---
- hosts: all

  tasks:

    - name: 'Install additional packages.'
      apt:
        name: '{{ packages }}'
        update_cache: yes
      vars:
        packages:
          - python3-pip

    - import_role:
        name: yatesr.timezone
      vars:
        timezone: UTC

    - import_role:
        name: geerlingguy.security
      vars:
        security_ssh_permit_root_login: "yes"
        security_autoupdate_enabled: false
        security_fail2ban_enabled: false

    - name: 'Install python docker lib.'
      pip:
        name: docker

    - import_role:
        name: geerlingguy.docker
      vars:
        docker_users:
          - homepage

    - import_role:
        name: antoiner77.caddy
      vars:
        caddy_config: '{{ lookup("template", "templates/Caddyfile.j2") }}'
      tags:
        - webserver

    - name: 'Create NetData container.'
      docker_container:
        name: netdata
        image: 'netdata/netdata:v1.15.0'
        restart_policy: 'always'
        published_ports:
          - '19999:19999'
        volumes:
          - '/proc:/host/proc:ro'
          - '/sys:/host/sys:ro'
          - '/var/run/docker.sock:/var/run/docker.sock:ro'
        capabilities:
          - 'SYS_PTRACE'
        security_opts:
          - 'apparmor:unconfined'
      tags:
        - monitoring

    # Applications

    - import_role:
        name: docker-app
      vars:
        username: homepage
        ssh_keys:
          - '{{ lookup("file", "files/av_id_rsa.pub") }}'
        env:
          DOCKER_PREFIX: homepage