mirror of https://github.com/prometheus/node_exporter.git synced 2024-09-20 08:07:31 -07:00

History

Goutham Veeramachaneni bd0918f29a Expose the function to generate tls.Config We're looking to reuse this in Cortex to client side encrypt our connections and not having this exposed is making us copy this entire function. Signed-off-by: Goutham Veeramachaneni <gouthamve@gmail.com>		2020-04-17 12:02:31 +02:00
..
testdata	Adding TLS to node exporter - cleaner version (#1277 )	2019-11-16 00:12:57 +01:00
README.md	Fix typo in README.md	2020-04-08 10:18:22 +02:00
tls_config.go	Expose the function to generate tls.Config	2020-04-17 12:02:31 +02:00
tls_config_test.go	Enable golint (#1623 )	2020-02-27 11:59:02 +01:00
web-config.yml	Adding TLS to node exporter - cleaner version (#1277 )	2019-11-16 00:12:57 +01:00

README.md

HTTPS Package for Prometheus

The https directory contains a Go package and a sample configuration file for running node_exporter with HTTPS instead of HTTP. When running a server with TLS use the flag --web.config

e.g. ./node_exporter --web.config="web-config.yml" If the config is kept within the https directory.

The config file should be written in YAML format, and is reloaded on each connection to check for new certificates and/or authentication policy.

Sample Config

tlsConfig :
  # Certificate and key files for server to use to authenticate to client
  tlsCertPath : <filename>
  tlsKeyPath : <filename>

  # Server policy for client authentication. Maps to ClientAuth Policies
  # For more detail on clientAuth options: [ClientAuthType](https://golang.org/pkg/crypto/tls/#ClientAuthType)
  [ clientAuth : <string> | default = "NoClientCert" ]

  # CA certificate for client certificate authentication to the server
  [ clientCAs : <filename> ]