networks:
  # `docker network create proxy`
  proxy:
    external: true

services:
  caddy:
    build: 
      context: .
      dockerfile: ./caddy.Dockerfile
    restart: unless-stopped
    networks:
      - proxy
    cap_add:
      - NET_ADMIN
    ports:
      - 80:80
      - 443:443
      - 443:443/udp
    environment:
      - CF_API_TOKEN
    volumes:
      - ./Caddyfile:/etc/caddy/Caddyfile
      - ${DATA_DIR}/caddy:/data
      - ${CONFIG_DIR}/caddy:/config 
      
  adguardhome:
    image: adguard/adguardhome
    restart: unless-stopped
    network_mode: service:caddy
    volumes:
      - ${DATA_DIR}/adguardhome:/opt/adguardhome/work
      - ${CONFIG_DIR}/adguardhome:/opt/adguardhome/conf     

  tailscale:
    image: tailscale/tailscale:latest
    restart: unless-stopped
    network_mode: service:caddy
    environment:
      - TS_AUTHKEY=${TS_AUTHKEY}
      # - TS_EXTRA_ARGS=--advertise-tags=tag:${TS_TAG}
      - TS_STATE_DIR=/var/lib/tailscale
      - TS_USERSPACE=false
    volumes:
      - ${DATA_DIR}/tailscale/state:/var/lib/tailscale
    sysctls:
      - net.ipv6.conf.all.forwarding=1      
    devices:
      - /dev/net/tun:/dev/net/tun
    cap_add:
      - net_admin
      - sys_module