{ lib, config, machines, ... }:
let
  cfg = config.lab.services.prometheus;
in
{
  options = {
    lab.services.prometheus = {
      enable = lib.mkOption {
        default = true;
        type = lib.types.bool;
      };

      server.enable = lib.mkOption {
        default = false;
        type = lib.types.bool;
      };
    };
  };

  config = lib.mkIf cfg.enable {
    networking.firewall.allowedTCPPorts = [ config.services.prometheus.exporters.node.port ]
      ++ lib.lists.optionals cfg.server.enable [ config.services.prometheus.port ];

    services.prometheus = {
      enable = cfg.server.enable;

      exporters = {
        node = {
          enable = true;
        };
      };

      scrapeConfigs = lib.mkIf cfg.server.enable (
        lib.attrsets.mapAttrsToList
          (name: machine:
            let
              domain = if machine.isPhysical then "hyp" else "dmz";
            in
            {
              job_name = name;
              static_configs = [{
                targets = [ "${name}.${domain}:${toString config.services.prometheus.exporters.node.port}" ];
              }];
            })
          machines
      );
    };
  };
}