{ inputs, lib, config, ... }: let cfg = config.bagel.status; # TODO: pull domains from a central place subdomains = [ "cl" "netbox" "cache" "grafana" "hydra" "loki" "mimir" "pyroscope" "matrix" "tempo" "amqp" "fodwatch" "git" "alerts" "buildbot" "b" "postgres" "news" ]; port = 3001; in { imports = [ "${inputs.stateless-uptime-kuma}/nixos/module.nix" ]; options.bagel.status = { enable = lib.mkEnableOption "the status page service (uptime-kuma)"; domain = lib.mkOption { type = lib.types.str; }; }; config = lib.mkIf cfg.enable { services.uptime-kuma.enable = true; services.nginx = { enable = true; virtualHosts.${cfg.domain} = { enableACME = true; forceSSL = true; locations."/" = { proxyPass = "http://127.0.0.1:${builtins.toString port}"; proxyWebsockets = true; }; }; }; networking.firewall.allowedTCPPorts = [ 80 443 ]; age.secrets.stateless-uptime-kuma-password.file = ../../secrets/stateless-uptime-kuma-password.age; statelessUptimeKuma = { probesConfig = { monitors = lib.genAttrs subdomains (name: { type = "http"; url = "https://${name}.forkos.org/"; tags = []; }); status_pages = { "forkos" = { title = "ForkOS"; description = "health of the ForkOS infra"; showTags = true; publicGroupList = [ { name = "Services"; weight = 1; monitorList = lib.genAttrs subdomains (id: { inherit id; }); } ]; }; }; }; extraFlags = [ "-s" ]; host = "http://localhost:${builtins.toString port}/"; username = "forkos"; passwordFile = config.age.secrets."stateless-uptime-kuma-password".path; enableService = true; }; }; }