Add profiling endpoints

This commit is contained in:
Melody Becker 2024-10-15 21:26:48 +02:00
parent 391d8b1b48
commit 124fc0ecac
4 changed files with 88 additions and 2 deletions

View file

@ -45,6 +45,11 @@ type ConfigAdmin struct {
// A one time password used to verify account access to the root admin // A one time password used to verify account access to the root admin
// after a server has been created and before the account could be linked to a passkey // after a server has been created and before the account could be linked to a passkey
FirstTimeSetupOTP string `toml:"first_time_setup_otp"` FirstTimeSetupOTP string `toml:"first_time_setup_otp"`
// Password for protecting profiling data from unauthorised access
// An empty string equals to no password
// The password has to be supplied in the `password` GET form value for all requests
// to /profiling/*
ProfilingPassword string `toml:"profiling_password"`
} }
type ConfigStorage struct { type ConfigStorage struct {
@ -106,6 +111,7 @@ var defaultConfig Config = Config{
Admin: ConfigAdmin{ Admin: ConfigAdmin{
Username: "server-admin", Username: "server-admin",
FirstTimeSetupOTP: "Example otp password", FirstTimeSetupOTP: "Example otp password",
ProfilingPassword: "Example profiling password",
}, },
Webauthn: ConfigWebAuthn{ Webauthn: ConfigWebAuthn{
DisplayName: "Linstrom", DisplayName: "Linstrom",

View file

@ -14,4 +14,5 @@ const (
HttpErrIdMissingContextValue HttpErrIdMissingContextValue
HttpErrIdDbFailure HttpErrIdDbFailure
HttpErrIdNotAuthenticated HttpErrIdNotAuthenticated
HttpErrIdJsonMarshalFail
) )

View file

@ -0,0 +1,68 @@
package server
import (
"encoding/json"
"fmt"
"net/http"
"net/http/pprof"
"runtime"
"runtime/debug"
"time"
"gitlab.com/mstarongitlab/goutils/other"
)
func setupProfilingHandler() http.Handler {
router := http.NewServeMux()
router.HandleFunc("GET /current-goroutines", metricActiveGoroutinesHandler)
router.HandleFunc("GET /memory", metricMemoryStatsHandler)
router.HandleFunc("GET /pprof/cpu", pprof.Profile)
router.Handle("GET /pprof/memory", pprof.Handler("heap"))
router.Handle("GET /pprof/goroutines", pprof.Handler("goroutine"))
router.Handle("GET /pprof/blockers", pprof.Handler("block"))
return router
}
func isAliveHandler(w http.ResponseWriter, r *http.Request) {
fmt.Fprint(w, "yup")
}
func metricActiveGoroutinesHandler(w http.ResponseWriter, r *http.Request) {
fmt.Fprintf(w, "{\"goroutines\": %d}", runtime.NumGoroutine())
}
func metricMemoryStatsHandler(w http.ResponseWriter, r *http.Request) {
type OutData struct {
CollectedAt time.Time `json:"collected_at"`
HeapUsed uint64 `json:"heap_used"`
HeapIdle uint64 `json:"heap_idle"`
StackUsed uint64 `json:"stack_used"`
GCLastFired time.Time `json:"gc_last_fired"`
GCNextTargetHeapSize uint64 `json:"gc_next_target_heap_size"`
}
stats := runtime.MemStats{}
gcStats := debug.GCStats{}
runtime.ReadMemStats(&stats)
debug.ReadGCStats(&gcStats)
outData := OutData{
CollectedAt: time.Now(),
HeapUsed: stats.HeapInuse,
HeapIdle: stats.HeapIdle,
StackUsed: stats.StackInuse,
GCLastFired: gcStats.LastGC,
GCNextTargetHeapSize: stats.NextGC,
}
jsonData, err := json.Marshal(&outData)
if err != nil {
other.HttpErr(
w,
HttpErrIdJsonMarshalFail,
"Failed to encode return data",
http.StatusInternalServerError,
)
return
}
fmt.Fprint(w, string(jsonData))
}

View file

@ -1,13 +1,13 @@
package server package server
import ( import (
"fmt"
"io/fs" "io/fs"
"net/http" "net/http"
"github.com/mstarongithub/passkey" "github.com/mstarongithub/passkey"
"github.com/rs/zerolog/log" "github.com/rs/zerolog/log"
"gitlab.com/mstarongitlab/goutils/other" "gitlab.com/mstarongitlab/goutils/other"
"gitlab.com/mstarongitlab/linstrom/config"
"gitlab.com/mstarongitlab/linstrom/storage" "gitlab.com/mstarongitlab/linstrom/storage"
) )
@ -32,7 +32,18 @@ func buildRootHandler(pkey *passkey.Passkey, reactiveFS, staticFS fs.FS) http.Ha
pkey.MountRoutes(mux, "/webauthn/") pkey.MountRoutes(mux, "/webauthn/")
mux.Handle("/", setupFrontendRouter(reactiveFS, staticFS)) mux.Handle("/", setupFrontendRouter(reactiveFS, staticFS))
mux.Handle("/pk/", http.StripPrefix("/pk", http.FileServer(http.Dir("pk-auth")))) mux.Handle("/pk/", http.StripPrefix("/pk", http.FileServer(http.Dir("pk-auth"))))
mux.HandleFunc("/health", func(w http.ResponseWriter, r *http.Request) { fmt.Fprint(w, true) }) mux.HandleFunc("/alive", isAliveHandler)
profilingHandler := setupProfilingHandler()
mux.Handle("/profiling/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// Only allow access to profiling if a password is provided and it matches the one in the config
if r.FormValue("password") != config.GlobalConfig.Admin.ProfilingPassword {
// Specifically reply with a plain 404
http.Error(w, "", 404)
return
}
profilingHandler.ServeHTTP(w, r)
}))
mux.Handle( mux.Handle(
"/authonly/", "/authonly/",
pkey.Auth( pkey.Auth(