From e5fe1c48adccb9e067c32a8edc390a2ac85c4f78 Mon Sep 17 00:00:00 2001
From: Vishesh 'ironeagle' Bangotra <aetoskia@gmail.com>
Date: Tue, 21 Oct 2025 19:46:30 +0530
Subject: [PATCH] segregrated manager node services

---
 docker-compose.yaml | 77 ++++++++++++++++++++++++++++++++++++++++-----
 1 file changed, 70 insertions(+), 7 deletions(-)

diff --git a/docker-compose.yaml b/docker-compose.yaml
index defd42d..175e1f5 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -1,13 +1,22 @@
 services:
   # System Monitoring
+
+  # --------------------------
+  # Netdata Manager
+  # --------------------------
   netdata:
     image: netdata/netdata:latest
     container_name: netdata
     ports:
       - "7001:19999"
+    cap_add:
+      - SYS_PTRACE
+      - SYS_ADMIN
+    security_opt:
+      - apparmor:unconfined
     volumes:
       - netdata_config:/etc/netdata
-      - netdata_lib:/var/lib/netdata  
+      - netdata_lib:/var/lib/netdata
       - netdata_cache:/var/cache/netdata
       - /proc:/host/proc:ro
       - /sys:/host/sys:ro
@@ -16,19 +25,19 @@ services:
       - /etc/passwd:/host/etc/passwd:ro
       - /etc/group:/host/etc/group:ro
       - /etc/os-release:/host/etc/os-release:ro
-    cap_add:
-      - SYS_PTRACE
-      - SYS_ADMIN
-    security_opt:
-      - apparmor:unconfined
     environment:
       - NETDATA_CLAIM_TOKEN=${NETDATA_CLAIM_TOKEN:-}
       - NETDATA_CLAIM_URL=https://app.netdata.cloud
     networks:
       - monitoring-net
     restart: unless-stopped
+    profiles:
+      - netdata-manager
 
   # Container Management
+  # --------------------------
+  # Portainer Manager
+  # --------------------------
   portainer:
     image: portainer/portainer-ce:latest
     container_name: portainer
@@ -45,13 +54,67 @@ services:
       - "private-pi:192.168.1.111"
     security_opt:
       - no-new-privileges:true
+    profiles:
+      - portainer-manager
+
+  # --------------------------
+  # Portainer Agent
+  # --------------------------
+  portainer_agent:
+    image: portainer/agent:latest
+    container_name: portainer_agent
+    restart: unless-stopped
+    ports:
+      - "9001:9001"
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - portainer_agent_data:/data
+    networks:
+      - monitoring-net
+    profiles:
+      - portainer-agent
+
+  # --------------------------
+  # Netdata Node (Agent)
+  # --------------------------
+  netdata_node:
+    image: netdata/netdata:latest
+    container_name: netdata_node
+    restart: unless-stopped
+    ports:
+      - "7003:19999"
+    cap_add:
+      - SYS_PTRACE
+      - SYS_ADMIN
+    security_opt:
+      - apparmor:unconfined
+    volumes:
+      - netdata_config:/etc/netdata
+      - netdata_lib:/var/lib/netdata
+      - netdata_cache:/var/cache/netdata
+      - /proc:/host/proc:ro
+      - /sys:/host/sys:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - /:/host/root:ro,rslave
+      - /etc/passwd:/host/etc/passwd:ro
+      - /etc/group:/host/etc/group:ro
+      - /etc/os-release:/host/etc/os-release:ro
+    environment:
+      - NETDATA_STREAM_PARENT=<MANAGER_IP>  # set manager IP here
+      - NETDATA_CLAIM_TOKEN=${NETDATA_CLAIM_TOKEN:-}
+      - NETDATA_CLAIM_URL=https://app.netdata.cloud
+    networks:
+      - monitoring-net
+    profiles:
+      - netdata-node
 
 volumes:
   portainer_data:
+  portainer_agent_data:
   netdata_config:
   netdata_lib:
   netdata_cache:
 
 networks:
   monitoring-net:
-    driver: bridge
\ No newline at end of file
+    driver: bridge