ae359d1ef2
Fixes issues described in #208242 for this part of the nixpkgs tree. There are no behavioral changes in this, it only adjusts the code so that it is easier to understand.
117 lines
3.3 KiB
Nix
117 lines
3.3 KiB
Nix
{ config, lib, pkgs, options, ... }:
|
|
|
|
let
|
|
cfg = config.services.prometheus.exporters.dmarc;
|
|
inherit (lib) mkOption types optionalString;
|
|
|
|
json = builtins.toJSON {
|
|
inherit (cfg) folders port;
|
|
listen_addr = cfg.listenAddress;
|
|
storage_path = "$STATE_DIRECTORY";
|
|
imap = (builtins.removeAttrs cfg.imap [ "passwordFile" ]) // { password = "$IMAP_PASSWORD"; use_ssl = true; };
|
|
poll_interval_seconds = cfg.pollIntervalSeconds;
|
|
deduplication_max_seconds = cfg.deduplicationMaxSeconds;
|
|
logging = {
|
|
version = 1;
|
|
disable_existing_loggers = false;
|
|
};
|
|
};
|
|
in {
|
|
port = 9797;
|
|
extraOpts = {
|
|
imap = {
|
|
host = mkOption {
|
|
type = types.str;
|
|
default = "localhost";
|
|
description = ''
|
|
Hostname of IMAP server to connect to.
|
|
'';
|
|
};
|
|
port = mkOption {
|
|
type = types.port;
|
|
default = 993;
|
|
description = ''
|
|
Port of the IMAP server to connect to.
|
|
'';
|
|
};
|
|
username = mkOption {
|
|
type = types.str;
|
|
example = "postmaster@example.org";
|
|
description = ''
|
|
Login username for the IMAP connection.
|
|
'';
|
|
};
|
|
passwordFile = mkOption {
|
|
type = types.str;
|
|
example = "/run/secrets/dovecot_pw";
|
|
description = ''
|
|
File containing the login password for the IMAP connection.
|
|
'';
|
|
};
|
|
};
|
|
folders = {
|
|
inbox = mkOption {
|
|
type = types.str;
|
|
default = "INBOX";
|
|
description = ''
|
|
IMAP mailbox that is checked for incoming DMARC aggregate reports
|
|
'';
|
|
};
|
|
done = mkOption {
|
|
type = types.str;
|
|
default = "Archive";
|
|
description = ''
|
|
IMAP mailbox that successfully processed reports are moved to.
|
|
'';
|
|
};
|
|
error = mkOption {
|
|
type = types.str;
|
|
default = "Invalid";
|
|
description = ''
|
|
IMAP mailbox that emails are moved to that could not be processed.
|
|
'';
|
|
};
|
|
};
|
|
pollIntervalSeconds = mkOption {
|
|
type = types.ints.unsigned;
|
|
default = 60;
|
|
description = ''
|
|
How often to poll the IMAP server in seconds.
|
|
'';
|
|
};
|
|
deduplicationMaxSeconds = mkOption {
|
|
type = types.ints.unsigned;
|
|
default = 604800;
|
|
defaultText = "7 days (in seconds)";
|
|
description = ''
|
|
How long individual report IDs will be remembered to avoid
|
|
counting double delivered reports twice.
|
|
'';
|
|
};
|
|
debug = mkOption {
|
|
type = types.bool;
|
|
default = false;
|
|
description = ''
|
|
Whether to declare enable `--debug`.
|
|
'';
|
|
};
|
|
};
|
|
serviceOpts = {
|
|
path = with pkgs; [ envsubst coreutils ];
|
|
serviceConfig = {
|
|
StateDirectory = "prometheus-dmarc-exporter";
|
|
WorkingDirectory = "/var/lib/prometheus-dmarc-exporter";
|
|
ExecStart = "${pkgs.writeShellScript "setup-cfg" ''
|
|
export IMAP_PASSWORD="$(<${cfg.imap.passwordFile})"
|
|
envsubst \
|
|
-i ${pkgs.writeText "dmarc-exporter.json.template" json} \
|
|
-o ''${STATE_DIRECTORY}/dmarc-exporter.json
|
|
|
|
exec ${pkgs.dmarc-metrics-exporter}/bin/dmarc-metrics-exporter \
|
|
--configuration /var/lib/prometheus-dmarc-exporter/dmarc-exporter.json \
|
|
${optionalString cfg.debug "--debug"}
|
|
''}";
|
|
};
|
|
};
|
|
}
|