# opencode-devbox — portable AI dev environment # Debian-based container with opencode and configurable dev tools ARG DEBIAN_VERSION=bookworm-slim FROM debian:${DEBIAN_VERSION} AS base ARG TARGETARCH ARG OPENCODE_VERSION=1.4.2 LABEL maintainer="joakimp" LABEL description="Portable opencode developer container" LABEL org.opencontainers.image.source="https://gitea.jordbo.se/joakimp/opencode-devbox" # Avoid interactive prompts during build ENV DEBIAN_FRONTEND=noninteractive # ── Core system packages ───────────────────────────────────────────── RUN apt-get update && apt-get install -y --no-install-recommends \ ca-certificates \ curl \ wget \ git \ git-lfs \ openssh-client \ gnupg \ jq \ ripgrep \ fd-find \ fzf \ tree \ less \ vim-tiny \ sudo \ gosu \ locales \ procps \ unzip \ && ln -s /usr/bin/fdfind /usr/local/bin/fd \ && rm -rf /var/lib/apt/lists/* # Set locale RUN sed -i '/en_US.UTF-8/s/^# //g' /etc/locale.gen && locale-gen ENV LANG=en_US.UTF-8 ENV LANGUAGE=en_US:en ENV LC_ALL=en_US.UTF-8 # ── Node.js (required for opencode v1.x install + MCP servers) ────── ARG NODE_VERSION=22 RUN curl -fsSL https://deb.nodesource.com/setup_${NODE_VERSION}.x | bash - && \ apt-get install -y --no-install-recommends nodejs && \ rm -rf /var/lib/apt/lists/* # ── Install opencode via npm ───────────────────────────────────────── # v1.x is distributed as an npm package with platform-specific binaries RUN npm install -g opencode-ai@${OPENCODE_VERSION} && \ opencode --version # ── AWS CLI v2 (for SSO/Bedrock authentication) ───────────────────── RUN ARCH=$(case "${TARGETARCH}" in \ amd64) echo "x86_64" ;; \ arm64) echo "aarch64" ;; \ *) echo "x86_64" ;; \ esac) && \ curl -fsSL "https://awscli.amazonaws.com/awscli-exe-linux-${ARCH}.zip" -o /tmp/awscli.zip && \ unzip -q /tmp/awscli.zip -d /tmp && \ /tmp/aws/install && \ rm -rf /tmp/aws /tmp/awscli.zip && \ aws --version # ── Optional: Python ───────────────────────────────────────────────── ARG INSTALL_PYTHON=false RUN if [ "${INSTALL_PYTHON}" = "true" ]; then \ apt-get update && apt-get install -y --no-install-recommends \ python3 python3-pip python3-venv && \ rm -rf /var/lib/apt/lists/*; \ fi # ── Optional: Go ───────────────────────────────────────────────────── ARG INSTALL_GO=false ARG GO_VERSION=1.23.4 RUN if [ "${INSTALL_GO}" = "true" ]; then \ GOARCH=$(case "${TARGETARCH}" in amd64) echo "amd64" ;; arm64) echo "arm64" ;; *) echo "amd64" ;; esac) && \ curl -fsSL "https://go.dev/dl/go${GO_VERSION}.linux-${GOARCH}.tar.gz" | tar -C /usr/local -xz && \ ln -s /usr/local/go/bin/go /usr/local/bin/go && \ ln -s /usr/local/go/bin/gofmt /usr/local/bin/gofmt; \ fi # ── Non-root user ──────────────────────────────────────────────────── ARG USER_NAME=developer ARG USER_UID=1000 ARG USER_GID=1000 RUN groupadd --gid ${USER_GID} ${USER_NAME} && \ useradd --uid ${USER_UID} --gid ${USER_GID} -m -s /bin/bash ${USER_NAME} && \ echo "${USER_NAME} ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/${USER_NAME} # Create standard directories RUN mkdir -p /workspace \ /home/${USER_NAME}/.config/opencode/skills \ /home/${USER_NAME}/.agents/skills \ /home/${USER_NAME}/.local/share/opencode \ /home/${USER_NAME}/.ssh && \ chown -R ${USER_NAME}:${USER_NAME} /workspace /home/${USER_NAME} # ── Entrypoint ──────────────────────────────────────────────────────── COPY entrypoint.sh /usr/local/bin/entrypoint.sh COPY entrypoint-user.sh /usr/local/bin/entrypoint-user.sh RUN chmod +x /usr/local/bin/entrypoint.sh /usr/local/bin/entrypoint-user.sh # Start as root — entrypoint adjusts UID/GID then drops to developer WORKDIR /workspace ENTRYPOINT ["entrypoint.sh"] CMD ["opencode"]