version: "3.8"

services:
  wireguard:
    image: ghcr.io/linuxserver/wireguard:latest
    container_name: wireguard
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=America/Montreal
    ports:
      - "51820:51820/udp"
    volumes:
      - /mnt/HoardingCow_docker_data/WireGuard:/config:rw
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1
      - net.ipv4.ip_forward=1
    restart: unless-stopped
    networks:
      - vpn_net

networks:
  vpn_net:
    external: true
    name: vpn_net