Revert "feat: add ssh key into memory"

This reverts commit 2b19cccdbc.

.bin/create-home-tarball.sh

@@ -14,5 +14,5 @@ replace_home() {
 find .config -type d -exec chmod g+x {} +
 
 replace_home "$PWD" "/home/devuser"
-tar -czf home.tar.gz --owner root:0 --group secproc:1002 --xform "s,$PWD,/home/devuser," .config .local .ssh start.sh
+tar --mode=a=r,u+w,a+x -czf home.tar.gz --owner root:0 --group root:0 --xform "s,$PWD,/home/devuser," .config .local .ssh
 replace_home "/home/devuser" "$PWD"

.bin/install-config.sh

@@ -0,0 +1,5 @@
+#!/usr/bin/env fish
+
+fisher install patrickf1/fzf.fish jorgebucaran/autopair.fish gazorby/fish-abbreviation-tips jethrokuan/z
+echo 'function fish_greeting; fortune; end' >"$HOME"/.config/fish/functions/fish_greeting.fish
+echo 'starship init fish | source' >"$HOME"/.config/fish/config.fish

.bin/test-tmux.sh

@@ -24,7 +24,5 @@ if ! tmux has-session -t "$SESSION" 2>/dev/null; then
   tmux new-session -d -s "$SESSION" -n editor 'HOME='"$HOME"' XDG_STATE_HOME='"$HOME/.state"' /usr/bin/fish'
 fi
 
-tmux send-keys -t $SESSION:editor 'fisher install jorgebucaran/fisher pure-fish/pure patrickf1/fzf.fish jorgebucaran/autopair.fish gazorby/fish-abbreviation-tips jethrokuan/z' Enter
-
 # Attach to it
 exec tmux attach -t "$SESSION"

.config/fish/config.fish

@@ -0,0 +1 @@
+starship init fish | source

.config/fish/fish_plugins

@@ -0,0 +1,4 @@
+patrickf1/fzf.fish
+jorgebucaran/autopair.fish
+gazorby/fish-abbreviation-tips
+jethrokuan/z

.config/fish/functions/fish_greeting.fish

@@ -0,0 +1 @@
+function fish_greeting; fortune; end

.config/nvim/lazyvim.json

@@ -21,6 +21,7 @@
     "lazyvim.plugins.extras.lang.json",
     "lazyvim.plugins.extras.lang.markdown",
     "lazyvim.plugins.extras.lang.python",
+    "lazyvim.plugins.extras.lang.rust",
     "lazyvim.plugins.extras.lang.scala",
     "lazyvim.plugins.extras.lang.sql",
     "lazyvim.plugins.extras.lang.toml",

.config/tmux/tmux.conf.local

@@ -431,9 +431,9 @@ tmux_conf_uninstall_plugins_on_reload=true
 # visit https://github.com/tmux-plugins for available plugins
 #set -g @plugin 'tmux-plugins/tmux-copycat'
 #set -g @plugin 'tmux-plugins/tmux-cpu'
-#set -g @plugin 'tmux-plugins/tmux-resurrect'
+set -g @plugin 'tmux-plugins/tmux-resurrect'
-#set -g @plugin 'tmux-plugins/tmux-continuum'
+set -g @plugin 'tmux-plugins/tmux-continuum'
-#set -g @continuum-restore 'on'
+set -g @continuum-restore 'on'
 
 set -g @plugin 'catppuccin/tmux'
 

.gitignore

@@ -2,6 +2,11 @@ logs
 .local
 .cache
 .state
-.config/fish
+.config/fish/*/*
+.config/fish/fish_variables
+!.config/fish/config.fish
+!.config/fish/fish_plugins
+!.config/fish/functions/fish_greeting.fish
 .npm
 .config/nvim/lazy-lock.json
+home.tar.gz

.ssh/config

@@ -1,7 +1,6 @@
 Host alps
     HostName 10.88.0.1
     User git
-    IdentityFile ~/.ssh/id_ed25519
     IdentitiesOnly yes
     StrictHostKeyChecking yes
     Port 2222
@@ -10,7 +9,6 @@ Host alps
 Host github
     HostName github.com
     User git
-    IdentityFile ~/.ssh/id_ed25519
     IdentitiesOnly yes
     StrictHostKeyChecking yes
     ProxyCommand none

.vscode/tasks.json

@@ -40,22 +40,6 @@
       "problemMatcher": [],
       "detail": "Copy Containerfile to $HOME/"
     },
-    {
-      "label": "GitOps(Update): ssh_router.sh",
-      "type": "shell",
-      "command": ".bin/gitops update ssh_router",
-      "group": "build",
-      "problemMatcher": [],
-      "detail": "Copy ssh_router.sh to $HOME/.local/bin/"
-    },
-    {
-      "label": "GitOps(Update): gitops_router.sh",
-      "type": "shell",
-      "command": ".bin/gitops update gitops_router",
-      "group": "build",
-      "problemMatcher": [],
-      "detail": "Copy gitops_router.sh to $HOME/.local/bin"
-    },
     {
       "label": "GitOps(Update): home.tar.gz",
       "type": "shell",
@@ -73,12 +57,12 @@
       "detail": "Copy gitconfig.template to $HOME/"
     },
     {
-      "label": "GitOps(Update): validate_command_access.sh",
+      "label": "GitOps(Update): start.sh",
       "type": "shell",
-      "command": ".bin/gitops update validate_command",
+      "command": ".bin/gitops update start.sh",
       "group": "build",
       "problemMatcher": [],
-      "detail": "Copy validate_command_access.sh to $HOME/.local/bin"
+      "detail": "Copy start.sh to $HOME/"
     },
     {
       "label": "Create home tarball",
@@ -110,6 +94,13 @@
       "problemMatcher": [],
       "detail": "run podman rm $args on remote"
     },
+    {
+      "label": "GitOps: Remove workspace image",
+      "type": "shell",
+      "command": ".bin/gitops rmi ${input:images}",
+      "problemMatcher": [],
+      "detail": "run podman rmi $args on remote"
+    },
     {
       "label": "Cleanup worktree",
       "type": "shell",
@@ -125,6 +116,12 @@
       "description": "Pick a container",
       "options": ["pallav", "palak", "param", "darshan"],
       "default": "pallav"
+    },
+    {
+      "id": "images",
+      "type": "promptString",
+      "description": "space separated list of images",
+      "default": ""
     }
   ]
 }

Containerfile

@@ -4,23 +4,22 @@
 FROM archlinux:base-devel-20250511.0.348143 as base
 
 ARG DEV_USER=devuser
-ARG DEV_UID=1001
+ARG DEV_UID=1000
-ARG DEV_GID=1001
+ARG DEV_GID=1000
 
 # Install all necessary packages and clean up cache
 RUN pacman -Sy --noconfirm && \
   pacman -S --noconfirm --needed \
-  base-devel neovim git git-lfs fish tmux go-yq \
+  base-devel neovim git git-lfs fish tmux go-yq rust starship podman \
-  nodejs python podman fzf fd ripgrep jdk-openjdk fisher yazi less \
+  nodejs python fzf fd ripgrep jdk-openjdk fisher yazi less rust-analyzer \
   lazygit luarocks python-pynvim npm bash-completion tree-sitter-cli kitty-terminfo \
-  lua51 openssh && \
+  lua51 openssh fortune-mod podman-compose podman-docker && \
   pacman -Scc --noconfirm && \
-  rm -rf /var/cache/pacman/pkg/*
+  rm -rf /var/cache/pacman/pkg/* /usr/bin/sshd /usr/lib/systemd/system/sshd.service
 
 # Create user/groups as per your script, with -l to avoid system user quirks
 RUN groupadd -g $DEV_GID $DEV_USER && \
-  groupadd -g 1002 secproc && \
+  useradd -l -ms /bin/fish -u $DEV_UID -g $DEV_GID $DEV_USER
-  useradd -l -ms /bin/fish -G secproc -u $DEV_UID -g $DEV_GID $DEV_USER
 
 # ────────────────────────
 # Stage 2: Workspace Image
@@ -28,15 +27,19 @@ RUN groupadd -g $DEV_GID $DEV_USER && \
 FROM base as workspace
 
 ARG DEV_USER=devuser
-ARG DEV_UID=1001
+ARG DEV_UID=1000
-ARG DEV_GID=1001
+ARG DEV_GID=1000
 ARG DEV_HOME=/home/$DEV_USER
+ARG POD_USER=mypodmanuser
+ARG POD_UID=1002
 
 # Use ADD for extracting archives
 ADD home.tar.gz $DEV_HOME
+COPY --chmod=755 start.sh $DEV_HOME/
 
 # Prepare .ssh and known_hosts, and fix permissions only if dirs exist
 RUN mkdir -p $DEV_HOME/.ssh && \
+  touch /etc/containers/nodocker && \
   ssh-keyscan -p 2222 10.88.0.1 >> $DEV_HOME/.ssh/known_hosts && \
   ssh-keyscan -p 22 github.com >> $DEV_HOME/.ssh/known_hosts && \
   for d in $DEV_HOME/.local \
@@ -54,7 +57,10 @@ RUN mkdir -p $DEV_HOME/.ssh && \
   done
 
 WORKDIR /app
-ENV CONTAINER_HOST=unix:///run/podman/podman.sock
 USER $DEV_USER
 
+RUN  podman system connection add my-remote --identity $DEV_HOME/.ssh/id_ed25519 \
+  ssh://$POD_USER@10.88.0.1/run/user/${POD_UID}/podman/podman.sock && \
+  podman system connection default my-remote
+
 CMD ["/home/devuser/start.sh"]

start.sh

@@ -1,2 +1,2 @@
 #!/bin/bash
-EDITOR=nvim tmux new-session -s "$1"
+PODMAN_COMPOSE_WARNING_LOGS=false EDITOR=nvim CONTAINER_CONNECTION=my-remote tmux new-session -s "$1"