[docker image] set filter-syscalls = false in nix.conf to workaround missing seccomp BPF program in arm64 linux

Author: savil

internal/devbox/generate/tmpl/DevboxImageDockerfile

@@ -7,20 +7,27 @@ ARG DEVBOX_USE_VERSION
 RUN apt-get update
 RUN apt-get -y install bash binutils git xz-utils wget sudo
 
-# Step 1.5: Setting up devbox user
+# Step 2: Prepare for Nix
+ARG TARGETPLATFORM
+RUN mkdir -p /etc/nix/
+RUN if [ "$TARGETPLATFORM" = "linux/arm64" ] || [ "$TARGETPLATFORM" = "linux/arm64/v8" ]; then \
+        echo "filter-syscalls = false" >> /etc/nix/nix.conf; \
+    fi
+
+# Step 3: Setting up devbox user
 ENV DEVBOX_USER=devbox
 RUN adduser $DEVBOX_USER
 RUN usermod -aG sudo $DEVBOX_USER
 RUN echo "devbox ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/$DEVBOX_USER
 USER $DEVBOX_USER
 
-# Step 2: Installing Nix
+# Step 4: Installing Nix
 RUN wget --output-document=/dev/stdout https://nixos.org/nix/install | sh -s -- --no-daemon
 RUN . ~/.nix-profile/etc/profile.d/nix.sh
 
 ENV PATH="/home/${DEVBOX_USER}/.nix-profile/bin:$PATH"
 
-# Step 3: Installing devbox
+# Step 5: Installing devbox
 ENV DEVBOX_USE_VERSION=$DEVBOX_USE_VERSION
 RUN wget --quiet --output-document=/dev/stdout https://get.jetify.com/devbox   | bash -s -- -f
 RUN chown -R "${DEVBOX_USER}:${DEVBOX_USER}" /usr/local/bin/devbox

internal/devbox/generate/tmpl/DevboxImageDockerfileRootUser

@@ -8,8 +8,12 @@ RUN apt-get update
 RUN apt-get -y install bash binutils git xz-utils wget sudo
 
 # Step 2: Installing Nix
+ARG TARGETPLATFORM
 RUN mkdir -p /etc/nix/
-RUN echo "filter-syscalls = false" >> /etc/nix/nix.conf && wget --output-document=/dev/stdout https://nixos.org/nix/install | sh -s -- --daemon
+RUN if [ "$TARGETPLATFORM" = "linux/arm64" ] || [ "$TARGETPLATFORM" = "linux/arm64/v8" ]; then \
+        echo "filter-syscalls = false" >> /etc/nix/nix.conf; \
+    fi 
+RUN wget --output-document=/dev/stdout https://nixos.org/nix/install | sh -s -- --daemon
 RUN . ~/.nix-profile/etc/profile.d/nix.sh
 
 ENV PATH="/root/.nix-profile/bin:$PATH"