version: "3"
services:
  zerotier:
    container_name: ${NAME}
    image: zerotier/zerotier-containerized:latest
    cap_add:
      - NET_ADMIN
      - SYS_ADMIN
    command:
      - -d
    devices:
      - "/dev/net/tun"
    labels:
      io.rancher.scheduler.affinity:host_label: ${HOST_LABEL_KEY}=${HOST_LABEL_VALUE}
    network_mode:
      - "host"
    restart: unless-stopped
    volumes:
      - "${CONFIG_STORAGE}:/var/lib/zerotier-one"