version: '3'
services:
  wireguard-webadmin:
    container_name: wireguard-webadmin
    build:
      context: .
    volumes:
      - wireguard:/etc/wireguard
      - static_volume:/app_static_files/
      - .:/app
    ports:
      # Do not directly expose the Django port to the internet, use the reverse proxy below instead
      - "127.0.0.1:8000:8000"
      # dont go crazy increasing the udp port range. Docker will have a hard time handling with a large range of ports
      # Actually, you probably will use only one port, but you can add more server instances if you want
      - "51820-51839:51820-51839/udp"
      
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1
      - net.ipv4.ip_forward=1
    command: /bin/bash /app/init.sh

  nginx:
    container_name: wireguard-webadmin-nginx
    image: nginx:alpine
    volumes:
      - ./virtualhost.conf:/etc/nginx/conf.d/wireguard-webadmin.conf
      - static_volume:/static
      - https_cert:/certificate
    ports:
      - "80:80"
      - "443:443"

volumes:
  static_volume: 
  https_cert:
  wireguard: