# FOR LINUX
services:
  tailscale:
    image: tailscale/tailscale
    container_name: tailscaled
    cap_add:
      - NET_ADMIN
      - NET_RAW
    environment:
      - TS_USERSPACE=false
#      - TS_HOSTNAME=${TS_HOSTNAME} # Usually not necessary for your hostname to be the same name on the tailscale network
#       IMPORTANT: uncomment AUTHKEY once and add ur key for initial setup. afterwards, call docker compose down, remove the key and comment TS_AUTHKEY
#       - TS_AUTHKEY=key # Generate auth keys here: https://login.tailscale.com/admin/settings/keys
#      - TS_ROUTES=${TS_ROUTES} # Creates a subnet router for Tailscale. Use your subnet's CIDR in the form: 192.168.1.0/24
#      - TS_ACCEPT_DNS=${TS_ACCEPT_DNS} # Set to false for Pi-hole Docker setups
      - TS_SOCKET=/var/run/tailscale/tailscaled.sock # Specifying the /var/lib/tailscale/tailscaled.sock location allows use of standard Tailscale commands 
#      IMPORTANT: Write your login server below
      - TS_EXTRA_ARGS=--accept-routes --login-server=https://mydomain.duckdns.org --accept-dns=false # Add any other supported arguments in the docker commandline style: e.g. --advertise-exit-node
      - TS_STATE_DIR=/var/lib/tailscale # Required to create a persistent container state that will survive reboots
    volumes:
      - ./data:/var/lib # Creates a tailscale directory under /data for persistence
      - /dev/net/tun:/dev/net/tun
    network_mode: host
    restart: unless-stopped