From 48d302a60f052960adae8b99e18c3936edb39011 Mon Sep 17 00:00:00 2001 From: FloatingGhost Date: Fri, 16 Dec 2022 11:17:04 +0000 Subject: [PATCH] allow disabling prometheus entirely --- config/config.exs | 3 ++- config/description.exs | 5 +++++ docs/docs/administration/monitoring.md | 2 ++ docs/docs/configuration/cheatsheet.md | 1 + .../akkoma_api/controllers/metrics_controller.ex | 12 ++++++++---- .../web/akkoma_api/metrics_controller_test.exs | 13 +++++++++---- 6 files changed, 27 insertions(+), 9 deletions(-) diff --git a/config/config.exs b/config/config.exs index a0176a72d..cb19edde3 100644 --- a/config/config.exs +++ b/config/config.exs @@ -259,7 +259,8 @@ profile_directory: true, privileged_staff: false, local_bubble: [], - max_frontend_settings_json_chars: 100_000 + max_frontend_settings_json_chars: 100_000, + export_prometheus_metrics: true config :pleroma, :welcome, direct_message: [ diff --git a/config/description.exs b/config/description.exs index 4d4306fba..1059039e7 100644 --- a/config/description.exs +++ b/config/description.exs @@ -964,6 +964,11 @@ type: {:list, :string}, description: "List of instances that make up your local bubble (closely-related instances). Used to populate the 'bubble' timeline (domain only)." + }, + %{ + key: :export_prometheus_metrics, + type: :boolean, + description: "Enable prometheus metrics (at /api/v1/akkoma/metrics)" } ] }, diff --git a/docs/docs/administration/monitoring.md b/docs/docs/administration/monitoring.md index 65fbbb249..fceb8c3a4 100644 --- a/docs/docs/administration/monitoring.md +++ b/docs/docs/administration/monitoring.md @@ -7,6 +7,8 @@ To facilitate this, akkoma exposes prometheus metrics to be scraped. ## Prometheus +See: [export_prometheus_metrics](../configuration/cheatsheet#instance) + To scrape prometheus metrics, we need an oauth2 token with the `admin:metrics` scope. consider using [constanze](https://akkoma.dev/AkkomaGang/constanze) to make this easier - diff --git a/docs/docs/configuration/cheatsheet.md b/docs/docs/configuration/cheatsheet.md index d81275043..22fc4ecbe 100644 --- a/docs/docs/configuration/cheatsheet.md +++ b/docs/docs/configuration/cheatsheet.md @@ -62,6 +62,7 @@ To add configuration to your config file, you can copy it from the base config. * `password_reset_token_validity`: The time after which reset tokens aren't accepted anymore, in seconds (default: one day). * `local_bubble`: Array of domains representing instances closely related to yours. Used to populate the `bubble` timeline. e.g `["example.com"]`, (default: `[]`) * `languages`: List of Language Codes used by the instance. This is used to try and set a default language from the frontend. It will try and find the first match between the languages set here and the user's browser languages. It will default to the first language in this setting if there is no match.. (default `["en"]`) +* `export_prometheus_metrics`: Enable prometheus metrics, served at `/api/v1/akkoma/metrics`, requiring the `admin:metrics` oauth scope. ## :database * `improved_hashtag_timeline`: Setting to force toggle / force disable improved hashtags timeline. `:enabled` forces hashtags to be fetched from `hashtags` table for hashtags timeline. `:disabled` forces object-embedded hashtags to be used (slower). Keep it `:auto` for automatic behaviour (it is auto-set to `:enabled` [unless overridden] when HashtagsTableMigrator completes). diff --git a/lib/pleroma/web/akkoma_api/controllers/metrics_controller.ex b/lib/pleroma/web/akkoma_api/controllers/metrics_controller.ex index 8d413bf58..cc7a616ee 100644 --- a/lib/pleroma/web/akkoma_api/controllers/metrics_controller.ex +++ b/lib/pleroma/web/akkoma_api/controllers/metrics_controller.ex @@ -2,6 +2,7 @@ defmodule Pleroma.Web.AkkomaAPI.MetricsController do use Pleroma.Web, :controller alias Pleroma.Web.Plugs.OAuthScopesPlug + alias Pleroma.Config plug( OAuthScopesPlug, @@ -12,9 +13,12 @@ defmodule Pleroma.Web.AkkomaAPI.MetricsController do ) def show(conn, _params) do - stats = TelemetryMetricsPrometheus.Core.scrape() - - conn - |> text(stats) + if Config.get([:instance, :export_prometheus_metrics], true) do + conn + |> text(TelemetryMetricsPrometheus.Core.scrape()) + else + conn + |> send_resp(404, "Not Found") + end end end diff --git a/test/pleroma/web/akkoma_api/metrics_controller_test.exs b/test/pleroma/web/akkoma_api/metrics_controller_test.exs index 4b7214e6f..e703fc36c 100644 --- a/test/pleroma/web/akkoma_api/metrics_controller_test.exs +++ b/test/pleroma/web/akkoma_api/metrics_controller_test.exs @@ -1,9 +1,6 @@ defmodule Pleroma.Web.AkkomaAPI.MetricsControllerTest do use Pleroma.Web.ConnCase, async: true - import Pleroma.Factory - alias Pleroma.Akkoma.FrontendSettingsProfile - describe "GET /api/v1/akkoma/metrics" do test "should return metrics when the user has admin:metrics" do %{conn: conn} = oauth_access(["admin:metrics"]) @@ -16,9 +13,17 @@ test "should return metrics when the user has admin:metrics" do test "should not allow users that do not have the admin:metrics scope" do %{conn: conn} = oauth_access(["read:metrics"]) - resp = conn + conn |> get("/api/v1/akkoma/metrics") |> json_response(403) end + + test "should be disabled by export_prometheus_metrics" do + clear_config([:instance, :export_prometheus_metrics], false) + %{conn: conn} = oauth_access(["admin:metrics"]) + conn + |> get("/api/v1/akkoma/metrics") + |> response(404) + end end end