start lxc work

Dockerfile

@@ -1,8 +1,29 @@
-FROM code.forgejo.org/forgejo/runner:5
+FROM code.forgejo.org/forgejo/runner:5 AS runner
+FROM debian:bullseye
+
+COPY --from=runner /bin/forgejo-runner /bin/forgejo-runner
 
 USER root
 COPY ./entrypoint.sh /entrypoint.sh
 RUN chmod +x /entrypoint.sh
 
-USER runner
+# Install required packages
+RUN apt-get update && \
+    apt-get install -y sudo lxc lxc-templates uidmap && \
+    apt-get clean
+
+# Configure user and permissions
+RUN useradd -m runner && \
+    echo "runner ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/runner && \
+    chmod 0440 /etc/sudoers.d/runner && \
+    mkdir /data && chown runner:runner /data
+
+# Enable subuid and subgid for unprivileged containers
+RUN echo "runner:100000:65536" >> /etc/subuid && \
+    echo "runner:100000:65536" >> /etc/subgid
+
+VOLUME [ "/data" ]
+
+WORKDIR /data
+
 ENTRYPOINT [ "/entrypoint.sh" ]

entrypoint.sh

@@ -22,6 +22,8 @@ decho $PWD
 if [[ $(id -u) -eq 0 ]]; then
   ISROOT=true
   decho "[WARNING] Running as root user"
+else
+  decho "[INFO] Running as non-root user: $(id -u)"
 fi
 
 # Handle if `command` is passed, as command appends arguments to the entrypoint
@@ -30,6 +32,24 @@ if [ "$#" -gt 0 ]; then
   exit
 fi
 
+
+# LXC setup
+if [[ "${LXC}" == "true" ]]; then
+  decho "Initializing LXC environment..."
+  lxc-checkconfig || {
+    echo "LXC environment is not correctly configured." >&2
+    exit 1
+  }
+
+  if [[ ! -d /var/lib/lxc ]]; then
+    mkdir -p /var/lib/lxc
+    chown -R $(id -u):$(id -g) /var/lib/lxc
+  fi
+
+  decho "LXC environment initialized."
+fi
+
+
 # Handle and alter the config file
 if [[ -z "${CONFIG_FILE}" ]]; then
   echo "CONFIG_FILE is not set"