{ pkgs, lib, config, network, ... }:

let
  blackboxConfig = (pkgs.formats.yaml { }).generate "blackbox-config.yml" {
    modules = {
      https_get_200 = {
        prober = "http";
        http = {
          valid_status_codes = [ 200 ];
          method = "GET";
          follow_redirects = false;
          fail_if_not_ssl = true;
        };
      };
      dns_dodecagon_ptr = {
        prober = "dns";
        dns = {
          query_type = "PTR";
          query_name = "162.193.54.193.in-addr.arpa.";
          validate_answer_rrs = {
            fail_if_not_matches_regexp = [
              "162\.193\.54\.193\.in-addr\.arpa\.\t.*\tIN\tPTR\tdodecagon\.federez\.net\."
            ];
          };
        };
      };
    };
  };
in {
  services.prometheus.exporters.blackbox = {
    enable = true;
    listenAddress = "localhost";
    configFile = blackboxConfig;
  };
}