Feat: Create metrics service

bokysan · Sep 27, 2023 · ab1cca7 · ab1cca7
1 parent 8b6a6ac
commit ab1cca7
Show file tree

Hide file tree

Showing 17 changed files with 19,687 additions and 55 deletions.
diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml
@@ -37,6 +37,54 @@ jobs:
 
       - uses: ./.github/actions/helm-chart-tests
 
+  Build_PostfixExporter:
+    runs-on: ubuntu-latest
+    needs:
+      - Helm_chart_Tests
+    steps:
+      # Checkout
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          repository: kumina/postfix_exporter
+          path: 'postfix_exporter'
+
+      # Buildkit setup
+      - uses: ./.github/actions/buildx-setup
+
+      # Docker hub login
+      - uses: ./.github/actions/docker-hub-login
+        with:
+          DOCKER_ACCESS_TOKEN: '${{ secrets.DOCKER_ACCESS_TOKEN }}'
+
+      - name: Cache Docker layers
+        uses: actions/cache@v3
+        with:
+          path: /tmp/.buildx-cache
+          key: ${{ runner.os }}-postfix-exporter-${{ github.sha }}
+          restore-keys: |
+            ${{ runner.os }}-postfix-exporter-
+
+      - name: Build and push
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          push: true
+          tags: |
+            boky/postfix-exporter:latest
+            boky/postfix-exporter:latest
+          platforms: "linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/ppc64le"
+          cache-from: type=local,src=/tmp/.buildx-cache/postfix-exporter,mode=max,compression=estargz
+          cache-to: type=local,dest=/tmp/.buildx-cache-new/postfix-exporter
+
+      - name: Move cache
+        run: |
+          rm -rf /tmp/.buildx-cache
+          mv /tmp/.buildx-cache-new /tmp/.buildx-cache
+
   Build_Alpine:
     runs-on: ubuntu-latest
     needs:

diff --git a/.github/workflows/tags.yml b/.github/workflows/tags.yml
@@ -37,6 +37,54 @@ jobs:
 
       - uses: ./.github/actions/helm-chart-tests
 
+  Build_PostfixExporter:
+    runs-on: ubuntu-latest
+    needs:
+      - Helm_chart_Tests
+    steps:
+      # Checkout
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          repository: kumina/postfix_exporter
+          path: 'postfix_exporter'
+
+      # Buildkit setup
+      - uses: ./.github/actions/buildx-setup
+
+      # Docker hub login
+      - uses: ./.github/actions/docker-hub-login
+        with:
+          DOCKER_ACCESS_TOKEN: '${{ secrets.DOCKER_ACCESS_TOKEN }}'
+
+      - name: Cache Docker layers
+        uses: actions/cache@v3
+        with:
+          path: /tmp/.buildx-cache
+          key: ${{ runner.os }}-postfix-exporter-${{ github.sha }}
+          restore-keys: |
+            ${{ runner.os }}-postfix-exporter-
+
+      - name: Build and push
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          push: true
+          tags: |
+            boky/postfix-exporter:${{ env.RELEASE_VERSION }}
+            boky/postfix-exporter:${{ env.RELEASE_VERSION }}
+          platforms: "linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/ppc64le"
+          cache-from: type=local,src=/tmp/.buildx-cache/postfix-exporter,mode=max,compression=estargz
+          cache-to: type=local,dest=/tmp/.buildx-cache-new/postfix-exporter
+
+      - name: Move cache
+        run: |
+          rm -rf /tmp/.buildx-cache
+          mv /tmp/.buildx-cache-new /tmp/.buildx-cache
+
   Build_Alpine:
     runs-on: ubuntu-latest
     needs:

diff --git a/.gitignore b/.gitignore
@@ -4,3 +4,4 @@ public
 gh-pages
 .env
 cache
+postfix_exporter
diff --git a/README.md b/README.md
@@ -6,45 +6,57 @@ Simple postfix relay host ("postfix null client") for your Docker containers. Ba
 
 ## Table of contents
 
-* [Table of contents](#table-of-contents)
-* [Description](#description)
-* [TL;DR](#tldr)
-* [Updates](#updates)
-* [Architectures](#architectures)
-* [Configuration options](#configuration-options)
-  * [General options](#general-options)
-    * [Inbound debugging](#inbound-debugging)
-    * [ALLOWED_SENDER_DOMAINS and ALLOW_EMPTY_SENDER_DOMAINS](#allowed_sender_domains-and-allow_empty_sender_domains)
-    * [Log format](#log-format)
-  * [Postfix-specific options](#postfix-specific-options)
-    * [RELAYHOST, RELAYHOST_USERNAME and RELAYHOST_PASSWORD](#relayhost-relayhost_username-and-relayhost_password)
-    * [POSTFIX_smtp_tls_security_level](#postfix_smtp_tls_security_level)
-    * [XOAUTH2_CLIENT_ID, XOAUTH2_SECRET, XOAUTH2_INITIAL_ACCESS_TOKEN, XOAUTH2_INITIAL_REFRESH_TOKEN and XOAUTH2_TOKEN_ENDPOINT ](#xoauth2_client_id-xoauth2_secret-xoauth2_initial_access_token-xoauth2_initial_refresh_token-and-xoauth2_token_endpoint)
-    * [MASQUERADED_DOMAINS](#masqueraded_domains)
-    * [SMTP_HEADER_CHECKS](#smtp_header_checks)
-    * [POSTFIX_myhostname](#postfix_myhostname)
-    * [POSTFIX_mynetworks](#postfix_mynetworks)
-    * [POSTFIX_message_size_limit](#postfix_message_size_limit)
-    * [Overriding specific postfix settings](#overriding-specific-postfix-settings)
-    * [ANONYMIZE_EMAILS](#anonymize_emails)
-    * [SKIP_ROOT_SPOOL_CHOWN](#skip_root_spool_chown)
-  * [DKIM / DomainKeys](#dkim--domainkeys)
-    * [Supplying your own DKIM keys](#supplying-your-own-dkim-keys)
-    * [Auto-generating the DKIM selectors through the image](#auto-generating-the-dkim-selectors-through-the-image)
-    * [Changing the DKIM selector](#changing-the-dkim-selector)
-    * [Overriding specific OpenDKIM settings](#overriding-specific-opendkim-settings)
-    * [Verifying your DKIM setup](#verifying-your-dkim-setup)
-  * [Docker Secrets](#docker-secrets)
-* [Helm chart](#helm-chart)
-* [Extending the image](#extending-the-image)
-  * [Using custom init scripts](#using-custom-init-scripts)
-* [Security](#security)
-* [Quick how-tos](#quick-how-tos)
-  * [Relaying messages through your Gmail account](#relaying-messages-through-your-gmail-account)
-  * [Relaying messages through Google Apps account](#relaying-messages-through-google-apps-account)
-  * [Sending messages directly](#sending-messages-directly)
-* [Similar projects](#similar-projects)
-* [License check](#license-check)
+- [docker-postfix](#docker-postfix)
+  - [Table of contents](#table-of-contents)
+  - [Description](#description)
+  - [TL;DR](#tldr)
+  - [Updates](#updates)
+    - [v3.0.0](#v300)
+  - [Architectures](#architectures)
+  - [Configuration options](#configuration-options)
+    - [General options](#general-options)
+      - [Inbound debugging](#inbound-debugging)
+      - [`ALLOWED_SENDER_DOMAINS` and `ALLOW_EMPTY_SENDER_DOMAINS`](#allowed_sender_domains-and-allow_empty_sender_domains)
+      - [Log format](#log-format)
+    - [Postfix-specific options](#postfix-specific-options)
+      - [`RELAYHOST`, `RELAYHOST_USERNAME` and `RELAYHOST_PASSWORD`](#relayhost-relayhost_username-and-relayhost_password)
+      - [`POSTFIX_smtp_tls_security_level`](#postfix_smtp_tls_security_level)
+      - [`XOAUTH2_CLIENT_ID`, `XOAUTH2_SECRET`, `XOAUTH2_INITIAL_ACCESS_TOKEN`, `XOAUTH2_INITIAL_REFRESH_TOKEN` and `XOAUTH2_TOKEN_ENDPOINT`](#xoauth2_client_id-xoauth2_secret-xoauth2_initial_access_token-xoauth2_initial_refresh_token-and-xoauth2_token_endpoint)
+        - [OAuth2 Client Credentials (GMail)](#oauth2-client-credentials-gmail)
+        - [Obtain Initial Access Token (GMail)](#obtain-initial-access-token-gmail)
+        - [Debug XOAuth2 issues](#debug-xoauth2-issues)
+      - [`MASQUERADED_DOMAINS`](#masqueraded_domains)
+      - [`SMTP_HEADER_CHECKS`](#smtp_header_checks)
+      - [`POSTFIX_myhostname`](#postfix_myhostname)
+      - [`POSTFIX_mynetworks`](#postfix_mynetworks)
+      - [`POSTFIX_message_size_limit`](#postfix_message_size_limit)
+      - [Overriding specific postfix settings](#overriding-specific-postfix-settings)
+      - [`SKIP_ROOT_SPOOL_CHOWN`](#skip_root_spool_chown)
+      - [`ANONYMIZE_EMAILS`](#anonymize_emails)
+        - [The `default` (`smart`) filter](#the-default-smart-filter)
+        - [The `paranoid` filter](#the-paranoid-filter)
+        - [The `hash` filter](#the-hash-filter)
+        - [The `noop` filter](#the-noop-filter)
+        - [Writting your own filters](#writting-your-own-filters)
+    - [DKIM / DomainKeys](#dkim--domainkeys)
+      - [Supplying your own DKIM keys](#supplying-your-own-dkim-keys)
+      - [Auto-generating the DKIM selectors through the image](#auto-generating-the-dkim-selectors-through-the-image)
+      - [Changing the DKIM selector](#changing-the-dkim-selector)
+      - [Overriding specific OpenDKIM settings](#overriding-specific-opendkim-settings)
+      - [Verifying your DKIM setup](#verifying-your-dkim-setup)
+    - [Docker Secrets / Kubernetes secrets](#docker-secrets--kubernetes-secrets)
+  - [Helm chart](#helm-chart)
+  - [Extending the image](#extending-the-image)
+    - [Using custom init scripts](#using-custom-init-scripts)
+  - [Security](#security)
+  - [Quick how-tos](#quick-how-tos)
+    - [Relaying messages through your Gmail account](#relaying-messages-through-your-gmail-account)
+    - [Relaying messages through Google Apps account](#relaying-messages-through-google-apps-account)
+    - [Relaying messages through Amazon's SES](#relaying-messages-through-amazons-ses)
+    - [Sending messages directly](#sending-messages-directly)
+      - [Careful](#careful)
+  - [Similar projects](#similar-projects)
+  - [License check](#license-check)
 
 ## Description
 

diff --git a/configs/rsyslog.conf b/configs/rsyslog.conf
@@ -8,7 +8,7 @@ $FileCreateMode 0640
 $DirCreateMode 0755
 $Umask 0022
 
-template (name="devicelog" type="string" string="/dev/stdout")
+template(name="devicelog" type="string" string="/dev/stdout")
 
 template(name="json" type="list") {
     constant(value="{")
@@ -55,9 +55,9 @@ if $syslogseverity <= '6' then {
     #</email-anonymizer>
     action(type="omfile" DynaFile="devicelog" template="<log-format>" DirCreateMode="0755" FileCreateMode="0644")
     # enable below to stop processing further this log
-    stop
 }
 
+include(file="/etc/rsyslog.d-metrics/*.conf" mode="optional")
 include(file="/etc/rsyslog.d/*.conf" mode="optional")
 
 stop
diff --git a/helm/mail/templates/configmap-metrics.yaml b/helm/mail/templates/configmap-metrics.yaml
@@ -0,0 +1,17 @@
+{{- if .Values.metrics.enabled }}
+{{- $chart := "mail" -}}
+{{- $fullName := include (print $chart ".fullname") . -}}
+{{- $labels := include (print $chart ".labels") . -}}
+{{- $files := .Files -}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ print $fullName "-metrics" | quote }}
+  labels:
+    {{- $labels | nindent 4 }}
+data:
+  logrotate.conf: | {{- index .Values.metrics.logrotate "logrotate.conf" | nindent 4 }}
+  maillog.conf: |
+    template(name="metricslog" type="string" string={{ .Values.metrics.path | quote }})
+    action(type="omfile" DynaFile="metricslog" template="plain" DirCreateMode="0755" FileCreateMode="0644")
+{{- end }}
diff --git a/helm/mail/templates/configmap.yaml b/helm/mail/templates/configmap.yaml
@@ -13,6 +13,9 @@ data:
   {{- range $key, $value := .Values.config.postfix }}
   POSTFIX_{{ $key }}: {{ $value | quote }}
   {{- end }}
+  {{- if .Values.metrics.enabled }}
+  POSTFIX_maillog_file: {{ .Values.metrics.maillog }}
+  {{- end }}
   {{- range $key, $value := .Values.config.opendkim }}
   OPENDKIM_{{ $key }}: {{ $value | quote }}
   {{- end }}

diff --git a/helm/mail/templates/service-metrics.yaml b/helm/mail/templates/service-metrics.yaml
@@ -0,0 +1,25 @@
+{{- if .Values.metrics.enabled -}}
+{{- $chart := "mail" -}}
+{{- $fullName := include (print $chart ".fullname") . -}}
+{{- $labels := include (print $chart ".labels") . -}}
+{{- $selectorLabels := include (print $chart ".selectorLabels") . -}}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ print $fullName "-metrics" | quote }}
+  labels:
+    {{- $labels | nindent 4 }}
+    {{- with .Values.metrics.service.labels }}{{ toYaml . | nindent 4 }}{{ end }}
+  {{ with .Values.metrics.service.annotations }}annotations:
+    {{ toYaml . | nindent 4 }}
+  {{ end }}
+spec:
+  type: ClusterIP
+  ports:
+    - port: {{ .Values.metrics.port }}
+      targetPort: metrics
+      protocol: TCP
+      name: metrics
+  selector:
+    {{- $selectorLabels | nindent 4 }}
+{{- end -}}
diff --git a/helm/mail/templates/service-monitor.yaml b/helm/mail/templates/service-monitor.yaml
@@ -0,0 +1,29 @@
+{{- if .Values.metrics.enabled -}}
+{{- if .Values.metrics.serviceMonitor.enabled -}}
+{{- $chart := "mail" -}}
+{{- $fullName := include (print $chart ".fullname") . -}}
+{{- $labels := include (print $chart ".labels") . -}}
+{{- $selectorLabels := include (print $chart ".selectorLabels") . -}}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ print $fullName "-metrics" | quote }}
+  labels:
+    {{- $labels | nindent 4 }}
+    {{- with .Values.metrics.serviceMonitor.labels }}{{ toYaml . | nindent 4 }}{{ end }}
+  {{ with .Values.metrics.serviceMonitor.annotations }}annotations:
+    {{ toYaml . | nindent 4 }}
+  {{ end }}
+spec:
+  endpoints:
+  - interval: 15s
+    port: metrics
+  namespaceSelector:
+    matchNames:
+    - {{ .Release.Namespace | quote }}
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: {{ $chart }}
+      prometheus: unknown
+{{- end -}}
+{{- end -}}