search

MindFlavor / prometheus_wireguard_exporter

A Prometheus exporter for WireGuard, written in Rust.
https://mindflavor.github.io/prometheus_wireguard_exporter
MIT License
463 stars 49 forks source link

Permission denied (os error 13) when using friendly_name attribute #127

Open dholukeval opened 2 weeks ago

dholukeval commented 2 weeks ago

I have VM instance running on Azure with Ubuntu 22.04. It is a Wireguard VPN server. I want to setup Prometheus with Wireguard exporter to monitor the network. I can SSH into VM with SSH keys.

What I understood to use friendly_name I had to run the container with the options. So I could do something like:

docker run -d --privileged --net=host --cap-add=NET_ADMIN --name wgexporter mindflavor/prometheus-wireguard-exporter -d true -a true -v true

Above is working fine and I can do curl http:/localhost:9586/metrics and I can see metrics. I want to use _friendlyname feature. So I had to run the container with -n /path/to/wg0.config. At the same time I had to mount the /etc/wireguard to the container with -v /etc/wireguard:/etc/wireguard. So the overall command is:

docker run -d --privileged --net=host --cap-add=NET_ADMIN --name wgexporter -v /etc/wireguard:/etc/wireguard mindflavor/prometheus-wireguard-exporter -d true -a true -v true -n /etc/wireguard/wg0.conf -i wg0

Container runs without any errors. But I can not curl http:/localhost:9586/metrics. It gives me an error: failed to read peer config file

I checked docker logs wgexporter outputs follwing:

[2024-06-17T09:59:47Z INFO  prometheus_wireguard_exporter] prometheus_wireguard_exporter v3.6.6 starting...
[2024-06-17T09:59:47Z INFO  prometheus_wireguard_exporter] using options: Options { verbose: true, prepend_sudo: true,      separate_allowed_ips: false, extract_names_config_files: Some(["/etc/wireguard/wg0.conf"]), interfaces: Some(["wg0"]), export_remote_ip_and_port: false, export_latest_handshake_delay: true }
[2024-06-17T09:59:47Z INFO  prometheus_wireguard_exporter] starting exporter on http://0.0.0.0:9586/metrics
[2024-06-17T09:59:47Z INFO  prometheus_exporter_base] Listening on http://0.0.0.0:9586/metrics
[2024-06-17T10:00:00Z TRACE prometheus_exporter_base] serve_function:: req.uri() == /metrics, req.method() == GET
[2024-06-17T10:00:00Z TRACE prometheus_exporter_base] received headers ==> 
host => localhost:9586
user-agent => curl/7.81.0
accept => */*
[2024-06-17T10:00:00Z TRACE prometheus_exporter_base] serve_function:: options == Options { verbose: true, prepend_sudo: true, separate_allowed_ips: false, extract_names_config_files: Some(["/etc/wireguard/wg0.conf"]), interfaces: Some(["wg0"]), export_remote_ip_and_port: false, export_latest_handshake_delay: true }
[2024-06-17T10:00:00Z TRACE prometheus_wireguard_exporter] interfaces_to_handle == ["wg0"]
[2024-06-17T10:00:00Z WARN  prometheus_exporter_base] internal server error == failed to read peer config file

Caused by:
    Permission denied (os error 13)

I gave all the necessary permission to the config file. I can see that the /etc/wireguard directory mounted on to the container as I can cd into it. I am still not able to solve this problem. Any help would be appreciated.