Spart duplizierte Codeblöcke in einer Compose-Definition:
x-security: &security
cap_drop:
- AUDIT_WRITE
- MKNOD
- SYS_CHROOT
- NET_RAW
- SETFCAP
- SYS_PTRACE
- SYS_ADMIN
security_opt:
- no-new-privileges:true
services:
webserver:
<<: *security
...
php:
<<: *security
...
database:
<<: *security
...