HomeAudit/stacks/monitoring/netdata.yml

version: '3.9'
services:
  netdata:
    image: netdata/netdata:stable
    cap_add:
    - SYS_PTRACE
    security_opt:
    - apparmor:unconfined
    ports:
    - target: 19999
      published: 19999
      mode: host
    volumes:
    - netdata_config:/etc/netdata
    - netdata_lib:/var/lib/netdata
    - netdata_cache:/var/cache/netdata
    - /etc/passwd:/host/etc/passwd:ro
    - /etc/group:/host/etc/group:ro
    - /proc:/host/proc:ro
    - /sys:/host/sys:ro
    environment:
      NETDATA_CLAIM_TOKEN_FILE: /run/secrets/netdata_claim_token
    networks:
    - monitoring-network
    deploy:
      placement:
        constraints:
        - node.role == manager
      labels:
      - traefik.enable=true
      - traefik.http.routers.netdata.rule=Host(`netdata.localhost`)
      - traefik.http.routers.netdata.entrypoints=websecure
      - traefik.http.routers.netdata.tls=true
      - traefik.http.services.netdata.loadbalancer.server.port=19999
    secrets:
    - netdata_claim_token
volumes:
  netdata_config:
    driver: local
  netdata_lib:
    driver: local
  netdata_cache:
    driver: local
networks:
  monitoring-network:
    external: true
secrets:
  netdata_claim_token:
    external: true