# Focused single-service compose for stepwise monitoring rollout.
# Generated when monitoring_focus_mode=true.

services:
{% if monitoring_focus_service == 'prometheus' %}
  prometheus:
    image: prom/prometheus:latest
    container_name: prometheus
    user: "0:0"
    restart: unless-stopped
    ports:
      - "{{ prometheus_host_port }}:9090"
    volumes:
      - ./prometheus-config:/etc/prometheus
      - ./prometheus-data:/prometheus
    command:
      - '--config.file=/etc/prometheus/prometheus.yml'
      - '--storage.tsdb.retention.time={{ prometheus_retention }}'
      - '--storage.tsdb.path=/prometheus'
      - '--web.enable-lifecycle'
    networks:
      - monitoring
    labels:
      - "traefik.enable=false"
{% elif monitoring_focus_service == 'node-exporter' %}
  node-exporter:
    image: prom/node-exporter:latest
    container_name: node-exporter
    restart: unless-stopped
    command:
      - '--path.procfs=/host/proc'
      - '--path.sysfs=/host/sys'
      - '--path.rootfs=/rootfs'
      - '--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|host|etc)($$|/)'
    volumes:
      - /proc:/host/proc:ro
      - /sys:/host/sys:ro
      - /:/rootfs:ro
    ports:
      - "9100:9100"
    networks:
      - monitoring
    security_opt:
      - no-new-privileges:true
    read_only: true
{% elif monitoring_focus_service == 'watchtower-cadvisor' %}
  watchtower-cadvisor:
    image: gcr.io/cadvisor/cadvisor:latest
    container_name: watchtower-cadvisor
    restart: unless-stopped
    command:
      - '--housekeeping_interval=30s'
      - '--docker_only=true'
      - '--store_container_labels=false'
      - '--disable_metrics=advtcp,udp,process,sched,referenced_memory,resctrl'
    volumes:
      - /:/rootfs:ro
      - /var/run:/var/run:ro
      - /sys:/sys:ro
      - /var/lib/docker:/var/lib/docker:ro
      - /dev/disk:/dev/disk:ro
    ports:
      - "18080:8080"
    networks:
      - monitoring
    labels:
      - "traefik.enable=false"
{% elif monitoring_focus_service == 'blackbox-exporter' %}
  blackbox-exporter:
    image: {{ blackbox_exporter_image }}
    container_name: blackbox-exporter
    restart: unless-stopped
    command:
      - '--config.file=/etc/blackbox_exporter/blackbox.yml'
    ports:
      - "{{ blackbox_port }}:9115"
    volumes:
      - ./blackbox-config:/etc/blackbox_exporter:ro
    networks:
      - monitoring
    labels:
      - "traefik.enable=false"
{% else %}
  # Unsupported focus target selected.
  # Keep compose valid and fail early with an obvious no-op service.
  focus-placeholder:
    image: alpine:3.20
    container_name: focus-placeholder
    command: ["sh", "-c", "echo Unsupported monitoring_focus_service='{{ monitoring_focus_service }}'; sleep 3600"]
    restart: "no"
    networks:
      - monitoring
{% endif %}

networks:
  monitoring:
    driver: bridge
    name: monitoring