From 524fb0e4c2561f4a2e4c8e58519df991f034c901 Mon Sep 17 00:00:00 2001 From: Ivan Tashkinov Date: Sun, 18 Oct 2020 21:22:21 +0300 Subject: [#1668] Restricted access to app metrics endpoint by default. Added ability to configure IP whitelist for this endpoint. Added tests and documentation. --- config/config.exs | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'config') diff --git a/config/config.exs b/config/config.exs index 2c6142360..a7aae5802 100644 --- a/config/config.exs +++ b/config/config.exs @@ -636,7 +636,12 @@ config :pleroma, Pleroma.Emails.UserEmail, config :pleroma, Pleroma.Emails.NewUsersDigestEmail, enabled: false -config :prometheus, Pleroma.Web.Endpoint.MetricsExporter, path: "/api/pleroma/app_metrics" +config :prometheus, Pleroma.Web.Endpoint.MetricsExporter, + enabled: false, + auth: false, + ip_whitelist: [], + path: "/api/pleroma/app_metrics", + format: :text config :pleroma, Pleroma.ScheduledActivity, daily_user_limit: 25, -- cgit v1.2.3 From 3a28aa8814e186eea67df7da00df1636823291f3 Mon Sep 17 00:00:00 2001 From: Ivan Tashkinov Date: Tue, 20 Oct 2020 15:13:20 +0300 Subject: [#1668] Added :prometheus group config to config/description.exs. --- config/description.exs | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) (limited to 'config') diff --git a/config/description.exs b/config/description.exs index 2a1898922..0fe86ded7 100644 --- a/config/description.exs +++ b/config/description.exs @@ -3722,5 +3722,41 @@ config :pleroma, :config_description, [ suggestions: [2] } ] + }, + %{ + group: :prometheus, + key: Pleroma.Web.Endpoint.MetricsExporter, + type: :group, + description: "Prometheus app metrics endpoint configuration", + children: [ + %{ + key: :enabled, + type: :boolean, + description: "[Pleroma extension] Enables app metrics endpoint." + }, + %{ + key: :ip_whitelist, + type: [{:list, :string}, {:list, :charlist}, {:list, :tuple}], + description: "[Pleroma extension] If non-empty, restricts access to app metrics endpoint to specified IP addresses." + }, + %{ + key: :auth, + type: [:boolean, :tuple], + description: "Enables HTTP Basic Auth for app metrics endpoint.", + suggestion: [false, {:basic, "myusername", "mypassword"}] + }, + %{ + key: :path, + type: :string, + description: "App metrics endpoint URI path.", + suggestions: ["/api/pleroma/app_metrics"] + }, + %{ + key: :format, + type: :atom, + description: "App metrics endpoint output format.", + suggestions: [:text, :protobuf] + } + ] } ] -- cgit v1.2.3 From 50d428088017e0383d8b35d4ab1b831f40646ab0 Mon Sep 17 00:00:00 2001 From: Ivan Tashkinov Date: Tue, 20 Oct 2020 16:18:24 +0300 Subject: [#1668] Formatting fix. --- config/description.exs | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'config') diff --git a/config/description.exs b/config/description.exs index 0fe86ded7..11755d757 100644 --- a/config/description.exs +++ b/config/description.exs @@ -3737,7 +3737,8 @@ config :pleroma, :config_description, [ %{ key: :ip_whitelist, type: [{:list, :string}, {:list, :charlist}, {:list, :tuple}], - description: "[Pleroma extension] If non-empty, restricts access to app metrics endpoint to specified IP addresses." + description: + "[Pleroma extension] If non-empty, restricts access to app metrics endpoint to specified IP addresses." }, %{ key: :auth, -- cgit v1.2.3