Fail2ban Prometheus Exporter

The exporter now tries to connect to the #fail2ban socket on startup and will either print an error or the fail2ban version.

This release also included several tasks focused around code health and pipeline improvements.

Fixed a bug in the previous release where it wouldn't run on some systems. Solution was to disable CGO in the build pipeline.

Automated the entire release process with #goReleaser and removed the CHANGELOG file. Changes for each release are now added to the #gitlab release itself.

Small fix: exit with an error exit code when the server fails to start. Thanks to @vetinary1 on Gitlab for raising it!

Add a new option to quit the exporter on socket errors: F2B_EXIT_ON_SOCKET_CONN_ERROR.

The goal is to allow the exporter to exit when these errors happen and have docker restart it. This makes it more likely these errors will fix themselves 👍

In this update I re-wrote all the CLI flags and environment variables used by the tool. This is obviously a breaking change.

The CLI flags and environment variables used for the tool had grown organically over time and had become a bit inconsistent. This update tries to align them and make them more consistent (both with each other, and with other exporter tools).

The exporter now supports basic auth to be required when collecting metrics. New CLI and environment variables were added to support this.

The implementation was interesting, as I decided to store a hashed version of the basic-auth password instead of storing the raw value. This is to avoid leaking the raw password if the system memory is dumped.

There are still other ways the password could leak though (e.g. inspecting the environment variables)

This release includes the first code written by another person!

It adds support for Python2 and adds support for specifying the listen address (e.g. 0.0.0.0). I also added the first example grafana dashboard that people can use to view the metrics this tool exports.

This release adds support for two new types of metrics: configuration data & text file metrics.

The text file metrics emulates what node_exporter does and allows custom metrics to be collected from a text file. This was added to better support custom metrics such as machine IDs.

This also removes the old database-backed metrics in favour of the new socket-based metrics.

This small update introduces a new version metric to track the version of both the exporter and the fail2ban server.

This release launched the first iteration of the new socket-based metrics and deprecated the old database-based metrics. It also introduced a couple of new metrics.

This issue initiated a big shift in how the exporter works: collecting metrics over the fail2ban socket.

One of the users of the tool identified some inconsistencies between the metrics collected by this tool and the metrics reported by fail2ban. After a fair bit of digging into the fail2ban exporter code I found that the database is not a reliable system of record for these metrics.

The solution was to collect metrics over the fail2ban socket. This is how the fail2ban client communicates with the fail2ban server and ensures that all collected metrics are consistent.

This was a really feature to develop because it involved integrating Python code with Golang.

This is the initial release of the tool!

It is based on collecting metrics from the fail2ban database and exposing them in a format compatible with prometheus.