version: "3.7"

services: 
   wireguard: 
     image: linuxserver/wireguard 
     container_name: wireguard 
     cap_add: 
       - NET_ADMIN 
       - SYS_MODULE 
     environment: 
       - PUID=1000 
       - PGID=1000 
       - TZ=Europe/Berlin
       - SERVERURL=vpn.example.com #optional 
       - SERVERPORT=51820 #optional 
       - PEERS=1 #optional 
       - PEERDNS=auto #optional 
       - INTERNAL_SUBNET=10.13.13.0 #optional 
       - ALLOWEDIPS=0.0.0.0/0 #optional 
     volumes: 
       - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/wireguard/config:/config 
       - /usr/src:/usr/src # location of kernel headers 
       - /lib/modules:/lib/modules 
     ports: 
       - 51820:51820/udp 
     sysctls: 
       - net.ipv4.conf.all.src_valid_mark=1 
     restart: unless-stopped