name: ghostfolio-agent services: ghostfolio: build: context: .. dockerfile: Dockerfile container_name: ghostfolio-agent restart: unless-stopped init: true cap_drop: - ALL security_opt: - no-new-privileges:true environment: - DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/${POSTGRES_DB}?connect_timeout=300&sslmode=prefer - REDIS_HOST=redis - REDIS_PORT=6379 - REDIS_PASSWORD=${REDIS_PASSWORD} - ACCESS_TOKEN_SALT=${ACCESS_TOKEN_SALT} - JWT_SECRET_KEY=${JWT_SECRET_KEY} - NODE_ENV=production ports: - ${PORT:-3333}:3333 depends_on: postgres: condition: service_healthy redis: condition: service_healthy healthcheck: test: ['CMD-SHELL', 'curl -f http://localhost:3333/api/v1/health'] interval: 10s timeout: 5s retries: 5 postgres: image: docker.io/library/postgres:15-alpine container_name: gf-agent-postgres restart: unless-stopped cap_drop: - ALL cap_add: - CHOWN - DAC_READ_SEARCH - FOWNER - SETGID - SETUID security_opt: - no-new-privileges:true environment: - POSTGRES_DB=${POSTGRES_DB} - POSTGRES_USER=${POSTGRES_USER} - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} healthcheck: test: ['CMD-SHELL', 'pg_isready -d "$${POSTGRES_DB}" -U $${POSTGRES_USER}'] interval: 10s timeout: 5s retries: 5 volumes: - postgres_data:/var/lib/postgresql/data redis: image: docker.io/library/redis:alpine container_name: gf-agent-redis restart: unless-stopped user: '999:1000' cap_drop: - ALL security_opt: - no-new-privileges:true command: - /bin/sh - -c - redis-server --requirepass "$${REDIS_PASSWORD:?REDIS_PASSWORD variable is not set}" environment: - REDIS_PASSWORD=${REDIS_PASSWORD} healthcheck: test: ['CMD-SHELL', 'redis-cli --pass "$${REDIS_PASSWORD}" ping | grep PONG'] interval: 10s timeout: 5s retries: 5 volumes: postgres_data: