From 35195d1a62e22051d910e5b3c3f33098e78baaed Mon Sep 17 00:00:00 2001
From: Jeffrey Bian <jeffrey@springtail.io>
Date: Tue, 19 Aug 2025 09:48:45 -0700
Subject: [PATCH] fix: Base Image for Dev

- Added missing APT packages;
- Fixed the SSH configuration;
- Fixed the USER env var;
---
 docker/Dockerfile.base                     |  2 +-
 docker/ansible/roles/common/tasks/main.yml | 74 ++++++++++++----------
 docker/ansible/roles/ssh/tasks/main.yml    | 12 ++++
 3 files changed, 55 insertions(+), 33 deletions(-)

diff --git a/docker/Dockerfile.base b/docker/Dockerfile.base
index 2b68f00ed..a87002bac 100644
--- a/docker/Dockerfile.base
+++ b/docker/Dockerfile.base
@@ -5,7 +5,7 @@ ENV TINI_VERSION=v0.19.0 \
     ZIC=true \
     VCPKG_FORCE_SYSTEM_BINARIES=1 \
     VCPKG_ROOT=/home/dev/external/vcpkg \
-    USER=root
+    USER=dev
 # Expose PostgreSQL, Redis, and SSH ports
 EXPOSE 5432 6379 22
 
diff --git a/docker/ansible/roles/common/tasks/main.yml b/docker/ansible/roles/common/tasks/main.yml
index 0030d3cef..9b91bc4c1 100644
--- a/docker/ansible/roles/common/tasks/main.yml
+++ b/docker/ansible/roles/common/tasks/main.yml
@@ -1,53 +1,63 @@
 - name: Install core packages
   ansible.builtin.apt:
     name:
-      - lsb-release
-      - wget
-      - software-properties-common
-      - gnupg
-      - build-essential
       - autoconf
-      - libelf-dev
+      - binutils-dev
       - bison
+      - build-essential
+      - ca-certificates
       - clang-format
-      - pkg-config
+      - cmake
+      - curl
+      - dnsutils
+      - emacs-nox
       - flex
+      - g++-14
+      - gcc-14
+      - gdb
+      - git
+      - gnupg
+      - gpg
+      - htop
+      - iftop
+      - iproute2
+      - iputils-ping
+      - jq
+      - libbsd-dev
       - libdw-dev
-      - openssh-server
       - libdwarf-dev
-      - binutils-dev
+      - libelf-dev
       - linux-libc-dev
-      - cmake
-      - git
-      - curl
-      - zip
-      - unzip
-      - tar
+      - lsb-release
+      - net-tools
+      - netcat
       - ninja-build
-      - python3
-      - libbsd-dev
-      - redis-server
+      - nmap
+      - openssh-server
+      - pkg-config
       - postgresql-16
       - postgresql-contrib-16
-      - sudo
-      - vim
-      - ca-certificates
-      - gpg
-      - emacs-nox
-      - gcc-14
-      - g++-14
-      - gdb
+      - procps
+      - python3
+      - python3-boto3
+      - python3-jinja2
+      - python3-lxml
       - python3-pip
-      - python3-psycopg2
       - python3-psutil
+      - python3-psycopg2
       - python3-redis
       - python3-requests
       - python3-yaml
-      - python3-jinja2
-      - python3-lxml
-      - python3-boto3
-      - net-tools
-      - jq
+      - redis-server
+      - software-properties-common
+      - sudo
+      - tar
+      - traceroute
+      - unzip
+      - vim
+      - wget
+      - zip
+
     update_cache: true
     state: present
     autoclean: true
diff --git a/docker/ansible/roles/ssh/tasks/main.yml b/docker/ansible/roles/ssh/tasks/main.yml
index 442c02aa4..7bc7ffe60 100644
--- a/docker/ansible/roles/ssh/tasks/main.yml
+++ b/docker/ansible/roles/ssh/tasks/main.yml
@@ -3,3 +3,15 @@
     path: /etc/ssh/sshd_config
     regexp: 'PermitRootLogin prohibit-password'
     replace: 'PermitRootLogin yes'
+
+- name: Allow Password Login via SSH
+  ansible.builtin.replace:
+    path: /etc/ssh/sshd_config
+    regexp: '^PasswordAuthentication no'
+    replace: 'PasswordAuthentication yes'
+
+- name: Ensure SSH service is enabled and started
+  ansible.builtin.service:
+    name: ssh
+    enabled: true
+    state: started