From d521069b8dbf8333aad4d5abc4b24930c79a3ed3 Mon Sep 17 00:00:00 2001
From: SebastianStork <git@sstork.dev>
Date: Sun, 1 Mar 2026 14:44:42 +0100
Subject: [PATCH] Host gatus on homeserver instead of vps-monitor

---
 hosts/homeserver/default.nix         |  6 ++++++
 hosts/vps-monitor/default.nix        | 16 +---------------
 hosts/vps-monitor/secrets.json       |  7 ++-----
 modules/nixos/web-services/gatus.nix |  6 +++---
 4 files changed, 12 insertions(+), 23 deletions(-)

diff --git a/hosts/homeserver/default.nix b/hosts/homeserver/default.nix
index 26ed9ca..88ceaa2 100644
--- a/hosts/homeserver/default.nix
+++ b/hosts/homeserver/default.nix
@@ -66,6 +66,12 @@
           enable = true;
           domain = "grafana.${privateDomain}";
         };
+
+        gatus = {
+          enable = true;
+          domain = "status.${privateDomain}";
+          generateDefaultEndpoints = true;
+        };
       };
     };
 }
diff --git a/hosts/vps-monitor/default.nix b/hosts/vps-monitor/default.nix
index e45880b..597e8f2 100644
--- a/hosts/vps-monitor/default.nix
+++ b/hosts/vps-monitor/default.nix
@@ -1,4 +1,4 @@
-{ config, self, ... }:
+{ self, ... }:
 {
   imports = [ self.nixosModules.server-profile ];
 
@@ -21,19 +21,5 @@
     };
 
     services.dns.enable = true;
-
-    web-services =
-      let
-        privateDomain = config.custom.networking.overlay.domain;
-        sproutedDomain = "sprouted.cloud";
-      in
-      {
-        gatus = {
-          enable = true;
-          domain = "status.${privateDomain}";
-          generateDefaultEndpoints = true;
-          endpoints."dav.${sproutedDomain}".enable = false;
-        };
-      };
   };
 }
diff --git a/hosts/vps-monitor/secrets.json b/hosts/vps-monitor/secrets.json
index 7e95241..ef8fd90 100644
--- a/hosts/vps-monitor/secrets.json
+++ b/hosts/vps-monitor/secrets.json
@@ -1,8 +1,5 @@
 {
   "seb-password": "ENC[AES256_GCM,data:BsVFQMY7q+RhByY3RTWwrwbdC4Pgb2kNVG8HXn+kmI2evAo8XmGbDHbr7mXnI2LA6E+iXm5bewfwwTnJWZjaup06/kr1bd8JDg==,iv:GpBQNm1jspU8PCN+SzfAUKSps3YySg6JJVYOLOFetOI=,tag:ydQaXcLVYllSZYWNCtH7+A==,type:str]",
-  "healthchecks": {
-    "ping-key": "ENC[AES256_GCM,data:Zq71AU3oym7fC364YZNyRtx4N2G35Q==,iv:ibMBpcrSocLBhtumsSV00+KVN6Pi4SzE7soCkZcU4fY=,tag:Wv/Wr0wRZGXucMHZHgoNtg==,type:str]"
-  },
   "nebula": {
     "host-key": "ENC[AES256_GCM,data:usSLqYOvDAAs7z1xo+gccDqgUE78upK+k522ldKcPoFKKBH87Us7gi6+XAOMDQ79U6i8j4l1lAE8kRdqDuvasodESHVSW9gSnnv5E73MVr0d1Snh7tAewVzneac+2R2R8tUzKzwzWM5SyyvJSoKGBg8WmGzdGT8UqC623utlYQ==,iv:NoZ2u8IK4g1Kwb6uZZ1jXJH4eFO9Jj5Phi5hPM4K72o=,tag:9mOv6oSESH+8r2ZC4yUE+w==,type:str]"
   },
@@ -21,8 +18,8 @@
         "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBTVmV4dkZEaWVDNHMxUFdr\nYnhuVWpReXBNSEhhZkltQTE4bEpzSlBzL0VJCk15UFlwa0haWTZNaE1DVzVZVFBI\nd0QzcUptYmQ3dmhhdjhFV0xDSWdmMGMKLS0tIFhWamx6SXJleFFSVUFkRmw2VFZy\nOVVhNm9NSE0yRGFMQjNrM1B6cDVxSXMKrhAkDcWqutgSmQI5O+5i8fcwuTh2/XKr\nljK/Vn8EvGr8qEUeHzOBI1b5VtgngJkVJyfM9G/Q0lZvQF7ZZ5YCgQ==\n-----END AGE ENCRYPTED FILE-----\n"
       }
     ],
-    "lastmodified": "2026-03-01T13:13:54Z",
-    "mac": "ENC[AES256_GCM,data:/jWzYWYyHvFkjRN2jphn1ocPF8AsrULMa8W4U4GKPqdawT3VchEbJl0pKQV/bW5ApJkjHkopWmJjyScpkQXEXY2up6arNsN2IqB89c6jodMQihSKvSdG8pfeeZaFXY1HPL0KNUS/zV5y64rUNX5qv/t9wL9qatcIKP1SDw9Khro=,iv:hPoyKPQwbv6sbWCb0MMAWigDBKqnb/OmLcQN3UGg6yk=,tag:VDO8di4fLBh9XCD24UuvuA==,type:str]",
+    "lastmodified": "2026-03-01T13:43:41Z",
+    "mac": "ENC[AES256_GCM,data:9EQHy+GkONH/opiCrf9pafzZwRJ2xKwEPHO2YDDJD/1jw8IGvxg2GBt16QzP0PMczzASiLawOBbm2NsUmdz1bCkhABanj2+NQyIzX1xu5gqVKSmNb4BRUPY9M98atFl+2fzaeksC7t/BIizbGnehjRYQ5wFCsxNpCTw4G/Afzyk=,iv:dPIcQD6SPl821dUoezzW6cq7RlWGuJYbRCP4gcUvdpw=,tag:rBBJaxhWQ+fWbF3CMdpI+g==,type:str]",
     "unencrypted_suffix": "_unencrypted",
     "version": "3.11.0"
   }
diff --git a/modules/nixos/web-services/gatus.nix b/modules/nixos/web-services/gatus.nix
index 1582efe..199c9a5 100644
--- a/modules/nixos/web-services/gatus.nix
+++ b/modules/nixos/web-services/gatus.nix
@@ -76,7 +76,7 @@ in
   };
 
   config = lib.mkIf cfg.enable {
-    sops = {
+    sops = lib.mkIf cfg.alerts.enable {
       secrets."healthchecks/ping-key" = { };
       templates."gatus.env" = {
         content = "HEALTHCHECKS_PING_KEY=${config.sops.placeholder."healthchecks/ping-key"}";
@@ -103,7 +103,7 @@ in
 
     services.gatus = {
       enable = true;
-      environmentFile = config.sops.templates."gatus.env".path;
+      environmentFile = lib.mkIf cfg.alerts.enable config.sops.templates."gatus.env".path;
 
       settings = {
         web = {
@@ -198,7 +198,7 @@ in
         lib.mkIf cfg.generateDefaultEndpoints (
           defaultEndpoints
           // {
-            "healthchecks.io" = {
+            "healthchecks.io" = lib.mkIf cfg.alerts.enable {
               group = "external";
               domain = "hc-ping.com";
               path = "/\${HEALTHCHECKS_PING_KEY}/${config.networking.hostName}-gatus-uptime?create=1";