version: '3.8'

services:
  stronghold:
    build: .
    ports:
      - "8080:80"
    volumes:
      # Socket access for Podman (rootless)
      # For Podman rootless, mount the socket to /var/run/docker.sock inside container
      # This way the Docker SDK can find it at the standard location
      - ${XDG_RUNTIME_DIR}/podman/podman.sock:/var/run/docker.sock:ro
      # Database persistence
      - ./data:/app/data
      # Hot reload frontend (optional, for development)
      - ./index.html:/usr/share/nginx/html/index.html:ro,z
      - ./manage.html:/usr/share/nginx/html/manage.html:ro,z
      - ./yaml-validator.js:/usr/share/nginx/html/yaml-validator.js:ro,z
    environment:
      # Set working directory for database
      - PWD=/app/data
      # Pass XDG_RUNTIME_DIR for Podman rootless
      - XDG_RUNTIME_DIR=${XDG_RUNTIME_DIR:-/run/user/1000}
    working_dir: /app/data
    restart: unless-stopped