image: nginx:stable-alpine
    ports:
      - "80:80/tcp"
      - "443:443/tcp"
      - "443:443/udp"
      - "8448:448/tcp"
      - "8448:8448/udp"
    sysctls:
      net.ipv4.ip_unprivileged_port_start: 0
    tmpfs:
      - "/var/lib/varnish/varnishd:uid=1000,gid=1000"
    volumes:
      - "/etc/lixonet/${netname}/.config/proxy-frontend:/etc/nginx"
      - "/etc/lixonet/${netname}/.config/proxy-frontend/entry:/docker-entrypoint.d"
    restart: always
    cap_add:
      - NET_ADMIN
    depends_on:
      - tinc
    logging:
      driver: "json-file"
      options:
        max-size: "5m"