services:
  portainer:
    image: portainer/portainer-ce:latest
    container_name: portainer
    restart: unless-stopped
    security_opt:
      - no-new-privileges:true
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /var/run/docker.sock:/var/run/docker.sock
      - portainer_data:/data
    ports:
      - "${PORTAINER_PORT:?}:9000"
    command: -H unix:///var/run/docker.sock
    deploy:
      resources:
        limits:
          cpus: '0.25'
          memory: 128M
        reservations:
          memory: 64M
    networks:
      - portainer_network

volumes:
  portainer_data:

networks:
  portainer_network:
    name: portainer_network
    driver: bridge