diff options
author | Maximilian Bosch <maximilian@mbosch.me> | 2022-03-14 09:02:08 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-03-14 09:02:08 +0100 |
commit | 0c5586c2f26249527c09efab70d12d7ff63a3ff1 (patch) | |
tree | ae5cbcffa37d70731f53b2498f3ea32e6a467794 /nixos/modules | |
parent | d806395d13fc9daab52065b1e99430f2f99a0d64 (diff) | |
parent | cafa5b400c48be75300b3e1ec28ddeead9f6f392 (diff) | |
download | nixpkgs-0c5586c2f26249527c09efab70d12d7ff63a3ff1.tar nixpkgs-0c5586c2f26249527c09efab70d12d7ff63a3ff1.tar.gz nixpkgs-0c5586c2f26249527c09efab70d12d7ff63a3ff1.tar.bz2 nixpkgs-0c5586c2f26249527c09efab70d12d7ff63a3ff1.tar.lz nixpkgs-0c5586c2f26249527c09efab70d12d7ff63a3ff1.tar.xz nixpkgs-0c5586c2f26249527c09efab70d12d7ff63a3ff1.tar.zst nixpkgs-0c5586c2f26249527c09efab70d12d7ff63a3ff1.zip |
Merge pull request #162254 from Ma27/init-dmarc-exporter
prometheus-dmarc-exporter: init at 0.5.1
Diffstat (limited to 'nixos/modules')
-rw-r--r-- | nixos/modules/services/monitoring/prometheus/exporters.nix | 1 | ||||
-rw-r--r-- | nixos/modules/services/monitoring/prometheus/exporters/dmarc.nix | 117 |
2 files changed, 118 insertions, 0 deletions
diff --git a/nixos/modules/services/monitoring/prometheus/exporters.nix b/nixos/modules/services/monitoring/prometheus/exporters.nix index 46e410f11d4..41302d6d3ce 100644 --- a/nixos/modules/services/monitoring/prometheus/exporters.nix +++ b/nixos/modules/services/monitoring/prometheus/exporters.nix @@ -29,6 +29,7 @@ let "blackbox" "buildkite-agent" "collectd" + "dmarc" "dnsmasq" "domain" "dovecot" diff --git a/nixos/modules/services/monitoring/prometheus/exporters/dmarc.nix b/nixos/modules/services/monitoring/prometheus/exporters/dmarc.nix new file mode 100644 index 00000000000..330610a15d9 --- /dev/null +++ b/nixos/modules/services/monitoring/prometheus/exporters/dmarc.nix @@ -0,0 +1,117 @@ +{ config, lib, pkgs, options }: + +with lib; + +let + cfg = config.services.prometheus.exporters.dmarc; + + json = builtins.toJSON { + inherit (cfg) folders port; + listen_addr = cfg.listenAddress; + storage_path = "$STATE_DIRECTORY"; + imap = (builtins.removeAttrs cfg.imap [ "passwordFile" ]) // { password = "$IMAP_PASSWORD"; use_ssl = true; }; + poll_interval_seconds = cfg.pollIntervalSeconds; + deduplication_max_seconds = cfg.deduplicationMaxSeconds; + logging = { + version = 1; + disable_existing_loggers = false; + }; + }; +in { + port = 9797; + extraOpts = { + imap = { + host = mkOption { + type = types.str; + default = "localhost"; + description = '' + Hostname of IMAP server to connect to. + ''; + }; + port = mkOption { + type = types.port; + default = 993; + description = '' + Port of the IMAP server to connect to. + ''; + }; + username = mkOption { + type = types.str; + example = "postmaster@example.org"; + description = '' + Login username for the IMAP connection. + ''; + }; + passwordFile = mkOption { + type = types.str; + example = "/run/secrets/dovecot_pw"; + description = '' + File containing the login password for the IMAP connection. + ''; + }; + }; + folders = { + inbox = mkOption { + type = types.str; + default = "INBOX"; + description = '' + IMAP mailbox that is checked for incoming DMARC aggregate reports + ''; + }; + done = mkOption { + type = types.str; + default = "Archive"; + description = '' + IMAP mailbox that successfully processed reports are moved to. + ''; + }; + error = mkOption { + type = types.str; + default = "Invalid"; + description = '' + IMAP mailbox that emails are moved to that could not be processed. + ''; + }; + }; + pollIntervalSeconds = mkOption { + type = types.ints.unsigned; + default = 60; + description = '' + How often to poll the IMAP server in seconds. + ''; + }; + deduplicationMaxSeconds = mkOption { + type = types.ints.unsigned; + default = 604800; + defaultText = "7 days (in seconds)"; + description = '' + How long individual report IDs will be remembered to avoid + counting double delivered reports twice. + ''; + }; + debug = mkOption { + type = types.bool; + default = false; + description = '' + Whether to declare enable <literal>--debug</literal>. + ''; + }; + }; + serviceOpts = { + path = with pkgs; [ envsubst coreutils ]; + serviceConfig = { + StateDirectory = "prometheus-dmarc-exporter"; + WorkingDirectory = "/var/lib/prometheus-dmarc-exporter"; + ExecStart = "${pkgs.writeShellScript "setup-cfg" '' + export IMAP_PASSWORD="$(<${cfg.imap.passwordFile})" + envsubst \ + -i ${pkgs.writeText "dmarc-exporter.json.template" json} \ + -o ''${STATE_DIRECTORY}/dmarc-exporter.json + + exec ${pkgs.prometheus-dmarc-exporter}/bin/prometheus-dmarc-exporter \ + --configuration /var/lib/prometheus-dmarc-exporter/dmarc-exporter.json \ + ${optionalString cfg.debug "--debug"} + ''}"; + }; + }; +} |