version: "2.1"
services:
  wireguard:
    image: lscr.io/linuxserver/wireguard:latest
    container_name: wireguard
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Europe/Ljubljana
      - SERVERURL=89.212.128.186 # Tle spremeni na tvoj zunanji ip
      - SERVERPORT=51820 # Preveri firewall, ce imas slucajno kako pravilo, ki ne bi smelo bi tam
      - PEERS=1
      - PEERDNS=auto 
      - INTERNAL_SUBNET=10.13.13.0 # Ta network bi se dalo naceloma delit z ostalimi containerji
      - ALLOWEDIPS=0.0.0.0/0 
      - LOG_CONFS=true
    volumes:
      - ./wg-config:/config
      - /lib/modules:/lib/modules
    ports:
      - 51820:51820/udp
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1
    restart: unless-stopped