From 619cf60d25d6b7852dcedc52e802ea04c0d95ff2 Mon Sep 17 00:00:00 2001
From: Maximilian Bosch <maximilian@mbosch.me>
Date: Thu, 3 Jun 2021 12:37:48 +0200
Subject: [PATCH 1/3] nixos/rspamd-exporter: fix metrics
In 0.3.0 of the json-exporter[1] it was switched to a different jsonpath
library which made some changes - especially for spaces in keys -
necessary. Also I decided to remove the pretty-printed JSON as this
would interfere with the bash quoting too much. If one needs
pretty-printed output, they can still pipe the output to `jq`.
[1] https://github.com/prometheus-community/json_exporter/releases/tag/v0.3.0
(cherry picked from commit 976d668e5c5566c3e96b17d667830a0f3ed1bbb5)
---
.../prometheus/exporters/rspamd.nix | 36 +++++++++----------
1 file changed, 17 insertions(+), 19 deletions(-)
diff --git a/nixos/modules/services/monitoring/prometheus/exporters/rspamd.nix b/nixos/modules/services/monitoring/prometheus/exporters/rspamd.nix
index d95e5ed9e83..994670a376e 100644
--- a/nixos/modules/services/monitoring/prometheus/exporters/rspamd.nix
+++ b/nixos/modules/services/monitoring/prometheus/exporters/rspamd.nix
@@ -5,21 +5,19 @@ with lib;
let
cfg = config.services.prometheus.exporters.rspamd;
- prettyJSON = conf:
- pkgs.runCommand "rspamd-exporter-config.yml" { } ''
- echo '${builtins.toJSON conf}' | ${pkgs.buildPackages.jq}/bin/jq '.' > $out
- '';
+ mkFile = conf:
+ pkgs.writeText "rspamd-exporter-config.yml" (builtins.toJSON conf);
generateConfig = extraLabels: {
metrics = (map (path: {
- name = "rspamd_${replaceStrings [ "." " " ] [ "_" "_" ] path}";
+ name = "rspamd_${replaceStrings [ "[" "." " " "]" "\\" "'" ] [ "_" "_" "_" "" "" "" ] path}";
path = "{ .${path} }";
labels = extraLabels;
}) [
- "actions.'add header'"
- "actions.'no action'"
- "actions.'rewrite subject'"
- "actions.'soft reject'"
+ "actions['add\\ header']"
+ "actions['no\\ action']"
+ "actions['rewrite\\ subject']"
+ "actions['soft\\ reject']"
"actions.greylist"
"actions.reject"
"bytes_allocated"
@@ -40,18 +38,18 @@ let
]) ++ [{
name = "rspamd_statfiles";
type = "object";
- path = "$.statfiles[*]";
+ path = "{.statfiles[*]}";
labels = recursiveUpdate {
- symbol = "$.symbol";
- type = "$.type";
+ symbol = "{.symbol}";
+ type = "{.type}";
} extraLabels;
values = {
- revision = "$.revision";
- size = "$.size";
- total = "$.total";
- used = "$.used";
- languages = "$.languages";
- users = "$.users";
+ revision = "{.revision}";
+ size = "{.size}";
+ total = "{.total}";
+ used = "{.used}";
+ languages = "{.languages}";
+ users = "{.users}";
};
}];
};
@@ -76,7 +74,7 @@ in
};
serviceOpts.serviceConfig.ExecStart = ''
${pkgs.prometheus-json-exporter}/bin/json_exporter \
- --config.file ${prettyJSON (generateConfig cfg.extraLabels)} \
+ --config.file ${mkFile (generateConfig cfg.extraLabels)} \
--web.listen-address "${cfg.listenAddress}:${toString cfg.port}" \
${concatStringsSep " \\\n " cfg.extraFlags}
'';
From d7fbcd60a341bd86d3ff4c828ef92cc45da3f526 Mon Sep 17 00:00:00 2001
From: Maximilian Bosch <maximilian@mbosch.me>
Date: Thu, 3 Jun 2021 13:01:11 +0200
Subject: [PATCH 2/3] nixos/dovecot-exporter: fix documentation for old stats
(cherry picked from commit 6fb847c55643780c1ba3a98c57ba57541ed33d14)
---
.../monitoring/prometheus/exporters/dovecot.nix | 17 ++++++++++++++++-
1 file changed, 16 insertions(+), 1 deletion(-)
diff --git a/nixos/modules/services/monitoring/prometheus/exporters/dovecot.nix b/nixos/modules/services/monitoring/prometheus/exporters/dovecot.nix
index aba3533e439..472652fe8a7 100644
--- a/nixos/modules/services/monitoring/prometheus/exporters/dovecot.nix
+++ b/nixos/modules/services/monitoring/prometheus/exporters/dovecot.nix
@@ -35,13 +35,28 @@ in
{
<xref linkend="opt-services.prometheus.exporters.dovecot.enable" /> = true;
<xref linkend="opt-services.prometheus.exporters.dovecot.socketPath" /> = "/var/run/dovecot2/old-stats";
+ <xref linkend="opt-services.dovecot2.mailPlugins.globally.enable" /> = [ "old_stats" ];
<xref linkend="opt-services.dovecot2.extraConfig" /> = '''
- mail_plugins = $mail_plugins old_stats
service old-stats {
unix_listener old-stats {
user = dovecot-exporter
group = dovecot-exporter
+ mode = 0660
}
+ fifo_listener old-stats-mail {
+ mode = 0660
+ user = dovecot
+ group = dovecot
+ }
+ fifo_listener old-stats-user {
+ mode = 0660
+ user = dovecot
+ group = dovecot
+ }
+ }
+ plugin {
+ old_stats_refresh = 30 secs
+ old_stats_track_cmds = yes
}
''';
}
From 3c8dcd902a4bb0d545681bd01a436f495c40cc04 Mon Sep 17 00:00:00 2001
From: Maximilian Bosch <maximilian@mbosch.me>
Date: Thu, 3 Jun 2021 13:10:23 +0200
Subject: [PATCH 3/3] nixos/mail-exporter: add note about rspamd marking probe
mails as spam
(cherry picked from commit ba9768f3143c728a47515d0548025a103fca9013)
---
.../monitoring/prometheus/exporters/mail.nix | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/nixos/modules/services/monitoring/prometheus/exporters/mail.nix b/nixos/modules/services/monitoring/prometheus/exporters/mail.nix
index 18c5c4dd162..7e196149fbb 100644
--- a/nixos/modules/services/monitoring/prometheus/exporters/mail.nix
+++ b/nixos/modules/services/monitoring/prometheus/exporters/mail.nix
@@ -112,6 +112,24 @@ let
'';
description = ''
List of servers that should be probed.
+
+ <emphasis>Note:</emphasis> if your mailserver has <citerefentry>
+ <refentrytitle>rspamd</refentrytitle><manvolnum>8</manvolnum></citerefentry> configured,
+ it can happen that emails from this exporter are marked as spam.
+
+ It's possible to work around the issue with a config like this:
+ <programlisting>
+ {
+ <link linkend="opt-services.rspamd.locals._name_.text">services.rspamd.locals."multimap.conf".text</link> = '''
+ ALLOWLIST_PROMETHEUS {
+ filter = "email:domain:tld";
+ type = "from";
+ map = "''${pkgs.writeText "allowmap" "domain.tld"}";
+ score = -100.0;
+ }
+ ''';
+ }
+ </programlisting>
'';
};
};