README
¶
web package
This package can be used by Prometheus exporters to enable TLS and authentication.
We actively encourage the community to use this repository, to provide a consistent experience across the ecosystem.
Developers documentation can be found on pkg.go.dev.
Documentation
¶
Index ¶
- Variables
- func ConfigToTLSConfig(c *TLSConfig) (*tls.Config, error)
- func Listen(server *http.Server, flags *FlagConfig, logger *slog.Logger) errordeprecated
- func ListenAndServe(server *http.Server, flags *FlagConfig, logger *slog.Logger) error
- func Serve(l net.Listener, server *http.Server, flags *FlagConfig, logger *slog.Logger) error
- func ServeMultiple(listeners []net.Listener, server *http.Server, flags *FlagConfig, ...) error
- func Validate(tlsConfigPath string) error
- type Cipher
- type Config
- type Curve
- type FlagConfig
- type HTTPConfig
- type LandingConfig
- type LandingForm
- type LandingFormInput
- type LandingLinks
- type LandingPageHandler
- type TLSConfig
- type TLSVersion
Constants ¶
This section is empty.
Variables ¶
var (
ErrNoListeners = errors.New("no web listen address or systemd socket flag specified")
)
Functions ¶
func ConfigToTLSConfig ¶
ConfigToTLSConfig generates the golang tls.Config from the TLSConfig struct.
func ListenAndServe ¶
ListenAndServe starts the server on addresses given in WebListenAddresses in the FlagConfig. When address starts looks like vsock://:{port}, it listens on vsock. More info check https://wiki.qemu.org/Features/VirtioVsock . Or instead uses systemd socket activated listeners if WebSystemdSocket in the FlagConfig is true. The FlagConfig is also passed on to ServeMultiple.
func Serve ¶
Server starts the server on the given listener. Based on the file path WebConfigFile in the FlagConfig, TLS or basic auth could be enabled.
func ServeMultiple ¶ added in v0.8.0
func ServeMultiple(listeners []net.Listener, server *http.Server, flags *FlagConfig, logger *slog.Logger) error
ServeMultiple starts the server on the given listeners. The FlagConfig is also passed on to Serve.
Types ¶
type Cipher ¶ added in v0.8.0
type Cipher uint16
func (Cipher) MarshalYAML ¶ added in v0.8.0
func (*Cipher) UnmarshalYAML ¶ added in v0.8.0
type Config ¶
type Config struct {
TLSConfig TLSConfig `yaml:"tls_server_config"`
HTTPConfig HTTPConfig `yaml:"http_server_config"`
Users map[string]config_util.Secret `yaml:"basic_auth_users"`
}
type Curve ¶ added in v0.8.0
func (*Curve) MarshalYAML ¶ added in v0.8.0
func (*Curve) UnmarshalYAML ¶ added in v0.8.0
type FlagConfig ¶ added in v0.8.0
type HTTPConfig ¶ added in v0.8.0
type LandingConfig ¶ added in v0.9.0
type LandingConfig struct {
HeaderColor string // Used for the landing page header.
CSS string // CSS style tag for the landing page.
Name string // The name of the exporter, generally suffixed by _exporter.
Description string // A short description about the exporter.
Form LandingForm // A POST form.
Links []LandingLinks // Links displayed on the landing page.
ExtraHTML string // Additional HTML to be embedded.
ExtraCSS string // Additional CSS to be embedded.
Version string // The version displayed.
}
Config represents the configuration of the web listener.
type LandingForm ¶ added in v0.10.0
type LandingForm struct {
Action string
Inputs []LandingFormInput
Width float64
}
LandingForm provides a configuration struct for creating a POST form on the landing page.
type LandingFormInput ¶ added in v0.10.0
type LandingFormInput struct {
Label string
Type string
Name string
Placeholder string
Value string
}
LandingFormInput represents a single form input field.
type LandingLinks ¶ added in v0.9.0
type LandingPageHandler ¶ added in v0.9.0
type LandingPageHandler struct {
// contains filtered or unexported fields
}
func NewLandingPage ¶ added in v0.9.0
func NewLandingPage(c LandingConfig) (*LandingPageHandler, error)
func (*LandingPageHandler) ServeHTTP ¶ added in v0.9.0
func (h *LandingPageHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
type TLSConfig ¶ added in v0.8.0
type TLSConfig struct {
TLSCert string `yaml:"cert"`
TLSKey config_util.Secret `yaml:"key"`
ClientCAsText string `yaml:"client_ca"`
TLSCertPath string `yaml:"cert_file"`
TLSKeyPath string `yaml:"key_file"`
ClientAuth string `yaml:"client_auth_type"`
ClientCAs string `yaml:"client_ca_file"`
CipherSuites []Cipher `yaml:"cipher_suites"`
CurvePreferences []Curve `yaml:"curve_preferences"`
MinVersion TLSVersion `yaml:"min_version"`
MaxVersion TLSVersion `yaml:"max_version"`
PreferServerCipherSuites bool `yaml:"prefer_server_cipher_suites"`
ClientAllowedSans []string `yaml:"client_allowed_sans"`
}
func (*TLSConfig) SetDirectory ¶ added in v0.8.0
SetDirectory joins any relative file paths with dir.
func (*TLSConfig) VerifyPeerCertificate ¶ added in v0.10.0
func (t *TLSConfig) VerifyPeerCertificate(rawCerts [][]byte, _ [][]*x509.Certificate) error
VerifyPeerCertificate will check the SAN entries of the client cert if there is configuration for it
type TLSVersion ¶ added in v0.8.0
type TLSVersion uint16
func (*TLSVersion) MarshalYAML ¶ added in v0.8.0
func (tv *TLSVersion) MarshalYAML() (interface{}, error)
func (*TLSVersion) UnmarshalYAML ¶ added in v0.8.0
func (tv *TLSVersion) UnmarshalYAML(unmarshal func(interface{}) error) error
Source Files
Directories