version: '2.3' volumes: ipfs_repo: services: ipfs: build: . image: docker.io/fphammerle/ipfs container_name: ipfs read_only: true volumes: - type: volume source: ipfs_repo target: /ipfs-repo read_only: no - type: tmpfs target: /tmp # entrypoint.sh tmpfs: # nosuid,nodev,noexec added by default mode: '1777' size: 16k # default config has approx 5kB ports: - '4001:4001' - '127.0.0.1:5001:5001' cap_drop: [ALL] security_opt: [no-new-privileges] restart: unless-stopped # https://docs.docker.com/compose/compose-file/compose-file-v2/