volker.raschek/prometheus-fail2ban-exporter
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: cleanup
All checks were successful
Run unit tests / test (push) Successful in 5m46s
Details

Browse Source
This commit is contained in:
Markus Pesch 2025-05-31 22:49:51 +02:00
parent 43fbbc015e
commit ec377df034
Signed by: volker.raschek
GPG Key ID: 852BCC170D81A982
3 changed files with 28 additions and 663 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

610
.drone.yml
View File

@ -1,610 +0,0 @@
---
kind: pipeline
type: kubernetes
name: linter
clone:
disable: true
platform:
os: linux
steps:
- name: clone
image: git.cryptic.systems/volker.raschek/git:1.4.0
- name: markdown lint
commands:
- markdownlint *.md
image: git.cryptic.systems/volker.raschek/markdownlint:0.45.0
resources:
limits:
cpu: 150
memory: 150M
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.2.0
resources:
limits:
cpu: 150
memory: 150M
when:
status:
- changed
- failure
trigger:
event:
exclude:
- tag
---
kind: pipeline
type: docker
name: unit-test-amd64
clone:
disable: true
platform:
arch: amd64
steps:
- name: clone
image: git.cryptic.systems/volker.raschek/git:1.4.0
- name: unit-test
commands:
- go test -v ./...
image: docker.io/library/golang:1.24.3
trigger:
event:
exclude:
- tag
---
kind: pipeline
type: docker
name: unit-test-arm64
clone:
disable: true
platform:
arch: arm64
steps:
- name: clone
image: git.cryptic.systems/volker.raschek/git:1.4.0
- name: unit-test
commands:
- go test -v ./...
image: docker.io/library/golang:1.24.3
trigger:
event:
include:
- pull_request
- push
exclude:
- tag
---
kind: pipeline
type: docker
name: dry-run-amd64
clone:
disable: true
depends_on:
- linter
- unit-test-amd64
platform:
os: linux
arch: amd64
steps:
- name: clone
image: git.cryptic.systems/volker.raschek/git:1.4.0
- name: build
image: docker.io/plugins/docker:20.18.8
settings:
auto_tag: false
dockerfile: Dockerfile
dry_run: true
force_tag: true
no_cache: true
purge: true
mirror:
from_secret: docker_io_mirror
registry: git.cryptic.systems
repo: git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter
tags: latest-amd64
username:
from_secret: git_cryptic_systems_container_registry_user
password:
from_secret: git_cryptic_systems_container_registry_password
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.2.0
when:
status:
- changed
- failure
trigger:
branch:
exclude:
- master
event:
- pull_request
- push
repo:
- volker.raschek/prometheus-fail2ban-exporter
---
kind: pipeline
type: docker
name: dry-run-arm64-v8
clone:
disable: true
depends_on:
- linter
- unit-test-arm64
platform:
os: linux
arch: arm64
steps:
- name: clone
image: git.cryptic.systems/volker.raschek/git:1.4.0
- name: build
image: docker.io/plugins/docker:20.18.8
settings:
auto_tag: false
dockerfile: Dockerfile
dry_run: true
force_tag: true
no_cache: true
purge: true
mirror:
from_secret: docker_io_mirror
registry: git.cryptic.systems
repo: git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter
tags: latest-arm64-v8
username:
from_secret: git_cryptic_systems_container_registry_user
password:
from_secret: git_cryptic_systems_container_registry_password
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.2.0
when:
status:
- changed
- failure
trigger:
branch:
exclude:
- master
event:
- pull_request
- push
repo:
- volker.raschek/prometheus-fail2ban-exporter
---
kind: pipeline
type: docker
name: latest-amd64
clone:
disable: true
depends_on:
- linter
- unit-test-amd64
platform:
os: linux
arch: amd64
steps:
- name: clone
image: git.cryptic.systems/volker.raschek/git:1.4.0
- name: build
image: docker.io/plugins/docker:20.18.8
settings:
auto_tag: false
dockerfile: Dockerfile
force_tag: true
no_cache: true
purge: true
mirror:
from_secret: docker_io_mirror
registry: git.cryptic.systems
repo: git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter
tags: latest-amd64
username:
from_secret: git_cryptic_systems_container_registry_user
password:
from_secret: git_cryptic_systems_container_registry_password
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.2.0
when:
status:
- changed
- failure
trigger:
branch:
- master
event:
- cron
- push
repo:
- volker.raschek/prometheus-fail2ban-exporter
---
kind: pipeline
type: docker
name: latest-arm64-v8
clone:
disable: true
depends_on:
- linter
- unit-test-arm64
platform:
os: linux
arch: arm64
steps:
- name: clone
image: git.cryptic.systems/volker.raschek/git:1.4.0
- name: build
image: docker.io/plugins/docker:20.18.8
settings:
auto_tag: false
dockerfile: Dockerfile
force_tag: true
no_cache: true
purge: true
mirror:
from_secret: docker_io_mirror
registry: git.cryptic.systems
repo: git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter
tags: latest-arm64-v8
username:
from_secret: git_cryptic_systems_container_registry_user
password:
from_secret: git_cryptic_systems_container_registry_password
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.2.0
when:
status:
- changed
- failure
trigger:
branch:
- master
event:
- cron
- push
repo:
- volker.raschek/prometheus-fail2ban-exporter
---
kind: pipeline
type: kubernetes
name: latest-manifest
clone:
disable: true
depends_on:
- latest-amd64
- latest-arm64-v8
# docker.io/plugins/manifest only for amd64 architectures available
node_selector:
kubernetes.io/os: linux
kubernetes.io/arch: amd64
steps:
- name: clone
image: git.cryptic.systems/volker.raschek/git:1.4.0
- name: build-manifest
image: docker.io/plugins/manifest:1.4.0
settings:
auto_tag: false
ignore_missing: true
spec: manifest.tmpl
username:
from_secret: git_cryptic_systems_container_registry_user
password:
from_secret: git_cryptic_systems_container_registry_password
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.2.0
resources:
limits:
cpu: 150
memory: 150M
when:
status:
- changed
- failure
trigger:
branch:
- master
event:
- cron
- push
repo:
- volker.raschek/prometheus-fail2ban-exporter
---
kind: pipeline
type: docker
name: tagged-amd64
clone:
disable: true
platform:
os: linux
arch: amd64
steps:
- name: clone
image: git.cryptic.systems/volker.raschek/git:1.4.0
- name: build
image: docker.io/plugins/docker:20.18.8
settings:
auto_tag: true
auto_tag_suffix: amd64
dockerfile: Dockerfile
force_tag: true
no_cache: true
purge: true
mirror:
from_secret: docker_io_mirror
registry: git.cryptic.systems
repo: git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter
username:
from_secret: git_cryptic_systems_container_registry_user
password:
from_secret: git_cryptic_systems_container_registry_password
build_args:
- VERSION=${DRONE_TAG}
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.2.0
when:
status:
- changed
- failure
trigger:
event:
- tag
repo:
- volker.raschek/prometheus-fail2ban-exporter
---
kind: pipeline
type: docker
name: tagged-arm64-v8
clone:
disable: true
platform:
os: linux
arch: arm64
steps:
- name: clone
image: git.cryptic.systems/volker.raschek/git:1.4.0
- name: build
image: docker.io/plugins/docker:20.18.8
settings:
auto_tag: true
auto_tag_suffix: arm64-v8
dockerfile: Dockerfile
force_tag: true
no_cache: true
purge: true
mirror:
from_secret: docker_io_mirror
registry: git.cryptic.systems
repo: git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter
username:
from_secret: git_cryptic_systems_container_registry_user
password:
from_secret: git_cryptic_systems_container_registry_password
build_args:
- VERSION=${DRONE_TAG}
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.2.0
when:
status:
- changed
- failure
trigger:
event:
- tag
repo:
- volker.raschek/prometheus-fail2ban-exporter
---
kind: pipeline
type: kubernetes
name: tagged-manifest
clone:
disable: true
depends_on:
- tagged-amd64
- tagged-arm64-v8
# docker.io/plugins/manifest only for amd64 architectures available
node_selector:
kubernetes.io/os: linux
kubernetes.io/arch: amd64
steps:
- name: clone
image: git.cryptic.systems/volker.raschek/git:1.4.0
- name: build-manifest
image: docker.io/plugins/manifest:1.4.0
settings:
auto_tag: true
ignore_missing: true
spec: manifest.tmpl
username:
from_secret: git_cryptic_systems_container_registry_user
password:
from_secret: git_cryptic_systems_container_registry_password
- name: email-notification
environment:
SMTP_FROM_ADDRESS:
from_secret: smtp_from_address
SMTP_FROM_NAME:
from_secret: smtp_from_name
SMTP_HOST:
from_secret: smtp_host
SMTP_USERNAME:
from_secret: smtp_username
SMTP_PASSWORD:
from_secret: smtp_password
image: git.cryptic.systems/volker.raschek/drone-email:0.2.0
resources:
limits:
cpu: 150
memory: 150M
when:
status:
- changed
- failure
trigger:
event:
- tag
repo:
- volker.raschek/prometheus-fail2ban-exporter

13
.markdownlint.yaml
View File

@ -45,19 +45,17 @@ MD012:
# MD013/line-length - Line length # MD013/line-length - Line length
MD013: MD013:
# Number of characters # Number of characters
line_length: 80 line_length: 120
# Number of characters for headings # Number of characters for headings
heading_line_length: 80 heading_line_length: 120
# Number of characters for code blocks # Number of characters for code blocks
code_block_line_length: 80 code_block_line_length: 120
# Include code blocks # Include code blocks
code_blocks: false code_blocks: false
# Include tables # Include tables
tables: false tables: false
# Include headings # Include headings
headings: true headings: true
# Include headings
headers: true
# Strict length checking # Strict length checking
strict: false strict: false
# Stern length checking # Stern length checking
@ -70,11 +68,6 @@ MD022:
# Blank lines below heading # Blank lines below heading
lines_below: 1 lines_below: 1
# MD024/no-duplicate-heading/no-duplicate-header - Multiple headings with the same content
MD024:
# Only check sibling headings
allow_different_nesting: true
# MD025/single-title/single-h1 - Multiple top-level headings in the same document # MD025/single-title/single-h1 - Multiple top-level headings in the same document
MD025: MD025:
# Heading level # Heading level

68
README.md
View File

@ -1,11 +1,7 @@
# prometheus-fail2ban-exporter # prometheus-fail2ban-exporter
[![Build Status](https://drone.cryptic.systems/api/badges/volker.raschek/prometheus-fail2ban-exporter/status.svg)](https://drone.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter) This is a fork of Hector's fail2ban [exporter](https://gitlab.com/hectorjsmith/fail2ban-prometheus-exporter). This fork
contains some changes to get the application running in a kubernetes cluster.
This is a fork of Hector's fail2ban
[exporter](https://gitlab.com/hectorjsmith/fail2ban-prometheus-exporter). This
fork contains some changes to get the application running in a kubernetes
cluster.
## Table of Contents ## Table of Contents
@ -21,8 +17,8 @@ The exporter can be run as a standalone binary or a docker container.
### 1.1. Standalone ### 1.1. Standalone
The following command will start collecting metrics from the The following command will start collecting metrics from the `/var/run/fail2ban/fail2ban.sock` file and expose them on
`/var/run/fail2ban/fail2ban.sock` file and expose them on port `9191`. port `9191`.
```bash ```bash
$ fail2ban_exporter --collector.f2b.socket=/var/run/fail2ban/fail2ban.sock --web.listen-address=":9191" $ fail2ban_exporter --collector.f2b.socket=/var/run/fail2ban/fail2ban.sock --web.listen-address=":9191"
@ -35,12 +31,10 @@ $ fail2ban_exporter --collector.f2b.socket=/var/run/fail2ban/fail2ban.sock --web
``` ```
Binary files for each release can be found on the Binary files for each release can be found on the
[releases](https://gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/-/releases) [releases](https://gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/-/releases) page.
page.
There is also an [example systemd service There is also an [example systemd service file](/_examples/systemd/fail2ban_exporter.service) included in the
file](/_examples/systemd/fail2ban_exporter.service) included in the repository. repository. This is a starting point to run the exporter as a service.
This is a starting point to run the exporter as a service.
### 1.2. Docker ### 1.2. Docker
@ -68,14 +62,11 @@ services:
``` ```
Use the `:latest` tag to get the latest stable release. See the [registry Use the `:latest` tag to get the latest stable release. See the [registry
page](https://gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/container_registry) page](https://gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/container_registry) for all available tags.
for all available tags.
**NOTE:** While it is possible to mount the `fail2ban.sock` file directly, it is **NOTE:** While it is possible to mount the `fail2ban.sock` file directly, it is recommended to mount the parent folder
recommended to mount the parent folder instead. The `.sock` file is deleted by instead. The `.sock` file is deleted by fail2ban on shutdown and re-created on startup and this causes problems for the
fail2ban on shutdown and re-created on startup and this causes problems for the docker mount. See [this reply](https://gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/-/issues/11#note_665003499)
docker mount. See [this
reply](https://gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/-/issues/11#note_665003499)
for more details. for more details.
## 2. Metrics ## 2. Metrics
@ -117,20 +108,18 @@ Status for the jail: sshd
### 2.1. Grafana ### 2.1. Grafana
The metrics exported by this tool are compatible with Prometheus and Grafana. A The metrics exported by this tool are compatible with Prometheus and Grafana. A sample grafana dashboard can be found in
sample grafana dashboard can be found in the the [grafana.json](/_examples/grafana/dashboard.json) file. Just import the contents of this file into a new Grafana
[grafana.json](/_examples/grafana/dashboard.json) file. Just import the contents dashboard to get started.
of this file into a new Grafana dashboard to get started.
The dashboard supports displaying data from multiple exporters. Use the The dashboard supports displaying data from multiple exporters. Use the `instance` dashboard variable to select which
`instance` dashboard variable to select which ones to display. ones to display.
*(Sample dashboard is compatible with Grafana `9.1.8` and above)* *(Sample dashboard is compatible with Grafana `9.1.8` and above)*
## 3. Configuration ## 3. Configuration
The exporter is configured with CLI flags and environment variables. The exporter is configured with CLI flags and environment variables. There are no configuration files.
There are no configuration files.
### CLI flags ### CLI flags
@ -164,8 +153,7 @@ Flags:
### Environment variables ### Environment variables
Each environment variable corresponds to a CLI flag. Each environment variable corresponds to a CLI flag. If both are specified, the CLI flag takes precedence.
If both are specified, the CLI flag takes precedence.
| Environment variable | Corresponding CLI flag | | Environment variable | Corresponding CLI flag |
|---------------------------------|---------------------------------------------------| |---------------------------------|---------------------------------------------------|
@ -185,23 +173,18 @@ Building from source has the following dependencies:
From there, simply run `make build` From there, simply run `make build`
This will download the necessary dependencies and build a `fail2ban_exporter` This will download the necessary dependencies and build a `fail2ban_exporter` binary in the root of the project.
binary in the root of the project.
## 5. Textfile metrics ## 5. Textfile metrics
For more flexibility the exporter also allows exporting metrics collected from a For more flexibility the exporter also allows exporting metrics collected from a text file.
text file.
To enable textfile metrics provide the directory to read files from with the To enable textfile metrics provide the directory to read files from with the `--collector.textfile.directory` flag.
`--collector.textfile.directory` flag.
Metrics collected from these files will be exposed directly alongside the other Metrics collected from these files will be exposed directly alongside the other metrics without any additional
metrics without any additional processing. This means that it is the processing. This means that it is the responsibility of the file creator to ensure the format is correct.
responsibility of the file creator to ensure the format is correct.
By exporting textfile metrics an extra metric is also exported with an error By exporting textfile metrics an extra metric is also exported with an error count for each file:
count for each file:
```text ```text
# HELP textfile_error Checks for errors while reading text files # HELP textfile_error Checks for errors while reading text files
@ -213,8 +196,7 @@ textfile_error{path="file.prom"} 0
### Running in Docker ### Running in Docker
To collect textfile metrics inside a docker container, a couple of things need To collect textfile metrics inside a docker container, a couple of things need to be done:
to be done:
1. Mount the folder with the metrics files 1. Mount the folder with the metrics files
2. Set the `F2B_COLLECTOR_TEXT_PATH` environment variable 2. Set the `F2B_COLLECTOR_TEXT_PATH` environment variable