From 0744b77dd034b7196b4171ea86c3e40301488f50 Mon Sep 17 00:00:00 2001
From: Mel <mel@rnrd.eu>
Date: Sun, 20 Apr 2025 01:22:58 +0200
Subject: Mark and correctly order all services dependent on tailnet

Signed-off-by: Mel <mel@rnrd.eu>
---
 modules/common.nix                       |  7 ++++++-
 modules/foundation/monitoring/client.nix | 14 ++++++++++++++
 modules/foundation/monitoring/server.nix |  3 ++-
 modules/syncthing.nix                    |  2 ++
 4 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/modules/common.nix b/modules/common.nix
index e6aa4d7..ee9d6b2 100644
--- a/modules/common.nix
+++ b/modules/common.nix
@@ -63,7 +63,12 @@
     # sometimes needed for gnupg
     pcscd.enable = true;
   };
- 
+
+  foundation.tailnetServices = [
+    "docker"
+    "sshd"
+  ];
+
   programs = {
     fish.enable = true;
     git.enable = true;
diff --git a/modules/foundation/monitoring/client.nix b/modules/foundation/monitoring/client.nix
index 9881f93..6c91639 100644
--- a/modules/foundation/monitoring/client.nix
+++ b/modules/foundation/monitoring/client.nix
@@ -13,6 +13,20 @@
 }:
 
 {
+  foundation.tailnetServices =
+    let
+      exporter = name: "promethes-${name}-exporter";
+    in
+    [
+      (exporter "node")
+      (exporter "nginx")
+      (exporter "nginxlog")
+      # note: it doesn't matter if the service is only enabled conditionally.
+      (exporter "dnsmasq")
+
+      "cadvisor"
+    ];
+
   services = {
     prometheus.exporters = {
       node = {
diff --git a/modules/foundation/monitoring/server.nix b/modules/foundation/monitoring/server.nix
index c4ce4c2..09b8260 100644
--- a/modules/foundation/monitoring/server.nix
+++ b/modules/foundation/monitoring/server.nix
@@ -13,6 +13,7 @@
 {
   foundation.internal.monitoringService = true;
 
+  foundation.tailnetServices = [ "vmagent" ];
   services.vmagent = {
     enable = true;
     remoteWrite.url = "http://${victoriaAddress}/api/v1/write";
@@ -34,7 +35,7 @@
                   instance = name;
                 };
               }
-              ) (builtins.filter filter hosts);
+            ) (builtins.filter filter hosts);
           };
 
           all = x: true;
diff --git a/modules/syncthing.nix b/modules/syncthing.nix
index 84a04a1..d301f5a 100644
--- a/modules/syncthing.nix
+++ b/modules/syncthing.nix
@@ -11,6 +11,8 @@ let
   defaultSyncthingPort = "8384";
 in
 {
+  foundation.tailnetServices = [ "syncthing" ];
+
   # server-side
   services.syncthing = {
     enable = true;
-- 
cgit 1.4.1