services: ghostfolio: image: docker.io/ghostfolio/ghostfolio:latest init: true read_only: true cap_drop: - ALL security_opt: - no-new-privileges:true # uncomment to set resource usage limits # deploy: # resources: # limits: # cpus: "4" # memory: 500m # pids: 1024 env_file: - ../.env environment: DATABASE_URL: postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/${POSTGRES_DB}?connect_timeout=300&sslmode=prefer NODE_ENV: production REDIS_HOST: redis REDIS_PASSWORD: ${REDIS_PASSWORD} ports: - 3333:3333 depends_on: postgres: condition: service_healthy redis: condition: service_healthy healthcheck: test: ['CMD-SHELL', 'curl -f http://localhost:3333/api/v1/health'] interval: 10s timeout: 5s retries: 5 postgres: image: docker.io/library/postgres:15 cap_drop: - ALL cap_add: - CHOWN - DAC_READ_SEARCH - FOWNER - SETGID - SETUID security_opt: - no-new-privileges:true # uncomment to set resource usage limits # deploy: # resources: # limits: # cpus: "2" # memory: 250m # pids: 1024 env_file: - ../.env healthcheck: test: ['CMD-SHELL', 'pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}'] interval: 10s timeout: 5s retries: 5 volumes: - postgres:/var/lib/postgresql/data redis: image: docker.io/library/redis:alpine # cap_drop: # - ALL # cap_add: # - DAC_OVERRIDE security_opt: - no-new-privileges:true # uncomment to set resource usage limits # deploy: # resources: # limits: # cpus: "2" # memory: 250m # pids: 1024 env_file: - ../.env command: ['redis-server', '--requirepass', $REDIS_PASSWORD] healthcheck: test: ['CMD-SHELL', 'redis-cli --pass $REDIS_PASSWORD ping | grep PONG'] interval: 10s timeout: 5s retries: 5 volumes: postgres: