From 0f0efe58afc25fd5d34838b5a8f3be7863eaeb86 Mon Sep 17 00:00:00 2001 From: Hector Date: Sat, 19 Feb 2022 14:10:36 +0000 Subject: [PATCH] feat: remove startup script from docker image Update the docker image to remove the `run.sh` script and instead run the exporter directly. This keeps the docker image as simple as possible. Update README file with extra info on how to collect textfile metrics in a docker container. BREAKING CHANGE: Using the textfile collector in docker now requires setting environment variables. --- Dockerfile | 5 +---- README.md | 26 ++++++++++++++++++++++---- docker/run.sh | 21 --------------------- 3 files changed, 23 insertions(+), 29 deletions(-) delete mode 100644 docker/run.sh diff --git a/Dockerfile b/Dockerfile index 1cb6bb5..d14e460 100644 --- a/Dockerfile +++ b/Dockerfile @@ -20,7 +20,4 @@ WORKDIR /app # Copy compiled binary to release image COPY --from=build /build/src/exporter /app/fail2ban-prometheus-exporter -# Copy init script into main app folder and set as entry point -COPY docker/run.sh /app/ -RUN chmod +x /app/* -ENTRYPOINT /app/run.sh +ENTRYPOINT /app/fail2ban-prometheus-exporter diff --git a/README.md b/README.md index 5549313..eb60169 100644 --- a/README.md +++ b/README.md @@ -13,7 +13,7 @@ This exporter collects metrics from a running fail2ban instance. Once the exporter is running, metrics are available at `localhost:9191/metrics`. -(The default port is `9191` but can be modified with the `-port` flag) +(The default port is `9191` but can be modified with the `--port` flag) The exporter communicates with the fail2ban server over its socket. This allows the data collected by the exporter to always align with the output of the `fail2ban-client`. @@ -73,7 +73,7 @@ F2B_WEB_BASICAUTH_PASS **Example** ``` -fail2ban-prometheus-exporter -socket /var/run/fail2ban/fail2ban.sock -port 9191 +fail2ban-prometheus-exporter --socket /var/run/fail2ban/fail2ban.sock --port 9191 ``` Note that the exporter will need read access to the fail2ban socket. @@ -233,8 +233,8 @@ Status for the jail: sshd|- Filter For more flexibility the exporter also allows exporting metrics collected from a text file. To enable textfile metrics: -1. Enable the collector with `-collector.textfile=true` -2. Provide the directory to read files from with the `-collector.textfile.directory` flag +1. Enable the collector with `--collector.textfile=true` +2. Provide the directory to read files from with the `--collector.textfile.directory` flag Metrics collected from these files will be exposed directly alongside the other metrics without any additional processing. This means that it is the responsibility of the file creator to ensure the format is correct. @@ -248,3 +248,21 @@ textfile_error{path="file.prom"} 0 ``` **NOTE:** Any file not ending with `.prom` will be ignored. + +**Running in Docker** + +To collect textfile metrics inside a docker container, a couple of things need to be done: +1. Mount the folder with the metrics +2. Set the relevant environment variables + +*For example:* +``` +docker run -d \ + --name "fail2ban-exporter" \ + -v /var/run/fail2ban:/var/run/fail2ban:ro \ + -v /path/to/metrics:/app/metrics/:ro \ + -e F2B_COLLECTOR_TEXT=true \ + -e F2B_COLLECTOR_TEXT_PATH=/app/metrics \ + -p "9191:9191" \ + registry.gitlab.com/hectorjsmith/fail2ban-prometheus-exporter:latest +``` diff --git a/docker/run.sh b/docker/run.sh deleted file mode 100644 index 4fe96f0..0000000 --- a/docker/run.sh +++ /dev/null @@ -1,21 +0,0 @@ -#/bin/sh - -# Print version to logs for debugging purposes -/app/fail2ban-prometheus-exporter --version - -socket_path=/var/run/fail2ban/fail2ban.sock -textfile_dir=/app/textfile/ -textfile_enabled=false - -# Start the exporter (use exec to support graceful shutdown) -# Inspired by: https://akomljen.com/stopping-docker-containers-gracefully/ -# Enable textfile metrics if the folder exists (i.e. was mounted by docker) -if [ -d $textfile_dir ]; then - exec /app/fail2ban-prometheus-exporter \ - --socket "$socket_path" \ - --collector.textfile \ - --collector.textfile.directory "$textfile_dir" -else - exec /app/fail2ban-prometheus-exporter \ - --socket "$socket_path" -fi