image: varnish:7.3-alpine
    command: "-p default_keep=300"
    ports:
      - "80:80/tcp"
      - "443:443/tcp"
      - "443:443/udp"
    sysctls:
      net.ipv4.ip_unprivileged_port_start: 0
    environment:
      - VARNISH_SIZE=2G
    tmpfs:
      - "/var/lib/varnish/varnishd:uid=1000,gid=1000"
    volumes:
      - "/etc/lixonet/${netname}/.config/varnish:/etc/varnish"
    depends_on:
      - tinc
    restart: always
    networks:
      internal: