FROM ubuntu:24.04
LABEL DOCUMENTATON='Container needs "--cap-add SYS_ADMIN --device /dev/fuse --security-opt apparmor:unconfined" to work'

ARG GOCRYPTFS_PASSWORD
ARG DIR_CIPHER
ARG DIR_PLAIN

SHELL ["/bin/bash", "-e", "-u", "-x", "-o", "pipefail", "-c"]
RUN <<EOS
    apt-get update
    apt-get install --yes gocryptfs
    mkdir $DIR_CIPHER $DIR_PLAIN
    echo $GOCRYPTFS_PASSWORD > /tmp/passfile.txt
    gocryptfs -init --config /root/gocryptfs.conf --passfile /tmp/passfile.txt $DIR_CIPHER
    rm /tmp/passfile.txt
    echo -e "#!/bin/bash\n" > /entrypoint.sh
    echo "echo ${GOCRYPTFS_PASSWORD} > /tmp/passfile.txt" >> /entrypoint.sh
    echo "gocryptfs -nosyslog -config /root/gocryptfs.conf --passfile /tmp/passfile.txt ${DIR_CIPHER} ${DIR_PLAIN}" >> /entrypoint.sh
    echo "rm -f /tmp/passfile.txt\n" >> /entrypoint.sh
    # RUN YOUR DESIRED PROGRAM HERE!
    echo "exec /bin/bash" >> /entrypoint.sh
    chmod a=rx /entrypoint.sh
    rm -rf /var/lib/apt/lists/*
EOS

ENTRYPOINT ["/entrypoint.sh"]