{ inputs, povSelf, hostConfig, config, lib, dnsNix, ... }: let inherit (lib) types; cfg = lib.getAttrFromPath povSelf config; in { options = { enable = { type = types.bool; default = false; }; subdomain = { type = types.str; default = "prometheus.infra"; }; domain = { type = types.str; default = "zaphyra.eu"; }; }; config = lib.mkIf cfg.enable { dns.zones."${cfg.domain}".subdomains."${cfg.subdomain}".CNAME = [ "${config.networking.fqdn}." ]; modules.filesystem.impermanence.system.dirs = [ { directory = "/var/lib/prometheus2"; mode = "0700"; user = "prometheus"; group = "prometheus"; } ]; services.prometheus = { enable = true; webExternalUrl = "https://${cfg.subdomain}.${cfg.domain}/"; listenAddress = "[::1]"; port = 9090; scrapeConfigs = [ { job_name = "node-exporter"; scrape_interval = "30s"; scheme = "https"; metrics_path = "/node-exporter"; static_configs = [ { targets = ( lib.mapAttrsToList ( name: host: lib.mkIf ( host.config.services.prometheus.exporters.node.enable == true && host.config.networking.hostName != "" && host.config.networking.domain != "" ) host.config.networking.fqdn ) inputs.self.zaphyraHosts ); } ]; } { job_name = "systemd-exporter"; scrape_interval = "30s"; scheme = "https"; metrics_path = "/systemd-exporter"; static_configs = [ { targets = ( lib.mapAttrsToList ( name: host: lib.mkIf ( host.config.services.prometheus.exporters.node.enable == true && host.config.networking.hostName != "" && host.config.networking.domain != "" ) host.config.networking.fqdn ) inputs.self.zaphyraHosts ); } ]; } ]; }; services.nginx.virtualHosts."${cfg.subdomain}.${cfg.domain}" = { useACMEHost = "${config.networking.fqdn}"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://[::1]:${toString config.services.prometheus.port}/"; }; }; }