add scrutiny module and added it to gandalf

nixos/hosts/gandalf/config/disks.nix

@@ -0,0 +1,16 @@
+[
+  "/dev/disk/by-id/ata-Seagate_IronWolfPro_ZA240NX10001-2ZH100_7TF002RA"
+  "/dev/disk/by-id/nvme-Samsung_SSD_960_EVO_250GB_S3ESNX0K308438J"
+  "/dev/disk/by-id/scsi-350000c0f01da4b40"
+  "/dev/disk/by-id/scsi-350000c0f01e7d190"
+  "/dev/disk/by-id/scsi-350000c0f01ea443c"
+  "/dev/disk/by-id/scsi-350000c0f01f8230c"
+  "/dev/disk/by-id/scsi-35000c500586e5057"
+  "/dev/disk/by-id/scsi-35000c500624a0ddb"
+  "/dev/disk/by-id/scsi-35000c500624a1a8b"
+  "/dev/disk/by-id/scsi-35000cca046135ad8"
+  "/dev/disk/by-id/scsi-35000cca04613722c"
+  "/dev/disk/by-id/scsi-35000cca0461810f8"
+  "/dev/disk/by-id/scsi-35000cca04618b930"
+  "/dev/disk/by-id/scsi-35000cca04618cec4"
+]

nixos/hosts/gandalf/default.nix

@@ -1,9 +1,12 @@
-# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# Do not modify this file!  It was generated by 'nixos-generate-config'
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
 { config, lib, modulesPath, inputs, ... }:
 let
   sanoidConfig = import ./config/sanoid.nix { };
+  disks = import ./config/disks.nix;
+  smartdDevices = map (device: { inherit device; }) disks;
+
 in
 {
   imports =
@@ -86,12 +89,9 @@ in
     };
   };
 
-  # no de
   services = {
-    xserver = {
+    smartd = {
-      enable = false;
+      devices = smartdDevices;
-      displayManager.gdm.enable = false;
-      desktopManager.gnome.enable = false;
     };
   };
 
@@ -128,14 +128,21 @@ in
       podman.enable = true;
       libvirt-qemu.enable = true;
 
+      # Scrutiny
+      scrutiny = {
+        enable = true;
+        devices = disks;
+        extraCapabilities = [ "SYS_RAWIO" ];
+        containerVolumeLocation = "/eru/containers/volumes/scrutiny";
+      };
+
       # Sanoid
       sanoid = {
         enable = true;
         inherit (sanoidConfig.outputs) templates datasets;
       };
 
-      # Unifi & Lego-Auto
+      # Lego-Auto for SSL Certificates
-      # unifi.enable = true;
       lego-auto = {
         enable = true;
         dnsimpleTokenPath = "${config.sops.secrets."lego/dnsimple/token".path}";

nixos/modules/nixos/containers/default.nix

@@ -3,5 +3,6 @@
     ./backrest
     ./lego-auto
     ./unifi
+    ./scrutiny
   ];
 }

nixos/modules/nixos/containers/scrutiny/default.nix

@@ -0,0 +1,78 @@
+{ lib, config, ... }:
+with lib;
+let
+  app = "scrutiny";
+  # renovate: depName=AnalogJ/scrutiny datasource=github-releases
+  version = "v0.8.1";
+  cfg = config.mySystem.services.${app};
+in
+{
+  options.mySystem.services.${app} = {
+    enable = mkEnableOption "${app}";
+
+    containerVolumeLocation = mkOption {
+      type = types.str;
+      default = "/mnt/data/containers/${app}";
+      description = ''
+        The location where the container will store its data.
+      '';
+      example = "/mnt/data/containers/${app}";
+    };
+    # podman equivalent:
+    # --device /dev/disk/by-id/nvme-XXXXXXXXXXXXXXXXXXXXXXXXXXXX
+    devices = mkOption {
+      type = types.listOf types.str;
+      default = [ ];
+      description = ''
+        Devices to monitor on Scrutiny.
+      '';
+      example = [
+        "/dev/disk/by-id/nvme-XXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+      ];
+    };
+
+    # podman equivalent:
+    # --cap-add SYS_RAWIO
+    extraCapabilities = mkOption {
+      type = types.listOf types.str;
+      default = [
+        "SYS_RAWIO"
+      ];
+      description = ''
+        Extra capabilities to add to the container.
+      '';
+      example = [
+        "SYS_RAWIO"
+      ];
+    };
+  };
+
+  config = mkIf cfg.enable {
+    virtualisation.oci-containers.containers.${app} = {
+      image = "ghcr.io/AnalogJ/scrutiny:${version}-omnibus";
+      autoStart = true;
+
+      ports = [
+        "8585:8585" # web ui
+        "8086:8086" # influxdb2
+      ];
+
+      environment = {
+        TZ = "America/Chicago";
+      };
+
+      volumes = [
+        "${cfg.containerVolumeLocation}:/opt/scrutiny/config"
+        "${cfg.containerVolumeLocation}/influxdb2:/opt/scrutiny/influxdb"
+        "/run/udev:/run/udev:ro"
+      ];
+
+      # Merge the devices and extraCapabilities into the extraOptions property
+      # using the --device and --cap-add flags
+      extraOptions =
+        (map (disk: "--device=${toString disk}") cfg.devices)
+        ++
+        (map (cap: "--cap-add=${cap}") cfg.extraCapabilities);
+    };
+  };
+}