FROM ghcr.io/bluesky-social/pds:0.4

# 1 = bypass int validation for PDS_PORT so we can use unix sockets instead
# 2 = x-forwarded-for hack because the entire js ecosystem can not handle unix sockets correctly (https://www.npmjs.com/package/trustproxy)
# 3,4 = tid suffix trick
RUN sed -i "s/common_1.envInt)('PDS_PORT/common_1.envStr)('PDS_PORT/" /app/node_modules/@atproto/pds/dist/config/env.js \
 && sed -i "s/'trust proxy'/'trust proxy', (ip) => ip == undefined/" /app/node_modules/@atproto/pds/dist/index.js \
 && sed -i "s/(0, syntax_1.ensureValidRecordKey)(rkey);/if (!opts.rkey) { const SUFFIX = 'kopper'; rkey = rkey.substr(0,13-SUFFIX.length) + SUFFIX };(0, syntax_1.ensureValidRecordKey)(rkey);/" /app/node_modules/@atproto/pds/dist/repo/prepare.js \
 && sed -i "s/const rkey/let rkey/" /app/node_modules/@atproto/pds/dist/repo/prepare.js