diff --git a/root/etc/s6-overlay/s6-rc.d/init-wireguard-module/run b/root/etc/s6-overlay/s6-rc.d/init-wireguard-module/run
index 2e4d435..27b7463 100755
--- a/root/etc/s6-overlay/s6-rc.d/init-wireguard-module/run
+++ b/root/etc/s6-overlay/s6-rc.d/init-wireguard-module/run
@@ -9,6 +9,9 @@ if ip link add dev test type wireguard; then
   echo "**** It seems the wireguard module is already active. Skipping kernel header install and module compilation. ****"
   SKIP_COMPILE="true"
   ip link del dev test
+    if capsh --print | grep -qv '\!cap_sys_module'; then
+      echo "**** As the wireguard module is already active you can remove the SYS_MODULE capability from your container run/compose. ****"
+    fi
 else
   echo "**** The wireguard module is not active, will attempt kernel header install and module compilation. If you believe that your kernel should have wireguard support already, make sure that it is activated via modprobe! ****"
 fi