From 5083c75163079244ab2f3f4eca1c9d514c2bbf03 Mon Sep 17 00:00:00 2001
From: Mel <einebeere@gmail.com>
Date: Thu, 19 Dec 2024 21:04:44 +0100
Subject: Foundation module for monitoring options

Signed-off-by: Mel <einebeere@gmail.com>
---
 modules/foundation/default.nix    |  5 ++-
 modules/foundation/monitoring.nix | 67 +++++++++++++++++++++++++++++++++++++++
 services/monitoring/wrapper.nix   | 15 +++++++++
 3 files changed, 86 insertions(+), 1 deletion(-)
 create mode 100644 modules/foundation/monitoring.nix
 create mode 100644 services/monitoring/wrapper.nix

diff --git a/modules/foundation/default.nix b/modules/foundation/default.nix
index 10ec503..253bff3 100644
--- a/modules/foundation/default.nix
+++ b/modules/foundation/default.nix
@@ -1,5 +1,8 @@
 { ... }:
 
 {
-  imports = [ ./services.nix ];
+  imports = [
+    ./services.nix
+    ./monitoring.nix
+  ];
 }
diff --git a/modules/foundation/monitoring.nix b/modules/foundation/monitoring.nix
new file mode 100644
index 0000000..38592f0
--- /dev/null
+++ b/modules/foundation/monitoring.nix
@@ -0,0 +1,67 @@
+{ me, config, lib, ... }:
+
+let
+  inherit (lib) mkOption mkEnableOption types;
+
+  cfg = config.foundation.monitoring;
+
+  victoriaDefaultPort = 8428;
+  nodeExporterPort = 9001;
+in
+{
+  imports = [ ../../services/monitoring/wrapper.nix ];
+
+  options.foundation.monitoring = {
+    server = {
+      enable = mkEnableOption "monitoring server";
+
+      hosts = mkOption {
+        type = with types; listOf (submodule {
+          options = {
+            name = mkOption { type = str; };
+            tailscale.ip = mkOption { type = str; };
+          };
+        });
+        default = [ ];
+      };
+    };
+
+    client = {
+      enable = mkEnableOption "monitoring client";
+    };
+  };
+
+  config = lib.mkMerge [
+    (lib.mkIf cfg.server.enable {
+      foundation.internal.monitoringService = true;
+
+      services.vmagent = {
+        enable = true;
+        remoteWrite.url = "http://127.0.0.1:${toString victoriaDefaultPort}/api/v1/write";
+
+        prometheusConfig = {
+          global = {
+            scrape_interval = "15s";
+          };
+
+          scrape_configs = map ({ name, tailscale, ... }: {
+            job_name = "${name}-node";
+            static_configs = [{
+              targets = [ "${tailscale.ip}:9001" ];
+              labels = { type = "node"; host = name; };
+            }];
+          }) cfg.server.hosts;
+        };
+      };
+    })
+
+    (lib.mkIf (cfg.client.enable || cfg.server.enable) {
+      services.prometheus.exporters.node = {
+        enable = true;
+        openFirewall = false;
+        listenAddress = me.tailscale.ip;
+        port = nodeExporterPort;
+      };
+    })
+  ];
+}
diff --git a/services/monitoring/wrapper.nix b/services/monitoring/wrapper.nix
new file mode 100644
index 0000000..416ae22
--- /dev/null
+++ b/services/monitoring/wrapper.nix
@@ -0,0 +1,15 @@
+# This wraps the monitoring service module to allow it to be
+# imported conditionally.
+{ lib, pkgs, auxiliaryPkgs, config, ... }:
+
+let
+  enabled = config.foundation.internal.monitoringService;
+  module = import ./.;
+in
+{
+  options.foundation.internal = {
+    monitoringService = lib.mkEnableOption "monitoring service";
+  };
+
+  config = lib.mkIf enabled (module { inherit lib pkgs auxiliaryPkgs; });
+}
-- 
cgit 1.4.1