mirror of
https://github.com/dnscrypt/dnscrypt-server-docker
synced 2024-10-30 21:20:12 +00:00
Update and add support for Prometheus metrics
This commit is contained in:
parent
9f00e11477
commit
b091ce75da
@ -37,7 +37,7 @@ ENV RUSTFLAGS "-C link-arg=-s"
|
||||
RUN apt-get update && apt-get install -qy --no-install-recommends $BUILD_DEPS && \
|
||||
curl -sSf https://sh.rustup.rs | bash -s -- -y --default-toolchain nightly && \
|
||||
export PATH="$HOME/.cargo/bin:$PATH" && \
|
||||
echo "Compiling encrypted-dns version 0.3.3" && \
|
||||
echo "Compiling encrypted-dns version 0.3.5" && \
|
||||
cargo install encrypted-dns && \
|
||||
mkdir -p /opt/encrypted-dns/sbin && \
|
||||
mv ~/.cargo/bin/encrypted-dns /opt/encrypted-dns/sbin/ && \
|
||||
@ -73,7 +73,7 @@ COPY watchdog.sh /etc/service/watchdog/run
|
||||
|
||||
VOLUME ["/opt/encrypted-dns/etc/keys"]
|
||||
|
||||
EXPOSE 443/udp 443/tcp
|
||||
EXPOSE 443/udp 443/tcp 9100/tcp
|
||||
|
||||
CMD ["/entrypoint.sh", "start"]
|
||||
|
||||
|
@ -149,6 +149,13 @@ TLS (including HTTPS and DoH) forwarding
|
||||
|
||||
If the DNS server is listening to port `443`, but you still want to have a web (or DoH) service accessible on that port, add the `-T` switch followed by the backend server IP and port to the `init` command (for example: `-T 10.0.0.1:4443`).
|
||||
|
||||
Prometheus metrics
|
||||
==================
|
||||
|
||||
Metrics are accessible inside the container as http://127.0.0.1:9100/metrics.
|
||||
|
||||
They can be made accessible outside of the container by adding the `-M` option followed by the IP and port (for example: `-M 0.0.0.0:9100`).
|
||||
|
||||
Join the network
|
||||
================
|
||||
|
||||
|
@ -50,10 +50,10 @@ udp_max_active_connections = 1000
|
||||
tcp_max_active_connections = 100
|
||||
|
||||
|
||||
## IP address to connect to upstream servers from.
|
||||
## You probably do not want to change this. `0.0.0.0` should be fine.
|
||||
## Optional IP address to connect to upstream servers from.
|
||||
## Leave commented/undefined to automatically select it.
|
||||
|
||||
external_addr = "0.0.0.0"
|
||||
# external_addr = "0.0.0.0"
|
||||
|
||||
|
||||
## Built-in DNS cache capacity
|
||||
@ -168,12 +168,11 @@ key_cache_capacity = 10000
|
||||
# Metrics #
|
||||
#########################
|
||||
|
||||
# [metrics]
|
||||
|
||||
# type = "prometheus"
|
||||
# listen_addr = "0.0.0.0:9100"
|
||||
# path = "/metrics"
|
||||
[metrics]
|
||||
|
||||
type = "prometheus"
|
||||
listen_addr = "@METRICS_ADDRESS@"
|
||||
path = "/metrics"
|
||||
|
||||
|
||||
################################
|
||||
|
@ -14,8 +14,6 @@ CONF_DIR="/opt/encrypted-dns/etc"
|
||||
CONFIG_FILE="${CONF_DIR}/encrypted-dns.toml"
|
||||
CONFIG_FILE_TEMPLATE="${CONF_DIR}/encrypted-dns.toml.in"
|
||||
|
||||
# -N provider-name -E external-ip-address:port
|
||||
|
||||
init() {
|
||||
if [ "$(is_initialized)" = yes ]; then
|
||||
start
|
||||
@ -25,13 +23,16 @@ init() {
|
||||
anondns_enabled="false"
|
||||
anondns_blacklisted_ips=""
|
||||
|
||||
while getopts "h?N:E:T:A" opt; do
|
||||
metrics_address="127.0.0.1:9100"
|
||||
|
||||
while getopts "h?N:E:T:AM:" opt; do
|
||||
case "$opt" in
|
||||
h | \?) usage ;;
|
||||
N) provider_name=$(echo "$OPTARG" | sed -e 's/^[ \t]*//' | tr A-Z a-z) ;;
|
||||
E) ext_address=$(echo "$OPTARG" | sed -e 's/^[ \t]*//' | tr A-Z a-z) ;;
|
||||
T) tls_proxy_upstream_address=$(echo "$OPTARG" | sed -e 's/^[ \t]*//' | tr A-Z a-z) ;;
|
||||
A) anondns_enabled="true" ;;
|
||||
M) metrics_address=$(echo "$OPTARG" | sed -e 's/^[ \t]*//' | tr A-Z a-z) ;;
|
||||
esac
|
||||
done
|
||||
[ -z "$provider_name" ] && usage
|
||||
@ -73,6 +74,7 @@ init() {
|
||||
-e "s#@DOMAIN_BLACKLIST_CONFIGURATION@#${domain_blacklist_configuration}#" \
|
||||
-e "s#@ANONDNS_ENABLED@#${anondns_enabled}#" \
|
||||
-e "s#@ANONDNS_BLACKLISTED_IPS@#${anondns_blacklisted_ips}#" \
|
||||
-e "s#@METRICS_ADDRESS@#${metrics_address}#" \
|
||||
"$CONFIG_FILE_TEMPLATE" >"$CONFIG_FILE"
|
||||
|
||||
mkdir -p -m 700 "${STATE_DIR}"
|
||||
|
Loading…
Reference in New Issue
Block a user