From 61d11f5bc99de86164cccfb9d956c421fb983253 Mon Sep 17 00:00:00 2001
From: Vladimir Hodakov <vladimir@hodakov.me>
Date: Sat, 27 Sep 2025 18:15:52 +0400
Subject: [PATCH] Initial commit

---
 .gitignore             |  2 ++
 .woodpecker/build.yaml | 35 ++++++++++++++++++++++++++++++++
 .woodpecker/tag.yaml   | 46 ++++++++++++++++++++++++++++++++++++++++++
 Dockerfile             | 43 +++++++++++++++++++++++++++++++++++++++
 sources.list           |  4 ++++
 supervisord.conf       | 11 ++++++++++
 6 files changed, 141 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 .woodpecker/build.yaml
 create mode 100644 .woodpecker/tag.yaml
 create mode 100644 Dockerfile
 create mode 100644 sources.list
 create mode 100644 supervisord.conf

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..706fd07
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,2 @@
+.idea
+.vscode
diff --git a/.woodpecker/build.yaml b/.woodpecker/build.yaml
new file mode 100644
index 0000000..de701d0
--- /dev/null
+++ b/.woodpecker/build.yaml
@@ -0,0 +1,35 @@
+matrix:
+  platform:
+    - linux/amd64
+    - linux/arm64
+
+labels:
+  platform: ${platform}
+
+when:
+  branch: main
+  event: [push, pull_request, tag]
+
+steps:
+  test-build:
+    image: docker:27-dind
+    commands:
+      - docker buildx build -t source.hodakov.me/containers/neko:${CI_COMMIT_SHA:0:10}-${platform##linux/} .
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    when:
+      event: pull_request
+
+  build-to-registry:
+    image: docker:27-dind
+    environment:
+      CI_USER_PASSWORD:
+        from_secret: registry_token
+    commands:
+      - docker login -u ${CI_REPO_OWNER} -p $${CI_USER_PASSWORD} source.hodakov.me
+      - docker buildx build -t source.hodakov.me/containers/neko:${CI_COMMIT_SHA:0:10}-${platform##linux/} .
+      - docker push source.hodakov.me/containers/neko:${CI_COMMIT_SHA:0:10}-${platform##linux/}
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    when:
+      event: [push, tag]
diff --git a/.woodpecker/tag.yaml b/.woodpecker/tag.yaml
new file mode 100644
index 0000000..5157beb
--- /dev/null
+++ b/.woodpecker/tag.yaml
@@ -0,0 +1,46 @@
+when:
+  branch: main
+  event: [push, tag]
+
+depends_on:
+  - build
+
+steps:
+  tag latest:
+    image: docker:27-dind
+    environment:
+      CI_USER_PASSWORD:
+        from_secret: registry_token
+    commands:
+      - docker login -u ${CI_REPO_OWNER} -p $${CI_USER_PASSWORD} source.hodakov.me
+      - docker pull source.hodakov.me/containers/neko:${CI_COMMIT_SHA:0:10}-amd64
+      - docker pull source.hodakov.me/containers/neko:${CI_COMMIT_SHA:0:10}-arm64
+      - docker manifest create source.hodakov.me/containers/neko:latest source.hodakov.me/containers/neko:${CI_COMMIT_SHA:0:10}-amd64 source.hodakov.me/containers/neko:${CI_COMMIT_SHA:0:10}-arm64
+      - docker manifest push source.hodakov.me/containers/neko:latest
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    when:
+      event: push
+
+  tag semver:
+    image: docker:27-dind
+    environment:
+      CI_USER_PASSWORD:
+        from_secret: registry_token
+    commands:
+      - set -eu
+      - docker login -u ${CI_REPO_OWNER} -p $${CI_USER_PASSWORD} source.hodakov.me
+      - source ./scripts/semver.sh
+      - echo "Creating manifest for $${DOCKER_EXACT_TAG}, $${DOCKER_MAJOR_TAG} and $${DOCKER_MINOR_TAG}"
+      - docker pull source.hodakov.me/containers/neko:${CI_COMMIT_SHA:0:10}-amd64
+      - docker pull source.hodakov.me/containers/neko:${CI_COMMIT_SHA:0:10}-arm64
+      - docker manifest create source.hodakov.me/containers/neko:$${DOCKER_EXACT_TAG} source.hodakov.me/containers/neko:${CI_COMMIT_SHA:0:10}-amd64 source.hodakov.me/containers/neko:${CI_COMMIT_SHA:0:10}-arm64
+      - docker manifest create source.hodakov.me/containers/neko:$${DOCKER_MINOR_TAG} source.hodakov.me/containers/neko:${CI_COMMIT_SHA:0:10}-amd64 source.hodakov.me/containers/neko:${CI_COMMIT_SHA:0:10}-arm64
+      - docker manifest create source.hodakov.me/containers/neko:$${DOCKER_MAJOR_TAG} source.hodakov.me/containers/neko:${CI_COMMIT_SHA:0:10}-amd64 source.hodakov.me/containers/neko:${CI_COMMIT_SHA:0:10}-arm64
+      - docker manifest push source.hodakov.me/containers/neko:$${DOCKER_EXACT_TAG}
+      - docker manifest push source.hodakov.me/containers/neko:$${DOCKER_MINOR_TAG}
+      - docker manifest push source.hodakov.me/containers/neko:$${DOCKER_MAJOR_TAG}
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    when:
+      event: tag
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..6881cee
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,43 @@
+FROM ghcr.io/m1k1o/neko/base:3.0.8
+
+# copy sources list file
+COPY sources.list /etc/apt/sources.list
+ENV DEBIAN_FRONTEND=noninteractive
+
+# update the system
+RUN set -eux; \
+    apt-get update; \
+    apt-get -y upgrade;
+
+# install xfce
+RUN set -eux; \
+    apt-get install -y --no-install-recommends -o Dpkg::Options::="--force-confnew" xfce4 xfce4-terminal sudo vim curl
+
+# install brave
+RUN set -eux; \
+    curl -fsSLo /usr/share/keyrings/brave-browser-archive-keyring.gpg \
+    https://brave-browser-apt-release.s3.brave.com/brave-browser-archive-keyring.gpg; \
+    echo "deb [signed-by=/usr/share/keyrings/brave-browser-archive-keyring.gpg] https://brave-browser-apt-release.s3.brave.com/ stable main" | \
+    tee /etc/apt/sources.list.d/brave-browser-release.list; \
+    apt update && apt install -y brave-browser
+
+# install transmission and VLC
+RUN set -eux; \
+    apt-get update; \
+    apt-get install -y transmission-gtk vlc
+
+# add user to sudoers
+RUN set -eux; \
+    usermod -aG sudo neko; \
+    echo "neko:neko" | chpasswd; \
+    echo "%sudo ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
+
+# clean up
+RUN set -eux; \
+    apt-get clean -y; \
+    rm -rf /var/lib/apt/lists/* /var/cache/apt/*
+
+# copy configuation files
+COPY supervisord.conf /etc/neko/supervisord/xfce.conf
+
+VOLUME /home/neko
diff --git a/sources.list b/sources.list
new file mode 100644
index 0000000..2f1c515
--- /dev/null
+++ b/sources.list
@@ -0,0 +1,4 @@
+deb http://deb.debian.org/debian/ bookworm main contrib non-free non-free-firmware
+deb https://security.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware
+deb http://deb.debian.org/debian/ bookworm-updates main contrib non-free non-free-firmware
+deb http://deb.debian.org/debian/ bookworm-backports main contrib non-free non-free-firmware
diff --git a/supervisord.conf b/supervisord.conf
new file mode 100644
index 0000000..d14ef4a
--- /dev/null
+++ b/supervisord.conf
@@ -0,0 +1,11 @@
+[program:xfce]
+environment=HOME="/home/%(ENV_USER)s",USER="%(ENV_USER)s",DISPLAY="%(ENV_DISPLAY)s"
+command=/usr/bin/startxfce4
+stopsignal=INT
+autorestart=true
+priority=500
+user=%(ENV_USER)s
+stdout_logfile=/var/log/neko/xfce.log
+stdout_logfile_maxbytes=100MB
+stdout_logfile_backups=10
+redirect_stderr=true