server-dotfiles/patrizio/docker-compose.yml

services:
  patrizio:
    image: ghcr.io/polpetta/patrizio-bot:v0.2.0
    network_mode: service:tailscale
    restart: unless-stopped
    command: -f /data/ serve
    volumes:
      - ./data:/data:rw
      - ./patrizio.toml:/etc/patrizio/patrizio.toml:ro
    depends_on:
      tailscale:
        condition: service_healthy
    logging:
      driver: "json-file"
      options:
        mode: "non-blocking"
        max-size: "10m"
        max-file: "3"
  tailscale:
    hostname: patrizio
    image: tailscale/tailscale:latest
    restart: unless-stopped
    dns:
      - 100.100.100.100
    env_file:
      - tailscale.env
    command: >
      sh -c "tailscaled --netfilter-mode=off &
             sleep 5 &&
             tailscale up --accept-dns=true --login-server=https://vpn.poldebra.me &&
             wait"
    healthcheck:
      test: ["CMD-SHELL", "tailscale status"]
      interval: 1s
      timeout: 5s
      retries: 60
    volumes:
      - /srv/docker/patrizio/tailscale:/var/lib
      - /lib/modules:/lib/modules:ro
    devices:
      - /dev/net/tun:/dev/net/tun
    cap_add:
      - net_admin
      - sys_module
      - net_raw
    logging:
      driver: "json-file"
      options:
        mode: "non-blocking"
        max-size: "10m"
        max-file: "3"