Replace CLI parsing functionality with the `kingpin` library to better
support configuring the tool with environment variables.
Add new environment variables to configure the tool.
BREAKING CHANGE: CLI params now require two dashes instead of one (e.g. `--socket`)
Add new CLI parameters to enable protecting the API endpoints with basic
auth authentication.
Wrap the server endpoints in a new auth middleware that protects it using
the provided basic auth credentials (if set).
Store the provided basic auth credentials as hashed values to prevent them
from being accidentally leaked.
Add unit tests to ensure the new functionality works as expected.
Add new -web.listen-address command line parameter, so that the
listening interface can be limited. This follows a similar style as
the official prometheus-node-exporter project.
Update project README with the new parameter.
Remove all database-based metrics from the metrics endpoint.
Remove all code related to pulling metrics from the fail2ban database.
Remove all configuration variables related to the fail2ban database.
The CLI parameter for the database path was not removed to avoid breaking
compatibility.
Update docker entrypoint to remove references to the fail2ban database.
Remove all references to the old database metrics from the README.
Add new metrics around basic jail configuration. The new metrics expose the
max retries, ban time, and find time for each jail.
Update project README with the new metrics.
Create a new `collector` folder to store the code for the different
collectors. Move the existing f2b and textfile collectors to this folder.
Minor refactors to the f2b collector to better match the code style of the
newer textfile collector.
Add support for collecting arbitrary metrics from a textfile as well as
metrics collected from fail2ban. This allows other data to be exported
along with the fail2ban metrics (e.g. instance metadata).
Update the docker image to allow mounting a folder with a collection of
metric files to be exported. Only files ending in `.prom` with be read.
Update project README with the new functionality.
Add a new request handler for the root URL (`/`) to render a simple HTML
page with a link to the metrics page. This follows the convention of other
metric exporters.
Update the exporter startup to add more log messages. The server address,
port, and metrics path are now logged on startup.
A "ready" log message is printed when the server is up and running.
Split out all the code to define exporter functions and collect data into
a new package. The new package is responsible for all exporter related
activity. This makes the code easier to read.
Split the code for collecting metrics from the database and from the socket
into different files to make the separation more obvious.
Add a new `f2b_version` metric that includes the version of the fail2ban
server and the exporter.
Add a new socket command to get back the fail2ban server version.
Update all old database-based metrics to include the `deprecated` text.
Add a warning on startup if connecting to the fail2ban database to state
that this functionality will be removed in a future release.
Rename deprecated methods and variables.
Add new metric to collect the number of errors found when connecting to the
fail2ban server socket. Errors are split into two categories: connection
errors (e.g. socket file not found), and request errors (e.g. invalid
response received from server).
Update the `up` metric to return `0` if the socket connection fails.
Improve error logging.
Update the code collecting metrics to open a new socket connection each
time metrics are collected. This ensures that a new socket connection is
used each time and avoids errors caused by fail2ban being restarted.
Add new metric to track the total number of jails configured in fail2ban.
Add new metrics for the current and total number of filter failures for
each jail, as well as the current/total number of banned IPs per jail.
The new metrics are collected by sending the `status [jail]` command to the
fail2ban server and parsing the response data.
Read the response data from the socket in chunks to prevent errors when
processing large payloads. The initial implementation solved large payloads
by just defining a very large buffer, but this is not a solution. The new
code reads the socket data in a loop until a terminator is found and
appends all the data into a single byte array.
Reduce the buffer size to `1024` bytes.
Add support for connecting the exporter directly to the fail2ban server's
socket to send requests and receive data. The path to the socket file is
optional and specified on startup.
Export a new metric based on the response of the `ping` command sent to the
fail2ban server. The metric is set to 1 if the server responds with `pong`
and 0 in any other case. This metric is only shown if the path to the
socket file was provided on startup.
Update the database query counting the number of banned IPs to filter out
any bans that have already expired. An expired ban is defined as a ban
where the "time of ban" plus the "duration of ban" is less than the
current time.
This is necessary because bans that have expired are not automatically
removed from the database and will cause metrics to diverge from the counts
reported by `fail2ban-client`.
Add a new metric to count the number of database errors that have been
found since startup. This complements the `up` metric to have better
visibility into occasional database errors.
The `up` metric is now based on whether an error was found while reading
data from the database to build other metrics. Note that there is a chance
the `up` metric will not be correctly set if the last metric to be built
before the `up` metric does not throw an error.
Add a new prometheus metric to track which jails are currently enabled.
Add a new database query to read the jail name and enabled status from the
database.
Add new metric to readme file.
Update the project structure to move all golang files to a new `src/`
folder. This keeps all the code located in the same place and easier to
work with.
Update the Makefile and goreleaser config to continue to work with the new
folder structure.