diff --git a/flake.lock b/flake.lock index 64b05dd..a04f96d 100644 --- a/flake.lock +++ b/flake.lock @@ -27,11 +27,11 @@ ] }, "locked": { - "lastModified": 1724513039, - "narHash": "sha256-YdBuRgXEU9CcxPd2EjuvDKcfgxL1kk9Gv8nFVVjIros=", + "lastModified": 1748808701, + "narHash": "sha256-IEer4ypv/tL2zzo7nkgyg7xdK6P+Mc/22oPctEgwhiw=", "ref": "refs/heads/main", - "rev": "202f4a1a5791c74a9b7d69a4e63e631bdbe36ba6", - "revCount": 4, + "rev": "5f3748df43e6b6e49cc0a23557a378ef37952483", + "revCount": 5, "type": "git", "url": "https://git.clerie.de/clerie/bij.git" }, @@ -116,6 +116,21 @@ } }, "flake-compat": { + "locked": { + "lastModified": 1746162366, + "narHash": "sha256-5SSSZ/oQkwfcAz/o/6TlejlVGqeK08wyREBQ5qFFPhM=", + "owner": "nix-community", + "repo": "flake-compat", + "rev": "0f158086a2ecdbb138cd0429410e44994f1b7e4b", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_2": { "flake": false, "locked": { "lastModified": 1696426674, @@ -153,28 +168,6 @@ } }, "flake-parts_2": { - "inputs": { - "nixpkgs-lib": [ - "hydra", - "nix-eval-jobs", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1730504689, - "narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "506278e768c2a08bec68eb62932193e341f55c90", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_3": { "inputs": { "nixpkgs-lib": [ "ssh-to-age", @@ -271,52 +264,52 @@ }, "hydra": { "inputs": { - "lix": [ - "lix" - ], - "nix-eval-jobs": "nix-eval-jobs", - "nixpkgs": [ - "nixpkgs" - ] + "flake-compat": "flake-compat", + "lix": "lix", + "nixpkgs": "nixpkgs_3" }, "locked": { - "lastModified": 1744102671, - "narHash": "sha256-/y92PMLAG1ueMInNKaar27H6voo5m1jDnJhxcIYOp5M=", - "ref": "lix-2.92", - "rev": "dd8114c53075524d06ba1de3346e39610923427b", - "revCount": 4235, + "lastModified": 1748520450, + "narHash": "sha256-thTwt6c/qdLg65urUWSENbmwf/ofvujpFNNTcF+iZvI=", + "ref": "lix-2.93", + "rev": "509c94cdb7e11d48e67a5a68c0d5fadfcda7bad5", + "revCount": 4257, "type": "git", "url": "https://git.lix.systems/lix-project/hydra.git" }, "original": { - "ref": "lix-2.92", + "ref": "lix-2.93", "type": "git", "url": "https://git.lix.systems/lix-project/hydra.git" } }, "lix": { "inputs": { - "flake-compat": "flake-compat", + "flake-compat": [ + "hydra", + "flake-compat" + ], "nix2container": "nix2container", "nixpkgs": [ + "hydra", "nixpkgs" ], "nixpkgs-regression": "nixpkgs-regression", "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1742250400, - "narHash": "sha256-be2mY7VFiWcPw7GcaJBbUvpnpoLd39wxqTXagBNTR5w=", - "ref": "release-2.92", - "rev": "d8db15010d2059a23a17f70ef542b4d1e7d2c640", - "revCount": 16651, + "lastModified": 1747597901, + "narHash": "sha256-jS+P57tXZEl+zvPfEIHFbd1j3xfuWcrcMrcnbm9wWbE=", + "ref": "release-2.93", + "rev": "33eaaf02fd3f380e99032b25e741eeeb10573cad", + "revCount": 17846, "type": "git", - "url": "https://git.lix.systems/lix-project/lix.git" + "url": "https://git.lix.systems/lix-project/lix" }, "original": { - "ref": "release-2.92", + "ref": "release-2.93", "type": "git", - "url": "https://git.lix.systems/lix-project/lix.git" + "url": "https://git.lix.systems/lix-project/lix" } }, "lix-module": { @@ -331,20 +324,45 @@ ] }, "locked": { - "lastModified": 1742943028, - "narHash": "sha256-fprwZKE1uMzO9tiWWOrmLWBW3GPkMayQfb0xOvVFIno=", - "ref": "release-2.92", - "rev": "3fae818597ca2f1474de62022f850c23be50528d", - "revCount": 134, + "lastModified": 1748254718, + "narHash": "sha256-Uf6HNA0JctJH4ZdrZ/xb185mT0/XusLxnric9Xhg7Es=", + "ref": "release-2.93", + "rev": "3855614ceafe562393472cca5fb2005297889a75", + "revCount": 143, "type": "git", "url": "https://git.lix.systems/lix-project/nixos-module.git" }, "original": { - "ref": "release-2.92", + "ref": "release-2.93", "type": "git", "url": "https://git.lix.systems/lix-project/nixos-module.git" } }, + "lix_2": { + "inputs": { + "flake-compat": "flake-compat_2", + "nix2container": "nix2container_2", + "nixpkgs": [ + "nixpkgs" + ], + "nixpkgs-regression": "nixpkgs-regression_2", + "pre-commit-hooks": "pre-commit-hooks_2" + }, + "locked": { + "lastModified": 1747597901, + "narHash": "sha256-jS+P57tXZEl+zvPfEIHFbd1j3xfuWcrcMrcnbm9wWbE=", + "ref": "release-2.93", + "rev": "33eaaf02fd3f380e99032b25e741eeeb10573cad", + "revCount": 17846, + "type": "git", + "url": "https://git.lix.systems/lix-project/lix.git" + }, + "original": { + "ref": "release-2.93", + "type": "git", + "url": "https://git.lix.systems/lix-project/lix.git" + } + }, "mitel-ommclient2": { "inputs": { "nixpkgs": [ @@ -366,57 +384,6 @@ "url": "https://git.clerie.de/clerie/mitel_ommclient2.git" } }, - "nix-eval-jobs": { - "inputs": { - "flake-parts": "flake-parts_2", - "lix": [ - "hydra", - "lix" - ], - "nix-github-actions": "nix-github-actions", - "nixpkgs": [ - "hydra", - "nixpkgs" - ], - "treefmt-nix": "treefmt-nix_2" - }, - "locked": { - "lastModified": 1737237842, - "narHash": "sha256-tPr61X9v/OMVt7VXOs1RRStciwN8gDGxEKx+h0/Fg48=", - "ref": "release-2.92", - "rev": "fdaeb722d05a3ac58daaa24d4b5fa8db4457d82e", - "revCount": 621, - "type": "git", - "url": "https://git.lix.systems/lix-project/nix-eval-jobs" - }, - "original": { - "ref": "release-2.92", - "type": "git", - "url": "https://git.lix.systems/lix-project/nix-eval-jobs" - } - }, - "nix-github-actions": { - "inputs": { - "nixpkgs": [ - "hydra", - "nix-eval-jobs", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1731952509, - "narHash": "sha256-p4gB3Rhw8R6Ak4eMl8pqjCPOLCZRqaehZxdZ/mbFClM=", - "owner": "nix-community", - "repo": "nix-github-actions", - "rev": "7b5f051df789b6b20d259924d349a9ba3319b226", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "nix-github-actions", - "type": "github" - } - }, "nix2container": { "flake": false, "locked": { @@ -433,6 +400,22 @@ "type": "github" } }, + "nix2container_2": { + "flake": false, + "locked": { + "lastModified": 1724996935, + "narHash": "sha256-njRK9vvZ1JJsP8oV2OgkBrpJhgQezI03S7gzskCcHos=", + "owner": "nlewo", + "repo": "nix2container", + "rev": "fa6bb0a1159f55d071ba99331355955ae30b3401", + "type": "github" + }, + "original": { + "owner": "nlewo", + "repo": "nix2container", + "type": "github" + } + }, "nixos-exporter": { "inputs": { "nixpkgs": [ @@ -517,6 +500,22 @@ "type": "github" } }, + "nixpkgs-regression_2": { + "locked": { + "lastModified": 1643052045, + "narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + } + }, "nixpkgs-stable": { "locked": { "lastModified": 1713434076, @@ -551,11 +550,27 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1748460289, - "narHash": "sha256-7doLyJBzCllvqX4gszYtmZUToxKvMUrg45EUWaUYmBg=", + "lastModified": 1748437600, + "narHash": "sha256-hYKMs3ilp09anGO7xzfGs3JqEgUqFMnZ8GMAqI6/k04=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "96ec055edbe5ee227f28cdbc3f1ddf1df5965102", + "rev": "7282cb574e0607e65224d33be8241eae7cfe0979", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1748693115, + "narHash": "sha256-StSrWhklmDuXT93yc3GrTlb0cKSS0agTAxMGjLKAsY8=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "910796cabe436259a29a72e8d3f5e180fc6dfacc", "type": "github" }, "original": { @@ -601,6 +616,22 @@ "type": "github" } }, + "pre-commit-hooks_2": { + "flake": false, + "locked": { + "lastModified": 1733318908, + "narHash": "sha256-SVQVsbafSM1dJ4fpgyBqLZ+Lft+jcQuMtEL3lQWx2Sk=", + "owner": "cachix", + "repo": "git-hooks.nix", + "rev": "6f4e2a2112050951a314d2733a994fbab94864c6", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "git-hooks.nix", + "type": "github" + } + }, "rainbowrss": { "inputs": { "nixpkgs": [ @@ -630,11 +661,11 @@ "fieldpoc": "fieldpoc", "harmonia": "harmonia", "hydra": "hydra", - "lix": "lix", + "lix": "lix_2", "lix-module": "lix-module", "nixos-exporter": "nixos-exporter", "nixos-hardware": "nixos-hardware", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_4", "nixpkgs-0dc1c7": "nixpkgs-0dc1c7", "nurausstieg": "nurausstieg", "rainbowrss": "rainbowrss", @@ -707,7 +738,7 @@ }, "ssh-to-age": { "inputs": { - "flake-parts": "flake-parts_3", + "flake-parts": "flake-parts_2", "nixpkgs": [ "nixpkgs" ] @@ -776,28 +807,6 @@ "repo": "treefmt-nix", "type": "github" } - }, - "treefmt-nix_2": { - "inputs": { - "nixpkgs": [ - "hydra", - "nix-eval-jobs", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1732292307, - "narHash": "sha256-5WSng844vXt8uytT5djmqBCkopyle6ciFgteuA9bJpw=", - "owner": "numtide", - "repo": "treefmt-nix", - "rev": "705df92694af7093dfbb27109ce16d828a79155f", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "treefmt-nix", - "type": "github" - } } }, "root": "root", diff --git a/flake.nix b/flake.nix index a50e111..0d9d76f 100644 --- a/flake.nix +++ b/flake.nix @@ -25,16 +25,16 @@ inputs.nixpkgs.follows = "nixpkgs"; }; hydra = { - url = "git+https://git.lix.systems/lix-project/hydra.git?ref=lix-2.92"; - inputs.lix.follows = "lix"; - inputs.nixpkgs.follows = "nixpkgs"; + url = "git+https://git.lix.systems/lix-project/hydra.git?ref=lix-2.93"; + #inputs.lix.follows = "lix"; + #inputs.nixpkgs.follows = "nixpkgs"; }; lix = { - url = "git+https://git.lix.systems/lix-project/lix.git?ref=release-2.92"; + url = "git+https://git.lix.systems/lix-project/lix.git?ref=release-2.93"; inputs.nixpkgs.follows = "nixpkgs"; }; lix-module = { - url = "git+https://git.lix.systems/lix-project/nixos-module.git?ref=release-2.92"; + url = "git+https://git.lix.systems/lix-project/nixos-module.git?ref=release-2.93"; inputs.lix.follows = "lix"; inputs.nixpkgs.follows = "nixpkgs"; }; diff --git a/hosts/monitoring-3/blackbox.nix b/hosts/monitoring-3/blackbox.nix index e3023bc..4fa6dd3 100644 --- a/hosts/monitoring-3/blackbox.nix +++ b/hosts/monitoring-3/blackbox.nix @@ -25,6 +25,48 @@ fail_if_not_ssl: true fail_if_body_not_matches_regexp: - "Synapse is running" + headers: + User-Agent: "monitoring.clerie.de, blackbox exporter" + http4: + prober: http + http: + preferred_ip_protocol: ip4 + ip_protocol_fallback: false + fail_if_ssl: true + follow_redirects: false + valid_status_codes: [ 200, 204, 301, 302, 303, 307, 308 ] + headers: + User-Agent: "monitoring.clerie.de, blackbox exporter" + http6: + prober: http + http: + preferred_ip_protocol: ip6 + ip_protocol_fallback: false + fail_if_ssl: true + follow_redirects: false + valid_status_codes: [ 200, 204, 301, 302, 303, 307, 308 ] + headers: + User-Agent: "monitoring.clerie.de, blackbox exporter" + https4: + prober: http + http: + preferred_ip_protocol: ip4 + ip_protocol_fallback: false + fail_if_not_ssl: true + follow_redirects: false + valid_status_codes: [ 200, 204, 301, 302, 303, 307, 308 ] + headers: + User-Agent: "monitoring.clerie.de, blackbox exporter" + https6: + prober: http + http: + preferred_ip_protocol: ip6 + ip_protocol_fallback: false + fail_if_not_ssl: true + follow_redirects: false + valid_status_codes: [ 200, 204, 301, 302, 303, 307, 308 ] + headers: + User-Agent: "monitoring.clerie.de, blackbox exporter" ''; }; } diff --git a/hosts/monitoring-3/configuration.nix b/hosts/monitoring-3/configuration.nix index 1187e9c..133783e 100644 --- a/hosts/monitoring-3/configuration.nix +++ b/hosts/monitoring-3/configuration.nix @@ -10,6 +10,7 @@ ./grafana.nix ./nixos-validator.nix ./prometheus.nix + ./targets.nix ./uptimestatus.nix ]; diff --git a/hosts/monitoring-3/prometheus.nix b/hosts/monitoring-3/prometheus.nix index cd130e9..e305e88 100644 --- a/hosts/monitoring-3/prometheus.nix +++ b/hosts/monitoring-3/prometheus.nix @@ -141,10 +141,7 @@ in { }; static_configs = [ { - targets = [ - "clerie.uber.space;infra" - "cleriewi.uber.space;infra" - ]; + targets = map (target: "${target};infra") config.profiles.clerie.monitoring-server.probeTargets.node-exporter-uberspace; } ]; relabel_configs = [ @@ -225,17 +222,7 @@ in { }; static_configs = [ { - targets = eachWithEachOther (instance: target: "${instance};${target}") blackboxMonitoringTargets [ - "clerie.de" - "tagesschau.de" - "google.com" - "achtbaan.nikhef.nl" - "fluorine.net.clerie.de" - "www.fem.tu-ilmenau.de" - "www.heise.de" - "dyon.net.entr0py.de" - "matrix.fachschaften.org" - ]; + targets = eachWithEachOther (instance: target: "${instance};${target}") blackboxMonitoringTargets config.profiles.clerie.monitoring-server.probeTargets.blackbox-icmp6; } ]; relabel_configs = [ @@ -267,18 +254,7 @@ in { }; static_configs = [ { - targets = eachWithEachOther (instance: target: "${instance};${target}") blackboxMonitoringTargets [ - "clerie.de" - "tagesschau.de" - "google.com" - "achtbaan.nikhef.nl" - "www.fem.tu-ilmenau.de" - "www.heise.de" - "matrix.bau-ha.us" - "dyon.net.entr0py.de" - "matrix.entr0py.de" - "matrix.fachschaften.org" - ]; + targets = eachWithEachOther (instance: target: "${instance};${target}") blackboxMonitoringTargets config.profiles.clerie.monitoring-server.probeTargets.blackbox-icmp4; } ]; relabel_configs = [ @@ -310,10 +286,7 @@ in { }; static_configs = [ { - targets = [ - "matrix.entr0py.de" - "matrix.fachschaften.org" - ]; + targets = config.profiles.clerie.monitoring-server.probeTargets.blackbox-local-synapse; } ]; relabel_configs = [ @@ -393,6 +366,122 @@ in { relabelAddressToInstance ]; } + { + job_name = "blackbox_local_http6"; + scrape_interval = "100s"; + metrics_path = "/probe"; + params = { + module = [ "http6" ]; + }; + static_configs = [ + { + targets = config.profiles.clerie.monitoring-server.probeTargets.blackbox-local-http6; + } + ]; + relabel_configs = [ + { + source_labels = [ "__address__" ]; + target_label = "__param_target"; + replacement = "http://\${1}"; + } + { + source_labels = [ "__address__" ]; + target_label = "target"; + } + { + target_label = "__address__"; + replacement = "monitoring-3.mon.clerie.de:9115"; + } + relabelAddressToInstance + ]; + } + { + job_name = "blackbox_local_http4"; + scrape_interval = "100s"; + metrics_path = "/probe"; + params = { + module = [ "http4" ]; + }; + static_configs = [ + { + targets = config.profiles.clerie.monitoring-server.probeTargets.blackbox-local-http4; + } + ]; + relabel_configs = [ + { + source_labels = [ "__address__" ]; + target_label = "__param_target"; + replacement = "http://\${1}"; + } + { + source_labels = [ "__address__" ]; + target_label = "target"; + } + { + target_label = "__address__"; + replacement = "monitoring-3.mon.clerie.de:9115"; + } + relabelAddressToInstance + ]; + } + { + job_name = "blackbox_local_https6"; + scrape_interval = "100s"; + metrics_path = "/probe"; + params = { + module = [ "https6" ]; + }; + static_configs = [ + { + targets = config.profiles.clerie.monitoring-server.probeTargets.blackbox-local-http6; + } + ]; + relabel_configs = [ + { + source_labels = [ "__address__" ]; + target_label = "__param_target"; + replacement = "https://\${1}"; + } + { + source_labels = [ "__address__" ]; + target_label = "target"; + } + { + target_label = "__address__"; + replacement = "monitoring-3.mon.clerie.de:9115"; + } + relabelAddressToInstance + ]; + } + { + job_name = "blackbox_local_https4"; + scrape_interval = "100s"; + metrics_path = "/probe"; + params = { + module = [ "https4" ]; + }; + static_configs = [ + { + targets = config.profiles.clerie.monitoring-server.probeTargets.blackbox-local-http4; + } + ]; + relabel_configs = [ + { + source_labels = [ "__address__" ]; + target_label = "__param_target"; + replacement = "https://\${1}"; + } + { + source_labels = [ "__address__" ]; + target_label = "target"; + } + { + target_label = "__address__"; + replacement = "monitoring-3.mon.clerie.de:9115"; + } + relabelAddressToInstance + ]; + } { job_name = "hydra"; scrape_interval = "20s"; diff --git a/hosts/monitoring-3/targets.nix b/hosts/monitoring-3/targets.nix new file mode 100644 index 0000000..245b542 --- /dev/null +++ b/hosts/monitoring-3/targets.nix @@ -0,0 +1,7 @@ +{ ... }: + +{ + + profiles.clerie.monitoring-server.targets = builtins.fromJSON (builtins.readFile ../../monitoring/targets.json); + +} diff --git a/modules/nginx-port-forward/default.nix b/modules/nginx-port-forward/default.nix index c54e018..7a13859 100644 --- a/modules/nginx-port-forward/default.nix +++ b/modules/nginx-port-forward/default.nix @@ -9,6 +9,8 @@ let mkServerBlock = isUDP: port: forward: '' server { + resolver 127.0.0.53 ipv4=off; + listen ${port}${optionalString isUDP " udp"}${optionalString (forward.certName != null) " ssl"}; listen [::]:${port}${optionalString isUDP " udp"}${optionalString (forward.certName != null) " ssl"}; @@ -24,8 +26,6 @@ let portForwardConf = '' stream { - resolver 127.0.0.53; - ${ concatStringsSep "\n" (mapAttrsToList (mkServerBlock false) cfg.tcpPorts) } ${ concatStringsSep "\n" (mapAttrsToList (mkServerBlock true) cfg.udpPorts) } } diff --git a/monitoring/targets.json b/monitoring/targets.json new file mode 100644 index 0000000..3bea363 --- /dev/null +++ b/monitoring/targets.json @@ -0,0 +1,49 @@ +{ + "clerie.de": { + "icmp": { "enable": true }, + "http": { "enable": true } + }, + "wiki.clerie.de": { + "http": { "enable": true } + }, + "blog.nadja.top": { + "http": { "enable": true } + }, + + "tagesschau.de": { + "icmp": { "enable": true } + }, + "google.com": { + "icmp": { "enable": true } + }, + "achtbaan.nikhef.nl": { + "icmp": { "enable": true } + }, + "www.fem.tu-ilmenau.de": { + "icmp": { "enable": true } + }, + "www.heise.de": { + "icmp": { "enable": true } + }, + + "dyon.net.entr0py.de": { + "_comment": "Backend server of matrix.entr0py.de", + "icmp": { "enable": true } + }, + "matrix.bau-ha.us": { + "synapse": { "enable": true } + }, + "matrix.entr0py.de": { + "synapse": { "enable": true } + }, + "matrix.fachschaften.org": { + "synapse": { "enable": true } + }, + + "clerie.uber.space": { + "clerie-uberspace": { "enable": true } + }, + "cleriewi.uber.space": { + "clerie-uberspace": { "enable": true } + } +} diff --git a/profiles/default.nix b/profiles/default.nix index 7d0aa97..6de6c14 100644 --- a/profiles/default.nix +++ b/profiles/default.nix @@ -14,6 +14,7 @@ ./hetzner-cloud ./hydra-build-machine ./mercury-vm + ./monitoring-server ./netcup ./network-fallback-dhcp ./router diff --git a/profiles/monitoring-server/default.nix b/profiles/monitoring-server/default.nix new file mode 100644 index 0000000..d7f911c --- /dev/null +++ b/profiles/monitoring-server/default.nix @@ -0,0 +1,106 @@ +{ config, lib, ... }: + +with lib; + +let + + mkAttrsOfSubmoduleOption = description: submoduleOptions: mkOption { + type = with types; attrsOf (submodule { options = submoduleOptions; }); + default = {}; + description = description; + }; + + mkSubmoduleOption = description: submoduleOptions: mkOption { + type = types.submodule { options = submoduleOptions; }; + default = {}; + description = description; + }; + + mkProbeOption = description: submoduleOptions: mkSubmoduleOption description ({ + enable = mkEnableOption "Monitor target using this probe"; + } // submoduleOptions); + + mkProtocolsOption = mkOption { + type = with types; listOf (enum [ "ipv6" "ipv4" ]); + default = [ "ipv6" "ipv4" ]; + description = "Protocols to retrieve metrics for"; + }; + + mkTargetsListOption = mkOption { + type = with types; listOf str; + default = []; + }; + + listContains = searchValue: listToSearch: any (element: element == searchValue) listToSearch; + + targetsForProbe = probeName: condition: attrNames (filterAttrs (targetName: targetConfig: + targetConfig.${probeName}.enable == true && (condition targetConfig.${probeName}) + ) config.profiles.clerie.monitoring-server.targets); + +in { + + options.profiles.clerie.monitoring-server = { + targets = mkAttrsOfSubmoduleOption "Monitoring targets config" { + _comment = mkOption { + type = types.str; + default = ""; + }; + clerie-uberspace = mkProbeOption "This target is a uberspace host managed by clerie" {}; + http = mkProbeOption "Monitor HTTP" { + protocols = mkProtocolsOption; + transport = mkOption { + type = with types; listOf (enum [ "http" "https" ]); + default = [ "http" "https" ]; + description = "HTTP transport modes to monitor"; + }; + }; + icmp = mkProbeOption "Monitor HTTP" { + protocols = mkProtocolsOption; + }; + synapse = mkProbeOption "Monitor Synapse Matrix server" {}; + }; + + probeTargets = mkSubmoduleOption "Target per probe" { + blackbox-icmp4 = mkTargetsListOption; + blackbox-icmp6 = mkTargetsListOption; + blackbox-local-http4 = mkTargetsListOption; + blackbox-local-http6 = mkTargetsListOption; + blackbox-local-https4 = mkTargetsListOption; + blackbox-local-https6 = mkTargetsListOption; + node-exporter-uberspace = mkTargetsListOption; + blackbox-local-synapse = mkTargetsListOption; + }; + }; + + config = { + + profiles.clerie.monitoring-server.probeTargets.blackbox-icmp4 = targetsForProbe "icmp" (probeConfig: + (listContains "ipv4" probeConfig.protocols) + ); + + profiles.clerie.monitoring-server.probeTargets.blackbox-icmp6 = targetsForProbe "icmp" (probeConfig: + (listContains "ipv6" probeConfig.protocols) + ); + + profiles.clerie.monitoring-server.probeTargets.blackbox-local-http4 = targetsForProbe "http" (probeConfig: + (listContains "ipv4" probeConfig.protocols) && (listContains "http" probeConfig.transport) + ); + + profiles.clerie.monitoring-server.probeTargets.blackbox-local-http6 = targetsForProbe "http" (probeConfig: + (listContains "ipv6" probeConfig.protocols) && (listContains "http" probeConfig.transport) + ); + + profiles.clerie.monitoring-server.probeTargets.blackbox-local-https4 = targetsForProbe "http" (probeConfig: + (listContains "ipv4" probeConfig.protocols) && (listContains "https" probeConfig.transport) + ); + + profiles.clerie.monitoring-server.probeTargets.blackbox-local-https6 = targetsForProbe "http" (probeConfig: + (listContains "ipv6" probeConfig.protocols) && (listContains "https" probeConfig.transport) + ); + + profiles.clerie.monitoring-server.probeTargets.node-exporter-uberspace = targetsForProbe "clerie-uberspace" (_: true); + + profiles.clerie.monitoring-server.probeTargets.blackbox-local-synapse = targetsForProbe "synapse" (_: true); + + }; +}