# compare with nginx etc and consider publishing this shit (along instructions how to run with mariadb+icingaweb2 admin..)
  environment.etc = with pkgs;
	let defaultIcinga2Const = builtins.readFile "${icinga2}/etc/icinga2/constants.conf";
	in
	{
		"icinga2/features-available".source="${icinga2}/etc/icinga2/features-available";
		"icinga2/scripts".source="${icinga2}/etc/icinga2/scripts";
		"icinga2/zones.d".source="${icinga2}/etc/icinga2/zones.d";
		"icinga2/conf.d".source="${icinga2}/etc/icinga2/conf.d";
		"icinga2/constants.conf".text=builtins.replaceStrings ["bin"] ["${monitoring-plugins}/bin"] defaultIcinga2Const;
		"icinga2/icinga2.conf".source="${icinga2}/etc/icinga2/icinga2.conf";
		"icinga2/zones.conf".source="${icinga2}/etc/icinga2/zones.conf";
		"icinga2/features-enabled/checker.conf".source="${icinga2}/etc/icinga2/features-available/checker.conf";
		"icinga2/features-enabled/mainlog.conf".source="${icinga2}/etc/icinga2/features-available/mainlog.conf";
		"icinga2/features-enabled/notification.conf".source="${icinga2}/etc/icinga2/features-available/notification.conf";
		"icinga2/features-enabled/ido-mysql.conf".text='' object IdoMysqlConnection "ido-mysql" { user = "icinga", password = "8fg$1%X58G4geX", host = "comet.softwarefools.com", database = "ICINGA_IDO" } '';
	};

   systemd.services.icinga2 = {
     enable = true;
     description = "Icinga host/service/network monitoring system";
     #After=postgresql.service mariadb.service carbon-cache.service mysql.service yslog.target
 
     serviceConfig = with pkgs; {
 	Type="simple";
 	User="icinga2";
 	Group="icinga2";
 	UMask=0007; #what is this good for?
 	ExecStart="${icinga2}/bin/icinga2 daemon -c /etc/icinga2/icinga2.conf";
 	ExecReload="${icinga2}/lib/icinga2/safe-reload /usr/lib/icinga2/icinga2";
 	PIDFile="/run/icinga2/icinga2.pid";
 	RuntimeDirectory="icinga2";
 	CacheDirectory="icinga2";
 	LogsDirectory="icinga2";
 	StateDirectory="icinga2";
     };
 
     wantedBy=[ "multi-user.target" ];
   };

  users.groups.icinga2 = {};
  users.users.icinga2 = {
        isSystemUser = true;
	extraGroups = ["icinga2"];
        group = "icinga2";
  };

  # ICINGAWEB2
   services.icingaweb2.enable = true;
   services.icingaweb2.modules.monitoring.enable = false;
   services.icingaweb2.virtualHost = "icinga.softwarefools.com";
   services.nginx.virtualHosts."icinga.softwarefools.com" = {
     forceSSL = true;
     enableACME = true;
   };