volker.raschek/prometheus-fail2ban-exporter-charts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial Commit

Browse Source
This commit is contained in:
Markus Pesch
2025-01-19 20:43:51 +01:00
commit 34222954b0
51 changed files with 6141 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
templates/prometheus-fail2ban-exporter/_common.tpl Normal file
View File

@ -0,0 +1,58 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "prometheus-fail2ban-exporter.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "prometheus-fail2ban-exporter.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "prometheus-fail2ban-exporter.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common annotations
*/}}
{{- define "prometheus-fail2ban-exporter.annotations" -}}
{{- end }}
{{/*
Common labels
*/}}
{{- define "prometheus-fail2ban-exporter.labels" -}}
{{ include "prometheus-fail2ban-exporter.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
helm.sh/chart: {{ include "prometheus-fail2ban-exporter.chart" . }}
{{- end }}
{{/*
Common selector labels
*/}}
{{- define "prometheus-fail2ban-exporter.selectorLabels" -}}
app.kubernetes.io/name: {{ include "prometheus-fail2ban-exporter.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}

20
templates/prometheus-fail2ban-exporter/_configMap.tpl Normal file
View File

@ -0,0 +1,20 @@
{{/* vim: set filetype=mustache: */}}
{{/* annotations */}}
{{- define "prometheus-fail2ban-exporter.configMap.grafanaDashboards.fail2banExporter.annotations" -}}
{{ include "prometheus-fail2ban-exporter.annotations" . }}
{{- if .Values.grafana.dashboards.fail2banExporter.annotations }}
{{ toYaml .Values.grafana.dashboards.fail2banExporter.annotations }}
{{- end }}
{{- end }}
{{/* labels */}}
{{- define "prometheus-fail2ban-exporter.configMap.grafanaDashboards.fail2banExporter.labels" -}}
{{ include "prometheus-fail2ban-exporter.labels" . }}
{{- if .Values.grafana.dashboards.fail2banExporter.labels }}
{{ toYaml .Values.grafana.dashboards.fail2banExporter.labels }}
{{- end }}
{{ toYaml .Values.grafana.dashboardDiscoveryLabels }}
{{- end }}

72
templates/prometheus-fail2ban-exporter/_daemonSet.tpl Normal file
View File

@ -0,0 +1,72 @@
{{/* vim: set filetype=mustache: */}}
{{/* annotations */}}
{{- define "prometheus-fail2ban-exporter.daemonSet.annotations" -}}
{{ include "prometheus-fail2ban-exporter.annotations" . }}
{{- if .Values.daemonSet.annotations }}
{{ toYaml .Values.daemonSet.annotations }}
{{- end }}
{{- end }}
{{/* env */}}
{{- define "prometheus-fail2ban-exporter.daemonSet.env" -}}
{{- $env := dict "env" (.Values.daemonSet.fail2banExporter.env | default (list) ) }}
{{- if and (hasKey .Values.daemonSet.fail2banExporter.resources "limits") (hasKey .Values.daemonSet.fail2banExporter.resources.limits "cpu") }}
{{- $env = merge $env (dict "env" (list (dict "name" "GOMAXPROCS" "valueFrom" (dict "resourceFieldRef" (dict "divisor" "1" "resource" "limits.cpu"))))) }}
{{- end }}
{{ toYaml $env }}
{{- end -}}
{{/* image */}}
{{- define "prometheus-fail2ban-exporter.daemonSet.images.fail2ban-exporter.fqin" -}}
{{- $registry := .Values.daemonSet.fail2banExporter.image.registry -}}
{{- $repository := .Values.daemonSet.fail2banExporter.image.repository -}}
{{- $tag := default .Chart.AppVersion .Values.daemonSet.fail2banExporter.image.tag -}}
{{- printf "%s/%s:%s" $registry $repository $tag -}}
{{- end -}}
{{/* labels */}}
{{- define "prometheus-fail2ban-exporter.daemonSet.labels" -}}
{{ include "prometheus-fail2ban-exporter.labels" . }}
{{- if .Values.daemonSet.labels }}
{{ toYaml .Values.daemonSet.labels }}
{{- end }}
{{- end }}
{{/* serviceAccount */}}
{{- define "prometheus-fail2ban-exporter.daemonSet.serviceAccount" -}}
{{- if .Values.serviceAccount.existing.enabled -}}
{{- printf "%s" .Values.serviceAccount.existing.serviceAccountName -}}
{{- else -}}
{{- include "prometheus-fail2ban-exporter.fullname" . -}}
{{- end -}}
{{- end }}
{{/* volumeMounts */}}
{{- define "prometheus-fail2ban-exporter.daemonSet.volumeMounts" -}}
{{- $volumeMounts := .Values.daemonSet.fail2banExporter.volumeMounts | default list }}
{{- $volumeMounts = concat $volumeMounts (list (dict "name" "config-d" "mountPath" "/etc/prometheus-fail2ban-exporter/config.d" )) }}
{{ toYaml (dict "volumeMounts" $volumeMounts) }}
{{- end -}}
{{/* volumes */}}
{{- define "prometheus-fail2ban-exporter.daemonSet.volumes" -}}
{{- $volumes := .Values.daemonSet.volumes | default list }}
{{- $webConfigSecretName := .Values.config.webConfig.existingSecret.secretName -}}
{{- if not .Values.config.webConfig.existingSecret.enabled }}
{{- $webConfigSecretName = printf "%s-web-config" (include "prometheus-fail2ban-exporter.fullname" . ) }}
{{- end }}
{{- $volumes = concat $volumes (list (dict "name" "config-d" "secret" (dict "secretName" $webConfigSecretName))) }}
{{ toYaml (dict "volumes" $volumes) }}
{{- end -}}

19
templates/prometheus-fail2ban-exporter/_ingress.tpl Normal file
View File

@ -0,0 +1,19 @@
{{/* vim: set filetype=mustache: */}}
{{/* annotations */}}
{{- define "prometheus-fail2ban-exporter.ingress.annotations" -}}
{{ include "prometheus-fail2ban-exporter.annotations" . }}
{{- if .Values.ingress.annotations }}
{{ toYaml .Values.ingress.annotations }}
{{- end }}
{{- end }}
{{/* labels */}}
{{- define "prometheus-fail2ban-exporter.ingress.labels" -}}
{{ include "prometheus-fail2ban-exporter.labels" . }}
{{- if .Values.ingress.labels }}
{{ toYaml .Values.ingress.labels }}
{{- end }}
{{- end }}

17
templates/prometheus-fail2ban-exporter/_pod.tpl Normal file
View File

@ -0,0 +1,17 @@
---
{{/* annotations */}}
{{- define "prometheus-fail2ban-exporter.pod.annotations" -}}
{{ include "prometheus-fail2ban-exporter.annotations" . }}
{{- end }}
{{/* labels */}}
{{- define "prometheus-fail2ban-exporter.pod.labels" -}}
{{ include "prometheus-fail2ban-exporter.labels" . }}
{{- end }}
{{- define "prometheus-fail2ban-exporter.pod.selectorLabels" -}}
{{ include "prometheus-fail2ban-exporter.selectorLabels" . }}
{{- end }}

19
templates/prometheus-fail2ban-exporter/_podMonitors.tpl Normal file
View File

@ -0,0 +1,19 @@
{{/* vim: set filetype=mustache: */}}
{{/* annotations */}}
{{- define "prometheus-fail2ban-exporter.podMonitors.http.annotations" -}}
{{ include "prometheus-fail2ban-exporter.annotations" . }}
{{- if .Values.prometheus.metrics.podMonitor.annotations }}
{{ toYaml .Values.prometheus.metrics.podMonitor.annotations }}
{{- end }}
{{- end }}
{{/* labels */}}
{{- define "prometheus-fail2ban-exporter.podMonitors.http.labels" -}}
{{ include "prometheus-fail2ban-exporter.labels" . }}
{{- if .Values.prometheus.metrics.podMonitor.labels }}
{{ toYaml .Values.prometheus.metrics.podMonitor.labels }}
{{- end }}
{{- end }}

13
templates/prometheus-fail2ban-exporter/_prometheusRules.tpl Normal file
View File

@ -0,0 +1,13 @@
{{/* vim: set filetype=mustache: */}}
{{/* annotations */}}
{{- define "prometheus-fail2ban-exporter.prometheusRules.annotations" -}}
{{ include "prometheus-fail2ban-exporter.annotations" . }}
{{- end }}
{{/* labels */}}
{{- define "prometheus-fail2ban-exporter.prometheusRules.labels" -}}
{{ include "prometheus-fail2ban-exporter.labels" . }}
{{- end }}

19
templates/prometheus-fail2ban-exporter/_secrets.tpl Normal file
View File

@ -0,0 +1,19 @@
{{/* vim: set filetype=mustache: */}}
{{/* annotations */}}
{{- define "prometheus-fail2ban-exporter.secrets.webConfig.annotations" -}}
{{ include "prometheus-fail2ban-exporter.annotations" . }}
{{- if .Values.config.webConfig.secret.annotations }}
{{ toYaml .Values.config.webConfig.secret.annotations }}
{{- end }}
{{- end }}
{{/* labels */}}
{{- define "prometheus-fail2ban-exporter.secrets.webConfig.labels" -}}
{{ include "prometheus-fail2ban-exporter.labels" . }}
{{- if .Values.config.webConfig.secret.labels }}
{{ toYaml .Values.config.webConfig.secret.labels }}
{{- end }}
{{- end }}

17
templates/prometheus-fail2ban-exporter/_serviceAccount.tpl Normal file
View File

@ -0,0 +1,17 @@
{{/* vim: set filetype=mustache: */}}
{{/* annotations */}}
{{- define "prometheus-fail2ban-exporter.serviceAccount.annotations" -}}
{{- if .Values.serviceAccount.new.annotations }}
{{ toYaml .Values.serviceAccount.new.annotations }}
{{- end }}
{{- end }}
{{/* labels */}}
{{- define "prometheus-fail2ban-exporter.serviceAccount.labels" -}}
{{- if .Values.serviceAccount.new.labels }}
{{ toYaml .Values.serviceAccount.new.labels }}
{{- end }}
{{- end }}

25
templates/prometheus-fail2ban-exporter/_serviceMonitors.tpl Normal file
View File

@ -0,0 +1,25 @@
{{/* vim: set filetype=mustache: */}}
{{/* annotations */}}
{{- define "prometheus-fail2ban-exporter.serviceMonitors.http.annotations" -}}
{{ include "prometheus-fail2ban-exporter.annotations" . }}
{{- if .Values.prometheus.metrics.serviceMonitor.annotations }}
{{ toYaml .Values.prometheus.metrics.serviceMonitor.annotations }}
{{- end }}
{{- end }}
{{/* labels */}}
{{- define "prometheus-fail2ban-exporter.serviceMonitors.http.labels" -}}
{{ include "prometheus-fail2ban-exporter.labels" . }}
{{- if .Values.prometheus.metrics.serviceMonitor.labels }}
{{ toYaml .Values.prometheus.metrics.serviceMonitor.labels }}
{{- end }}
{{- end }}
{{- define "prometheus-fail2ban-exporter.serviceMonitors.http.selectorLabels" -}}
{{ include "prometheus-fail2ban-exporter.selectorLabels" . }}
{{/* Add label to select the correct service via `selector.matchLabels` of the serviceMonitor resource. */}}
app.kubernetes.io/service-name: http
{{- end }}

29
templates/prometheus-fail2ban-exporter/_services.tpl Normal file
View File

@ -0,0 +1,29 @@
{{/* vim: set filetype=mustache: */}}
{{/* annotations */}}
{{- define "prometheus-fail2ban-exporter.services.http.annotations" -}}
{{ include "prometheus-fail2ban-exporter.annotations" . }}
{{- if .Values.services.http.annotations }}
{{ toYaml .Values.services.http.annotations }}
{{- end }}
{{- end }}
{{/* labels */}}
{{- define "prometheus-fail2ban-exporter.services.http.labels" -}}
{{ include "prometheus-fail2ban-exporter.labels" . }}
{{/* Add label to select the correct service via `selector.matchLabels` of the serviceMonitor resource. */}}
app.kubernetes.io/service-name: http
{{- if .Values.services.http.labels }}
{{ toYaml .Values.services.http.labels }}
{{- end }}
{{- end }}
{{/* names */}}
{{- define "prometheus-fail2ban-exporter.services.http.name" -}}
{{- if .Values.services.http.enabled -}}
{{ include "prometheus-fail2ban-exporter.fullname" . }}-http
{{- end -}}
{{- end -}}

895
templates/prometheus-fail2ban-exporter/configMapGrafanaDashboardFail2BanExporter.yaml Normal file
View File

@ -0,0 +1,895 @@
{{- if and .Values.grafana.enabled .Values.grafana.dashboards.fail2banExporter }}
---
apiVersion: v1
kind: ConfigMap
metadata:
{{- with (include "prometheus-fail2ban-exporter.configMap.grafanaDashboards.fail2banExporter.annotations" . | fromYaml) }}
annotations:
{{- tpl (. | toYaml) $ | nindent 4 }}
{{- end }}
{{- with (include "prometheus-fail2ban-exporter.configMap.grafanaDashboards.fail2banExporter.labels" . | fromYaml) }}
labels:
{{- toYaml . | nindent 4 }}
{{- end }}
name: {{ include "prometheus-fail2ban-exporter.fullname" . }}-grafana-dashboard-fail2ban-exporter
namespace: {{ .Release.Namespace }}
data:
fail2banExporter.json: |-
{{`{
"__inputs": [
{
"name": "DS_PROMETHEUS",
"label": "Prometheus",
"description": "",
"type": "datasource",
"pluginId": "prometheus",
"pluginName": "Prometheus"
}
],
"__elements": {},
"__requires": [
{
"type": "grafana",
"id": "grafana",
"name": "Grafana",
"version": "9.1.8"
},
{
"type": "datasource",
"id": "prometheus",
"name": "Prometheus",
"version": "1.0.0"
},
{
"type": "panel",
"id": "table",
"name": "Table",
"version": ""
},
{
"type": "panel",
"id": "timeseries",
"name": "Time series",
"version": ""
}
],
"annotations": {
"list": [
{
"builtIn": 1,
"datasource": {
"type": "datasource",
"uid": "grafana"
},
"enable": true,
"hide": true,
"iconColor": "rgba(0, 211, 255, 1)",
"name": "Annotations & Alerts",
"target": {
"limit": 100,
"matchAny": false,
"tags": [],
"type": "dashboard"
},
"type": "dashboard"
}
]
},
"editable": true,
"fiscalYearStartMonth": 0,
"graphTooltip": 2,
"id": null,
"links": [],
"liveNow": false,
"panels": [
{
"datasource": {
"type": "prometheus",
"uid": "prometheus"
},
"description": "",
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"custom": {
"align": "auto",
"displayMode": "auto",
"inspect": false
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
}
]
}
},
"overrides": [
{
"matcher": {
"id": "byRegexp",
"options": ".*Time"
},
"properties": [
{
"id": "unit",
"value": "s"
}
]
}
]
},
"gridPos": {
"h": 6,
"w": 24,
"x": 0,
"y": 0
},
"id": 206,
"options": {
"footer": {
"fields": "",
"reducer": [
"sum"
],
"show": false
},
"showHeader": true
},
"pluginVersion": "9.1.8",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "prometheus"
},
"editorMode": "code",
"exemplar": false,
"expr": "f2b_config_jail_max_retries{instance=~\"$instance\"}",
"format": "table",
"instant": true,
"interval": "",
"legendFormat": "{{jail}}",
"refId": "A"
},
{
"datasource": {
"type": "prometheus",
"uid": "prometheus"
},
"editorMode": "code",
"exemplar": false,
"expr": "f2b_config_jail_ban_time{instance=~\"$instance\"}",
"format": "table",
"hide": false,
"instant": true,
"interval": "",
"legendFormat": "{{jail}}",
"refId": "B"
},
{
"datasource": {
"type": "prometheus",
"uid": "prometheus"
},
"editorMode": "code",
"exemplar": false,
"expr": "f2b_config_jail_find_time{instance=~\"$instance\"}",
"format": "table",
"hide": false,
"instant": true,
"interval": "",
"legendFormat": "{{jail}}",
"refId": "C"
}
],
"title": "F2B Config",
"transformations": [
{
"id": "merge",
"options": {}
},
{
"id": "groupBy",
"options": {
"fields": {
"Value #A": {
"aggregations": [
"lastNotNull"
],
"operation": "aggregate"
},
"Value #B": {
"aggregations": [
"lastNotNull"
],
"operation": "aggregate"
},
"Value #C": {
"aggregations": [
"lastNotNull"
],
"operation": "aggregate"
},
"instance": {
"aggregations": [],
"operation": "groupby"
},
"jail": {
"aggregations": [],
"operation": "groupby"
}
}
}
},
{
"id": "organize",
"options": {
"excludeByName": {},
"indexByName": {},
"renameByName": {
"Value #A (lastNotNull)": "Max Retries",
"Value #B (lastNotNull)": "Ban Time",
"Value #C (lastNotNull)": "Find Time",
"jail": "Jail"
}
}
}
],
"transparent": true,
"type": "table"
},
{
"datasource": {
"type": "prometheus",
"uid": "prometheus"
},
"description": "",
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"barAlignment": 0,
"drawStyle": "line",
"fillOpacity": 10,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineInterpolation": "linear",
"lineWidth": 1,
"pointSize": 5,
"scaleDistribution": {
"type": "linear"
},
"showPoints": "never",
"spanNulls": true,
"stacking": {
"group": "A",
"mode": "none"
},
"thresholdsStyle": {
"mode": "off"
}
},
"mappings": [],
"min": 0,
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
}
]
},
"unit": "short"
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 0,
"y": 6
},
"id": 190,
"options": {
"legend": {
"calcs": [
"lastNotNull"
],
"displayMode": "table",
"placement": "right",
"showLegend": true
},
"tooltip": {
"mode": "single",
"sort": "none"
}
},
"pluginVersion": "8.2.1",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "prometheus"
},
"editorMode": "code",
"exemplar": true,
"expr": "f2b_jail_failed_total{instance=~\"$instance\"}",
"hide": false,
"interval": "",
"legendFormat": "{{jail}} ({{instance}})",
"range": true,
"refId": "A"
}
],
"title": "Fail2Ban Failures (Total)",
"transparent": true,
"type": "timeseries"
},
{
"datasource": {
"type": "prometheus",
"uid": "prometheus"
},
"description": "",
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"barAlignment": 0,
"drawStyle": "line",
"fillOpacity": 10,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineInterpolation": "linear",
"lineWidth": 1,
"pointSize": 5,
"scaleDistribution": {
"type": "linear"
},
"showPoints": "never",
"spanNulls": true,
"stacking": {
"group": "A",
"mode": "none"
},
"thresholdsStyle": {
"mode": "off"
}
},
"mappings": [],
"min": 0,
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
}
]
},
"unit": "short"
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 12,
"y": 6
},
"id": 191,
"options": {
"legend": {
"calcs": [
"lastNotNull"
],
"displayMode": "table",
"placement": "right",
"showLegend": true
},
"tooltip": {
"mode": "single",
"sort": "none"
}
},
"pluginVersion": "8.2.1",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "prometheus"
},
"editorMode": "code",
"exemplar": true,
"expr": "f2b_jail_banned_total{instance=~\"$instance\"}",
"interval": "",
"legendFormat": "{{jail}} ({{instance}})",
"range": true,
"refId": "A"
}
],
"title": "Fail2Ban Bans (Total)",
"transparent": true,
"type": "timeseries"
},
{
"datasource": {
"type": "prometheus",
"uid": "prometheus"
},
"description": "",
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"barAlignment": 0,
"drawStyle": "line",
"fillOpacity": 10,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineInterpolation": "linear",
"lineWidth": 1,
"pointSize": 5,
"scaleDistribution": {
"type": "linear"
},
"showPoints": "never",
"spanNulls": true,
"stacking": {
"group": "A",
"mode": "none"
},
"thresholdsStyle": {
"mode": "off"
}
},
"mappings": [],
"min": 0,
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
}
]
},
"unit": "short"
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 0,
"y": 14
},
"id": 208,
"options": {
"legend": {
"calcs": [
"lastNotNull"
],
"displayMode": "table",
"placement": "right",
"showLegend": true
},
"tooltip": {
"mode": "single",
"sort": "none"
}
},
"pluginVersion": "8.2.1",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "prometheus"
},
"editorMode": "code",
"exemplar": true,
"expr": "f2b_jail_failed_current{instance=~\"$instance\"}",
"interval": "",
"legendFormat": "{{jail}} ({{instance}})",
"range": true,
"refId": "A"
}
],
"title": "Fail2Ban Failures (Current)",
"transparent": true,
"type": "timeseries"
},
{
"datasource": {
"type": "prometheus",
"uid": "prometheus"
},
"description": "",
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"barAlignment": 0,
"drawStyle": "line",
"fillOpacity": 10,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineInterpolation": "linear",
"lineWidth": 1,
"pointSize": 5,
"scaleDistribution": {
"type": "linear"
},
"showPoints": "never",
"spanNulls": true,
"stacking": {
"group": "A",
"mode": "none"
},
"thresholdsStyle": {
"mode": "off"
}
},
"mappings": [],
"min": 0,
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
}
]
},
"unit": "short"
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 12,
"y": 14
},
"id": 209,
"options": {
"legend": {
"calcs": [
"lastNotNull"
],
"displayMode": "table",
"placement": "right",
"showLegend": true
},
"tooltip": {
"mode": "single",
"sort": "none"
}
},
"pluginVersion": "8.2.1",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "prometheus"
},
"editorMode": "code",
"exemplar": true,
"expr": "f2b_jail_banned_current{instance=~\"$instance\"}",
"interval": "",
"legendFormat": "{{jail}} ({{instance}})",
"range": true,
"refId": "A"
}
],
"title": "Fail2Ban Bans (Current)",
"transparent": true,
"type": "timeseries"
},
{
"datasource": {
"type": "prometheus",
"uid": "prometheus"
},
"description": "",
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"barAlignment": 0,
"drawStyle": "line",
"fillOpacity": 10,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineInterpolation": "linear",
"lineWidth": 1,
"pointSize": 5,
"scaleDistribution": {
"type": "linear"
},
"showPoints": "never",
"spanNulls": true,
"stacking": {
"group": "A",
"mode": "none"
},
"thresholdsStyle": {
"mode": "off"
}
},
"mappings": [],
"max": 1,
"min": 0,
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
}
]
},
"unit": "short"
},
"overrides": []
},
"gridPos": {
"h": 5,
"w": 12,
"x": 0,
"y": 22
},
"id": 203,
"options": {
"legend": {
"calcs": [
"lastNotNull"
],
"displayMode": "table",
"placement": "right",
"showLegend": true
},
"tooltip": {
"mode": "single",
"sort": "none"
}
},
"pluginVersion": "8.2.1",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "prometheus"
},
"editorMode": "code",
"exemplar": true,
"expr": "f2b_up{instance=~\"$instance\"}",
"interval": "",
"legendFormat": "Up ({{instance}})",
"range": true,
"refId": "A"
}
],
"title": "Fail2Ban Up",
"transparent": true,
"type": "timeseries"
},
{
"datasource": {
"type": "prometheus",
"uid": "prometheus"
},
"description": "",
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"barAlignment": 0,
"drawStyle": "line",
"fillOpacity": 10,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineInterpolation": "linear",
"lineWidth": 1,
"pointSize": 5,
"scaleDistribution": {
"type": "linear"
},
"showPoints": "never",
"spanNulls": true,
"stacking": {
"group": "A",
"mode": "none"
},
"thresholdsStyle": {
"mode": "off"
}
},
"mappings": [],
"max": 1,
"min": 0,
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
}
]
},
"unit": "short"
},
"overrides": []
},
"gridPos": {
"h": 5,
"w": 12,
"x": 12,
"y": 22
},
"id": 204,
"options": {
"legend": {
"calcs": [
"lastNotNull"
],
"displayMode": "table",
"placement": "right",
"showLegend": true
},
"tooltip": {
"mode": "single",
"sort": "none"
}
},
"pluginVersion": "8.2.1",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "prometheus"
},
"editorMode": "code",
"exemplar": true,
"expr": "f2b_errors{instance=~\"$instance\"}",
"interval": "",
"legendFormat": "{{type}} ({{instance}})",
"range": true,
"refId": "A"
}
],
"title": "Fail2Ban Exporter Errors",
"transparent": true,
"type": "timeseries"
}
],
"refresh": "30s",
"schemaVersion": 37,
"style": "dark",
"tags": [],
"templating": {
"list": [
{
"current": {
"selected": false,
"text": "Prometheus",
"value": "Prometheus"
},
"hide": 0,
"includeAll": false,
"label": "Data Source",
"multi": false,
"name": "DataSource",
"options": [],
"query": "prometheus",
"queryValue": "",
"refresh": 1,
"regex": "",
"skipUrlSync": false,
"type": "datasource"
},
{
"current": {},
"datasource": {
"type": "prometheus",
"uid": "prometheus"
},
"definition": "f2b_up",
"description": "Select which instance(s) to show",
"hide": 0,
"includeAll": false,
"label": "Instance",
"multi": true,
"name": "instance",
"options": [],
"query": {
"query": "f2b_up",
"refId": "StandardVariableQuery"
},
"refresh": 1,
"regex": "/.*instance=\"([^\"]+)\"/",
"skipUrlSync": false,
"sort": 0,
"type": "query"
}
]
},
"time": {
"from": "now-6h",
"to": "now"
},
"timepicker": {},
"timezone": "",
"title": "F2B",
"uid": "cTkH9AT7z",
"version": 3,
"weekStart": ""
}`}}
{{- end }}

129
templates/prometheus-fail2ban-exporter/daemonSet.yaml Normal file
View File

@ -0,0 +1,129 @@
apiVersion: apps/v1
kind: DaemonSet
metadata:
{{- with (include "prometheus-fail2ban-exporter.daemonSet.annotations" . | fromYaml) }}
annotations:
{{- tpl (. | toYaml) $ | nindent 4 }}
{{- end }}
{{- with (include "prometheus-fail2ban-exporter.daemonSet.labels" . | fromYaml) }}
labels:
{{- toYaml . | nindent 4 }}
{{- end }}
name: {{ include "prometheus-fail2ban-exporter.fullname" . }}
namespace: {{ .Release.Namespace }}
spec:
selector:
matchLabels:
{{- include "prometheus-fail2ban-exporter.pod.selectorLabels" . | nindent 6 }}
template:
metadata:
labels:
{{- include "prometheus-fail2ban-exporter.pod.labels" . | nindent 8 }}
spec:
{{- with .Values.daemonSet.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
containers:
- name: fail2ban-exporter
args:
# - "--web.config.file=/etc/prometheus-fail2ban-exporter/config.d/webConfig.yaml"
- "--web.listen-address=:9191"
{{- range .Values.daemonSet.fail2banExporter.args }}
- {{ . | quote }}
{{- end }}
{{- $env := (include "prometheus-fail2ban-exporter.daemonSet.env" . | fromYaml) }}
{{- if and (hasKey $env "env") (gt (len $env.env) 0) }}
env:
{{- toYaml $env.env | nindent 8 }}
{{- end }}
{{- with .Values.daemonSet.fail2banExporter.envFrom }}
envFrom:
{{- toYaml . | nindent 10 }}
{{- end }}
image: {{ include "prometheus-fail2ban-exporter.daemonSet.images.fail2ban-exporter.fqin" . | quote }}
imagePullPolicy: {{ .Values.daemonSet.fail2banExporter.image.pullPolicy }}
livenessProbe:
tcpSocket:
port: 9191
failureThreshold: 3
initialDelaySeconds: 5
periodSeconds: 60
successThreshold: 1
timeoutSeconds: 3
readinessProbe:
tcpSocket:
port: 9191
failureThreshold: 3
initialDelaySeconds: 5
periodSeconds: 15
successThreshold: 1
timeoutSeconds: 3
ports:
- name: http
containerPort: 9191
protocol: TCP
{{- with .Values.daemonSet.fail2banExporter.resources }}
resources:
{{- toYaml . | nindent 10 }}
{{- end }}
{{- with .Values.daemonSet.fail2banExporter.securityContext }}
securityContext:
{{- toYaml . | nindent 10 }}
{{- end }}
{{- $volumeMounts := (include "prometheus-fail2ban-exporter.daemonSet.volumeMounts" . | fromYaml) }}
{{- if hasKey $volumeMounts "volumeMounts" }}
volumeMounts:
{{- toYaml $volumeMounts.volumeMounts | nindent 8 }}
{{- end }}
{{- with .Values.daemonSet.dnsConfig }}
dnsConfig:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.daemonSet.dnsPolicy }}
dnsPolicy: {{ .Values.daemonSet.dnsPolicy }}
{{- end }}
{{- if .Values.daemonSet.hostname }}
hostname: {{ .Values.daemonSet.hostname }}
{{- end }}
hostNetwork: {{ .Values.daemonSet.hostNetwork }}
{{- with .Values.daemonSet.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.daemonSet.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.daemonSet.priorityClassName }}
priorityClassName: {{ .Values.daemonSet.priorityClassName }}
{{- end }}
{{- if .Values.daemonSet.restartPolicy }}
restartPolicy: {{ .Values.daemonSet.restartPolicy }}
{{- end }}
{{- with .Values.daemonSet.securityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccount: {{ include "prometheus-fail2ban-exporter.daemonSet.serviceAccount" . }}
{{- if .Values.daemonSet.subdomain }}
subdomain: {{ .Values.daemonSet.subdomain }}
{{- end }}
terminationGracePeriodSeconds: {{ .Values.daemonSet.terminationGracePeriodSeconds }}
{{- with .Values.daemonSet.tolerations }}
tolerations:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.daemonSet.topologySpreadConstraints }}
topologySpreadConstraints:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- $volumes := (include "prometheus-fail2ban-exporter.daemonSet.volumes" . | fromYaml) }}
{{- if hasKey $volumes "volumes" }}
volumes:
{{- toYaml $volumes.volumes | nindent 6 }}
{{- end }}
{{- with .Values.daemonSet.updateStrategy }}
updateStrategy:
{{- toYaml . | nindent 4 }}
{{- end }}

45
templates/prometheus-fail2ban-exporter/ingress.yaml Normal file
View File

@ -0,0 +1,45 @@
{{- if and .Values.services.http.enabled .Values.ingress.enabled }}
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
{{- with (include "prometheus-fail2ban-exporter.ingress.annotations" . | fromYaml) }}
annotations:
{{- tpl (. | toYaml) $ | nindent 4 }}
{{- end }}
{{- with (include "prometheus-fail2ban-exporter.ingress.labels" . | fromYaml) }}
labels:
{{- toYaml . | nindent 4 }}
{{- end }}
name: {{ include "prometheus-fail2ban-exporter.fullname" . }}
namespace: {{ .Release.Namespace }}
spec:
ingressClassName: {{ .Values.ingress.className }}
rules:
{{- range .Values.ingress.hosts }}
- host: {{ tpl .host $ | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
{{- if .pathType }}
pathType: {{ .pathType }}
{{- end }}
backend:
service:
name: {{ include "prometheus-fail2ban-exporter.fullname" $ }}
port:
number: {{ $.Values.services.http.port }}
{{- end }}
{{- end }}
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ tpl . $ | quote }}
{{- end }}
secretName: {{ .secretName | quote }}
{{- end }}
{{- end }}
{{- end }}

40
templates/prometheus-fail2ban-exporter/podMonitor.yaml Normal file
View File

@ -0,0 +1,40 @@
{{- if and .Values.prometheus.metrics.enabled .Values.prometheus.metrics.podMonitor.enabled (not .Values.prometheus.metrics.serviceMonitor.enabled) }}
---
apiVersion: monitoring.coreos.com/v1
kind: PodMonitor
metadata:
{{- with (include "prometheus-fail2ban-exporter.podMonitors.http.annotations" . | fromYaml) }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with (include "prometheus-fail2ban-exporter.podMonitors.http.labels" . | fromYaml) }}
labels:
{{- toYaml . | nindent 4 }}
{{- end }}
name: {{ include "prometheus-fail2ban-exporter.fullname" . }}-http
namespace: {{ .Release.Namespace }}
spec:
podMetricsEndpoints:
- enableHttp2: {{ required "The enableHttp2 option of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.enableHttp2 }}
followRedirects: {{ required "The followRedirects option of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.followRedirects }}
honorLabels: {{ required "The honorLabels option of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.honorLabels }}
interval: {{ required "The scrape interval of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.interval }}
path: {{ required "The metric path of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.path }}
port: "http"
{{- with .Values.prometheus.metrics.podMonitor.relabelings }}
relabelings:
{{- toYaml . | nindent 6 }}
{{- end }}
scrapeTimeout: {{ required "The scrape timeout of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.scrapeTimeout }}
scheme: {{ required "The scheme of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.scheme}}
{{- with .Values.prometheus.metrics.podMonitor.tlsConfig }}
tlsConfig:
{{- toYaml . | nindent 6 }}
{{- end }}
namespaceSelector:
matchNames:
- {{ .Release.Namespace }}
selector:
matchLabels:
{{- include "prometheus-fail2ban-exporter.pod.selectorLabels" . | nindent 6 }}
{{- end }}

23
templates/prometheus-fail2ban-exporter/prometheusRules.yaml Normal file
View File

@ -0,0 +1,23 @@
{{- if gt (len .Values.prometheus.rules) 0 }}
---
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
{{- with (include "prometheus-fail2ban-exporter.prometheusRules.annotations" . | fromYaml) }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with (include "prometheus-fail2ban-exporter.prometheusRules.labels" . | fromYaml) }}
labels:
{{- toYaml . | nindent 4 }}
{{- end }}
name: {{ include "prometheus-fail2ban-exporter.fullname" . }}
namespace: {{ .Release.Namespace }}
spec:
{{- with .Values.prometheus.rules }}
groups:
- name: {{ template "prometheus-fail2ban-exporter.fullname" $ }}
rules:
{{ toYaml . | nindent 4 }}
{{- end }}
{{- end }}

19
templates/prometheus-fail2ban-exporter/secretWebConfig.yaml Normal file
View File

@ -0,0 +1,19 @@
{{- if not .Values.config.webConfig.existingSecret.enabled }}
---
apiVersion: v1
kind: Secret
metadata:
{{- with (include "prometheus-fail2ban-exporter.secrets.webConfig.annotations" . | fromYaml) }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with (include "prometheus-fail2ban-exporter.secrets.webConfig.labels" . | fromYaml) }}
labels:
{{- toYaml . | nindent 4 }}
{{- end }}
name: {{ include "prometheus-fail2ban-exporter.fullname" . }}-web-config
namespace: {{ .Release.Namespace }}
stringData:
webConfig.yaml: |
{{- toYaml .Values.config.webConfig.secret.webConfig | nindent 4 }}
{{- end }}

25
templates/prometheus-fail2ban-exporter/serviceAccount.yaml Normal file
View File

@ -0,0 +1,25 @@
{{- if not .Values.serviceAccount.existing.enabled }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
{{- with (include "prometheus-fail2ban-exporter.serviceAccount.annotations" . | fromYaml) }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with (include "prometheus-fail2ban-exporter.serviceAccount.labels" . | fromYaml) }}
labels:
{{- toYaml . | nindent 4 }}
{{- end }}
name: {{ include "prometheus-fail2ban-exporter.fullname" . }}
namespace: {{ .Release.Namespace }}
automountServiceAccountToken: {{ .Values.serviceAccount.new.automountServiceAccountToken }}
{{- with .Values.serviceAccount.new.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.serviceAccount.new.secrets }}
secrets:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}

57
templates/prometheus-fail2ban-exporter/serviceHTTP.yaml Normal file
View File

@ -0,0 +1,57 @@
{{- if .Values.services.http.enabled }}
---
apiVersion: v1
kind: Service
metadata:
{{- with (include "prometheus-fail2ban-exporter.services.http.annotations" . | fromYaml) }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with (include "prometheus-fail2ban-exporter.services.http.labels" . | fromYaml) }}
labels:
{{- toYaml . | nindent 4 }}
{{- end }}
name: {{ include "prometheus-fail2ban-exporter.services.http.name" . }}
namespace: {{ .Release.Namespace }}
spec:
{{- if not (empty .Values.services.http.externalIPs) }}
externalIPs:
{{- range .Values.services.http.externalIPs }}
- {{ . }}
{{- end }}
{{- end }}
{{- if and (or (eq .Values.services.http.type "LoadBalancer") (eq .Values.services.http.type "NodePort") ) .Values.services.http.externalTrafficPolicy }}
externalTrafficPolicy: {{ .Values.services.http.externalTrafficPolicy }}
{{- end }}
internalTrafficPolicy: {{ required "No internal traffic policy defined!" .Values.services.http.internalTrafficPolicy }}
{{- if .Values.services.http.ipFamilies }}
ipFamilies:
{{- range .Values.services.http.ipFamilies }}
- {{ . }}
{{- end }}
{{- end }}
{{- if and (eq .Values.services.http.type "LoadBalancer") .Values.services.http.loadBalancerClass }}
loadBalancerClass: {{ .Values.services.http.loadBalancerClass }}
{{- end }}
{{- if and (eq .Values.services.http.type "LoadBalancer") .Values.services.http.loadBalancerIP }}
loadBalancerIP: {{ .Values.services.http.loadBalancerIP }}
{{- end }}
{{- if eq .Values.services.http.type "LoadBalancer" }}
loadBalancerSourceRanges:
{{- range .Values.services.http.loadBalancerSourceRanges }}
- {{ . }}
{{- end }}
{{- end }}
ports:
- name: http
protocol: TCP
port: {{ required "No service port defined!" .Values.services.http.port }}
selector:
{{- include "prometheus-fail2ban-exporter.pod.selectorLabels" . | nindent 4 }}
sessionAffinity: {{ required "No session affinity defined!" .Values.services.http.sessionAffinity }}
{{- with .Values.services.http.sessionAffinityConfig }}
sessionAffinityConfig:
{{- toYaml . | nindent 4}}
{{- end }}
type: {{ required "No service type defined!" .Values.services.http.type }}
{{- end }}

40
templates/prometheus-fail2ban-exporter/serviceMonitorHTTP.yaml Normal file
View File

@ -0,0 +1,40 @@
{{- if and .Values.services.http.enabled .Values.prometheus.metrics.enabled .Values.prometheus.metrics.serviceMonitor.enabled (not .Values.prometheus.metrics.podMonitor.enabled)}}
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
{{- with (include "prometheus-fail2ban-exporter.serviceMonitors.http.annotations" . | fromYaml) }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with (include "prometheus-fail2ban-exporter.serviceMonitors.http.labels" . | fromYaml) }}
labels:
{{- toYaml . | nindent 4 }}
{{- end }}
name: {{ include "prometheus-fail2ban-exporter.fullname" . }}-http
namespace: {{ .Release.Namespace }}
spec:
endpoints:
- enableHttp2: {{ required "The enableHttp2 option of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.enableHttp2 }}
followRedirects: {{ required "The followRedirects option of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.followRedirects }}
honorLabels: {{ required "The honorLabels option of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.honorLabels }}
interval: {{ required "The scrape interval of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.interval }}
path: {{ required "The metric path of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.path }}
{{- with .Values.prometheus.metrics.serviceMonitor.relabelings }}
relabelings:
{{- toYaml . | nindent 6 }}
{{- end }}
scrapeTimeout: {{ required "The scrape timeout of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.scrapeTimeout }}
scheme: {{ required "The scheme of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.scheme }}
targetPort: {{ required "The port of the service is not defined!" .Values.services.http.port }}
{{- with .Values.prometheus.metrics.serviceMonitor.tlsConfig }}
tlsConfig:
{{- toYaml . | nindent 6 }}
{{- end }}
namespaceSelector:
matchNames:
- {{ .Release.Namespace }}
selector:
matchLabels:
{{- include "prometheus-fail2ban-exporter.serviceMonitors.http.selectorLabels" . | nindent 6 }}
{{- end }}