customizations ###########

RUN chown 1000:0 $HOME
RUN $STARTUPDIR/set_user_permission.sh $HOME
ENV HOME /home/kasm-user
WORKDIR $HOME
RUN mkdir -p $HOME && chown -R 1000:0 $HOME
USER 1000
