monitoring: add nginx builder for monitoring, use it on h

monitoring/default.nix

@@ -3,6 +3,34 @@ let
   inherit (builtins)
     readFile concatStringsSep attrValues mapAttrs replaceStrings;
 
+  nginxCfg = config.services.nginx;
+  buildFSChecker = fsList:
+    (concatStringsSep "\n" (attrValues (mapAttrs (f: _: ''
+      check filesystem ${replaceStrings [ "/" ] [ "_" ] f} with path ${f}
+         if space usage > 90% then alert
+         if inode usage > 90% then alert
+    '') fsList)));
+
+  buildNginxChecker = vhostList:
+    (concatStringsSep "\n" (attrValues (mapAttrs (f: v: ''
+      check host ${f} with address ${f}
+          if failed port 80 protocol http then alert
+          ${
+            if v.enableACME then
+              "if failed port 443 protocol https then alert"
+            else
+              ""
+          }
+    '') vhostList)));
+
+  nginxChecks = if nginxCfg.enable then
+    if config.networking.hostName == "h" then
+      (buildNginxChecker nginxCfg.virtualHosts)
+    else
+      ""
+  else
+    "";
+
 in {
   config = {
     sops.secrets = {
@@ -14,12 +42,8 @@ in {
     };
     services.monit = {
       enable = true;
-      config = readFile ./monitrc + (concatStringsSep "\n" (attrValues (mapAttrs
+      config = readFile ./monitrc + (buildFSChecker config.fileSystems)
-        (f: _: ''
+        + nginxChecks;
-          check filesystem ${replaceStrings [ "/" ] [ "_" ] f} with path ${f}
-             if space usage > 90% then alert
-             if inode usage > 90% then alert
-        '') config.fileSystems)));
     };
   };
 }