# Expected outcome: Container fails to start due to unwritable config partition
# - NETALERTX_CONFIG shows as mounted but unwritable (❌ in Writeable column)
# - 30-writable-config.sh detects permission error and exits with code 1
# - Container startup fails because config files cannot be written to
services:
  netalertx:
    network_mode: host
    build:
      context: ../../../
      dockerfile: Dockerfile
    image: netalertx-test
    container_name: netalertx-test-mount-config_unwritable
    cap_drop:
      - ALL
    cap_add:
      - NET_ADMIN
      - NET_RAW
      - NET_BIND_SERVICE
    environment:
      LISTEN_ADDR: 0.0.0.0
      PORT: 9999  # Use non-default port to test all paths
      APP_CONF_OVERRIDE: 20212
      ALWAYS_FRESH_INSTALL: true
      NETALERTX_DEBUG: 0
      NETALERTX_CONFIG: /app/config

    volumes:
      - type: volume
        source: netalertx_db
        target: /app/db
        read_only: false
      - type: volume
        source: test_netalertx_config
        target: /app/config
        read_only: true
    tmpfs:
      - "/app/api:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
      - "/app/log:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
      - "/services/run:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
      - "/services/config/nginx/conf.active:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
volumes:
  netalertx_config:
  netalertx_db:
  test_netalertx_db:
  test_netalertx_config:
  test_netalertx_api:
  test_netalertx_log:
  test_system_services_run:
  test_system_services_active_config: