services: pushkinohistory-ru-v2: build: context: . image: pushkinohistory-ru-v2:latest container_name: pushkinohistory-ru-v2 restart: unless-stopped ports: - "127.0.0.1:4146:80" volumes: # cron на хосте пишет news.json для агрегатора внешних RSS - /opt/docker/sites/pushkinohistory-ru-v2/data:/var/lib/pushkino/data:ro cap_drop: [ALL] cap_add: [NET_BIND_SERVICE, CHOWN, SETUID, SETGID, DAC_OVERRIDE] security_opt: [no-new-privileges:true] tmpfs: - /tmp:noexec,nosuid,size=16m - /var/cache/nginx:size=32m - /var/run:size=4m healthcheck: test: ["CMD", "wget", "-q", "--spider", "http://127.0.0.1/"] interval: 30s timeout: 5s retries: 3 start_period: 10s