{ config, pkgs, ... }:
let
  configure_prom = builtins.toFile "prometheus.yml" ''
    scrape_configs:
    # System metrics
    - job_name: 'node'
      stream_parse: true
      static_configs:
      - targets:
        - ${config.networking.hostName}:9100

    # Systemd service monitoring
    - job_name: 'systemd'
      metrics_path: /metrics
      params:
        collect[]:
          - 'systemd.service.state'
          - 'systemd.service.start_time_seconds'
          - 'systemd.unit_file.state'
      static_configs:
      - targets:
        - ${config.networking.hostName}:9100
      relabel_configs:
        # Filter for specific services we want to monitor
        - source_labels: [__name__]
          regex: 'node_systemd_unit_state'
          action: keep
        - source_labels: [name]
          regex: '(container@git|microvm@git-runner-|postfix|dovecot|openldap|wireguard-wg_cloonar).*\.service'
          action: keep
  '';
in {
  sops.secrets.victoria-agent-env = {
    sopsFile = ./secrets.yaml;
  };

  # Node exporter for system metrics
  services.prometheus.exporters.node = {
    enable = true;
    enabledCollectors = [
      "systemd"  # Enable systemd collector for service monitoring
    ];
  };
  
  systemd.services.export-to-prometheus = {
    path = with pkgs; [victoriametrics];
    enable = true;
    after = ["network-online.target"];
    wantedBy = ["multi-user.target"];
    script = "vmagent -promscrape.config=${configure_prom} -envflag.enable -remoteWrite.url=https://victoria-server.cloonar.com/api/v1/write";

    serviceConfig = {
      EnvironmentFile=config.sops.secrets.victoria-agent-env.path;
    };
  };
}