rework victoriametrics to be more generic with test

inventories/default.nix

@@ -7,9 +7,6 @@
 }:
 {
   clan = {
-    modules = {
-      victoria-metrics = ../modules/clan/victoria-metrics;
-    };
     inventory = {
 
       machines = {
@@ -58,9 +55,9 @@
           };
           roles.default.machines.b4l = { };
         };
-        victoria-metrics = {
+        victoriametrics = {
           module = {
-            name = "victoria-metrics";
+            name = "victoriametrics";
             input = "self";
           };
           roles.default.machines.b4l = { };

machines/b4l/services/victoriametrics.nix

@@ -0,0 +1,73 @@
+{ config, pkgs, ... }:
+let
+  vmDomain = "${config.clan.core.vars.generators.b4l-victoriametrics.files.subdomain.value}.${config.networking.fqdn}";
+in
+{
+  clan.core.vars.generators.b4l-victoriametrics = {
+    files.subdomain.secret = false;
+    files.adminuser.secret = false;
+    files.adminpassword.secret = true;
+
+    prompts = {
+      subdomain = {
+        persist = true;
+        type = "line";
+        description = "Sub-domain for Victoria Metrics app. Default:(metrics)";
+      };
+      adminuser = {
+        persist = true;
+        type = "line";
+        description = "Username for an admin user. Default:(admin)";
+      };
+      adminpassword = {
+        persist = true;
+        type = "hidden";
+        description = "Password for the admin user. Leave empty to auto-generate.";
+      };
+    };
+
+    runtimeInputs = [
+      pkgs.xkcdpass
+      pkgs.coreutils
+    ];
+
+    script = ''
+      prompt_domain=$(cat "$prompts"/subdomain)
+      if [[ -n "''${prompt_domain-}" ]]; then
+        echo $prompt_domain | tr -d "\n" > "$out"/subdomain
+      else
+        echo -n "metrics" > "$out"/subdomain
+      fi
+
+      prompt_adminuser=$(cat "$prompts"/adminuser)
+      if [[ -n "''${prompt_adminuser-}" ]]; then
+        echo $prompt_adminuser | tr -d "\n" > "$out"/adminuser
+      else
+        echo -n "admin" > "$out"/adminuser
+      fi
+
+      prompt_password=$(cat "$prompts"/adminpassword)
+      if [[ -n "''${prompt_password-}" ]]; then
+        echo "$prompt_password" | tr -d "\n" > "$out"/adminpassword
+      else
+        xkcdpass --numwords 4 --delimiter - --count 1 | tr -d "\n" > "$out"/adminpassword
+      fi
+    '';
+  };
+
+  services.victoriametrics = {
+    extraOptions = [
+      "-httpAuth.username=file://${config.clan.core.vars.generators.b4l-victoriametrics.files.adminuser.path}"
+      "-httpAuth.password=file://${config.clan.core.vars.generators.b4l-victoriametrics.files.adminpassword.path}"
+    ];
+  };
+
+  services.nginx.virtualHosts."${vmDomain}" = {
+    forceSSL = true;
+    useACMEHost = "${config.networking.fqdn}";
+    locations."/" = {
+      proxyPass = "http://localhost${builtins.toString config.services.victoriametrics.listenAddress}";
+    };
+  };
+
+}

modules/clan/victoria-metrics/default.nix

@@ -1,47 +0,0 @@
-{
-  _class = "clan.service";
-  manifest.name = "Victoria Metrics";
-  manifest.description = "VictoriaMetrics: fast, cost-effective monitoring solution and time series database";
-  manifest.categories = [ "System" ];
-
-  roles.default = {
-    perInstance = {
-      nixosModule =
-        {
-          config,
-          pkgs,
-          ...
-        }:
-        let
-          defaultUser = "victoriametrics";
-        in
-        {
-          clan.core.vars.generators.victoria-metrics = {
-            files = {
-              username = {
-                secret = false;
-              };
-              password = {
-                secret = true;
-                owner = defaultUser;
-                group = defaultUser;
-              };
-            };
-            script = ''
-              echo "admin" > "$out"/username
-              xkcdpass --numwords 4 --delimiter - --count 1 | tr -d "\n" > "$out"/password
-            '';
-            runtimeInputs = [ pkgs.xkcdpass ];
-          };
-          services.victoriametrics = {
-            enable = true;
-            extraOptions = [
-              "-httpAuth.username=file://${config.clan.core.vars.generators.victoria-metrics.files.username.path}"
-              "-httpAuth.password=file://${config.clan.core.vars.generators.victoria-metrics.files.password.path}"
-            ];
-          };
-        };
-    };
-  };
-
-}

modules/clan/victoriametrics/default.nix

@@ -0,0 +1,25 @@
+{ ... }:
+{
+  _class = "clan.service";
+  manifest.name = "Victoria Metrics";
+  manifest.description = "VictoriaMetrics: fast, cost-effective monitoring solution and time series database";
+  manifest.categories = [ "System" ];
+
+  roles.default = {
+    perInstance.nixosModule =
+      {
+        config,
+        lib,
+        ...
+      }:
+      {
+        services.victoriametrics = {
+          enable = lib.mkDefault true;
+        };
+
+        clan.core.state.victoriametrics.folders = lib.mkDefault [
+          "/var/lib/${config.services.victoriametrics.stateDir}"
+        ];
+      };
+  };
+}

modules/clan/victoriametrics/flake-module.nix

@@ -0,0 +1,19 @@
+{ lib, ... }:
+let
+  module = lib.modules.importApply ./default.nix { };
+in
+{
+  clan.modules = {
+    victoriametrics = module;
+  };
+
+  perSystem =
+    { ... }:
+    {
+      clan.nixosTests.victoriametrics = {
+        imports = [ ./tests/vm/default.nix ];
+
+        clan.modules."@clan/victoriametrics" = module;
+      };
+    };
+}

modules/clan/victoriametrics/tests/vm/default.nix

@@ -0,0 +1,34 @@
+{
+  ...
+}:
+{
+  name = "service-victoriametrics";
+
+  clan = {
+    directory = ./.;
+    inventory = {
+      machines.server = { };
+
+      instances = {
+        victoriametrics-test = {
+          module.name = "@clan/victoriametrics";
+          module.input = "self";
+          roles.default.machines."server".settings = { };
+        };
+      };
+    };
+  };
+
+  nodes = {
+    server = { };
+  };
+
+  testScript = ''
+    start_all()
+
+    server.wait_for_unit("victoriametrics")
+
+    server.succeed("systemctl status victoriametrics")
+
+  '';
+}

vars/per-machine/b4l/b4l-victoriametrics/adminpassword/machines/b4l

@@ -0,0 +1 @@
+../../../../../../sops/machines/b4l

vars/per-machine/b4l/b4l-victoriametrics/adminpassword/secret

@@ -0,0 +1,19 @@
+{
+	"data": "ENC[AES256_GCM,data:YpPv9DuLRdwX2CrLIU0Zr14KcrfaK2MW6N7VYBpIvw==,iv:DS2qhq/BMAVXqaGqYDH1cK3mv2nSWHbN6O+KCe/jXBk=,tag:mRvbZv/qSsAWVKmdqxrzpQ==,type:str]",
+	"sops": {
+		"age": [
+			{
+				"recipient": "age1hlzrpqqgndcthq5m5yj9egfgyet2fzrxwa6ynjzwx2r22uy6m3hqr3rd06",
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDeHFRMXFwd3JMakozY3po\nWUo1eDZRMmVkWGVPemZURk5tUUpKay9tc0ZRCjN6UWZ3OVBIQlRReFJUelEwN25y\nZlNqWGVJZjZtaUFKT3lLOW9CcElOMjQKLS0tIEVUSE16aWhYZHdSemViY3AvRWlN\nMnQ5Yk1rODZLOUpaZWovV0RPTEt5UHMKg9GsMtLAfX5y1yWULgdbj8GrXyYhMIMr\n+G4sLcp+HJjsIo0DFvlp0TJUeRuOTVi5XXw+IsFhFTsSqjV/YFFzjw==\n-----END AGE ENCRYPTED FILE-----\n"
+			},
+			{
+				"recipient": "age1sg0rvgyetdcqw7j2x983fh69kdkvqsngpe5x36e5920qa7fze3cqhj4wgx",
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBamVSSDNuczB3UTJ1Vmoy\nbnM1Q0VDVlQwYU9NQ29vL3FCbjFsSitLWmxBCld6MlAvV3JNZjlsRjVqaUpzZExp\nUWtRS1o5VDQ2RXl1bHNPWmVLTEVGT0EKLS0tIHhkdmdiNUxBTkNPNldLNnZZOUdl\nTWtyaGFsa0NnMy9lQm5mR3FEMXN0TVkKgWedpfvq46qOOdgeFH76OkO7QQyVor/w\n30Rv1n9cqfNdqBog/gPvI/sTPqFfXPpnFJjYZLNG/rnJjPHAM0+hhA==\n-----END AGE ENCRYPTED FILE-----\n"
+			}
+		],
+		"lastmodified": "2025-07-31T08:48:18Z",
+		"mac": "ENC[AES256_GCM,data:gXIh/MEkCPoL1tfGYIVQs6e335glFCz1AW0EAdVRX8VVxUk9vwNgf577Sd5fHDBuQsYrqMonRPwRYEACLtjaK37+mk1qa+A2gpg4OfhUJF1inrWXZoTY9SSH2LtlAWddcxDDAKA7n0Itqv0FkQuqVmmr3j3XzMf9fTMgAcgscDA=,iv:RZPNYp/6otR67smbNE+fcQqzO61+NEjp1sIHRTUpTl0=,tag:2Jx1M/Y+ODYRaOtps3KY2w==,type:str]",
+		"unencrypted_suffix": "_unencrypted",
+		"version": "3.10.2"
+	}
+}

vars/per-machine/b4l/b4l-victoriametrics/adminpassword/users/kurogeek

@@ -0,0 +1 @@
+../../../../../../sops/users/kurogeek

vars/per-machine/b4l/b4l-victoriametrics/adminuser/value

@@ -0,0 +1 @@
+admin

vars/per-machine/b4l/b4l-victoriametrics/subdomain/value

@@ -0,0 +1 @@
+metrics