Merge pull request 'chore(deps): update docker.io/library/debian docker tag to v12' (#7) from renovate/docker.io-library-debian-12.x into master

Reviewed-on: #7

.drone.yml

@@ -0,0 +1,832 @@
+---
+kind: pipeline
+type: kubernetes
+name: linter
+
+clone:
+  disable: true
+
+platform:
+  os: linux
+
+steps:
+- name: clone
+  image: git.cryptic.systems/volker.raschek/git:1.3.1
+
+- name: markdown lint
+  commands:
+  - markdownlint *.md
+  image: git.cryptic.systems/volker.raschek/markdownlint:0.37.0
+  resources:
+    limits:
+      cpu: 150
+      memory: 150M
+
+- name: email-notification
+  environment:
+    SMTP_FROM_ADDRESS:
+      from_secret: smtp_from_address
+    SMTP_FROM_NAME:
+      from_secret: smtp_from_name
+    SMTP_HOST:
+      from_secret: smtp_host
+    SMTP_USERNAME:
+      from_secret: smtp_username
+    SMTP_PASSWORD:
+      from_secret: smtp_password
+  image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
+  resources:
+    limits:
+      cpu: 150
+      memory: 150M
+  when:
+    status:
+    - changed
+    - failure
+
+trigger:
+  event:
+    exclude:
+    - tag
+
+---
+kind: pipeline
+type: docker
+name: unit-test-amd64
+
+clone:
+  disable: true
+
+platform:
+  arch: amd64
+
+steps:
+- name: clone
+  image: git.cryptic.systems/volker.raschek/git:1.3.1
+
+- name: unit-test
+  commands:
+  - go test -v ./...
+  image: docker.io/library/golang:1.21.3
+
+trigger:
+  event:
+    exclude:
+    - tag
+
+---
+kind: pipeline
+type: docker
+name: unit-test-arm-v7
+
+clone:
+  disable: true
+
+platform:
+  arch: arm
+
+steps:
+- name: clone
+  image: git.cryptic.systems/volker.raschek/git:1.3.1
+
+- name: unit-test
+  commands:
+  - go test -v ./...
+  image: docker.io/library/golang:1.21.3
+
+trigger:
+  event:
+    include:
+    - pull_request
+    - push
+    exclude:
+    - tag
+
+---
+kind: pipeline
+type: docker
+name: unit-test-arm64
+
+clone:
+  disable: true
+
+platform:
+  arch: arm64
+
+steps:
+- name: clone
+  image: git.cryptic.systems/volker.raschek/git:1.3.1
+
+- name: unit-test
+  commands:
+  - go test -v ./...
+  image: docker.io/library/golang:1.21.3
+
+trigger:
+  event:
+    include:
+    - pull_request
+    - push
+    exclude:
+    - tag
+
+---
+kind: pipeline
+type: docker
+name: dry-run-amd64
+
+clone:
+  disable: true
+
+depends_on:
+- linter
+- unit-test-amd64
+
+platform:
+  os: linux
+  arch: amd64
+
+steps:
+- name: clone
+  image: git.cryptic.systems/volker.raschek/git:1.3.1
+
+- name: build
+  image: docker.io/plugins/docker:20.10.9
+  settings:
+    auto_tag: false
+    dockerfile: Dockerfile
+    dry_run: true
+    force_tag: true
+    no_cache: true
+    purge: true
+    mirror:
+      from_secret: docker_io_mirror
+    registry: git.cryptic.systems
+    repo: git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter
+    tags: latest-amd64
+    username:
+      from_secret: git_cryptic_systems_container_registry_user
+    password:
+      from_secret: git_cryptic_systems_container_registry_password
+
+- name: email-notification
+  environment:
+    SMTP_FROM_ADDRESS:
+      from_secret: smtp_from_address
+    SMTP_FROM_NAME:
+      from_secret: smtp_from_name
+    SMTP_HOST:
+      from_secret: smtp_host
+    SMTP_USERNAME:
+      from_secret: smtp_username
+    SMTP_PASSWORD:
+      from_secret: smtp_password
+  image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
+  when:
+    status:
+    - changed
+    - failure
+
+trigger:
+  branch:
+    exclude:
+    - master
+  event:
+  - pull_request
+  - push
+  repo:
+  - volker.raschek/prometheus-fail2ban-exporter
+
+---
+kind: pipeline
+type: docker
+name: dry-run-arm-v7
+
+clone:
+  disable: true
+
+depends_on:
+- linter
+- unit-test-arm-v7
+
+platform:
+  os: linux
+  arch: arm
+
+steps:
+- name: clone
+  image: git.cryptic.systems/volker.raschek/git:1.3.1
+
+- name: build
+  image: docker.io/plugins/docker:20.10.9
+  settings:
+    auto_tag: false
+    dockerfile: Dockerfile
+    dry_run: true
+    force_tag: true
+    no_cache: true
+    purge: true
+    mirror:
+      from_secret: docker_io_mirror
+    registry: git.cryptic.systems
+    repo: git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter
+    tags: latest-arm-v7
+    username:
+      from_secret: git_cryptic_systems_container_registry_user
+    password:
+      from_secret: git_cryptic_systems_container_registry_password
+
+- name: email-notification
+  environment:
+    SMTP_FROM_ADDRESS:
+      from_secret: smtp_from_address
+    SMTP_FROM_NAME:
+      from_secret: smtp_from_name
+    SMTP_HOST:
+      from_secret: smtp_host
+    SMTP_USERNAME:
+      from_secret: smtp_username
+    SMTP_PASSWORD:
+      from_secret: smtp_password
+  image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
+  when:
+    status:
+    - changed
+    - failure
+
+trigger:
+  branch:
+    exclude:
+    - master
+  event:
+  - pull_request
+  - push
+  repo:
+  - volker.raschek/prometheus-fail2ban-exporter
+
+---
+kind: pipeline
+type: docker
+name: dry-run-arm64-v8
+
+clone:
+  disable: true
+
+depends_on:
+- linter
+- unit-test-arm64
+
+platform:
+  os: linux
+  arch: arm64
+
+steps:
+- name: clone
+  image: git.cryptic.systems/volker.raschek/git:1.3.1
+
+- name: build
+  image: docker.io/plugins/docker:20.10.9
+  settings:
+    auto_tag: false
+    dockerfile: Dockerfile
+    dry_run: true
+    force_tag: true
+    no_cache: true
+    purge: true
+    mirror:
+      from_secret: docker_io_mirror
+    registry: git.cryptic.systems
+    repo: git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter
+    tags: latest-arm64-v8
+    username:
+      from_secret: git_cryptic_systems_container_registry_user
+    password:
+      from_secret: git_cryptic_systems_container_registry_password
+
+- name: email-notification
+  environment:
+    SMTP_FROM_ADDRESS:
+      from_secret: smtp_from_address
+    SMTP_FROM_NAME:
+      from_secret: smtp_from_name
+    SMTP_HOST:
+      from_secret: smtp_host
+    SMTP_USERNAME:
+      from_secret: smtp_username
+    SMTP_PASSWORD:
+      from_secret: smtp_password
+  image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
+  when:
+    status:
+    - changed
+    - failure
+
+trigger:
+  branch:
+    exclude:
+    - master
+  event:
+  - pull_request
+  - push
+  repo:
+  - volker.raschek/prometheus-fail2ban-exporter
+
+---
+kind: pipeline
+type: docker
+name: latest-amd64
+
+clone:
+  disable: true
+
+depends_on:
+- linter
+- unit-test-amd64
+
+platform:
+  os: linux
+  arch: amd64
+
+steps:
+- name: clone
+  image: git.cryptic.systems/volker.raschek/git:1.3.1
+
+- name: build
+  image: docker.io/plugins/docker:20.10.9
+  settings:
+    auto_tag: false
+    dockerfile: Dockerfile
+    force_tag: true
+    no_cache: true
+    purge: true
+    mirror:
+      from_secret: docker_io_mirror
+    registry: git.cryptic.systems
+    repo: git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter
+    tags: latest-amd64
+    username:
+      from_secret: git_cryptic_systems_container_registry_user
+    password:
+      from_secret: git_cryptic_systems_container_registry_password
+
+- name: email-notification
+  environment:
+    SMTP_FROM_ADDRESS:
+      from_secret: smtp_from_address
+    SMTP_FROM_NAME:
+      from_secret: smtp_from_name
+    SMTP_HOST:
+      from_secret: smtp_host
+    SMTP_USERNAME:
+      from_secret: smtp_username
+    SMTP_PASSWORD:
+      from_secret: smtp_password
+  image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
+  when:
+    status:
+    - changed
+    - failure
+
+trigger:
+  branch:
+  - master
+  event:
+  - cron
+  - push
+  repo:
+  - volker.raschek/prometheus-fail2ban-exporter
+
+---
+kind: pipeline
+type: docker
+name: latest-arm-v7
+
+clone:
+  disable: true
+
+depends_on:
+- linter
+- unit-test-arm-v7
+
+platform:
+  os: linux
+  arch: arm
+
+steps:
+- name: clone
+  image: git.cryptic.systems/volker.raschek/git:1.3.1
+
+- name: build
+  image: docker.io/plugins/docker:20.10.9
+  settings:
+    auto_tag: false
+    dockerfile: Dockerfile
+    force_tag: true
+    no_cache: true
+    purge: true
+    mirror:
+      from_secret: docker_io_mirror
+    registry: git.cryptic.systems
+    repo: git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter
+    tags: latest-arm-v7
+    username:
+      from_secret: git_cryptic_systems_container_registry_user
+    password:
+      from_secret: git_cryptic_systems_container_registry_password
+
+- name: email-notification
+  environment:
+    SMTP_FROM_ADDRESS:
+      from_secret: smtp_from_address
+    SMTP_FROM_NAME:
+      from_secret: smtp_from_name
+    SMTP_HOST:
+      from_secret: smtp_host
+    SMTP_USERNAME:
+      from_secret: smtp_username
+    SMTP_PASSWORD:
+      from_secret: smtp_password
+  image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
+  when:
+    status:
+    - changed
+    - failure
+
+trigger:
+  branch:
+  - master
+  event:
+  - cron
+  - push
+  repo:
+  - volker.raschek/prometheus-fail2ban-exporter
+
+---
+kind: pipeline
+type: docker
+name: latest-arm64-v8
+
+clone:
+  disable: true
+
+depends_on:
+- linter
+- unit-test-arm64
+
+platform:
+  os: linux
+  arch: arm64
+
+steps:
+- name: clone
+  image: git.cryptic.systems/volker.raschek/git:1.3.1
+
+- name: build
+  image: docker.io/plugins/docker:20.10.9
+  settings:
+    auto_tag: false
+    dockerfile: Dockerfile
+    force_tag: true
+    no_cache: true
+    purge: true
+    mirror:
+      from_secret: docker_io_mirror
+    registry: git.cryptic.systems
+    repo: git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter
+    tags: latest-arm64-v8
+    username:
+      from_secret: git_cryptic_systems_container_registry_user
+    password:
+      from_secret: git_cryptic_systems_container_registry_password
+
+- name: email-notification
+  environment:
+    SMTP_FROM_ADDRESS:
+      from_secret: smtp_from_address
+    SMTP_FROM_NAME:
+      from_secret: smtp_from_name
+    SMTP_HOST:
+      from_secret: smtp_host
+    SMTP_USERNAME:
+      from_secret: smtp_username
+    SMTP_PASSWORD:
+      from_secret: smtp_password
+  image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
+  when:
+    status:
+    - changed
+    - failure
+
+trigger:
+  branch:
+  - master
+  event:
+  - cron
+  - push
+  repo:
+  - volker.raschek/prometheus-fail2ban-exporter
+
+---
+kind: pipeline
+type: kubernetes
+name: latest-manifest
+
+clone:
+  disable: true
+
+depends_on:
+- latest-amd64
+- latest-arm-v7
+- latest-arm64-v8
+
+# docker.io/plugins/manifest only for amd64 architectures available
+node_selector:
+  kubernetes.io/os: linux
+  kubernetes.io/arch: amd64
+
+steps:
+- name: clone
+  image: git.cryptic.systems/volker.raschek/git:1.3.1
+
+- name: build-manifest
+  image: docker.io/plugins/manifest:1.4.0
+  settings:
+    auto_tag: false
+    ignore_missing: true
+    spec: manifest.tmpl
+    username:
+      from_secret: git_cryptic_systems_container_registry_user
+    password:
+      from_secret: git_cryptic_systems_container_registry_password
+
+- name: email-notification
+  environment:
+    SMTP_FROM_ADDRESS:
+      from_secret: smtp_from_address
+    SMTP_FROM_NAME:
+      from_secret: smtp_from_name
+    SMTP_HOST:
+      from_secret: smtp_host
+    SMTP_USERNAME:
+      from_secret: smtp_username
+    SMTP_PASSWORD:
+      from_secret: smtp_password
+  image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
+  resources:
+    limits:
+      cpu: 150
+      memory: 150M
+  when:
+    status:
+    - changed
+    - failure
+
+trigger:
+  branch:
+  - master
+  event:
+  - cron
+  - push
+  repo:
+  - volker.raschek/prometheus-fail2ban-exporter
+
+---
+kind: pipeline
+type: docker
+name: tagged-amd64
+
+clone:
+  disable: true
+
+platform:
+  os: linux
+  arch: amd64
+
+steps:
+- name: clone
+  image: git.cryptic.systems/volker.raschek/git:1.3.1
+
+- name: build
+  image: docker.io/plugins/docker:20.10.9
+  settings:
+    auto_tag: true
+    auto_tag_suffix: amd64
+    dockerfile: Dockerfile
+    force_tag: true
+    no_cache: true
+    purge: true
+    mirror:
+      from_secret: docker_io_mirror
+    registry: git.cryptic.systems
+    repo: git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter
+    username:
+      from_secret: git_cryptic_systems_container_registry_user
+    password:
+      from_secret: git_cryptic_systems_container_registry_password
+    build_args:
+    - VERSION=${DRONE_TAG}
+
+- name: email-notification
+  environment:
+    SMTP_FROM_ADDRESS:
+      from_secret: smtp_from_address
+    SMTP_FROM_NAME:
+      from_secret: smtp_from_name
+    SMTP_HOST:
+      from_secret: smtp_host
+    SMTP_USERNAME:
+      from_secret: smtp_username
+    SMTP_PASSWORD:
+      from_secret: smtp_password
+  image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
+  when:
+    status:
+    - changed
+    - failure
+
+trigger:
+  event:
+  - tag
+  repo:
+  - volker.raschek/prometheus-fail2ban-exporter
+
+---
+kind: pipeline
+type: docker
+name: tagged-arm-v7
+
+clone:
+  disable: true
+
+platform:
+  os: linux
+  arch: arm
+
+steps:
+- name: clone
+  image: git.cryptic.systems/volker.raschek/git:1.3.1
+
+- name: build
+  image: docker.io/plugins/docker:20.10.9
+  settings:
+    auto_tag: true
+    auto_tag_suffix: arm-v7
+    dockerfile: Dockerfile
+    force_tag: true
+    no_cache: true
+    purge: true
+    mirror:
+      from_secret: docker_io_mirror
+    registry: git.cryptic.systems
+    repo: git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter
+    username:
+      from_secret: git_cryptic_systems_container_registry_user
+    password:
+      from_secret: git_cryptic_systems_container_registry_password
+    build_args:
+    - VERSION=${DRONE_TAG}
+
+- name: email-notification
+  environment:
+    SMTP_FROM_ADDRESS:
+      from_secret: smtp_from_address
+    SMTP_FROM_NAME:
+      from_secret: smtp_from_name
+    SMTP_HOST:
+      from_secret: smtp_host
+    SMTP_USERNAME:
+      from_secret: smtp_username
+    SMTP_PASSWORD:
+      from_secret: smtp_password
+  image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
+  when:
+    status:
+    - changed
+    - failure
+
+trigger:
+  event:
+  - tag
+  repo:
+  - volker.raschek/prometheus-fail2ban-exporter
+
+---
+kind: pipeline
+type: docker
+name: tagged-arm64-v8
+
+clone:
+  disable: true
+
+platform:
+  os: linux
+  arch: arm64
+
+steps:
+- name: clone
+  image: git.cryptic.systems/volker.raschek/git:1.3.1
+
+- name: build
+  image: docker.io/plugins/docker:20.10.9
+  settings:
+    auto_tag: true
+    auto_tag_suffix: arm64-v8
+    dockerfile: Dockerfile
+    force_tag: true
+    no_cache: true
+    purge: true
+    mirror:
+      from_secret: docker_io_mirror
+    registry: git.cryptic.systems
+    repo: git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter
+    username:
+      from_secret: git_cryptic_systems_container_registry_user
+    password:
+      from_secret: git_cryptic_systems_container_registry_password
+    build_args:
+    - VERSION=${DRONE_TAG}
+
+- name: email-notification
+  environment:
+    SMTP_FROM_ADDRESS:
+      from_secret: smtp_from_address
+    SMTP_FROM_NAME:
+      from_secret: smtp_from_name
+    SMTP_HOST:
+      from_secret: smtp_host
+    SMTP_USERNAME:
+      from_secret: smtp_username
+    SMTP_PASSWORD:
+      from_secret: smtp_password
+  image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
+  when:
+    status:
+    - changed
+    - failure
+
+trigger:
+  event:
+  - tag
+  repo:
+  - volker.raschek/prometheus-fail2ban-exporter
+
+---
+kind: pipeline
+type: kubernetes
+name: tagged-manifest
+
+clone:
+  disable: true
+
+depends_on:
+- tagged-amd64
+- tagged-arm-v7
+- tagged-arm64-v8
+
+# docker.io/plugins/manifest only for amd64 architectures available
+node_selector:
+  kubernetes.io/os: linux
+  kubernetes.io/arch: amd64
+
+steps:
+- name: clone
+  image: git.cryptic.systems/volker.raschek/git:1.3.1
+
+- name: build-manifest
+  image: docker.io/plugins/manifest:1.4.0
+  settings:
+    auto_tag: true
+    ignore_missing: true
+    spec: manifest.tmpl
+    username:
+      from_secret: git_cryptic_systems_container_registry_user
+    password:
+      from_secret: git_cryptic_systems_container_registry_password
+
+- name: email-notification
+  environment:
+    SMTP_FROM_ADDRESS:
+      from_secret: smtp_from_address
+    SMTP_FROM_NAME:
+      from_secret: smtp_from_name
+    SMTP_HOST:
+      from_secret: smtp_host
+    SMTP_USERNAME:
+      from_secret: smtp_username
+    SMTP_PASSWORD:
+      from_secret: smtp_password
+  image: git.cryptic.systems/volker.raschek/drone-email:0.1.5
+  resources:
+    limits:
+      cpu: 150
+      memory: 150M
+  when:
+    status:
+    - changed
+    - failure
+
+trigger:
+  event:
+  - tag
+  repo:
+  - volker.raschek/prometheus-fail2ban-exporter

.editorconfig

@@ -0,0 +1,15 @@
+# EditorConfig is awesome: https://EditorConfig.org
+
+# top-most EditorConfig file
+root = true
+
+[*]
+indent_style = space
+indent_size = 2
+end_of_line = lf
+charset = utf-8
+trim_trailing_whitespace = true
+insert_final_newline = false
+
+[Makefile]
+indent_style = tab

.gitignore

@@ -5,4 +5,4 @@ vendor/
 build/
 dist/
 
-fail2ban_exporter
+prometheus-fail2ban-exporter

.gitlab-ci.yml

@@ -1,78 +0,0 @@
-stages:
-  - test
-  - build
-  - release
-
-.go_template:
-  image: golang:latest
-
-sast:
-  stage: test
-
-include:
-- template: Security/SAST.gitlab-ci.yml
-- template: Security/Dependency-Scanning.gitlab-ci.yml
-
-format:
-  extends: .go_template
-  stage: test
-  script:
-    - make check/fmt
-
-vet:
-  extends: .go_template
-  stage: test
-  allow_failure: true
-  script:
-    - make vet
-
-test:
-  extends: .go_template
-  stage: test
-  script:
-    - make test
-
-build:
-  extends: .go_template
-  stage: build
-  script:
-    - make build
-  artifacts:
-    paths:
-      - fail2ban_exporter
-    expire_in: 1 day
-
-release:
-  stage: release
-  image: docker:stable
-  services:
-    - docker:dind
-  variables:
-    DOCKER_REGISTRY: $CI_REGISTRY
-    DOCKER_USERNAME: $CI_REGISTRY_USER
-    DOCKER_PASSWORD: $CI_REGISTRY_PASSWORD
-    GIT_DEPTH: 0
-  rules:
-    - if: $CI_COMMIT_TAG =~ /^v.*$/
-  script: |
-    docker run --rm --privileged \
-      -v $PWD:/go/src/gitlab.com/hectorjsmith/fail2ban-prometheus-exporter \
-      -w /go/src/gitlab.com/hectorjsmith/fail2ban-prometheus-exporter \
-      -v /var/run/docker.sock:/var/run/docker.sock \
-      -e DOCKER_USERNAME -e DOCKER_PASSWORD -e DOCKER_REGISTRY  \
-      -e GITLAB_TOKEN \
-      goreleaser/goreleaser release --clean
-
-tag images:
-  stage: release
-  image: docker:stable
-  services:
-    - docker:dind
-  needs:
-    - release
-  rules:
-    - if: $CI_COMMIT_TAG =~ /^v\d+\.\d+\.\d+$/
-  variables:
-    IMAGE_NAME: registry.gitlab.com/hectorjsmith/fail2ban-prometheus-exporter
-  script:
-    - ./.gitlab-ci/tagLatestImage.sh

.gitlab-ci/tagLatestImage.sh

@@ -1,14 +0,0 @@
-#!/bin/sh
-
-VERSION=`echo $CI_COMMIT_TAG | cut -c 2-`
-MAJOR=`echo $VERSION | cut -d "." -f 1`
-MINOR=`echo $VERSION | cut -d "." -f 2`
-
-echo "version: $VERSION (major: $MAJOR; minor: $MINOR)"
-
-docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
-docker pull $IMAGE_NAME:$VERSION
-docker tag $IMAGE_NAME:$VERSION $IMAGE_NAME:latest
-docker tag $IMAGE_NAME:$VERSION $IMAGE_NAME:$MAJOR
-docker tag $IMAGE_NAME:$VERSION $IMAGE_NAME:$MAJOR.$MINOR
-docker push $IMAGE_NAME

.goreleaser.yml

@@ -1,46 +0,0 @@
-project_name: fail2ban_exporter
-builds:
-  - env: [CGO_ENABLED=0]
-    binary: fail2ban_exporter
-    goos:
-      - linux
-      - darwin
-    goarch:
-      - amd64
-      - "386"
-      - arm
-      - arm64
-    goarm:
-      - "6"
-      - "7"
-
-dockers:
-- image_templates: ["registry.gitlab.com/hectorjsmith/fail2ban-prometheus-exporter:{{ .Version }}"]
-  dockerfile: Dockerfile
-  build_flag_templates:
-  - --label=org.opencontainers.image.title={{ .ProjectName }}
-  - --label=org.opencontainers.image.description={{ .ProjectName }}
-  - --label=org.opencontainers.image.url=https://gitlab.com/hectorjsmith/fail2ban-prometheus-exporter
-  - --label=org.opencontainers.image.source=https://gitlab.com/hectorjsmith/fail2ban-prometheus-exporter
-  - --label=org.opencontainers.image.version={{ .Version }}
-  - --label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }}
-  - --label=org.opencontainers.image.revision={{ .FullCommit }}
-  - --label=org.opencontainers.image.licenses=MIT
-
-changelog:
-  groups:
-    - title: "⛔ Breaking Changes"
-      regexp: '^.*?!:.+$'
-      order: 0
-    - title: "🎉 Features"
-      regexp: '^.*?feat(\(\w+\))??:.+$'
-      order: 1
-    - title: "🐛 Fixes"
-      regexp: '^.*?fix(\(\w+\))??:.+$'
-      order: 2
-    - title: "📑 Other"
-      order: 999
-  filters:
-    exclude:
-      - "^Merge"
-      - "^merge"

.markdownlint.yaml

@@ -0,0 +1,143 @@
+# markdownlint YAML configuration
+# https://github.com/DavidAnson/markdownlint/blob/main/schema/.markdownlint.yaml
+
+# Default state for all rules
+default: true
+
+# Path to configuration file to extend
+extends: null
+
+# MD003/heading-style/header-style - Heading style
+MD003:
+  # Heading style
+  style: "atx"
+
+# MD004/ul-style - Unordered list style
+MD004:
+  style: "dash"
+
+# MD007/ul-indent - Unordered list indentation
+MD007:
+  # Spaces for indent
+  indent: 2
+  # Whether to indent the first level of the list
+  start_indented: false
+
+# MD009/no-trailing-spaces - Trailing spaces
+MD009:
+  # Spaces for line break
+  br_spaces: 2
+  # Allow spaces for empty lines in list items
+  list_item_empty_lines: false
+  # Include unnecessary breaks
+  strict: false
+
+# MD010/no-hard-tabs - Hard tabs
+MD010:
+  # Include code blocks
+  code_blocks: true
+
+# MD012/no-multiple-blanks - Multiple consecutive blank lines
+MD012:
+  # Consecutive blank lines
+  maximum: 1
+
+# MD013/line-length - Line length
+MD013:
+  # Number of characters
+  line_length: 80
+  # Number of characters for headings
+  heading_line_length: 80
+  # Number of characters for code blocks
+  code_block_line_length: 80
+  # Include code blocks
+  code_blocks: false
+  # Include tables
+  tables: false
+  # Include headings
+  headings: true
+  # Include headings
+  headers: true
+  # Strict length checking
+  strict: false
+  # Stern length checking
+  stern: false
+
+# MD022/blanks-around-headings/blanks-around-headers - Headings should be surrounded by blank lines
+MD022:
+  # Blank lines above heading
+  lines_above: 1
+  # Blank lines below heading
+  lines_below: 1
+
+# MD024/no-duplicate-heading/no-duplicate-header - Multiple headings with the same content
+MD024:
+  # Only check sibling headings
+  allow_different_nesting: true
+
+# MD025/single-title/single-h1 - Multiple top-level headings in the same document
+MD025:
+  # Heading level
+  level: 1
+  # RegExp for matching title in front matter
+  front_matter_title: "^\\s*title\\s*[:=]"
+
+# MD026/no-trailing-punctuation - Trailing punctuation in heading
+MD026:
+  # Punctuation characters
+  punctuation: ".,;:!。，；：！"
+
+# MD029/ol-prefix - Ordered list item prefix
+MD029:
+  # List style
+  style: "one_or_ordered"
+
+# MD030/list-marker-space - Spaces after list markers
+MD030:
+  # Spaces for single-line unordered list items
+  ul_single: 1
+  # Spaces for single-line ordered list items
+  ol_single: 1
+  # Spaces for multi-line unordered list items
+  ul_multi: 1
+  # Spaces for multi-line ordered list items
+  ol_multi: 1
+
+# MD033/no-inline-html - Inline HTML
+MD033:
+  # Allowed elements
+  allowed_elements: []
+
+# MD035/hr-style - Horizontal rule style
+MD035:
+  # Horizontal rule style
+  style: "---"
+
+# MD036/no-emphasis-as-heading/no-emphasis-as-header - Emphasis used instead of a heading
+MD036:
+  # Punctuation characters
+  punctuation: ".,;:!?。，；：！？"
+
+# MD041/first-line-heading/first-line-h1 - First line in a file should be a top-level heading
+MD041:
+  # Heading level
+  level: 1
+  # RegExp for matching title in front matter
+  front_matter_title: "^\\s*title\\s*[:=]"
+
+# MD044/proper-names - Proper names should have the correct capitalization
+MD044:
+  # List of proper names
+  names: []
+  # Include code blocks
+  code_blocks: false
+
+# MD046/code-block-style - Code block style
+MD046:
+  # Block style
+  style: "fenced"
+
+# MD048/code-fence-style - Code fence style
+MD048:
+  # Code fence syle
+  style: "backtick"

Dockerfile

@@ -1,10 +1,19 @@
-FROM debian:buster-slim
+FROM docker.io/library/golang:1.20.5-buster AS build
 
-# Create main app folder to run from
+WORKDIR /workspace
-WORKDIR /app
+ADD . /workspace
 
-# Copy compiled binary to release image
+RUN apt update --yes && \
-# (must build the binary before running docker build)
+    apt install --yes build-essential && \
-COPY fail2ban_exporter /app/fail2ban_exporter
+    make install \
+      PREFIX=/usr \
+      DESTDIR=/app \
+      EXECUTABLE=prometheus-fail2ban-exporter
 
-ENTRYPOINT ["/app/fail2ban_exporter"]
+FROM docker.io/library/debian:12-slim
+
+COPY --from=build /app /
+
+EXPOSE 9191
+
+ENTRYPOINT [ "/usr/bin/prometheus-fail2ban-exporter" ]

LICENSE

@@ -1,6 +1,7 @@
 MIT License
 
 Copyright (c) 2021 Hector
+Copyright (c) 2023 Markus Pesch
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

Makefile

@@ -1,3 +1,9 @@
+DESTDIR?=
+PREFIX?=/usr/local
+EXECUTABLE?=prometheus-fail2ban-exporter
+
+CONTAINER_RUNTIME?=$(shell which podman)
+
 # List make commands
 .PHONY: ls
 ls:
@@ -46,10 +52,34 @@ build:
 	-X main.date=${shell date --iso-8601=seconds} \
 	-X main.builtBy=manual \
 	" \
-	-o fail2ban_exporter \
+	-trimpath \
+	-o ${EXECUTABLE} \
 	exporter.go
 
-# Build project docker container
+# build container-image
-.PHONY: build/docker
+.PHONY: build/container-image
-build/docker: build
+build/container-image:
-	docker build -t fail2ban-prometheus-exporter .
+	${CONTAINER_RUNTIME} build \
+		--tag ${EXECUTABLE} \
+		.
+
+.PHONY: install
+install: build
+	mkdir --parents ${DESTDIR}/usr/lib/systemd/system
+	sed -e "s/EXECUTABLE/${EXECUTABLE}/gm" systemd/systemd.service > ${DESTDIR}/usr/lib/systemd/system/${EXECUTABLE}.service
+	chmod 0644 ${DESTDIR}/usr/lib/systemd/system/${EXECUTABLE}.service
+
+	install -D --mode 0755 --target-directory ${DESTDIR}${PREFIX}/bin ${EXECUTABLE}
+
+# NOTE: Set restrict file permissions by default to protect optional basic auth credentials
+	install -D --mode 0600 env ${DESTDIR}/etc/conf.d/${EXECUTABLE}
+
+	install -D --mode 0755 --target-directory ${DESTDIR}${PREFIX}/share/licenses/${EXECUTABLE} LICENSE
+
+.PHONY: uninstall
+uninstall:
+	-rm --recursive --force \
+		${DESTDIR}${PREFIX}/bin/${EXECUTABLE} \
+		${DESTDIR}/usr/lib/systemd/system/${EXECUTABLE}.service \
+		${DESTDIR}/etc/conf.d/${EXECUTABLE} \
+		${DESTDIR}${PREFIX}/share/licenses/${EXECUTABLE}/LICENSE

README.md

@@ -1,11 +1,14 @@
-# Fail2Ban Prometheus Exporter
+# prometheus-fail2ban-exporter
 
-[![Pipeline](https://gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/badges/main/pipeline.svg)](https://gitlab.com/hectorjsmith/fail2ban-prometheus-exporter)
+[![Build Status](https://drone.cryptic.systems/api/badges/volker.raschek/prometheus-fail2ban-exporter/status.svg)](https://drone.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter)
-[![Go Report Card](https://goreportcard.com/badge/gitlab.com/hectorjsmith/fail2ban-prometheus-exporter)](https://goreportcard.com/report/gitlab.com/hectorjsmith/fail2ban-prometheus-exporter)
 
-Collect metrics from a running fail2ban instance.
+This is a fork of Hector's fail2ban
+[exporter](https://gitlab.com/hectorjsmith/fail2ban-prometheus-exporter). This
+fork contains some changes to get the application running in a kubernetes
+cluster.
 
 ## Table of Contents
+
 1. Quick Start
 2. Metrics
 3. Configuration
@@ -18,9 +21,10 @@ The exporter can be run as a standalone binary or a docker container.
 
 ### 1.1. Standalone
 
-The following command will start collecting metrics from the `/var/run/fail2ban/fail2ban.sock` file and expose them on port `9191`.
+The following command will start collecting metrics from the
+`/var/run/fail2ban/fail2ban.sock` file and expose them on port `9191`.
 
-```
+```bash
 $ fail2ban_exporter --collector.f2b.socket=/var/run/fail2ban/fail2ban.sock --web.listen-address=":9191"
 
 2022/02/20 09:54:06 fail2ban exporter version 0.8.1
@@ -30,25 +34,29 @@ $ fail2ban_exporter --collector.f2b.socket=/var/run/fail2ban/fail2ban.sock --web
 2022/02/20 09:54:06 ready
 ```
 
-Binary files for each release can be found on the [releases](https://gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/-/releases) page.
+Binary files for each release can be found on the
+[releases](https://gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/-/releases)
+page.
 
-There is also an [example systemd service file](/_examples/systemd/fail2ban_exporter.service) included in the repository.
+There is also an [example systemd service
+file](/_examples/systemd/fail2ban_exporter.service) included in the repository.
 This is a starting point to run the exporter as a service.
 
 ### 1.2. Docker
 
-**Docker run**
+#### Docker run
-```
+
-docker run -d \
+```bash
+$ docker run -d \
     --name "fail2ban-exporter" \
     -v /var/run/fail2ban:/var/run/fail2ban:ro \
     -p "9191:9191" \
     registry.gitlab.com/hectorjsmith/fail2ban-prometheus-exporter:latest
 ```
 
-**Docker compose**
+#### Docker compose
 
-```
+```yaml
 version: "2"
 services:
   exporter:
@@ -59,12 +67,16 @@ services:
     - "9191:9191"
 ```
 
-Use the `:latest` tag to get the latest stable release.
+Use the `:latest` tag to get the latest stable release. See the [registry
-See the [registry page](https://gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/container_registry) for all available tags.
+page](https://gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/container_registry)
+for all available tags.
 
-**NOTE:** While it is possible to mount the `fail2ban.sock` file directly, it is recommended to mount the parent folder instead.
+**NOTE:** While it is possible to mount the `fail2ban.sock` file directly, it is
-The `.sock` file is deleted by fail2ban on shutdown and re-created on startup and this causes problems for the docker mount.
+recommended to mount the parent folder instead. The `.sock` file is deleted by
-See [this reply](https://gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/-/issues/11#note_665003499) for more details.
+fail2ban on shutdown and re-created on startup and this causes problems for the
+docker mount. See [this
+reply](https://gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/-/issues/11#note_665003499)
+for more details.
 
 ## 2. Metrics
 
@@ -88,8 +100,10 @@ The exporter exposes the following metrics:
 | `jail_config_max_retry`      | The max number of failures allowed before banning an IP in this jail               | `f2b_config_jail_max_retries{jail="sshd"} 5`        |
 | `version`                    | Version string of the exporter and fail2ban                                        | `f2b_version{exporter="0.5.0",fail2ban="0.11.1"} 1` |
 
-The metrics above correspond to the matching fields in the `fail2ban-client status <jail>` command:
+The metrics above correspond to the matching fields in the `fail2ban-client
-```
+status <jail>` command:
+
+```text
 Status for the jail: sshd
 |- Filter
 |  |- Currently failed: 6
@@ -103,11 +117,13 @@ Status for the jail: sshd
 
 ### 2.1. Grafana
 
-The metrics exported by this tool are compatible with Prometheus and Grafana.
+The metrics exported by this tool are compatible with Prometheus and Grafana. A
-A sample grafana dashboard can be found in the [grafana.json](/_examples/grafana/dashboard.json) file.
+sample grafana dashboard can be found in the
-Just import the contents of this file into a new Grafana dashboard to get started.
+[grafana.json](/_examples/grafana/dashboard.json) file. Just import the contents
+of this file into a new Grafana dashboard to get started.
 
-The dashboard supports displaying data from multiple exporters. Use the `instance` dashboard variable to select which ones to display.
+The dashboard supports displaying data from multiple exporters. Use the
+`instance` dashboard variable to select which ones to display.
 
 *(Sample dashboard is compatible with Grafana `9.1.8` and above)*
 
@@ -116,8 +132,9 @@ The dashboard supports displaying data from multiple exporters. Use the `instanc
 The exporter is configured with CLI flags and environment variables.
 There are no configuration files.
 
-**CLI flags**
+### CLI flags
-```
+
+```text
 🚀 Collect prometheus metrics from a running Fail2Ban instance
 
 Flags:
@@ -145,7 +162,7 @@ Flags:
                                       ($F2B_WEB_BASICAUTH_PASS)
 ```
 
-**Environment variables**
+### Environment variables
 
 Each environment variable corresponds to a CLI flag.
 If both are specified, the CLI flag takes precedence.
@@ -162,25 +179,31 @@ If both are specified, the CLI flag takes precedence.
 ## 4. Building from source
 
 Building from source has the following dependencies:
+
 - Go v1.20
 - Make
 
 From there, simply run `make build`
 
-This will download the necessary dependencies and build a `fail2ban_exporter` binary in the root of the project.
+This will download the necessary dependencies and build a `fail2ban_exporter`
+binary in the root of the project.
 
 ## 5. Textfile metrics
 
-For more flexibility the exporter also allows exporting metrics collected from a text file.
+For more flexibility the exporter also allows exporting metrics collected from a
+text file.
 
-To enable textfile metrics provide the directory to read files from with the `--collector.textfile.directory` flag.
+To enable textfile metrics provide the directory to read files from with the
+`--collector.textfile.directory` flag.
 
-Metrics collected from these files will be exposed directly alongside the other metrics without any additional processing.
+Metrics collected from these files will be exposed directly alongside the other
-This means that it is the responsibility of the file creator to ensure the format is correct.
+metrics without any additional processing. This means that it is the
+responsibility of the file creator to ensure the format is correct.
 
-By exporting textfile metrics an extra metric is also exported with an error count for each file:
+By exporting textfile metrics an extra metric is also exported with an error
+count for each file:
 
-```
+```text
 # HELP textfile_error Checks for errors while reading text files
 # TYPE textfile_error gauge
 textfile_error{path="file.prom"} 0
@@ -188,15 +211,18 @@ textfile_error{path="file.prom"} 0
 
 **NOTE:** Any file not ending with `.prom` will be ignored.
 
-**Running in Docker**
+### Running in Docker
+
+To collect textfile metrics inside a docker container, a couple of things need
+to be done:
 
-To collect textfile metrics inside a docker container, a couple of things need to be done:
 1. Mount the folder with the metrics files
 2. Set the `F2B_COLLECTOR_TEXT_PATH` environment variable
 
 *For example:*
-```
+
-docker run -d \
+```bash
+$ docker run -d \
     --name "fail2ban-exporter" \
     -v /var/run/fail2ban:/var/run/fail2ban:ro \
     -v /path/to/metrics:/app/metrics/:ro \

cfg/cfg.go

@@ -5,8 +5,8 @@ import (
 	"log"
 	"os"
 
+	"git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter/auth"
 	"github.com/alecthomas/kong"
-	"gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/auth"
 )
 
 var cliStruct struct {

cfg/settings.go

@@ -1,6 +1,6 @@
 package cfg
 
-import "gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/auth"
+import "git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter/auth"
 
 type AppSettings struct {
 	VersionMode           bool

collector/f2b/collector.go

@@ -4,9 +4,9 @@ import (
 	"log"
 	"os"
 
+	"git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter/cfg"
+	"git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter/socket"
 	"github.com/prometheus/client_golang/prometheus"
-	"gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/cfg"
-	"gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/socket"
 )
 
 type Collector struct {

collector/f2b/socket.go

@@ -1,9 +1,10 @@
 package f2b
 
 import (
-	"github.com/prometheus/client_golang/prometheus"
-	"gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/socket"
 	"log"
+
+	"git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter/socket"
+	"github.com/prometheus/client_golang/prometheus"
 )
 
 const (

collector/textfile/collector.go

@@ -1,9 +1,10 @@
 package textfile
 
 import (
-	"github.com/prometheus/client_golang/prometheus"
-	"gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/cfg"
 	"log"
+
+	"git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter/cfg"
+	"github.com/prometheus/client_golang/prometheus"
 )
 
 type Collector struct {

env

@@ -0,0 +1,6 @@
+# F2B_COLLECTOR_SOCKET=""
+# F2B_COLLECTOR_TEXT_PATH=""
+# F2B_WEB_LISTEN_ADDRESS=""
+# F2B_WEB_BASICAUTH_USER=""
+# F2B_WEB_BASICAUTH_PASS=""
+# F2B_EXIT_ON_SOCKET_CONN_ERROR=""

exporter.go

@@ -7,11 +7,11 @@ import (
 	"os/signal"
 	"syscall"
 
+	"git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter/cfg"
+	"git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter/collector/f2b"
+	"git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter/collector/textfile"
+	"git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter/server"
 	"github.com/prometheus/client_golang/prometheus"
-	"gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/cfg"
-	"gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/collector/f2b"
-	"gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/collector/textfile"
-	"gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/server"
 )
 
 var (

go.mod

@@ -1,4 +1,4 @@
-module gitlab.com/hectorjsmith/fail2ban-prometheus-exporter
+module git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter
 
 go 1.20
 

manifest.tmpl

@@ -0,0 +1,26 @@
+image: git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}
+{{#if build.tags}}
+tags:
+{{#each build.tags}}
+  - {{this}}
+{{/each}}
+  - "latest"
+{{/if}}
+manifests:
+  -
+    image: git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}-amd64
+    platform:
+      architecture: amd64
+      os: linux
+  -
+    image: git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}-arm-v7
+    platform:
+      architecture: arm
+      os: linux
+      variant: v7
+  -
+    image: git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}-arm64-v8
+    platform:
+      architecture: arm64
+      os: linux
+      variant: v8

renovate.json

@@ -0,0 +1,38 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "assigneesFromCodeOwners": true,
+  "automergeStrategy": "merge-commit",
+  "automergeType": "pr",
+  "labels": [ "renovate" ],
+  "packageRules": [
+    {
+      "description": "Automatically update minor and patch versions of used drone-ci images",
+      "addLabels": [ "renovate/droneci", "renovate/automerge" ],
+      "excludePackagePatterns": [ "plugins/docker" ],
+      "automerge": true,
+      "matchManagers": "droneci",
+      "matchUpdateTypes": [ "minor", "patch"]
+    },
+    {
+      "description": "Automatically update minor and patch versions of go modules",
+      "addLabels": [ "renovate/gomod", "renovate/automerge" ],
+      "automerge": true,
+      "matchBaseBranches": [ "master" ],
+      "matchManagers": [ "gomod" ],
+      "matchUpdateTypes": [ "minor", "patch" ]
+    },
+    {
+      "description": "Prepare MR for major update minor of go modules",
+      "addLabels": [ "renovate/gomod" ],
+      "automerge": false,
+      "matchBaseBranches": [ "master" ],
+      "matchManagers": [ "gomod" ],
+      "matchUpdateTypes": [ "major" ]
+    }
+  ],
+  "postUpdateOptions": [
+    "gomodTidy"
+  ],
+  "rebaseLabel": "renovate/rebase",
+  "rebaseWhen": "behind-base-branch"
+}

server/auth.go

@@ -3,7 +3,7 @@ package server
 import (
 	"net/http"
 
-	"gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/auth"
+	"git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter/auth"
 )
 
 func AuthMiddleware(handlerFunc http.HandlerFunc, authProvider auth.AuthProvider) http.HandlerFunc {

server/handler.go

@@ -4,8 +4,8 @@ import (
 	"log"
 	"net/http"
 
+	"git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter/collector/textfile"
 	"github.com/prometheus/client_golang/prometheus/promhttp"
-	"gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/collector/textfile"
 )
 
 const (

server/server.go

@@ -5,8 +5,8 @@ import (
 	"net/http"
 	"time"
 
-	"gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/cfg"
+	"git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter/cfg"
-	"gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/collector/textfile"
+	"git.cryptic.systems/volker.raschek/prometheus-fail2ban-exporter/collector/textfile"
 )
 
 func StartServer(

systemd/systemd.service

@@ -0,0 +1,22 @@
+[Unit]
+Description=Prometheus exporter for fail2ban metrics
+Requires=network-online.target
+After=network-online.target
+
+[Service]
+EnvironmentFile=/etc/conf.d/EXECUTABLE
+ExecStart=/usr/bin/EXECUTABLE
+ExecReload=/bin/kill -HUP $MAINPID
+Restart=on-failure
+RestartSec=5s
+
+NoNewPrivileges=true
+
+# NOTE: Would be great to create and use a dedicated user/group via
+# sysusers.conf to access the fail2ban socket, but currently it is no possible
+# without manual configuration of the fail2ban daemon.
+User=root
+Group=root
+
+[Install]
+WantedBy=multi-user.target