services:
  sgo:
    build: .
    container_name: sgo
    ports:
      - "${SGO_PORT:-5000}:5000"
    # keep-id maps your host UID into the container — no root, no user switching needed.
    # Podman only; remove this line if using Docker.
    userns_mode: keep-id
    volumes:
      # Your AWS credentials, read-only. Set AWS_CONFIG_PATH in .env or shell.
      # Defaults to ~/.aws if not set.
      - ${AWS_CONFIG_PATH:-${HOME}/.aws}:/config/.aws:ro,z
      # Persistent database storage
      - sgo-data:/app/data
    environment:
      - DEBUG=${DEBUG:-false}
      - FLASK_ENV=${FLASK_ENV:-production}
      - PYTHONUNBUFFERED=1
    restart: unless-stopped

volumes:
  sgo-data: