services:
  prometheus:
    image: prom/prometheus:{{ prometheus_version }}
    container_name: prometheus
    restart: unless-stopped
    command:
      - '--config.file=/etc/prometheus/prometheus.yml'
      - '--storage.tsdb.path=/prometheus'
      - '--storage.tsdb.retention.time={{ prometheus_retention_days }}d'
      - '--web.console.libraries=/usr/share/prometheus/console_libraries'
      - '--web.console.templates=/usr/share/prometheus/consoles'
      - '--web.enable-remote-write-receiver'
    volumes:
      - {{ monitoring_data_path }}/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml:ro
      - {{ monitoring_data_path }}/prometheus/data:/prometheus
    networks:
      - monitoring
      - caddy
{% if prometheus_expose_port | default(true) %}
    ports:
      - "{{ prometheus_port }}:9090"
{% endif %}

  alloy:
    image: grafana/alloy:{{ alloy_version }}
    container_name: alloy
    restart: unless-stopped
    privileged: true
    command:
      - run
      - --server.http.listen-addr=0.0.0.0:{{ alloy_port }}
      - --storage.path=/var/lib/alloy/data
      - /etc/alloy/config.alloy
    volumes:
      - {{ monitoring_data_path }}/alloy/config.alloy:/etc/alloy/config.alloy:ro
      - /:/host/root:ro
      - /sys:/host/sys:ro
      - /proc:/host/proc:ro
      - /var/log:/var/log:ro
      - /run/log/journal:/run/log/journal:ro
      - /etc/machine-id:/etc/machine-id:ro
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /sys/fs/cgroup:/sys/fs/cgroup:ro
      - /var/lib/docker:/var/lib/docker:ro
    environment:
      HOSTNAME: {{ ansible_facts["hostname"] }}
    networks:
      - monitoring
{% if alloy_expose_port | default(true) %}
    ports:
      - "{{ alloy_port }}:{{ alloy_port }}"
{% endif %}

  grafana:
    image: grafana/grafana:{{ grafana_version }}
    container_name: grafana
    restart: unless-stopped
    volumes:
      - {{ monitoring_data_path }}/grafana/data:/var/lib/grafana
      - {{ monitoring_data_path }}/grafana/provisioning:/etc/grafana/provisioning
    environment:
      GF_SECURITY_ADMIN_PASSWORD: {{ grafana_admin_password }}
      GF_USERS_ALLOW_SIGN_UP: "false"
      GF_SERVER_ROOT_URL: {{ grafana_root_url | default('http://localhost:3000') }}
      GF_SERVER_SERVE_FROM_SUB_PATH: "false"
    networks:
      - monitoring
      - caddy
{% if grafana_expose_port | default([]) %}
    ports:
      - "{{ grafana_expose_port }}:3000"
{% endif %}

  loki:
    image: grafana/loki:{{ loki_version }}
    container_name: loki
    restart: unless-stopped
    command: -config.file=/etc/loki/local-config.yaml
    volumes:
      - {{ monitoring_data_path }}/loki/loki-config.yaml:/etc/loki/local-config.yaml:ro
      - {{ monitoring_data_path }}/loki/data:/loki
    networks:
      - monitoring
{% if loki_expose_port | default(true) %}
    ports:
      - "{{ loki_port | default(3100) }}:3100"
{% endif %}

networks:
  monitoring:
    external: true
  caddy:
    external: true