refactor: cleanup devc script

.gitignore

@@ -1 +0,0 @@
-state

devc.sh

@@ -4,12 +4,6 @@
 # Dev container enter script. Handles setting up  #
 # different dev containers, resuming sessions and #
 # automatic container updates.                    #
-#                                                 #
-# TODO:                                           #
-# - Remove security-opt label=disable             #
-#   when possible.                                #
-# - Look into removeing userns=keep-id.           #
-# - Isolate ssh keys to containers.               #
 # =============================================== #
 set -eu
 log() { printf '\e[%sm%s\e[0m %s\n' "${3:-36}" "${2:-○}" "$1"; }
@@ -20,27 +14,29 @@ arg() { echo -n " $@"; }
 default_args() {
   arg "--name $name"
   arg "--hostname $name"
+
+  # Pull newer container image if available.
   arg "--pull=newer"
 
-  # Disable some security settings so host directories can
-  # be mounted without problems.
-  arg "--security-opt label=disable" # disable labeling so mounts don't need to be labeled.
-  arg "--userns=keep-id"             # required for ~/.ssh which is usually 700.
+  # Use keep-id so the container user matches the host user.
+  arg "--userns=keep-id"
+
+  # Disable selinux labeling so unix sockets can be mounted
+  # without problems.
+  arg "--security-opt label=disable"
 
   # Mount the wayland socket. Required to get the system
   # clipboard (wl-copy) and gui applications working.
   [ -e "/run/user/$UID/wayland-0" ] && arg "-v /run/user/$UID/wayland-0:/run/user/1000/wayland-0"
 
-  # Mount the ssh socket to get ssh commands working.
-  [ -e "$SSH_AUTH_SOCK" ] && arg "-v $SSH_AUTH_SOCK:/run/user/1000/ssh-auth-sock"
-
-  # Load custom configuration for container.
-  config_file="$script_dir/containers/$name/config.sh"
-  [ -f "${config_file}" ] && source "${config_file}"
-
-  # Add a volume for the home directory so it survives
-  # container updates.
+  # Make the user home dir a volume so it survives container
+  # restarts. Use copy to keep the homedir files from the image.
   arg "-v $name:/home/user:copy"
+
+  # If there is custom configuration for the container, load
+  # it here.
+  config_file="$(dirname "$(realpath "$0")")/containers/$name/config.sh"
+  [ -f "${config_file}" ] && source "${config_file}"
 }
 
 # param_args returns the podman run arguments based on the
@@ -51,16 +47,17 @@ param_args() {
     -gpu) # Enable gpu acceleration.
       arg "--device /dev/dri" ;;
     -host-spawn) # Enable spawning host commands from inside the container using host-spawn.
-      arg "-v /run/user/$UID/bus:/tmp/bus" ;;
-    *) # Use argument as is.
-      echo "$1" ;;
+      arg "-v /run/user/$UID/bus:/tmp/bus"
+      arg "-e HOST_HOME=$HOME" # Use to translate paths.
+      ;;
+    *) # Use unknown arguments a podman arguments.
+      arg "$1" ;;
     esac
     shift
   done
 }
 
 ### MAIN ###
-script_dir="$(dirname "$(realpath "$0")")"
 
 # Get container registry from DEVC_REGISTRY env variable.
 if [ -n "${DEVC_REGISTRY:-}" ]; then
@@ -73,16 +70,16 @@ fi
 # Get the devcontainer name from the first argument. If not
 # provided, use the last used name when possible.
 if [[ $# -gt 0 ]] && [[ ${1:-} != -* ]]; then
-  name="$1"
-  mkdir -p "$script_dir/state"
-  echo "$name" >"$script_dir/state/last-name"
+  image="$1"
+  echo "$image" >"$HOME/.local/share/devc-previous-container"
   shift
-elif [ -f "$script_dir/state/last-name" ]; then
-  name=$(<"$script_dir/state/last-name")
+elif [ -f "$HOME/.local/share/devc-previous-container" ]; then
+  image=$(<"$HOME/.local/share/devc-previous-container")
 else
   log "no container name specified" 'x' 31
   exit 1
 fi
+name="${image%:*}"
 
 # Create a new container when the container is not running or
 # when any arguments are provided.