{ lib, config, ... }:
let
  mkStringOption =
    description:
    lib.mkOption {
      type = lib.types.str;
      default = null;
      description = description;
    };
  cfg = config.monitoring;
in
{
  imports = [
    # crutches due to nix limitations:
    ./crutches/synapse.nix

    # modules
    ./system.nix
    ./postgres.nix
    ./synapse.nix
  ];
  options.monitoring = {
    monitorAll = lib.mkEnableOption "Monitor all services";
    localPrometheus = lib.mkEnableOption "Local Prometheus";
    exposePrometheus = lib.mkEnableOption "Expose Prometheus";
    localGrafana = lib.mkEnableOption "Local Grafana";
    exposeGrafana = lib.mkEnableOption "Expose Grafana";

    nginxHost = mkStringOption "The virtual host name";
    nginxSsl = lib.mkEnableOption "Enable SSL for Nginx";
    prometheusScrapeInterval = lib.mkOption {
      type = lib.types.int;
      default = 1;
      description = "Scrape interval for Prometheus";
    };
  };

  config = lib.mkIf (cfg.monitorAll) {
    services = {
      prometheus = lib.mkIf (cfg.localPrometheus) {
        enable = true;
        listenAddress = "127.0.0.1";
        extraFlags = [ "--storage.tsdb.wal-compression" ];
      };
      grafana = lib.mkIf (cfg.localGrafana) {
        enable = true;
        settings = {
          server = {
            domain = cfg.nginxHost;
            enable_gzip = true;
            protocol = "socket";
            socket_mode = "0666";
          };
        };
        provision = {
          datasources.settings = {
            apiVersion = 1;

            datasources =
              lib.map
                (interval: {
                  name = "Prometheus-${toString interval}";
                  type = "prometheus";
                  access = "proxy";
                  url = "http://127.0.0.1:${toString config.services.prometheus.port}";
                  #isDefault = true;
                  jsonData.timeInterval = "${toString interval}s";
                })
                [
                  1
                  15
                ];
          };
        };
      };
      nginx.virtualHosts = {
        "${cfg.nginxHost}" = {
          enableACME = cfg.nginxSsl;
          addSSL = cfg.nginxSsl;
          http3 = cfg.nginxSsl;
          http3_hq = cfg.nginxSsl;
          kTLS = cfg.nginxSsl;
          locations = {
            "/" = if cfg.exposeGrafana then { proxyPass = "http://unix:${config.services.grafana.settings.server.socket}"; } else { return = "200 'OK'"; };
          };
        };

        "prometheus.${cfg.nginxHost}" = lib.mkIf (cfg.exposePrometheus) {
          enableACME = cfg.nginxSsl;
          addSSL = cfg.nginxSsl;
          http3 = cfg.nginxSsl;
          http3_hq = cfg.nginxSsl;
          kTLS = cfg.nginxSsl;
          locations."/".proxyPass = "http://127.0.0.1:${toString config.services.prometheus.port}";
        };
      };
    };
  };
}