github.com/prometheus/client_golang v1.7.1
github.com/prometheus/client_model v0.2.0
github.com/prometheus/common v0.15.0
- github.com/prometheus/exporter-toolkit v0.4.0
+ github.com/prometheus/exporter-toolkit v0.5.0
golang.org/x/net v0.0.0-20200625001655-4c5254603344
gopkg.in/alecthomas/kingpin.v2 v2.2.6
gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776
github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo=
github.com/prometheus/common v0.15.0 h1:4fgOnadei3EZvgRwxJ7RMpG1k1pOZth5Pc13tyspaKM=
github.com/prometheus/common v0.15.0/go.mod h1:U+gB1OBLb1lF3O42bTCL+FK18tX9Oar16Clt/msog/s=
-github.com/prometheus/exporter-toolkit v0.4.0 h1:O7Bw+ZKEMzW7vD10IuVF70b8EE4JIG7BvHFj9UKz49g=
-github.com/prometheus/exporter-toolkit v0.4.0/go.mod h1:OCkM4805mmisBhLmVFw858QYi3v0wKdY6/UxrT0pZVg=
+github.com/prometheus/exporter-toolkit v0.5.0 h1:GwrxhCviqOl8Mm0vKqkh7Xy54m+FPlHEJacFs48M3gY=
+github.com/prometheus/exporter-toolkit v0.5.0/go.mod h1:OCkM4805mmisBhLmVFw858QYi3v0wKdY6/UxrT0pZVg=
github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
github.com/prometheus/procfs v0.0.0-20190117184657-bf6a532e95b1/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
"github.com/prometheus/common/promlog"
"github.com/prometheus/common/promlog/flag"
"github.com/prometheus/common/version"
- "github.com/prometheus/exporter-toolkit/https"
- httpsflag "github.com/prometheus/exporter-toolkit/https/kingpinflag"
+ "github.com/prometheus/exporter-toolkit/web"
+ webflag "github.com/prometheus/exporter-toolkit/web/kingpinflag"
"gopkg.in/alecthomas/kingpin.v2"
"gopkg.in/yaml.v3"
}
configFile = kingpin.Flag("config.file", "Blackbox exporter configuration file.").Default("blackbox.yml").String()
- httpsConfig = httpsflag.AddFlags(kingpin.CommandLine)
+ webConfig = webflag.AddFlags(kingpin.CommandLine)
listenAddress = kingpin.Flag("web.listen-address", "The address to listen on for HTTP requests.").Default(":9115").String()
timeoutOffset = kingpin.Flag("timeout-offset", "Offset to subtract from timeout in seconds.").Default("0.5").Float64()
configCheck = kingpin.Flag("config.check", "If true validate the config file and then exit.").Default().Bool()
go func() {
level.Info(logger).Log("msg", "Listening on address", "address", *listenAddress)
- if err := https.Listen(srv, *httpsConfig, logger); err != http.ErrServerClosed {
+ if err := web.ListenAndServe(srv, *webConfig, logger); err != http.ErrServerClosed {
level.Error(logger).Log("msg", "Error starting HTTP server", "err", err)
close(srvc)
}
+++ /dev/null
-# HTTPS Package for Prometheus
-
-The `https` directory contains a Go package and a sample configuration file for
-running `node_exporter` with HTTPS instead of HTTP. We currently support TLS 1.3
-and TLS 1.2.
-
-To run a server with TLS, use the flag `--web.config`.
-
-e.g. `./node_exporter --web.config="web-config.yml"`
-If the config is kept within the https directory.
-
-The config file should be written in YAML format, and is reloaded on each connection to check for new certificates and/or authentication policy.
-
-## Sample Config
-
-```
-tls_server_config:
- # Certificate and key files for server to use to authenticate to client.
- cert_file: <filename>
- key_file: <filename>
-
- # Server policy for client authentication. Maps to ClientAuth Policies.
- # For more detail on clientAuth options: [ClientAuthType](https://golang.org/pkg/crypto/tls/#ClientAuthType)
- [ client_auth_type: <string> | default = "NoClientCert" ]
-
- # CA certificate for client certificate authentication to the server.
- [ client_ca_file: <filename> ]
-
- # Minimum TLS version that is acceptable.
- [ min_version: <string> | default = "TLS12" ]
-
- # Maximum TLS version that is acceptable.
- [ max_version: <string> | default = "TLS13" ]
-
- # List of supported cipher suites for TLS versions up to TLS 1.2. If empty,
- # Go default cipher suites are used. Available cipher suites are documented
- # in the go documentation:
- # https://golang.org/pkg/crypto/tls/#pkg-constants
- [ cipher_suites:
- [ - <string> ] ]
-
- # prefer_server_cipher_suites controls whether the server selects the
- # client's most preferred ciphersuite, or the server's most preferred
- # ciphersuite. If true then the server's preference, as expressed in
- # the order of elements in cipher_suites, is used.
- [ prefer_server_cipher_suites: <bool> | default = true ]
-
- # Elliptic curves that will be used in an ECDHE handshake, in preference
- # order. Available curves are documented in the go documentation:
- # https://golang.org/pkg/crypto/tls/#CurveID
- [ curve_preferences:
- [ - <string> ] ]
-
-http_server_config:
- # Enable HTTP/2 support. Note that HTTP/2 is only supported with TLS.
- # This can not be changed on the fly.
- [ http2: <bool> | default = true ]
-
-# Usernames and hashed passwords that have full access to the web
-# server via basic authentication. If empty, no basic authentication is
-# required. Passwords are hashed with bcrypt.
-basic_auth_users:
- [ <string>: <secret> ... ]
-```
-
-## About bcrypt
-
-There are several tools out there to generate bcrypt passwords, e.g.
-[htpasswd](https://httpd.apache.org/docs/2.4/programs/htpasswd.html):
-
-`htpasswd -nBC 10 "" | tr -d ':\n'`
-
-That command will prompt you for a password and output the hashed password,
-which will look something like:
-`$2y$10$X0h1gDsPszWURQaxFh.zoubFi6DXncSjhoQNJgRrnGs7EsimhC7zG`
-
-The cost (10 in the example) influences the time it takes for computing the
-hash. A higher cost will en up slowing down the authentication process.
-Depending on the machine, a cost of 10 will take about ~70ms where a cost of
-18 can take up to a few seconds. That hash will be computed on every
-password-protected request.
--- /dev/null
+# web package
+
+This package can be used by Prometheus exporters to enable TLS and
+authentication.
+
+We actively encourage the community to use this repository, to provide a
+consistent experience across the ecosystem.
+
+Developers documentation can be found on
+[pkg.go.dev](https://pkg.go.dev/github.com/prometheus/exporter-toolkit/).
// See the License for the specific language governing permissions and
// limitations under the License.
-// Package https allows the implementation of TLS.
-package https
+package web
import (
"crypto/tls"
return cfg, nil
}
-// Listen starts the server on the given address. Based on the file
+// ListenAndServe starts the server on the given address. Based on the file
// tlsConfigPath, TLS or basic auth could be enabled.
-func Listen(server *http.Server, tlsConfigPath string, logger log.Logger) error {
+func ListenAndServe(server *http.Server, tlsConfigPath string, logger log.Logger) error {
listener, err := net.Listen("tcp", server.Addr)
if err != nil {
return err
}
return fmt.Sprintf("%v", tv), nil
}
+
+// Listen starts the server on the given address. Based on the file
+// tlsConfigPath, TLS or basic auth could be enabled.
+//
+// Deprecated: Use ListenAndServe instead.
+func Listen(server *http.Server, tlsConfigPath string, logger log.Logger) error {
+ return ListenAndServe(server, tlsConfigPath, logger)
+}
// See the License for the specific language governing permissions and
// limitations under the License.
-package https
+package web
import (
"net/http"
github.com/prometheus/common/promlog
github.com/prometheus/common/promlog/flag
github.com/prometheus/common/version
-# github.com/prometheus/exporter-toolkit v0.4.0
-github.com/prometheus/exporter-toolkit/https
-github.com/prometheus/exporter-toolkit/https/kingpinflag
+# github.com/prometheus/exporter-toolkit v0.5.0
+github.com/prometheus/exporter-toolkit/web
+github.com/prometheus/exporter-toolkit/web/kingpinflag
# github.com/prometheus/procfs v0.1.3
github.com/prometheus/procfs
github.com/prometheus/procfs/internal/fs
projects / blackbox_exporter.git / commitdiff