version: '2'
services:
  zerotier:
    container_name: ${NAME}
    image: zerotier/zerotier-containerized:latest
    cap_add:
      - NET_ADMIN
      - SYS_ADMIN
    devices:
      - "/dev/net/tun"
    labels:
      io.rancher.scheduler.affinity:host_label: ${HOST_LABEL_KEY}=${HOST_LABEL_VALUE}
    network_mode: "host"
    restart: on-failure
    volumes:
      - ${STORAGE_VOLUME}:/var/lib/zerotier-one:nocopy
volumes_driver: rancher-nfs