build:
      context: .
      dockerfile: Dockerfile.tinc
    volumes:
      - /etc/lixonet/${netname}/.config/tinc:/etc/tinc/${netname}
      - /usr/bin/docker-proxy:/usr/bin/docker-proxy
    environment:
      - RUNMODE=server
      - NETNAME=${netname}
    cap_add:
      - NET_ADMIN
      - SYS_NICE
    devices:
      - /dev/net/tun:/dev/net/tun
    restart: always
    networks:
      internal:
{{ if len "${internal_address:-}" }}        ipv4_address: ${internal_address}{{ end }}
    sysctls:
{{ if ne "true" "${ipv6_enabled}" }}
      - net.ipv6.conf.all.disable_ipv6=1
{{ else }}
      - net.ipv6.conf.all.disable_ipv6=0
{{ end }}
{{ if eq "bridge" "${network_mode:-macvlan}" }}
    ports:
      - "${tinc_bind_port:-9993}:${tinc_bind_port:-9993}/tcp"
      - "${tinc_bind_port:-9993}:${tinc_bind_port:-9993}/udp"
{{ if eq "1" "${wg_enabled:-0}" }}
      - "${wg_port:-9983}:${wg_port:-9983}/udp"
{{ end }}
{{ end }}