---
# copy configs for loki, promtail & prometheus
- name: Create Loki Configuration
  template:
    src: templates/monitoring/loki.yaml.j2
    dest: "{{ data_dir }}/monitoring/loki/loki-config.yaml"
- name: Create Promtail Configuration
  template:
    src: templates/monitoring/promtail.yaml.j2
    dest: "{{ data_dir }}/monitoring/promtail/promtail-config.yaml"
- name: Create Prometheus Configuration
  template:
    src: templates/monitoring/prometheus.yml.j2
    dest: "{{ data_dir }}/monitoring/prometheus/prometheus.yml"

- name: Deploy Prometheus
  include_role:
    name: docker
  vars:
    name: monitoring_prometheus
    network_name: "monitoring"
    networks:
      - name: "monitoring"
      - name: "homelab"
    directories:
      - "{{ data_dir }}/monitoring"
      - "{{ data_dir }}/monitoring/grafana"
      - "{{ data_dir }}/monitoring/loki"
      - "{{ data_dir }}/monitoring/promtail"
      - "{{ data_dir }}/monitoring/prometheus"
    image:
      name: prom/prometheus
      tag: latest
    volumes:
      - "{{ data_dir }}/monitoring/prometheus:/etc/prometheus"
      - "{{ data_dir }}/monitoring/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml"
    labels:
      traefik.enable: "true"
      traefik.http.routers.prom.rule: Host(`prom.fntz.net`)
      traefik.http.routers.prom.entrypoints: webSecure
      traefik.http.routers.prom.tls.certresolver: letsencrypt
      traefik.http.services.prom.loadbalancer.server.port: "9090"

- name: Deploy Promtail
  include_role:
    name: docker
  vars:
    name: monitoring_promtail
    image:
      name: grafana/promtail
      tag: latest
    networks:
      - name: monitoring
    command: -config.file=/etc/promtail/config.yaml
    volumes:
      - "{{ data_dir }}/monitoring/promtail/promtail-config.yaml:/etc/promtail/config.yaml"
      - "/var/log:/var/log:ro"
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
      - "/var/lib/docker/containers:/var/lib/docker/containers:ro"

- name: Deploy Loki
  include_role:
    name: docker
  vars:
    name: monitoring_loki
    volume_name: grafana-loki
    image:
      name: grafana/loki
      tag: latest
    volumes:
      - "{{ data_dir }}/monitoring/loki/loki-config.yaml:/etc/loki/local-config.yaml"
      - "grafana-loki:/loki"
    networks:
      - name: "monitoring"

- name: Deploy Node Exporter
  include_role:
    name: docker
  vars:
    name: monitoring_node-exporter
    image:
      name: prom/node-exporter
      tag: latest
    command:
      - "--path.rootfs=host"
    network_mode: host
    pid_mode: host
    volumes:
      - "/:/host:ro,rslave"

- name: Deploy CAdvisor
  include_role:
    name: docker
  vars:
    name: monitoring_cadvisor
    image:
      name: ghcr.io/google/cadvisor
      tag: 0.55.1
    networks:
      - name: "monitoring"
    volumes:
      - "/:/rootfs:ro"
      - "/var/run:/var/run:ro"
      - "/sys:/sys:ro"
      - "/var/lib/docker:/var/lib/docker:ro"
      - "/dev/disk:/dev/disk:ro"
    privileged: true
    devices:
      - /dev/kmsg

- name: Deploy Grafana
  include_role:
    name: docker
  vars:
    name: monitoring_grafana
    volume_name: "grafana-storage"
    networks:
      - name: "monitoring"
      - name: "homelab"
    image:
      name: grafana/grafana
      tag: latest
    user: "{{ PUID }}"
    volumes:
      - "grafana-storage:/var/lib/grafana"
    env:
      GF_AUTH_ANONYMOUS_ENABLED: "{{ GRAFANA_AUTH_ANONYMOUS_ENABLED }}"
    labels:
      traefik.enable: "true"
      traefik.http.routers.grafana.rule: Host(`grafana.fntz.net`)
      traefik.http.routers.grafana.entrypoints: webSecure
      traefik.http.routers.grafana.tls.certresolver: letsencrypt
      traefik.http.services.grafana.loadbalancer.server.port: "3000"
      traefik.http.routers.grafana.middlewares: tinyauth