{ config, lib, pkgs, ... }:

let
  inherit (lib) mkIf mkMerge mkThenElse;
  annuaire = config.r6d.machines;
  currentMachine = annuaire."${config.networking.fqdn}";
  flags = currentMachine.configurationFlags;
in

# TODO: changer adresse mail
mkIf flags.munin {

  # Paquets
  environment.systemPackages = with pkgs; [
    bc
    mailutils
  ];

  # Services

  ## Noeud de supervision munin = pas de stockage des données locales
  services.munin-node = {
    enable = true;
    extraConfig = ''
      # Ignore the apc_nis plugin, as it throws errors as I don't have an UPS.
      # It's there because munin-node-configure is called with the contrib group,
      # and the plugin has no method to check whether there's a compatible UPS available.
      ignore_file ^apc_nis$

      ignore_file ^sensors_-wrapped$
      ignore_file ^.sensors_-wrapped$
    '';
    extraPlugins = {
      chrony = /etc/nixos/base/services/munin-chrony;
      chrony_tracking_stratum = /etc/nixos/base/services/munin-chrony-tracking-stratum;
      chrony_tracking_ppm = /etc/nixos/base/services/munin-chrony-tracking-ppm;
      chrony_tracking_time_ = /etc/nixos/base/services/munin-chrony-tracking-time;
      chrony_tracking_time_root = /etc/nixos/base/services/munin-chrony-tracking-time-root;
      chrony_tracking_update_time = /etc/nixos/base/services/munin-chrony-tracking-update-time;
    };
  };
  systemd.services.munin-node = {
    path = with pkgs; [ munin lm_sensors ];
    serviceConfig.TimeoutStartSec = "3min";
  };
  users.extraUsers.munin = {
    #extraGroups = [ "postfix" "root" ];
    extraGroups = [ "postfix" ];
  };

  # chmod a+rX -Rv /var/lib/postfix/queue/

  ## Munin server -- generate /var/www/munin
  services.munin-cron = {
    enable = true;
    hosts = ''
      [${config.networking.fqdn}]
        address 127.0.0.1
        df._dev_sda2.warning 35
        use_node_name yes
        #contacts syslog
        contacts email
    '';
    # http://sametmax.com/monitorez-vos-serveurs-avec-munin-et-notifications-par-email/
    # http://guide.munin-monitoring.org/en/latest/tutorial/alert.html#syntax-of-warning-and-critical
    extraGlobalConfig = ''
      #---
      #contact.email.command ${pkgs.mutt}/bin/mutt -F /etc/nixos/base/services/munin-muttrc  -s "Munin notification for ${config.networking.fqdn}" root@ocean.prunetwork.fr
      contact.email.command  /run/current-system/sw/bin/mutt -F /etc/nixos/base/services/munin-muttrc  -s "Munin notification for ${config.networking.fqdn}" root@ocean.prunetwork.fr
      contact.syslog.command /run/current-system/sw/bin/logger -p user.crit                 -t "Munin notification for ${config.networking.fqdn}"

      #---
      contact.email.always_send ok,warning,critical,unknown
      contact.syslog.always_send ok,warning,critical,unknown
    '';
  };

  # Réseau
  networking.firewall = {
    allowedTCPPorts = [
      #8000
    ];
    allowedUDPPorts = [
    ];
  };
}