version: '3.9' services: # Caddy caddy: image: caddy:latest container_name: caddy profiles: - caddy restart: on-failure ports: - 80:80 - 443:443 volumes: - wordpress:/var/www/html:rw - caddy_data:/data:rw - caddy_config:/config:rw - ./caddy:/etc/caddy:ro networks: - infra-network env_file: - env/caddy.env cap_add: - NET_ADMIN security_opt: - no-new-privileges:true # cap_drop: # - ALL # cap_add: # - CHOWN # - FOWNER # - DAC_OVERRIDE # - SETGID # - SETUID # - NET_BIND_SERVICE healthcheck: test: pidof caddy || exit 1 interval: 120s timeout: 10s retries: 3 volumes: caddy_data: name: caddy_data caddy_config: name: caddy_config