services:
  ts-caddy:
    image: tailscale/tailscale:latest
    container_name: ts-caddy
    hostname: ts-caddy
    environment:
      - TS_AUTHKEY:${TAILSCALE_AUTHKEY}
      - TS_SOCKET:/var/run/tailscale/tailscaled.sock
    volumes:
      - ${PWD}/ts-caddy/state:/var/lib/tailscale
      - /dev/net/tun:/dev/net/tun
    cap_add:
      - net_admin
      - sys_module
    restart: unless-stopped
  caddy:
    image: caddy/caddy:latest
    network_mode: service:ts-caddy