---
services:
    tailscale:
        image: ghcr.io/tailscale/tailscale:v1.84.2
        container_name: tailscale-subnet
        cap_add:
            - net_admin
            - sys_module
        environment:
            - TS_STATE_DIR=/var/lib/tailscale
            - TS_ENABLE_METRICS=true
            - TS_HOSTNAME=subnet-router-local-ps10rp
            - TS_ROUTES=192.168.5.0/24
            - TS_EXTRA_ARGS=--stateful-filtering=false --snat-subnet-routes=false
        network_mode: host
        privileged: true
        restart: always
        volumes:
            - tailscale:/var/lib/tailscale
        devices:
            - /dev/net/tun:/dev/net/tun

volumes:
    tailscale: