-
Add Nginx or some other reverse proxy to listen on the correct port.
- This was fixed using
iptables
:
$ iptables -A INPUT -i enp8s0 -p tcp --dport 80 -j ACCEPT $ iptables -A INPUT -i enp8s0 -p tcp --dport 6939 -j ACCEPT $ iptables -A PREROUTING -t nat -i enp8s0 -p tcp --dport 80 -j REDIRECT --to-port 6939
- This was fixed using
-
Figure out how to force the right
plz
version.- I’ve added an entry to
$PATH
for~/.please
that will use an updated version if one exists, and that has forced the right version.
- I’ve added an entry to
@panoption///bin/cleanup
-
Fix the timer output so it works with
systemd
. -
Delete scans older than 1 month.
-
Delete endpoints, domains, and certs where no scans exist.
@panopticon///bin/web
- Give the cert data a
min-width
.
@panopticon///lib/data
-
Figure out why creating new domains/endpoints isn’t working.
- This was a little complicated to figure out but I ended up adding
pg_advisory_xact_lock()
to the beginning of a task so that we can serialize access to shared data structures.
- This was a little complicated to figure out but I ended up adding
-
Add
@panopticon///lib/instrument
tracing.
@panopticon///lib/instrument
-
Decide on support for pre-aggregated metrics.
-
The primary issue I can see is the huge cardinality that arises from how I handle
context
tags. That being said, there’s definitely a useful idea in “hey let me keep track of some count that I know is important that is not necessarily an event”. -
After some thinking, I’m going to defer on pre-aggregated metrics. There are some interesting use cases for system metrics, like CPU utilization and the like, but I don’t have a concrete sense of how I want those collected/emitted at the moment. I might end up with them formatted like Heroku Postgres does, with a log line every few seconds with all of the known metrics present.
-
Either way I know I can’t do the contextual tags for these - the cardinality would be WAY too high to allow in any sink I might configure.
-
-
Buffer logs inside of spans for console output?
- I’m also going to defer on this- there are some interesting concerns with parallel tasks and log output, but I think I need more experience with those issues before I come up with a solution for it.
@panopticon///bin/worker/task
-
Add code to handle the existing HSTS failure modes.
-
Instrument the worker with spans.