| blob | 4cb11fbaa45a4d9fa4534fb61c54bbfcb04ea923 |
1 {
2 config,
3 lib,
4 pkgs,
5 options,
6 ...
7 }:
9 let
10 cfg = config.services.prometheus.exporters.dmarc;
11 inherit (lib) mkOption types optionalString;
13 json = builtins.toJSON {
14 inherit (cfg) folders port;
15 listen_addr = cfg.listenAddress;
16 storage_path = "$STATE_DIRECTORY";
17 imap = (builtins.removeAttrs cfg.imap [ "passwordFile" ]) // {
18 password = "$IMAP_PASSWORD";
19 use_ssl = true;
20 };
21 poll_interval_seconds = cfg.pollIntervalSeconds;
22 deduplication_max_seconds = cfg.deduplicationMaxSeconds;
23 logging = {
24 version = 1;
25 disable_existing_loggers = false;
26 };
27 };
28 in
29 {
30 port = 9797;
31 extraOpts = {
32 imap = {
33 host = mkOption {
34 type = types.str;
35 default = "localhost";
36 description = ''
37 Hostname of IMAP server to connect to.
38 '';
39 };
40 port = mkOption {
41 type = types.port;
42 default = 993;
43 description = ''
44 Port of the IMAP server to connect to.
45 '';
46 };
47 username = mkOption {
48 type = types.str;
49 example = "postmaster@example.org";
50 description = ''
51 Login username for the IMAP connection.
52 '';
53 };
54 passwordFile = mkOption {
55 type = types.str;
56 example = "/run/secrets/dovecot_pw";
57 description = ''
58 File containing the login password for the IMAP connection.
59 '';
60 };
61 };
62 folders = {
63 inbox = mkOption {
64 type = types.str;
65 default = "INBOX";
66 description = ''
67 IMAP mailbox that is checked for incoming DMARC aggregate reports
68 '';
69 };
70 done = mkOption {
71 type = types.str;
72 default = "Archive";
73 description = ''
74 IMAP mailbox that successfully processed reports are moved to.
75 '';
76 };
77 error = mkOption {
78 type = types.str;
79 default = "Invalid";
80 description = ''
81 IMAP mailbox that emails are moved to that could not be processed.
82 '';
83 };
84 };
85 pollIntervalSeconds = mkOption {
86 type = types.ints.unsigned;
87 default = 60;
88 description = ''
89 How often to poll the IMAP server in seconds.
90 '';
91 };
92 deduplicationMaxSeconds = mkOption {
93 type = types.ints.unsigned;
94 default = 604800;
95 defaultText = "7 days (in seconds)";
96 description = ''
97 How long individual report IDs will be remembered to avoid
98 counting double delivered reports twice.
99 '';
100 };
101 debug = mkOption {
102 type = types.bool;
103 default = false;
104 description = ''
105 Whether to declare enable `--debug`.
106 '';
107 };
108 };
109 serviceOpts = {
110 path = with pkgs; [
111 envsubst
112 coreutils
113 ];
114 serviceConfig = {
115 StateDirectory = "prometheus-dmarc-exporter";
116 WorkingDirectory = "/var/lib/prometheus-dmarc-exporter";
117 ExecStart = "${pkgs.writeShellScript "setup-cfg" ''
118 export IMAP_PASSWORD="$(<${cfg.imap.passwordFile})"
119 envsubst \
120 -i ${pkgs.writeText "dmarc-exporter.json.template" json} \
121 -o ''${STATE_DIRECTORY}/dmarc-exporter.json
123 exec ${pkgs.dmarc-metrics-exporter}/bin/dmarc-metrics-exporter \
124 --configuration /var/lib/prometheus-dmarc-exporter/dmarc-exporter.json \
125 ${optionalString cfg.debug "--debug"}
126 ''}";
127 };
128 };
129 }