version: '2.3'

services:

# nginx service
  nginx:
    build: .
    container_name: nginx
    restart: always
    tmpfs:
     - /var/tmp/nginx/client_body
     - /var/tmp/nginx/proxy
     - /var/tmp/nginx/fastcgi
     - /var/tmp/nginx/uwsgi
     - /var/tmp/nginx/scgi
     - /run
    network_mode: "host"
    ports:
     - "64297:64297"
    image: "ghcr.io/telekom-security/nginx:1903"
    read_only: true
    volumes:
     - /data/nginx/cert/:/etc/nginx/cert/:ro
     - /data/nginx/conf/nginxpasswd:/etc/nginx/nginxpasswd:ro
     - /data/nginx/log/:/var/log/nginx/