{ me, config, lib, ... }:

let
  inherit (lib) mkOption mkEnableOption types;

  cfg = config.foundation.monitoring;

  victoriaDefaultPort = 8428;
  nodeExporterPort = 9001;
in
{
  imports = [ ../../services/monitoring/wrapper.nix ];

  options.foundation.monitoring = {
    server = {
      enable = mkEnableOption "monitoring server";

      hosts = mkOption {
        type = with types; listOf (submodule {
          options = {
            name = mkOption { type = str; };
            tailscale.ip = mkOption { type = str; };
          };
        });
        default = [ ];
      };
    };

    client = {
      enable = mkEnableOption "monitoring client";
    };
  };

  config = lib.mkMerge [
    (lib.mkIf cfg.server.enable {
      foundation.internal.monitoringService = true;

      services.vmagent = {
        enable = true;
        remoteWrite.url = "http://127.0.0.1:${toString victoriaDefaultPort}/api/v1/write";

        prometheusConfig = {
          global = {
            scrape_interval = "15s";
          };

          scrape_configs = map ({ name, tailscale, ... }: {
            job_name = "${name}-node";
            static_configs = [{
              targets = [ "${tailscale.ip}:9001" ];
              labels = { type = "node"; host = name; };
            }];
          }) cfg.server.hosts;
        };
      };
    })

    (lib.mkIf (cfg.client.enable || cfg.server.enable) {
      services.prometheus.exporters.node = {
        enable = true;
        openFirewall = false;
        listenAddress = me.tailscale.ip;
        port = nodeExporterPort;
      };
    })
  ];
}