services:
  arch-dev:
    build: .
    image: arch-dev:latest
    container_name: arch-dev
    hostname: arch-dev
    stdin_open: true
    tty: true

    volumes:
      # Project files — bind mount, host-visible
      - ./workspace:/workspace

      # Stateful home — named volume, survives --rm
      # Reset with: docker volume rm arch-dev_arch-dev-home
      - arch-dev-home:/home/dev

    environment:
      - TERM=xterm-256color
      - MOBILE=${MOBILE:-0}
      - GIT_AUTHOR_NAME=${GIT_NAME:-dev}
      - GIT_AUTHOR_EMAIL=${GIT_EMAIL:-dev@localhost}
      - GIT_COMMITTER_NAME=${GIT_NAME:-dev}
      - GIT_COMMITTER_EMAIL=${GIT_EMAIL:-dev@localhost}

    cap_drop:
      - ALL
    cap_add:
      - NET_BIND_SERVICE
      - SETUID
      - SETGID
      - AUDIT_WRITE
      - NET_ADMIN
      - NET_RAW

    devices:
      - /dev/net/tun:/dev/net/tun

volumes:
  arch-dev-home: