services: redlib: image: quay.io/redlib/redlib:latest restart: always container_name: "redlib" ports: - 4243:8080 user: nobody read_only: true security_opt: - no-new-privileges:true # - seccomp=seccomp-redlib.json cap_drop: - ALL env_file: .env networks: - redlib healthcheck: test: ["CMD", "wget", "--spider", "-q", "--tries=1", "http://localhost:4243/settings"] interval: 5m timeout: 3s networks: redlib: