---

- name: setup netdata docker container for system monitoring
  docker_container:
    name: netdata
    image: netdata/netdata:{{ services.netdata.version }}
    restart_policy: unless-stopped
    hostname: "hevonen.servers.{{ base_domain }}"
    capabilities:
      - SYS_PTRACE
    security_opts:
      - apparmor:unconfined
    volumes:
      - /proc:/host/proc:ro
      - /sys:/host/sys:ro
      - /var/run/docker.sock:/var/run/docker.sock:ro
    networks:
      - name: external_services
    env:
      VIRTUAL_HOST : "{{ services.netdata.domain }}"
      LETSENCRYPT_HOST: "{{ services.netdata.domain }}"
      LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
      PGID: "999"
    labels:
      com.centurylinklabs.watchtower.enable: "true"