- hosts: [some-host]
  become: true
  tasks:
  - docker_network:
      name: tor
  - docker_container:
      name: tor_proxy
      # 1.0.0-tor0.4.1.6-amd64
      image: fphammerle/tor-proxy@sha256:ad55d07b1b21c35fa044dc3e1ea6c7d8494f39eb89491ddad35c245340f7cd4b
      networks:
      - name: tor
      purge_networks: yes
      restart_policy: unless-stopped
      memory: 128M
      cpu_quota: 5000
      cpu_period: 10000
      security_opts: [no-new-privileges]
  - docker_volume:
      name: onion_service_monitor_mail_queue
  - docker_container:
      name: onion_service_monitor
      # docker/1.0.0-amd64
      image: docker.io/fphammerle/onion-service-status-mail@sha256:98585eb7a6d9724240982560a8e7262a5c4019aa875de590bf608917d841377c
      env:
        TOR_HOST: tor_proxy
        TOR_PORT: 9050
        ONION_SERVICE_HOST: change-me.onion
        ONION_SERVICE_PORT: 80
        # TIMEOUT_SECONDS: 8
        # SLEEP_DURATION: 1m
        RECIPIENT_ADDRESS: change.me@domain.tld
      volumes:
      - onion_service_monitor_mail_queue:/var/spool/dma:rw
      networks:
      - name: tor
      purge_networks: yes
      restart_policy: unless-stopped
      memory: 64M
      cpu_quota: 2000
      cpu_period: 10000
      security_opts: [no-new-privileges]