{ nodes, config, lib, pkgs, ... }: { dns.zones."ctu.cx".subdomains.prometheus.CNAME = [ "${config.networking.fqdn}." ]; systemd.services.prometheus.onFailure = [ "email-notify@%i.service" ]; services = { prometheus = { enable = true; webExternalUrl = "https://prometheus.${config.networking.domain}/"; listenAddress = "[::1]"; port = 9090; scrapeConfigs = [ { job_name = "node-exporter"; scrape_interval = "30s"; scheme = "https"; metrics_path = "/node-exporter"; static_configs = [{ targets = (lib.mapAttrsToList ( name: host: lib.mkIf ( host.config.services.prometheus.exporters.node.enable == true && host.config.networking.hostName != "" && host.config.networking.domain != "" ) host.config.networking.fqdn ) nodes); }]; } { job_name = "systemd-exporter"; scrape_interval = "30s"; scheme = "https"; metrics_path = "/systemd-exporter"; static_configs = [{ targets = (lib.mapAttrsToList ( name: host: lib.mkIf ( host.config.services.prometheus.exporters.node.enable == true && host.config.networking.hostName != "" && host.config.networking.domain != "" ) host.config.networking.fqdn ) nodes); }]; } { job_name = "scaphandre-exporter"; scrape_interval = "30s"; scheme = "https"; metrics_path = "/scaphandre-exporter"; static_configs = [{ targets = (lib.mapAttrsToList ( name: host: lib.mkIf ( host.config.services.prometheus.exporters.scaphandre.enable == true && host.config.networking.hostName != "" && host.config.networking.domain != "" ) host.config.networking.fqdn ) nodes); }]; } ]; }; nginx = { enable = true; virtualHosts."prometheus.${config.networking.domain}" = { enableACME = true; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://[::1]:${toString config.services.prometheus.port}/"; }; }; }; }