mirror of
https://github.com/dnscrypt/dnscrypt-server-docker
synced 2024-11-26 06:13:49 +01:00
Update and add support for Prometheus metrics
This commit is contained in:
parent
9f00e11477
commit
b091ce75da
@ -37,7 +37,7 @@ ENV RUSTFLAGS "-C link-arg=-s"
|
|||||||
RUN apt-get update && apt-get install -qy --no-install-recommends $BUILD_DEPS && \
|
RUN apt-get update && apt-get install -qy --no-install-recommends $BUILD_DEPS && \
|
||||||
curl -sSf https://sh.rustup.rs | bash -s -- -y --default-toolchain nightly && \
|
curl -sSf https://sh.rustup.rs | bash -s -- -y --default-toolchain nightly && \
|
||||||
export PATH="$HOME/.cargo/bin:$PATH" && \
|
export PATH="$HOME/.cargo/bin:$PATH" && \
|
||||||
echo "Compiling encrypted-dns version 0.3.3" && \
|
echo "Compiling encrypted-dns version 0.3.5" && \
|
||||||
cargo install encrypted-dns && \
|
cargo install encrypted-dns && \
|
||||||
mkdir -p /opt/encrypted-dns/sbin && \
|
mkdir -p /opt/encrypted-dns/sbin && \
|
||||||
mv ~/.cargo/bin/encrypted-dns /opt/encrypted-dns/sbin/ && \
|
mv ~/.cargo/bin/encrypted-dns /opt/encrypted-dns/sbin/ && \
|
||||||
@ -73,7 +73,7 @@ COPY watchdog.sh /etc/service/watchdog/run
|
|||||||
|
|
||||||
VOLUME ["/opt/encrypted-dns/etc/keys"]
|
VOLUME ["/opt/encrypted-dns/etc/keys"]
|
||||||
|
|
||||||
EXPOSE 443/udp 443/tcp
|
EXPOSE 443/udp 443/tcp 9100/tcp
|
||||||
|
|
||||||
CMD ["/entrypoint.sh", "start"]
|
CMD ["/entrypoint.sh", "start"]
|
||||||
|
|
||||||
|
@ -149,6 +149,13 @@ TLS (including HTTPS and DoH) forwarding
|
|||||||
|
|
||||||
If the DNS server is listening to port `443`, but you still want to have a web (or DoH) service accessible on that port, add the `-T` switch followed by the backend server IP and port to the `init` command (for example: `-T 10.0.0.1:4443`).
|
If the DNS server is listening to port `443`, but you still want to have a web (or DoH) service accessible on that port, add the `-T` switch followed by the backend server IP and port to the `init` command (for example: `-T 10.0.0.1:4443`).
|
||||||
|
|
||||||
|
Prometheus metrics
|
||||||
|
==================
|
||||||
|
|
||||||
|
Metrics are accessible inside the container as http://127.0.0.1:9100/metrics.
|
||||||
|
|
||||||
|
They can be made accessible outside of the container by adding the `-M` option followed by the IP and port (for example: `-M 0.0.0.0:9100`).
|
||||||
|
|
||||||
Join the network
|
Join the network
|
||||||
================
|
================
|
||||||
|
|
||||||
|
@ -50,10 +50,10 @@ udp_max_active_connections = 1000
|
|||||||
tcp_max_active_connections = 100
|
tcp_max_active_connections = 100
|
||||||
|
|
||||||
|
|
||||||
## IP address to connect to upstream servers from.
|
## Optional IP address to connect to upstream servers from.
|
||||||
## You probably do not want to change this. `0.0.0.0` should be fine.
|
## Leave commented/undefined to automatically select it.
|
||||||
|
|
||||||
external_addr = "0.0.0.0"
|
# external_addr = "0.0.0.0"
|
||||||
|
|
||||||
|
|
||||||
## Built-in DNS cache capacity
|
## Built-in DNS cache capacity
|
||||||
@ -168,12 +168,11 @@ key_cache_capacity = 10000
|
|||||||
# Metrics #
|
# Metrics #
|
||||||
#########################
|
#########################
|
||||||
|
|
||||||
# [metrics]
|
[metrics]
|
||||||
|
|
||||||
# type = "prometheus"
|
|
||||||
# listen_addr = "0.0.0.0:9100"
|
|
||||||
# path = "/metrics"
|
|
||||||
|
|
||||||
|
type = "prometheus"
|
||||||
|
listen_addr = "@METRICS_ADDRESS@"
|
||||||
|
path = "/metrics"
|
||||||
|
|
||||||
|
|
||||||
################################
|
################################
|
||||||
@ -199,4 +198,4 @@ allow_non_reserved_ports = false
|
|||||||
|
|
||||||
# Blacklisted upstream IP addresses
|
# Blacklisted upstream IP addresses
|
||||||
|
|
||||||
blacklisted_ips = [ @ANONDNS_BLACKLISTED_IPS@ ]
|
blacklisted_ips = [ @ANONDNS_BLACKLISTED_IPS@ ]
|
||||||
|
@ -14,8 +14,6 @@ CONF_DIR="/opt/encrypted-dns/etc"
|
|||||||
CONFIG_FILE="${CONF_DIR}/encrypted-dns.toml"
|
CONFIG_FILE="${CONF_DIR}/encrypted-dns.toml"
|
||||||
CONFIG_FILE_TEMPLATE="${CONF_DIR}/encrypted-dns.toml.in"
|
CONFIG_FILE_TEMPLATE="${CONF_DIR}/encrypted-dns.toml.in"
|
||||||
|
|
||||||
# -N provider-name -E external-ip-address:port
|
|
||||||
|
|
||||||
init() {
|
init() {
|
||||||
if [ "$(is_initialized)" = yes ]; then
|
if [ "$(is_initialized)" = yes ]; then
|
||||||
start
|
start
|
||||||
@ -25,13 +23,16 @@ init() {
|
|||||||
anondns_enabled="false"
|
anondns_enabled="false"
|
||||||
anondns_blacklisted_ips=""
|
anondns_blacklisted_ips=""
|
||||||
|
|
||||||
while getopts "h?N:E:T:A" opt; do
|
metrics_address="127.0.0.1:9100"
|
||||||
|
|
||||||
|
while getopts "h?N:E:T:AM:" opt; do
|
||||||
case "$opt" in
|
case "$opt" in
|
||||||
h | \?) usage ;;
|
h | \?) usage ;;
|
||||||
N) provider_name=$(echo "$OPTARG" | sed -e 's/^[ \t]*//' | tr A-Z a-z) ;;
|
N) provider_name=$(echo "$OPTARG" | sed -e 's/^[ \t]*//' | tr A-Z a-z) ;;
|
||||||
E) ext_address=$(echo "$OPTARG" | sed -e 's/^[ \t]*//' | tr A-Z a-z) ;;
|
E) ext_address=$(echo "$OPTARG" | sed -e 's/^[ \t]*//' | tr A-Z a-z) ;;
|
||||||
T) tls_proxy_upstream_address=$(echo "$OPTARG" | sed -e 's/^[ \t]*//' | tr A-Z a-z) ;;
|
T) tls_proxy_upstream_address=$(echo "$OPTARG" | sed -e 's/^[ \t]*//' | tr A-Z a-z) ;;
|
||||||
A) anondns_enabled="true" ;;
|
A) anondns_enabled="true" ;;
|
||||||
|
M) metrics_address=$(echo "$OPTARG" | sed -e 's/^[ \t]*//' | tr A-Z a-z) ;;
|
||||||
esac
|
esac
|
||||||
done
|
done
|
||||||
[ -z "$provider_name" ] && usage
|
[ -z "$provider_name" ] && usage
|
||||||
@ -73,6 +74,7 @@ init() {
|
|||||||
-e "s#@DOMAIN_BLACKLIST_CONFIGURATION@#${domain_blacklist_configuration}#" \
|
-e "s#@DOMAIN_BLACKLIST_CONFIGURATION@#${domain_blacklist_configuration}#" \
|
||||||
-e "s#@ANONDNS_ENABLED@#${anondns_enabled}#" \
|
-e "s#@ANONDNS_ENABLED@#${anondns_enabled}#" \
|
||||||
-e "s#@ANONDNS_BLACKLISTED_IPS@#${anondns_blacklisted_ips}#" \
|
-e "s#@ANONDNS_BLACKLISTED_IPS@#${anondns_blacklisted_ips}#" \
|
||||||
|
-e "s#@METRICS_ADDRESS@#${metrics_address}#" \
|
||||||
"$CONFIG_FILE_TEMPLATE" >"$CONFIG_FILE"
|
"$CONFIG_FILE_TEMPLATE" >"$CONFIG_FILE"
|
||||||
|
|
||||||
mkdir -p -m 700 "${STATE_DIR}"
|
mkdir -p -m 700 "${STATE_DIR}"
|
||||||
|
Loading…
Reference in New Issue
Block a user