services:
  tailscale:
    container_name: tailscale
    image: tailscale/tailscale:v1.66.4
    environment:
      - TS_SERVE_CONFIG=${TAILSCALE_SERVE_CONFIG}
      - TS_ACCEPT_DNS=${TAILSCALE_ACCEPT_DNS-false}
      - TS_AUTH_ONCE=${TAILSCALE_AUTH_ONCE-false}
      - TS_AUTHKEY=${TAILSCALE_AUTHKEY}
      - TS_HOSTNAME=${TAILSCALE_HOSTNAME-runtipi}
      - TS_ROUTES=${TAILSCALE_ROUTES}
      - TS_EXTRA_ARGS=${TAILSCALE_EXTRA_ARGS}
      - TS_USERSPACE=${TAILSCALE_USERSPACE-true}
      - TS_STATE_DIR=/var/lib/tailscale
    cap_add:
      - net_admin
      - sys_module
    restart: unless-stopped
    volumes:
      - ${APP_DATA_DIR}/data/state:/var/lib/tailscale
      - ${APP_DATA_DIR}/data/config:/config
      - /dev/net/tun:/dev/net/tun