{ depot, lib, ... }:

{
  systemd.mounts = let
    bindMount' = dir: {
      unitConfig.RequiresMountsFor = dir;
      options = "bind";
      what = "/persist${dir}";
      where = dir;
    };
    bindMountSvc = dir: svc: (bindMount' dir) // {
      bindsTo = [svc];
      partOf = [svc];
    };
    bindMount = dir: (bindMount' dir) // {
      wantedBy = ["multi-user.target"];
    };
  in [
    (bindMountSvc "/var/lib/prometheus" "prometheus.service")
    (bindMountSvc "/var/lib/grafana" "grafana.service")
  ];

  services.prometheus = {
    enable = true;
    stateDir = "prometheus";
    globalConfig.scrape_interval = "1s";
    scrapeConfigs = let
      staticConfig = name: ip: {
        targets = [ ip ];
        labels.host = name;
      };
      workers = [
        (staticConfig "worker1" "10.200.69.10")
        (staticConfig "worker2" "10.200.69.11")
      ];
      gameservers = [
        (staticConfig "csgo1" "10.200.69.12")
        (staticConfig "csgo2" "10.200.69.13")
      ];
      allHosts = workers ++ gameservers;
      withPort' = port: { targets, ... }@f: (f // {
        targets = builtins.map (x: "${x}:${toString port}") f.targets;
      });
      withPort = port: cfgs: builtins.map (withPort' port) cfgs;
    in [
      {
        job_name = "node_exporter";
        static_configs = withPort 9100 allHosts;
      }
    ];
  };

  services.grafana = {
    addr = "0.0.0.0";
    enable = true;
  };

  networking.firewall.allowedTCPPorts = lib.mkAfter [ 3000 ];
}