lego-monitoring/modules/default.nix

package:

{
  config,
  lib,
  pkgs,
  ...
}:

{
  imports = [
    ./options.nix
  ];

  config = let
    cfg = config.services.lego-monitoring;
    json = pkgs.formats.json {};
    toml = pkgs.formats.toml {};

    # This monstrous incantation has the effect of converting the options to snake_case
    # and removing those that are null (because TOML does not support null values)
    vulnixWhitelistFile = toml.generate "vulnix-whitelist.toml" (lib.attrsets.filterAttrsRecursive (
      k: v: v != null
    ) (
      lib.mapAttrs (_: rule: {
        inherit (rule) cve until;
        issue_url = rule.issueUrl;
      }) cfg.checks.vulnix.whitelist
    ));

    serviceConfigFile = json.generate "config.json" {
      enabled_check_sets = cfg.enabledCheckSets;
      log_level = cfg.logLevel;
      telegram = with cfg.telegram; {
        creds_secret_path = credsSecretPath;
        room_id = roomId;
      };
      checks = {
        temp.sensors = lib.mapAttrs (_: sensorCfg: {

          inherit (sensorCfg) name enabled;
          readings = lib.mapAttrs (_: readingCfg: {

            inherit (readingCfg) label enabled;
            warning_temp = readingCfg.warningTemp;
            critical_temp = readingCfg.criticalTemp;

          }) sensorCfg.readings;

        }) cfg.checks.temp.sensors;

        vulnix.whitelist_path = vulnixWhitelistFile;

        cpu = with cfg.checks.cpu; {
          warning_percentage = warningPercentage;
          critical_percentage = criticalPercentage;
        };

        ram = with cfg.checks.ram; {
          warning_percentage = warningPercentage;
          critical_percentage = criticalPercentage;
        };
      };
    };
  in lib.mkIf cfg.enable {
    systemd.services.lego-monitoring = {
      name = "lego-monitoring.service";
      description = "Lego-monitoring service";
      script = "${package}/bin/lego-monitoring -c ${serviceConfigFile}";
      wantedBy = [ "multi-user.target" ];
    };
  };
}