diff --git a/Dockerfile b/Dockerfile
index 1d6ee6a9..8b89e11b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -12,12 +12,13 @@ LABEL maintainer="AdGuard Team <devteam@adguard.com>"
 
 # Update CA certs
 RUN apk --no-cache --update add ca-certificates libcap && \
-    rm -rf /var/cache/apk/* && mkdir -p /opt/adguardhome/conf /opt/adguardhome/work
+    rm -rf /var/cache/apk/* && \
+    mkdir -p /opt/adguardhome/conf /opt/adguardhome/work && \
+    chown -R nobody: /opt/adguardhome
 
-COPY --from=build /src/AdGuardHome/AdGuardHome /opt/adguardhome/AdGuardHome
+COPY --from=build --chown=nobody: /src/AdGuardHome/AdGuardHome /opt/adguardhome/AdGuardHome
 
-RUN chown -R nobody: /opt/adguardhome \
-    && setcap 'cap_net_bind_service=+eip' /opt/adguardhome/AdGuardHome
+RUN setcap 'cap_net_bind_service=+eip' /opt/adguardhome/AdGuardHome
 
 EXPOSE 53/tcp 53/udp 67/tcp 67/udp 68/tcp 68/udp 80/tcp 443/tcp 853/tcp 853/udp 3000/tcp
 
@@ -25,7 +26,7 @@ VOLUME ["/opt/adguardhome/conf", "/opt/adguardhome/work"]
 
 WORKDIR /opt/adguardhome/work
 
-USER nobody
+#USER nobody
 
 ENTRYPOINT ["/opt/adguardhome/AdGuardHome"]
 CMD ["-c", "/opt/adguardhome/conf/AdGuardHome.yaml", "-w", "/opt/adguardhome/work"]
diff --git a/Dockerfile.travis b/Dockerfile.travis
index 3a4ba640..bdfbb00a 100644
--- a/Dockerfile.travis
+++ b/Dockerfile.travis
@@ -3,13 +3,13 @@ LABEL maintainer="AdGuard Team <devteam@adguard.com>"
 
 # Update CA certs
 RUN apk --no-cache --update add ca-certificates libcap && \
-    rm -rf /var/cache/apk/* && mkdir -p /opt/adguardhome/conf /opt/adguardhome/work
+    rm -rf /var/cache/apk/* && \
+    mkdir -p /opt/adguardhome/conf /opt/adguardhome/work && \
+    chown -R nobody: /opt/adguardhome
 
+COPY --chown=nobody: ./AdGuardHome /opt/adguardhome/AdGuardHome
 
-COPY ./AdGuardHome /opt/adguardhome/AdGuardHome
-
-RUN chown -R nobody: /opt/adguardhome \
-    && setcap 'cap_net_bind_service=+eip' /opt/adguardhome/AdGuardHome
+RUN setcap 'cap_net_bind_service=+eip' /opt/adguardhome/AdGuardHome
 
 EXPOSE 53/tcp 53/udp 67/tcp 67/udp 68/tcp 68/udp 80/tcp 443/tcp 853/tcp 853/udp 3000/tcp
 
@@ -17,7 +17,7 @@ VOLUME ["/opt/adguardhome/conf", "/opt/adguardhome/work"]
 
 WORKDIR /opt/adguardhome/work
 
-USER nobody
+#USER nobody
 
 ENTRYPOINT ["/opt/adguardhome/AdGuardHome"]
 CMD ["-h", "0.0.0.0", "-c", "/opt/adguardhome/conf/AdGuardHome.yaml", "-w", "/opt/adguardhome/work"]
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 00000000..1c3d6646
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,31 @@
+%YAML 1.2
+---
+# https://docs.docker.com/compose/compose-file/
+
+version: '2.4'
+
+services:
+
+  adguard-home:
+    image: adguard/adguardhome:armhf-latest
+    init: true
+    ports:
+    - "53:53/tcp"
+    - "53:53/udp"
+    - "67:67/tcp"
+    - "67:67/udp"
+    - "68:68/tcp"
+    - "68:68/udp"
+    - "80:80/tcp"
+    - "443:443/tcp"
+    - "853:853/tcp"
+    - "853:853/udp"
+    - "3000:3000/tcp"
+    volumes:
+    - /opt/adguard-home:/opt/adguardhome/conf
+    - /srv/adguard-home:/opt/adguardhome/work
+    #user: nobody
+    read_only: true
+    restart: always
+
+...