fix stuff

.github/workflows/test-mr.yml → .github/workflows/ci.yml

@@ -1,12 +1,16 @@
-name: Go Test on Pull Request
+name: CI
 
 on:
+  push:
+    tags:
+      - "v*.*.*"
   pull_request:
-    branches: [ main ]
+    branches:
+      - "main"
 
 jobs:
   tests:
-    name: Run Go Tests
+    name: Tests/Linters
     runs-on: ubuntu-latest
 
     steps:

.gitignore

@@ -19,4 +19,5 @@
 
 # Go workspace file
 go.work
-*opnsense-exporter-local
+*opnsense-exporter-local
+local.Makefile

Makefile

@@ -22,9 +22,9 @@ local-run:
 		--exporter.disable-arp-table \
 		--exporter.disable-cron-table \
 		--opnsense.protocol="https" \
-		--opnsense.address="pfs.local.st3ga.com" \
-		--opnsense.api-key="hU1D1ctLMzAmXAgOeVaGLkwqBozrjG3hQ+W3kVG/O5DOsSpOp8N8237m9JojxU9E8wwxTTjTJKno7zTA" \
-		--opnsense.api-secret="Gs2T6hgKiElJ8NfxUGhAGX36YQEBgKuZujDMRpcYtD6L64p3+M792rkK8S2YF5HTQL5KGTy9HXRmvwZL" \
+		--opnsense.address="ops.domain.com" \
+		--opnsense.api-key="XXX" \
+		--opnsense.api-secret="XXX" \
 		--web.disable-exporter-metrics \
 
 test:

README.md

@@ -1,9 +1,50 @@
 # OPNsense Prometheus Exporter
 
+The OPNsense exporter enables you to monitor your OPNsense firewall from the API.
+
+`Still under heavy development. The full metrics list is not yet implemented.`
+
+# Table of Contents
+
+1. **[OPNsense User Permissions](#opnsense-user-permissions)**  
+2. **[Usage](#usage)**  
+3. **[Configuration](#configuration)**  
+      - **[SSL/TLS](#ssltls)**  
+5. **[Grafana Dashboard](#grafana-dashboard)**  
+
+
+## OPNsense user permissions
+
+**TODO**
+
+## Usage
+
+**TODO**
+
+## Configuration
+
+To configure where your OPNsense API is located, you can use the following flags:
+
+- `--opnsense.protocol` - The protocol to use to connect to the OPNsense API. Can be either `http` or `https`.
+- `--opnsense.address` - The hostname or IP address of the OPNsense API.
+- `--opnsense.api-key` - The API key to use to connect to the OPNsense API.
+- `--opnsense.api-secret` - The API secret to use to connect to the OPNsense API
+
+### SSL/TLS
+
+- `--opnsense.insecure` - Disable TLS certificate verification. Not recommendet. Defaults to `false`.
+- If you have your api served with self-signed certificates. You should add them to the system trust store.  
+TODO: add Docker example
+
 ```bash
-usage: opnsense_exporter --exporter.instance-label=EXPORTER.INSTANCE-LABEL --opnsense.protocol=OPNSENSE.PROTOCOL --opnsense.address=OPNSENSE.ADDRESS --opnsense.api-key=OPNSENSE.API-KEY --opnsense.api-secret=OPNSENSE.API-SECRET [<flags>]
+You can disable parts of the exporter using the following flags:
 
+- `--exporter.disable-arp-table` - Disable the scraping of the ARP table. Defaults to `false`.
+- `--exporter.disable-cron-table` - Disable the scraping of the cron table. Defaults to `false`.
 
+Full list
+
+```bash
 Flags:
   -h, --[no-]help                Show context-sensitive help (also try --help-long and --help-man).
       --log.level="info"         Log level. One of: [debug, info, warn, error]
@@ -14,10 +55,12 @@ Flags:
                                  Exclude metrics about the exporter itself (promhttp_*, process_*, go_*). ($OPNSENSE_EXPORTER_DISABLE_EXPORTER_METRICS)
       --runtime.gomaxprocs=2     The target number of CPUs that the Go runtime will run on (GOMAXPROCS) ($GOMAXPROCS)
       --exporter.instance-label=EXPORTER.INSTANCE-LABEL  
-                                 Label to use to identify the instance in every metric. 
-                                 If you have multiple instances of the exporter, you can differentiate them by 
-                                 using different value in this flag, that represents the instance of the target OPNsense.
+                                 Label to use to identify the instance in every metric. If you have multiple instances of the exporter, you can differentiate them by using different value in this flag, that represents the instance of the target OPNsense.
                                  ($OPNSENSE_EXPORTER_INSTANCE_LABEL)
+      --[no-]exporter.disable-arp-table  
+                                 Disable the scraping of the ARP table ($OPNSENSE_EXPORTER_DISABLE_ARP_TABLE)
+      --[no-]exporter.disable-cron-table  
+                                 Disable the scraping of the cron table ($OPNSENSE_EXPORTER_DISABLE_CRON_TABLE)
       --opnsense.protocol=OPNSENSE.PROTOCOL  
                                  Protocol to use to connect to OPNsense API. One of: [http, https] ($OPNSENSE_EXPORTER_OPS_PROTOCOL)
       --opnsense.address=OPNSENSE.ADDRESS  
@@ -32,3 +75,7 @@ Flags:
                                  Addresses on which to expose metrics and web interface. Repeatable for multiple addresses.
       --web.config.file=""       [EXPERIMENTAL] Path to configuration file that can enable TLS or authentication. See: https://github.com/prometheus/exporter-toolkit/blob/master/docs/web-configuration.md
 ```
+
+## Grafana Dashboard
+
+**TODO**