feat: add basic k6 load testing script

Reviewed-on: #15

Dockerfile

@@ -1,4 +1,4 @@
-FROM golang:1.20 AS BUILD
+FROM reg.cadoles.com/proxy_cache/library/golang:1.21.6 AS BUILD
 
 RUN apt-get update \
     && apt-get install -y make
@@ -21,17 +21,11 @@ RUN /src/dist/bouncer_linux_amd64_v1/bouncer -c '' config dump > /src/dist/bounc
     && yq -i '.admin.auth.privateKey = "/etc/bouncer/admin-key.json"' /src/dist/bouncer_linux_amd64_v1/config.yml \
     && yq -i '.redis.adresses = ["redis:6379"]' /src/dist/bouncer_linux_amd64_v1/config.yml
 
-FROM alpine:3.18 AS RUNTIME
+FROM reg.cadoles.com/proxy_cache/library/alpine:3.19.1 AS RUNTIME
 
-ARG DUMB_INIT_VERSION=1.2.5
+RUN apk add --no-cache ca-certificates dumb-init
 
-RUN apk add --no-cache ca-certificates
-
-RUN mkdir -p /usr/local/bin \
-    && wget -O /usr/local/bin/dumb-init https://github.com/Yelp/dumb-init/releases/download/v${DUMB_INIT_VERSION}/dumb-init_${DUMB_INIT_VERSION}_x86_64 \
-    && chmod +x /usr/local/bin/dumb-init
-
-ENTRYPOINT ["/usr/local/bin/dumb-init", "--"]
+ENTRYPOINT ["/usr/bin/dumb-init", "--"]
 
 RUN mkdir -p /usr/local/bin /usr/share/bouncer/bin /etc/bouncer
 

Makefile

@@ -101,6 +101,12 @@ gitea-release: tools/gitea-release/bin/gitea-release.sh goreleaser
 		GITEA_RELEASE_ATTACHMENTS="$$(find .gitea-release/* -type f)" \
 		tools/gitea-release/bin/gitea-release.sh
 
+grafterm: tools/grafterm/bin/grafterm
+	tools/grafterm/bin/grafterm -c ./misc/grafterm/dashboard.json -v job=bouncer-proxy -r 5s
+
+siege:
+	siege -i -c 100 -f ./misc/siege/urls.txt
+
 tools/gitea-release/bin/gitea-release.sh:
 	mkdir -p tools/gitea-release/bin
 	curl --output tools/gitea-release/bin/gitea-release.sh https://forge.cadoles.com/Cadoles/Jenkins/raw/branch/master/resources/com/cadoles/gitea/gitea-release.sh
@@ -110,6 +116,10 @@ tools/modd/bin/modd:
 	mkdir -p tools/modd/bin
 	GOBIN=$(PWD)/tools/modd/bin go install github.com/cortesi/modd/cmd/modd@latest
 
+tools/grafterm/bin/grafterm:
+	mkdir -p tools/grafterm/bin
+	GOBIN=$(PWD)/tools/grafterm/bin go install github.com/slok/grafterm/cmd/grafterm@v0.2.0
+
 full-version:
 	@echo $(FULL_VERSION)
 
@@ -128,4 +138,12 @@ run-redis:
 redis-shell:
 	docker exec -it \
 		bouncer-redis \
-		redis-cli
+		redis-cli
+
+run-prometheus:
+	docker kill bouncer-prometheus || exit 0
+	docker run --rm -t \
+		--name bouncer-prometheus \
+		--network host \
+		-v $(PWD)/misc/prometheus/prometheus.yml:/etc/prometheus/prometheus.yml \
+		prom/prometheus

doc/README.md

@@ -6,10 +6,13 @@
 ## Exemples
 
 - [(FR) - Exemple de déploiement multi-noeuds](../misc/docker-compose/README.md)
+
 ## Référence
 
 - [(FR) - Layers](./fr/references/layers/README.md)
+- [(FR) - Métriques](./fr/references/metrics.md)
 - [(FR) - Fichier de configuration](../misc/packaging/common/config.yml)
+- [(FR) - API d'administration](./fr/references/admin_api.md)
 
 ## Tutoriels
 

doc/fr/references/admin_api.md

@@ -0,0 +1,182 @@
+# API d'administration
+
+## Authentification
+
+L'ensemble des appels aux APIs HTTP du service `bouncer-admin` sont authentifiées via l'utilisation d'un jeton [JWT](https://datatracker.ietf.org/doc/html/rfc7519) signé par la clé privée du serveur.
+
+Le jeton d'accès doit être transmis avec l'ensemble des appels aux points d'entrée via l'entête HTTP `Authorization` en respectant la forme suivante:
+
+```
+Authorization: Bearer <jwt>
+```
+
+### Génération d'un jeton d'authentification
+
+La génération d'un jeton d'authentification s'effectue via la commande suivante:
+
+```shell
+bouncer auth create-token --subject "<subject>" --role "<role>"
+```
+
+Où:
+
+- `"<subject>"` est une chaîne de caractère arbitraire ayant pour objectif d'identifier de manière unique l'utilisateur associé au jeton;
+- `"<role>"` peut prendre une des deux valeurs `reader` ou `writer` correspondant aux droits suivants respectifs:
+    - droit en lecture sur l'ensemble des entités (proxy, layer);
+    - droit en lecture ET en écriture sur l'ensemble des entités.
+
+
+## Points d'entrée
+
+### `POST /api/v1/proxies`
+
+Créer un nouveau proxy
+
+#### Exemple de corps de requête
+
+```json5
+{
+  "name": "myproxy",                // OBLIGATOIRE - Nom du proxy
+  "to": "https://www.cadoles.com",  // OBLIGATOIRE - Site distant ciblé par le proxy
+  "from": ["*"]                     // OPTIONNEL - Liste de patrons de filtrage associés au proxy
+}
+```
+
+#### Exemple de résultat
+
+```json5
+{
+    "data": {
+        "proxy": {
+            "name": "myproxy",
+            "weight": 0,
+            "enabled": false,
+            "to": "https://www.cadoles.com",
+            "from": ["*"],
+            "createdAt": "2018-12-10T13:45:00.000Z",
+            "updatedAt": "2018-12-10T13:45:00.000Z"
+        }
+    }
+}
+```
+
+#### Source
+
+Voir [`internal/admin/proxy_route.go#createProxy()`](../../../internal/admin/proxy_route.go#createProxy)
+
+### `GET /api/v1/proxies/{proxyName}`
+
+Récupérer les informations complètes sur un proxy
+
+#### Paramètres
+
+- `{proxyName}` - Nom du proxy
+
+#### Exemple de résultat
+
+```json5
+{
+    "data": {
+        "proxy": {
+            "name": "myproxy",
+            "weight": 0,
+            "enabled": false,
+            "to": "https://www.cadoles.com",
+            "from": ["*"],
+            "createdAt": "2018-12-10T13:45:00.000Z",
+            "updatedAt": "2018-12-10T13:45:00.000Z"
+        }
+    }
+}
+```
+
+#### Source
+
+Voir [`internal/admin/proxy_route.go#getProxy()`](../../../internal/admin/proxy_route.go#getProxy)
+
+### `PUT /api/v1/proxies/{proxyName}`
+
+Modifier un proxy
+
+#### Exemple de corps de requête
+
+```json5
+{
+  "to": "https://www.cadoles.com",  // OPTIONNEL - Site distant ciblé par le proxy
+  "from": ["mylocalproxydomain:*"], // OPTIONNEL - Liste de patrons de filtrage associés au proxy
+  "weight": 100,                    // OPTIONNEL - Poids à associer au proxy
+  "enabled": true,                  // OPTIONNEL - Activer/désactiver le proxy
+}
+```
+
+#### Exemple de résultat
+
+```json5
+{
+    "data": {
+        "proxy": {
+            "name": "myproxy",
+            "weight": 100,
+            "enabled": true,
+            "to": "https://www.cadoles.com",
+            "from": ["mylocalproxydomain:*"],
+            "createdAt": "2018-12-10T13:45:00.000Z",
+            "updatedAt": "2020-10-02T15:09:00.000Z"
+        }
+    }
+}
+```
+
+#### Source
+
+Voir [`internal/admin/proxy_route.go#updateProxy()`](../../../internal/admin/proxy_route.go#updateProxy)
+
+### `GET /api/v1/proxies?names={name1,name2,...}`
+
+Lister les proxies existants
+
+#### Paramètres
+
+- `{names}` - Optionnel - Liste des noms de proxy à appliquer en tant que filtre
+
+#### Exemple de résultat
+
+```json5
+{
+    "data": {
+        "proxies": [
+            {
+                "name": "myproxy",
+                "weight": 0,
+                "enabled": false,
+            }
+        ]
+    }
+}
+```
+
+#### Source
+
+Voir [`internal/admin/proxy_route.go#queryProxy()`](../../../internal/admin/proxy_route.go#queryProxy)
+
+## `DELETE /api/v1/proxies/{proxyName}`
+
+Supprimer le proxy
+
+#### Paramètres
+
+- `{proxyName}` - Nom du proxy
+
+#### Exemple de résultat
+
+```json5
+{
+    "data": {
+        "proxyName": "myproxy"
+    }
+}
+```
+
+#### Source
+
+Voir [`internal/admin/proxy_route.go#deleteProxy()`](../../../internal/admin/proxy_route.go#deleteProxy)

doc/fr/references/layers/circuitbreaker.md

@@ -32,6 +32,10 @@ Ce layer permet de bloquer l'accès à un site (ou une section de celui ci) cibl
 
     Voir le [fichier de configuration de référence](../../../../misc/packaging/common/config.yml), section `layers.circuitbreaker` pour voir les options permettant de personnaliser le chemin du répertoire contenant les templates.
 
-### Schéma
+## Schéma
 
-Voir le [schéma JSON](../../../../internal/proxy/director/layer/circuitbreaker/layer-options.json).
+Voir le [schéma JSON](../../../../internal/proxy/director/layer/circuitbreaker/layer-options.json).
+
+## Métriques
+
+_Aucune [métrique Prometheus](../metrics.md) n'est exportée par ce layer._

doc/fr/references/layers/queue.md

@@ -30,6 +30,34 @@ Ce layer permet d'ajouter un mécanisme de file d'attente dynamique au proxy ass
 
     Par exemple, si vous souhaitez limiter votre file à l'ensemble d'une section "`/blog`" d'un site, vous pouvez déclarer la valeur `["*/blog*"]`. Les autres URLs du site ne seront pas affectées par cette file d'attente.
 
-### Schéma
+## Schéma
 
-Voir le [schéma JSON](../../../../internal/proxy/director/layer/queue/schema/layer-options.json).
+Voir le [schéma JSON](../../../../internal/proxy/director/layer/queue/schema/layer-options.json).
+
+## Métriques
+
+Les [métriques Prometheus](../metrics.md) suivantes sont exposées par ce layer.
+
+### `bouncer_layer_queue_capacity{layer=<layerName>,proxy=<proxyName>}`
+
+- **Type:** `gauge`
+- **Description**: Capacité maximale de la queue
+- **Exemple**
+
+    ```
+    # HELP bouncer_layer_queue_capacity Bouncer's queue layer capacity
+    # TYPE bouncer_layer_queue_capacity gauge
+    bouncer_layer_queue_capacity{layer="queue",proxy="cadoles"} 2
+    ```
+
+### `bouncer_layer_queue_sessions{layer=<layerName>,proxy=<proxyName>}`
+
+- **Type:** `gauge`
+- **Description**: Nombre courant de sessions ouvertes
+- **Exemple**
+
+    ```
+    # HELP bouncer_layer_queue_sessions Bouncer's queue layer current sessions
+    # TYPE bouncer_layer_queue_sessions gauge
+    bouncer_layer_queue_sessions{layer="queue",proxy="cadoles"} 3
+    ```

doc/fr/references/metrics.md

@@ -0,0 +1,29 @@
+# Métriques
+
+Bouncer expose un certain nombre de métriques Prometheus sur le serveur proxy ainsi que sur le serveur d'administration. Ces métriques sont par défaut accessibles sur `/.bouncer/metrics`. 
+
+Il est possible de configurer le point d'entrée de ces métriques ainsi que d'ajouter une authentification de type `Basic Auth` [via la configuration](../../../misc/packaging/common/config.yml) (voir les clés `admin.metrics` et `proxy.metrics`).
+
+Outre les métriques par défaut fournies par la librairie [Prometheus](https://prometheus.io/docs/guides/go-application/#instrumenting-a-go-application-for-prometheus), les serveurs Bouncer exposent également des métriques propres.
+
+Chaque layer associé à un proxy peut également ses propres métriques spécifiques. [Voir la page de documentation](./layers/README.md) de chaque layer pour plus d'informations.
+
+## Métriques spécifiques
+
+### Serveur proxy
+
+#### `bouncer_proxy_director_proxy_requests_total{proxy=<proxyName>}`
+
+- **Type:** `counter`
+- **Description**: Nombre total de requêtes ayant transité par le proxy 
+- **Exemple**
+
+    ```
+    # HELP bouncer_proxy_director_proxy_requests_total Bouncer proxy total requests
+    # TYPE bouncer_proxy_director_proxy_requests_total counter
+    bouncer_proxy_director_proxy_requests_total{proxy="cadoles"} 64
+    ```
+
+### Serveur d'administration
+
+_Pas de métrique supplémentaire._

doc/fr/tutorials/getting-started-with-sources.md

@@ -70,15 +70,15 @@ docker run --rm -t \
 
 Surveiller les sources, compiler celles ci en cas de modifications et lancer les services `bouncer-proxy` et `bouncer-admin`.
 
-#### `make test`
+### `make test`
 
 Exécuter les tests unitaires/d'intégration du projet.
 
-#### `make build`
+### `make build`
 
 Compiler une version de développement du binaire `bouncer`.
 
-#### `make docker-build`
+### `make docker-build`
 
 Construire une image Docker pour Bouncer.
 
@@ -92,6 +92,13 @@ docker run \
     bouncer server proxy run
 ```
 
+### `make grafterm`
+
+Afficher un tableau de bord [`grafterm`](https://github.com/slok/grafterm) branché sur l'instance Prometheus locale.
+
+### `make siege`
+
+Lancer une session de test [`siege`](https://github.com/JoeDog/siege) sur l'instance `bouncer-proxy` locale.
 ## Arborescence du projet
 
 ```bash

go.mod

@@ -6,6 +6,7 @@ require (
 	forge.cadoles.com/Cadoles/go-proxy v0.0.0-20230701194111-c6b3d482cca6
 	github.com/Masterminds/sprig/v3 v3.2.3
 	github.com/btcsuite/btcd/btcutil v1.1.3
+	github.com/drone/envsubst v1.0.3
 	github.com/getsentry/sentry-go v0.22.0
 	github.com/go-chi/chi/v5 v5.0.8
 	github.com/jedib0t/go-pretty/v6 v6.4.6
@@ -59,7 +60,7 @@ require (
 	github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f // indirect
 	github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
 	github.com/xeipuuv/gojsonschema v1.2.0 // indirect
-	golang.org/x/text v0.9.0 // indirect
+	golang.org/x/text v0.14.0 // indirect
 	google.golang.org/genproto v0.0.0-20220314164441-57ef72a4c106 // indirect
 	google.golang.org/protobuf v1.30.0 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
@@ -79,11 +80,11 @@ require (
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/google/uuid v1.3.0
 	github.com/leodido/go-urn v1.2.1 // indirect
-	github.com/lestrrat-go/blackmagic v1.0.1 // indirect
+	github.com/lestrrat-go/blackmagic v1.0.2 // indirect
 	github.com/lestrrat-go/httpcc v1.0.1 // indirect
 	github.com/lestrrat-go/httprc v1.0.4 // indirect
 	github.com/lestrrat-go/iter v1.0.2 // indirect
-	github.com/lestrrat-go/jwx/v2 v2.0.11
+	github.com/lestrrat-go/jwx/v2 v2.0.19
 	github.com/lestrrat-go/option v1.0.1 // indirect
 	github.com/lib/pq v1.10.0 // indirect
 	github.com/lithammer/shortuuid/v4 v4.0.0
@@ -95,10 +96,10 @@ require (
 	github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect
 	gitlab.com/wpetit/goweb v0.0.0-20230419082146-a94d9ed7202b
 	go.opencensus.io v0.24.0 // indirect
-	golang.org/x/crypto v0.9.0 // indirect
+	golang.org/x/crypto v0.17.0 // indirect
 	golang.org/x/mod v0.9.0 // indirect
-	golang.org/x/sys v0.10.0 // indirect
-	golang.org/x/term v0.8.0 // indirect
+	golang.org/x/sys v0.15.0 // indirect
+	golang.org/x/term v0.15.0 // indirect
 	golang.org/x/tools v0.7.0 // indirect
 	golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
 	gopkg.in/go-playground/validator.v9 v9.29.1 // indirect

go.sum

@@ -143,7 +143,6 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/decred/dcrd/crypto/blake256 v1.0.0/go.mod h1:sQl2p6Y26YV+ZOcSTP6thNdn47hh8kt6rqSlvmrXFAc=
-github.com/decred/dcrd/crypto/blake256 v1.0.1/go.mod h1:2OfgNZ5wDpcsFmHmCK5gZTPcCXqlm2ArzUIkw9czNJo=
 github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1/go.mod h1:hyedUtir6IdtD/7lIxGeCxkaw7y45JueMRL4DIyJDKs=
 github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 h1:8UrgZ3GkP4i/CLijOJx79Yu+etlyjdBU4sfcs2WYQMs=
 github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0/go.mod h1:v57UDF4pDQJcEfFUCRop3lJL149eHGSe9Jvczhzjo/0=
@@ -163,6 +162,8 @@ github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKoh
 github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec=
 github.com/docker/go-units v0.4.0 h1:3uh0PgVws3nIA0Q+MwDC8yjEPf9zjRfZZWXZYDct3Tw=
 github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
+github.com/drone/envsubst v1.0.3 h1:PCIBwNDYjs50AsLZPYdfhSATKaRg/FJmDc2D6+C2x8g=
+github.com/drone/envsubst v1.0.3/go.mod h1:N2jZmlMufstn1KEqvbHjw40h1KyTmnVzHcSc9bFiJ2g=
 github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
@@ -323,17 +324,16 @@ github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
 github.com/leodido/go-urn v1.1.0/go.mod h1:+cyI34gQWZcE1eQU7NVgKkkzdXDQHr1dBMtdAPozLkw=
 github.com/leodido/go-urn v1.2.1 h1:BqpAaACuzVSgi/VLzGZIobT2z4v53pjosyNd9Yv6n/w=
 github.com/leodido/go-urn v1.2.1/go.mod h1:zt4jvISO2HfUBqxjfIshjdMTYS56ZS/qv49ictyFfxY=
-github.com/lestrrat-go/blackmagic v1.0.1 h1:lS5Zts+5HIC/8og6cGHb0uCcNCa3OUt1ygh3Qz2Fe80=
-github.com/lestrrat-go/blackmagic v1.0.1/go.mod h1:UrEqBzIR2U6CnzVyUtfM6oZNMt/7O7Vohk2J0OGSAtU=
+github.com/lestrrat-go/blackmagic v1.0.2 h1:Cg2gVSc9h7sz9NOByczrbUvLopQmXrfFx//N+AkAr5k=
+github.com/lestrrat-go/blackmagic v1.0.2/go.mod h1:UrEqBzIR2U6CnzVyUtfM6oZNMt/7O7Vohk2J0OGSAtU=
 github.com/lestrrat-go/httpcc v1.0.1 h1:ydWCStUeJLkpYyjLDHihupbn2tYmZ7m22BGkcvZZrIE=
 github.com/lestrrat-go/httpcc v1.0.1/go.mod h1:qiltp3Mt56+55GPVCbTdM9MlqhvzyuL6W/NMDA8vA5E=
 github.com/lestrrat-go/httprc v1.0.4 h1:bAZymwoZQb+Oq8MEbyipag7iSq6YIga8Wj6GOiJGdI8=
 github.com/lestrrat-go/httprc v1.0.4/go.mod h1:mwwz3JMTPBjHUkkDv/IGJ39aALInZLrhBp0X7KGUZlo=
 github.com/lestrrat-go/iter v1.0.2 h1:gMXo1q4c2pHmC3dn8LzRhJfP1ceCbgSiT9lUydIzltI=
 github.com/lestrrat-go/iter v1.0.2/go.mod h1:Momfcq3AnRlRjI5b5O8/G5/BvpzrhoFTZcn06fEOPt4=
-github.com/lestrrat-go/jwx/v2 v2.0.11 h1:ViHMnaMeaO0qV16RZWBHM7GTrAnX2aFLVKofc7FuKLQ=
-github.com/lestrrat-go/jwx/v2 v2.0.11/go.mod h1:ZtPtMFlrfDrH2Y0iwfa3dRFn8VzwBrB+cyrm3IBWdDg=
-github.com/lestrrat-go/option v1.0.0/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I=
+github.com/lestrrat-go/jwx/v2 v2.0.19 h1:ekv1qEZE6BVct89QA+pRF6+4pCpfVrOnEJnTnT4RXoY=
+github.com/lestrrat-go/jwx/v2 v2.0.19/go.mod h1:l3im3coce1lL2cDeAjqmaR+Awx+X8Ih+2k8BuHNJ4CU=
 github.com/lestrrat-go/option v1.0.1 h1:oAzP2fvZGQKWkvHa1/SAcFolBEca1oN+mQ7eooNBEYU=
 github.com/lestrrat-go/option v1.0.1/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I=
 github.com/lib/pq v1.10.0 h1:Zx5DJFEYQXio93kgXnQ09fXNiUKsqv4OUEu2UtGcB1E=
@@ -450,7 +450,6 @@ github.com/stretchr/testify v1.7.4/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
-github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
 github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww=
 github.com/syndtr/goleveldb v1.0.1-0.20210819022825-2ae1ddf74ef7/go.mod h1:q4W45IWZaF22tdD+VEXcAWRA037jwmWEB5VWYORlTpc=
 github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
@@ -496,8 +495,8 @@ golang.org/x/crypto v0.0.0-20191206172530-e9b2fee46413/go.mod h1:LzIPMQfyMNhhGPh
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4=
-golang.org/x/crypto v0.9.0 h1:LF6fAI+IutBocDJ2OT0Q1g8plpYljMZ4+lty+dsqw3g=
-golang.org/x/crypto v0.9.0/go.mod h1:yrmDGqONDYtNj3tH8X9dzUun2m2lzPa9ngI6/RUPGR0=
+golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k=
+golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -534,7 +533,6 @@ golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
-golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/mod v0.9.0 h1:KENHtAZL2y3NLMYZeHY9DW8HW8V+kQyJsY/V9JlKvCs=
 golang.org/x/mod v0.9.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/net v0.0.0-20180719180050-a680a1efc54d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -579,9 +577,7 @@ golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96b
 golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
 golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY=
-golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M=
-golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -610,7 +606,6 @@ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJ
 golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.2.0 h1:PUR+T4wwASmuSTYdKjYHI5TD22Wy5ogLU5qZCOLxBrI=
 golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -676,24 +671,20 @@ golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20211116061358-0a5406a5449c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20211124211545-fe61309f8881/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.10.0 h1:SqMFp9UcQJZa+pmYuAKjd9xq1f0j5rLcDIk0mj4qAsA=
-golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
+golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc=
-golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
-golang.org/x/term v0.8.0 h1:n5xxQn2i3PC0yLAbjTpNT85q/Kgzcr2gIoX9OrJUols=
-golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
+golang.org/x/term v0.15.0 h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4=
+golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -704,9 +695,8 @@ golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
-golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
-golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE=
-golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
+golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
+golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
@@ -765,7 +755,6 @@ golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
 golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
 golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
 golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
-golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
 golang.org/x/tools v0.7.0 h1:W4OVu8VVOaIO0yzWMNdepAulS7YfoS3Zabrm8DOXXU4=
 golang.org/x/tools v0.7.0/go.mod h1:4pg6aUX35JBAogB10C9AtvVL+qowtN4pT3CGSQex14s=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=

internal/command/server/admin/run.go

@@ -5,15 +5,28 @@ import (
 	"strings"
 
 	"forge.cadoles.com/cadoles/bouncer/internal/admin"
+	"forge.cadoles.com/cadoles/bouncer/internal/auth/jwt"
 	"forge.cadoles.com/cadoles/bouncer/internal/command/common"
+	"forge.cadoles.com/cadoles/bouncer/internal/jwk"
 	"forge.cadoles.com/cadoles/bouncer/internal/setup"
 	"github.com/pkg/errors"
 	"github.com/urfave/cli/v2"
 	"gitlab.com/wpetit/goweb/logger"
 )
 
+const (
+	flagPrintDefaultToken = "print-default-token"
+)
+
 func RunCommand() *cli.Command {
-	flags := common.Flags()
+	flags := append(
+		common.Flags(),
+		&cli.BoolFlag{
+			Name:  flagPrintDefaultToken,
+			Usage: "Generate and print a default writer token in console at startup",
+			Value: true,
+		},
+	)
 
 	return &cli.Command{
 		Name:  "run",
@@ -36,6 +49,22 @@ func RunCommand() *cli.Command {
 
 			defer flushSentry()
 
+			if printDefaultToken := ctx.Bool(flagPrintDefaultToken); printDefaultToken {
+				key, err := jwk.Generate(jwk.DefaultKeySize)
+				if err != nil {
+					return errors.Wrap(err, "could not generate default key")
+				}
+
+				token, err := jwt.GenerateToken(ctx.Context, key, string(conf.Admin.Auth.Issuer), "default-admin", jwt.Role(jwt.RoleWriter))
+				if err != nil {
+					return errors.WithStack(err)
+				}
+
+				logger.SetLevel(logger.LevelInfo)
+				logger.Info(ctx.Context, "default writer token", logger.F("token", token))
+				logger.SetLevel(logger.Level(conf.Logger.Level))
+			}
+
 			srv := admin.NewServer(
 				admin.WithServerConfig(conf.Admin),
 				admin.WithRedisConfig(conf.Redis),

internal/config/environment.go

@@ -6,11 +6,13 @@ import (
 	"strconv"
 	"time"
 
+	"github.com/drone/envsubst"
 	"github.com/pkg/errors"
 	"gopkg.in/yaml.v3"
 )
 
-var reVar = regexp.MustCompile(`^\${(\w+)}$`)
+// var reVar = regexp.MustCompile(`^\${(\w+)}$`)
+var reVar = regexp.MustCompile(`\${(.*?)}`)
 
 type InterpolatedString string
 
@@ -130,14 +132,22 @@ type InterpolatedStringSlice []string
 
 func (iss *InterpolatedStringSlice) UnmarshalYAML(value *yaml.Node) error {
 	var data []string
+	var evErr error
 
 	if err := value.Decode(&data); err != nil {
 		return errors.Wrapf(err, "could not decode value '%v' (line '%d') into map", value.Value, value.Line)
 	}
 
 	for index, value := range data {
-		if match := reVar.FindStringSubmatch(value); len(match) > 0 {
-			value = os.Getenv(match[1])
+		//match := reVar.FindStringSubmatch(value)
+		re := regexp.MustCompile(`\${(.*?)}`)
+
+		res := re.FindAllStringSubmatch(value, 10)
+		if len(res) > 0 {
+			value, evErr = envsubst.EvalEnv(value)
+			if evErr != nil {
+				return evErr
+			}
 		}
 
 		data[index] = value

internal/config/testdata/config.yml

@@ -2,5 +2,5 @@ logger:
   level: 0
   format: human
 http:
-  host: "0.0.0.0"
-  port: 3000
+  host: "${LISTEN_ADDR}"
+  port: 3000

misc/grafterm/dashboard.json

@@ -0,0 +1,196 @@
+{
+  "version": "v1",
+  "datasources": {
+    "prometheus": {
+      "prometheus": {
+        "address": "http://127.0.0.1:9090"
+      }
+    }
+  },
+  "dashboard": {
+    "variables": {
+      "job": {
+        "constant": { "value": "bouncer-proxy" }
+      },
+      "interval": {
+        "interval": { "steps": 50 }
+      }
+    },
+    "widgets": [
+      {
+        "title": "Bouncer - Total queue sessions",
+        "gridPos": { "w": 20 },
+        "singlestat": {
+          "thresholds": [{ "color": "#47D038" }],
+          "query": {
+            "datasourceID": "prometheus",
+            "expr": "sum(bouncer_layer_queue_sessions{job=\"{{.job}}\"})"
+          }
+        }
+      },
+      {
+        "title": "Bouncer Traffic",
+        "gridPos": {
+          "w": 80
+        },
+        "graph": {
+          "queries": [
+            {
+              "datasourceID": "prometheus",
+              "expr": "sum(rate(bouncer_proxy_director_proxy_requests_total{job=\"{{.job}}\"}[{{.interval}}]))",
+              "legend": "req/s"
+            }
+          ]
+        }
+      },
+      {
+        "title": "Goroutines",
+        "gridPos": { "w": 20 },
+        "singlestat": {
+          "thresholds": [{ "color": "#47D038" }],
+          "query": {
+            "datasourceID": "prometheus",
+            "expr": "sum(go_goroutines{job=\"{{.job}}\"})"
+          }
+        }
+      },
+      {
+        "title": "GC duration",
+        "gridPos": { "w": 20 },
+        "singlestat": {
+          "unit": "second",
+          "query": {
+            "datasourceID": "prometheus",
+            "expr": "max(go_gc_duration_seconds{job=\"{{.job}}\"})"
+          }
+        }
+      },
+      {
+        "title": "Stack",
+        "gridPos": { "w": 20 },
+        "singlestat": {
+          "unit": "bytes",
+          "thresholds": [{ "color": "#22F1F1" }],
+          "query": {
+            "datasourceID": "prometheus",
+            "expr": "sum(go_memstats_stack_inuse_bytes{job=\"{{.job}}\"})"
+          }
+        }
+      },
+      {
+        "title": "Heap",
+        "gridPos": { "w": 20 },
+        "singlestat": {
+          "unit": "bytes",
+          "thresholds": [{ "color": "#22F1F1" }],
+          "query": {
+            "datasourceID": "prometheus",
+            "expr": "sum(go_memstats_heap_inuse_bytes{job=\"{{.job}}\"})"
+          }
+        }
+      },
+      {
+        "title": "Alloc",
+        "gridPos": { "w": 20 },
+        "singlestat": {
+          "unit": "bytes",
+          "thresholds": [{ "color": "#22F1F1" }],
+          "query": {
+            "datasourceID": "prometheus",
+            "expr": "sum(go_memstats_alloc_bytes{job=\"{{.job}}\"})"
+          }
+        }
+      },
+      {
+        "title": "Goroutines",
+        "gridPos": { "w": 50 },
+        "graph": {
+          "visualization": {
+            "legend": { "disable": true },
+            "yAxis": { "unit": "", "decimals": 2 }
+          },
+          "queries": [
+            {
+              "datasourceID": "prometheus",
+              "expr": "sum(go_goroutines{job=\"{{.job}}\"})"
+            }
+          ]
+        }
+      },
+      {
+        "title": "GC duration",
+        "gridPos": { "w": 50 },
+        "graph": {
+          "queries": [
+            {
+              "datasourceID": "prometheus",
+              "expr": "max(go_gc_duration_seconds{job=\"{{.job}}\"}) by (quantile)",
+              "legend": "Q{{.quantile}}"
+            }
+          ],
+          "visualization": {
+            "yAxis": { "unit": "second" },
+            "seriesOverride": [
+              { "regex": "^Q0$", "color": "#F9E2D2" },
+              { "regex": "^Q0.25$", "color": "#F2C96D" },
+              { "regex": "^Q0.5(0)?$", "color": "#EAB839" },
+              { "regex": "^Q0.75$", "color": "#EF843C" },
+              { "regex": "^Q1(.0)?$", "color": "#E24D42" }
+            ]
+          }
+        }
+      },
+      {
+        "title": "Memory",
+        "gridPos": { "w": 50 },
+        "graph": {
+          "visualization": {
+            "yAxis": { "unit": "byte", "decimals": 0 }
+          },
+          "queries": [
+            {
+              "datasourceID": "prometheus",
+              "expr": "sum(go_memstats_stack_inuse_bytes{job=\"{{.job}}\"})",
+              "legend": "stack inuse"
+            },
+            {
+              "datasourceID": "prometheus",
+              "expr": "sum(go_memstats_heap_inuse_bytes{job=\"{{.job}}\"})",
+              "legend": "heap inuse"
+            },
+            {
+              "datasourceID": "prometheus",
+              "expr": "sum(go_memstats_alloc_bytes{job=\"{{.job}}\"})",
+              "legend": "alloc"
+            }
+          ]
+        }
+      },
+      {
+        "title": "Memory ops rate",
+        "gridPos": {
+          "w": 50
+        },
+        "graph": {
+          "queries": [
+            {
+              "datasourceID": "prometheus",
+              "expr": "sum(rate(go_memstats_frees_total{job=\"{{.job}}\"}[{{.interval}}]))",
+              "legend": "frees/s"
+            },
+            {
+              "datasourceID": "prometheus",
+              "expr": "sum(rate(go_memstats_mallocs_total{job=\"{{.job}}\"}[{{.interval}}]))",
+              "legend": "mallocs/s"
+            },
+            {
+              "datasourceID": "prometheus",
+              "expr": "sum(rate(go_memstats_lookups_total{job=\"{{.job}}\"}[{{.interval}}]))",
+              "legend": "lookups/s"
+            }
+          ]
+        }
+      }
+    ]
+  }
+}

misc/k6/README.md

@@ -0,0 +1,9 @@
+# K6 - Load Test
+
+Very basic load testing script for [k6](https://k6.io/).
+
+## How to run
+
+```shell
+k6 run cadoles-loadtest.js
+```

misc/k6/cadoles-loadtest.js

@@ -0,0 +1,29 @@
+import { check } from 'k6';
+import { browser } from 'k6/experimental/browser';
+
+export const options = {
+  scenarios: {
+    browser: {
+      vus: 10,
+      iterations: 100,
+      executor: 'shared-iterations',
+      options: {
+        browser: {
+          type: 'chromium',
+        },
+      },
+    },
+  }
+};
+
+export default async function () {
+  const page = browser.newPage();
+  try {
+    await page.goto('https://www.cadoles.com');
+    check(page, {
+      'Homepage loaded': p => p.locator('h1').textContent().trim() == 'La liberté est un choix',
+    });
+  } finally {
+    page.close();
+  }
+}

misc/packaging/common/config.yml

@@ -47,6 +47,10 @@ admin:
         # Authentification "basic auth" sur la page
         # de publication
         # Mettre à null pour désactiver l'authentification
+        # Les couples d'identifiants doivent être spécifiés sous la forme:
+        #   basicAuth:
+        #     credentials:
+        #       <username>: <password>
         basicAuth: null
     
     # Configuration de l'intégration Sentry
@@ -90,8 +94,10 @@ proxy:
         # de publication
         # Mettre à null pour désactiver l'authentification
         basicAuth:
+            # Les couples d'identifiants doivent être spécifiés
+            # sous la forme "<username>: <password>"
             credentials:
-                prom: etheus
+                prometheus: changeme
 
     # Configuration du transport HTTP(S)
     # Voir https://pkg.go.dev/net/http#Transport

misc/prometheus/prometheus.yml

@@ -0,0 +1,7 @@
+scrape_configs:
+  - job_name: bouncer-proxy
+    metrics_path: /.bouncer/metrics
+    static_configs:
+      - targets:
+          - "localhost:8080"
+    scrape_interval: 5s

misc/siege/urls.txt

@@ -0,0 +1,6 @@
+http://localhost:8080/blog/
+http://localhost:8080/services/
+http://localhost:8080/
+http://localhost:8080/recrutement/
+http://localhost:8080/faq/
+http://localhost:8080/societe/histoire/

modd.conf

@@ -14,4 +14,9 @@ layers/**
 
 {
     daemon +sigint: make run-redis
+}
+
+misc/prometheus/prometheus.yml
+{
+    daemon +sigint: make run-prometheus
 }