version: "3.7"

services:
  web:
    network_mode: "host" # TODO: We can remove this later with some iptables magic
    image: tailscale/tailscale:v1.74.1@sha256:a013ce5266e5c796efe31c7cf9562deb21423f8586361d7faadaf675fa4296ac
    restart: on-failure
    stop_grace_period: 1m
    command: "sh -c 'tailscale web --listen 0.0.0.0:8240 & exec tailscaled --tun=userspace-networking'"
    volumes:
      - ${APP_DATA_DIR}/data:/var/lib