homelab/config/docker/portainer/docker-compose.yml

# Portainer Docker Compose Configuration
# Deploy with: sudo mkdir -p /opt/docker/portainer && sudo cp config/docker/portainer/docker-compose.yml /opt/docker/portainer/
# Start with: cd /opt/docker/portainer && sudo docker-compose up -d

# PORTAINER CONFIGURATION
# - Web UI for Docker container management
# - Bound to localhost only (reverse proxy recommended)
# - Persistent data storage in named volume

services:
  portainer:
    image: portainer/portainer-ce:2.39.0
    container_name: portainer
    restart: unless-stopped

    # Environment
    environment:
      - TZ=Europe/Budapest

    # Network - bind to localhost for security
    ports:
      - "127.0.0.1:9000:9000"  # Web UI (reverse proxy only)

    # Volume mounts
    volumes:
      # Docker socket for container management
      - /var/run/docker.sock:/var/run/docker.sock
      # Portainer data
      - portainer_data:/data

    # Resource limits
    deploy:
      resources:
        limits:
          cpus: '0.5'
          memory: 512M
        reservations:
          cpus: '0.1'
          memory: 128M

    # No healthcheck — Portainer is distroless (no shell available)

volumes:
  portainer_data: