services:
  # WireGuard VPN Server
  wireguard:
    image: linuxserver/wireguard:latest
    container_name: wireguard
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=America/Chicago
      - SERVERURL=will123song.xyz  # 从caddy配置中获取的域名
      - SERVERPORT=51820
      - PEERS=5  # 支持5个客户端
      - PEERDNS=1.1.1.1,8.8.8.8  # 使用Cloudflare和Google DNS
      - INTERNAL_SUBNET=10.88.88.0
      - ALLOWEDIPS=0.0.0.0/0
      - LOG_CONFS=true
    volumes:
      - ./wireguard_config:/config
      - /lib/modules:/lib/modules:ro
    ports:
      - "51820:51820/udp"
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1
    restart: unless-stopped

volumes:
  wireguard_config: