This topic has been expanded into two detailed per-application guides:

Updated Documentation

Read-Only Filesystem Per-Application Guide

A full guide covering read-only root filesystems across all CleanStart application types. Includes: complete writable path inventory for PostgreSQL, Redis, Kafka, Nginx, Python, Node.js, Java, Go, and Rust; per-application Dockerfiles, Kubernetes manifests, and docker-compose configurations; detailed troubleshooting for read-only issues; and volume type recommendations for each application.

Shell-Less Operations Guide

A detailed guide explaining shell-less container architecture and per-application implementation patterns. Covers: ENTRYPOINT best practices (exec form vs shell form), the critical role of PID 1 in signal handling, why cleanimg-init is the recommended entry point, complete configuration without shell utilities, and modern debugging approaches using structured logging, metrics, and health endpoints instead of interactive shells.

The original consolidated guide has been split into these two focused guides to provide deeper per-application coverage and practical implementation examples for each application type used in CleanStart.