core: metrics v2 (#1370)

* outposts: add ldap metrics, move ping to 9100 Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outpost: add flow_executor metrics Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * use port 9300 for metrics, add core metrics port Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * outposts/controllers/k8s: add service monitor creation support Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-09 15:52:24 +02:00
parent c5cf17b60b
commit 7158c9d2ea
27 changed files with 400 additions and 25 deletions
--- a/internal/web/static.go
+++ b/internal/web/static.go
@ -0,0 +1,77 @@
+package web
+
+import (
+	"fmt"
+	"net/http"
+
+	"github.com/gorilla/mux"
+	"goauthentik.io/internal/config"
+	"goauthentik.io/internal/constants"
+	staticWeb "goauthentik.io/web"
+	staticDocs "goauthentik.io/website"
+)
+
+func (ws *WebServer) configureStatic() {
+	statRouter := ws.lh.NewRoute().Subrouter()
+	statRouter.Use(disableIndex)
+	// Media files, always local
+	fs := http.FileServer(http.Dir(config.G.Paths.Media))
+	var distHandler http.Handler
+	var distFs http.Handler
+	var authentikHandler http.Handler
+	var helpHandler http.Handler
+	if config.G.Debug || config.G.Web.LoadLocalFiles {
+		ws.log.Debug("Using local static files")
+		distFs = http.FileServer(http.Dir("./web/dist"))
+		distHandler = http.StripPrefix("/static/dist/", distFs)
+		authentikHandler = http.StripPrefix("/static/authentik/", http.FileServer(http.Dir("./web/authentik")))
+		helpHandler = http.StripPrefix("/help/", http.FileServer(http.Dir("./website/help")))
+	} else {
+		statRouter.Use(ws.staticHeaderMiddleware)
+		ws.log.Debug("Using packaged static files with aggressive caching")
+		distFs = http.FileServer(http.FS(staticWeb.StaticDist))
+		distHandler = http.StripPrefix("/static", distFs)
+		authentikHandler = http.StripPrefix("/static", http.FileServer(http.FS(staticWeb.StaticAuthentik)))
+		helpHandler = http.FileServer(http.FS(staticDocs.Help))
+	}
+	statRouter.PathPrefix("/static/dist/").Handler(distHandler)
+	statRouter.PathPrefix("/static/authentik/").Handler(authentikHandler)
+	// Prevent font-loading issues on safari, which loads fonts relatively to the URL the browser is on
+	statRouter.PathPrefix("/if/flow/{flow_slug}/assets").HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
+		vars := mux.Vars(r)
+
+		http.StripPrefix(fmt.Sprintf("/if/flow/%s", vars["flow_slug"]), distFs).ServeHTTP(rw, r)
+	})
+	statRouter.PathPrefix("/if/admin/assets").Handler(http.StripPrefix("/if/admin", distFs))
+
+	statRouter.PathPrefix("/media/").Handler(http.StripPrefix("/media", fs))
+
+	statRouter.PathPrefix("/if/help/").Handler(helpHandler)
+	statRouter.PathPrefix("/help").Handler(http.RedirectHandler("/if/help/", http.StatusMovedPermanently))
+
+	ws.lh.Path("/robots.txt").HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
+		rw.Header()["Content-Type"] = []string{"text/plain"}
+		rw.WriteHeader(200)
+		_, err := rw.Write(staticWeb.RobotsTxt)
+		if err != nil {
+			ws.log.WithError(err).Warning("failed to write response")
+		}
+	})
+	ws.lh.Path("/.well-known/security.txt").HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
+		rw.Header()["Content-Type"] = []string{"text/plain"}
+		rw.WriteHeader(200)
+		_, err := rw.Write(staticWeb.SecurityTxt)
+		if err != nil {
+			ws.log.WithError(err).Warning("failed to write response")
+		}
+	})
+}
+
+func (ws *WebServer) staticHeaderMiddleware(h http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Cache-Control", "\"public, no-transform\"")
+		w.Header().Set("X-authentik-version", constants.VERSION)
+		w.Header().Set("Vary", "X-authentik-version")
+		h.ServeHTTP(w, r)
+	})
+}