---
- name: Setup Watchtower

  hosts: all

  vars_files:
    - vault.yaml
    - vars.yaml

  tasks:
    - name: Run Watchtower container
      docker_container:
        name: "{{ stack_prefix_name }}watchtower"
        recreate: true
        restart_policy: always
        image: containrrr/watchtower
        networks:
          - name: "{{ stack_prefix_name }}{{ docker_internal_network }}"
          # Watchtower needs to talk to the outside world sometimes.
          - name: "{{ stack_prefix_name }}{{ docker_external_network }}"
        mounts:
          - source: /var/run/docker.sock
            target: /var/run/docker.sock
            type: bind