#! /usr/bin/bash

set -euo pipefail
IFS=$'\n\t'

podman --transient-store run --rm -ti \
    --env WAYLAND_DISPLAY \
    --env XDG_RUNTIME_DIR=/tmp \
    --hostname localhost \
    --mount type=bind,source="${XDG_RUNTIME_DIR}"/"${WAYLAND_DISPLAY}",target=/tmp/"${WAYLAND_DISPLAY}" \
    --mount type=bind,readonly=true,source="$(systemd-path user)"/.keys/vaults,target=/root/.age/key \
    --mount type=bind,readonly=true,source="$(systemd-path user)"/.keys/vaults.pub,target=/root/.age/key.pub \
    --mount type=bind,source="$(systemd-path user)"/Vaults,target=/root/Vaults \
    --network systemd-ollama \
    vaulter:latest