dunkirk.sh
+34
-29
web/handlers.go
+34
-29
web/handlers.go
···
12
12
"time"
13
13
)
14
14
15
+
const (
16
+
maxFeedItems = 100
17
+
shortFingerprintLen = 8
18
+
)
19
+
15
20
func (s *Server) handleIndex(w http.ResponseWriter, r *http.Request) {
16
21
host := parseOriginHost(s.origin)
17
22
···
37
42
ShortCommitHash: shortHash,
38
43
}
39
44
if err := s.tmpl.ExecuteTemplate(w, "index.html", data); err != nil {
40
-
s.logger.Error("render index", "err", err)
45
+
s.logger.Warn("render index", "err", err)
41
46
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
42
47
}
43
48
}
···
79
84
s.handle404(w, r)
80
85
return
81
86
}
82
-
s.logger.Error("get user", "err", err)
87
+
s.logger.Warn("get user", "err", err)
83
88
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
84
89
return
85
90
}
86
91
87
92
configs, err := s.store.ListConfigs(ctx, user.ID)
88
93
if err != nil {
89
-
s.logger.Error("list configs", "err", err)
94
+
s.logger.Warn("list configs", "err", err)
90
95
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
91
96
return
92
97
}
···
98
103
}
99
104
feedsByConfig, err := s.store.GetFeedsByConfigs(ctx, configIDs)
100
105
if err != nil {
101
-
s.logger.Error("get feeds by configs", "err", err)
106
+
s.logger.Warn("get feeds by configs", "err", err)
102
107
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
103
108
return
104
109
}
···
144
149
}
145
150
146
151
shortFP := fingerprint
147
-
if len(shortFP) > 12 {
148
-
shortFP = shortFP[:12]
152
+
if len(shortFP) > shortFingerprintLen {
153
+
shortFP = shortFP[:shortFingerprintLen]
149
154
}
150
155
151
156
data := userPageData{
···
158
163
}
159
164
160
165
if err := s.tmpl.ExecuteTemplate(w, "user.html", data); err != nil {
161
-
s.logger.Error("render user", "err", err)
166
+
s.logger.Warn("render user", "err", err)
162
167
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
163
168
}
164
169
}
···
197
202
s.handle404(w, r)
198
203
return
199
204
}
200
-
s.logger.Error("get user", "err", err)
205
+
s.logger.Warn("get user", "err", err)
201
206
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
202
207
return
203
208
}
···
208
213
s.handle404(w, r)
209
214
return
210
215
}
211
-
s.logger.Error("get config", "err", err)
216
+
s.logger.Warn("get config", "err", err)
212
217
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
213
218
return
214
219
}
···
216
221
var items []rssItemWithTime
217
222
feeds, err := s.store.GetFeedsByConfig(ctx, cfg.ID)
218
223
if err != nil {
219
-
s.logger.Error("get feeds", "err", err)
224
+
s.logger.Warn("get feeds", "err", err)
220
225
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
221
226
return
222
227
}
···
248
253
return items[i].parsedTime.After(items[j].parsedTime)
249
254
})
250
255
251
-
if len(items) > 100 {
252
-
items = items[:100]
256
+
if len(items) > maxFeedItems {
257
+
items = items[:maxFeedItems]
253
258
}
254
259
255
260
// Convert to rssItem for XML encoding
···
272
277
w.Header().Set("Content-Type", "application/rss+xml; charset=utf-8")
273
278
w.Header().Set("Cache-Control", "public, max-age=300")
274
279
if cfg.LastRun.Valid {
275
-
etag := fmt.Sprintf(`"%s-%d"`, fingerprint[:8], cfg.LastRun.Time.Unix())
280
+
etag := fmt.Sprintf(`"%s-%d"`, fingerprint[:shortFingerprintLen], cfg.LastRun.Time.Unix())
276
281
w.Header().Set("ETag", etag)
277
282
w.Header().Set("Last-Modified", cfg.LastRun.Time.UTC().Format(http.TimeFormat))
278
283
···
326
331
s.handle404(w, r)
327
332
return
328
333
}
329
-
s.logger.Error("get user", "err", err)
334
+
s.logger.Warn("get user", "err", err)
330
335
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
331
336
return
332
337
}
···
337
342
s.handle404(w, r)
338
343
return
339
344
}
340
-
s.logger.Error("get config", "err", err)
345
+
s.logger.Warn("get config", "err", err)
341
346
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
342
347
return
343
348
}
···
345
350
var items []jsonFeedItemWithTime
346
351
feeds, err := s.store.GetFeedsByConfig(ctx, cfg.ID)
347
352
if err != nil {
348
-
s.logger.Error("get feeds", "err", err)
353
+
s.logger.Warn("get feeds", "err", err)
349
354
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
350
355
return
351
356
}
···
377
382
return items[i].parsedTime.After(items[j].parsedTime)
378
383
})
379
384
380
-
if len(items) > 100 {
381
-
items = items[:100]
385
+
if len(items) > maxFeedItems {
386
+
items = items[:maxFeedItems]
382
387
}
383
388
384
389
// Convert to jsonFeedItem for JSON encoding
···
399
404
w.Header().Set("Content-Type", "application/feed+json; charset=utf-8")
400
405
w.Header().Set("Cache-Control", "public, max-age=300")
401
406
if cfg.LastRun.Valid {
402
-
etag := fmt.Sprintf(`"%s-%d"`, fingerprint[:8], cfg.LastRun.Time.Unix())
407
+
etag := fmt.Sprintf(`"%s-%d"`, fingerprint[:shortFingerprintLen], cfg.LastRun.Time.Unix())
403
408
w.Header().Set("ETag", etag)
404
409
w.Header().Set("Last-Modified", cfg.LastRun.Time.UTC().Format(http.TimeFormat))
405
410
···
432
437
s.handle404(w, r)
433
438
return
434
439
}
435
-
s.logger.Error("get user", "err", err)
440
+
s.logger.Warn("get user", "err", err)
436
441
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
437
442
return
438
443
}
···
443
448
s.handle404(w, r)
444
449
return
445
450
}
446
-
s.logger.Error("get config", "err", err)
451
+
s.logger.Warn("get config", "err", err)
447
452
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
448
453
return
449
454
}
···
477
482
478
483
user, err := s.store.GetUserByID(ctx, cfg.UserID)
479
484
if err != nil {
480
-
s.logger.Error("get user", "err", err)
485
+
s.logger.Warn("get user", "err", err)
481
486
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
482
487
return
483
488
}
484
489
485
490
shortFP := user.PubkeyFP
486
-
if len(shortFP) > 12 {
487
-
shortFP = shortFP[:12]
491
+
if len(shortFP) > shortFingerprintLen {
492
+
shortFP = shortFP[:shortFingerprintLen]
488
493
}
489
494
490
495
data := unsubscribePageData{
···
494
499
}
495
500
496
501
if err := s.tmpl.ExecuteTemplate(w, "unsubscribe.html", data); err != nil {
497
-
s.logger.Error("render unsubscribe", "err", err)
502
+
s.logger.Warn("render unsubscribe", "err", err)
498
503
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
499
504
}
500
505
}
···
545
550
}
546
551
547
552
if err := s.store.DeleteToken(ctx, token); err != nil {
548
-
s.logger.Error("delete token", "err", err)
553
+
s.logger.Warn("delete token", "err", err)
549
554
}
550
555
551
556
data := unsubscribePageData{
···
554
559
}
555
560
556
561
if err := s.tmpl.ExecuteTemplate(w, "unsubscribe.html", data); err != nil {
557
-
s.logger.Error("render unsubscribe", "err", err)
562
+
s.logger.Warn("render unsubscribe", "err", err)
558
563
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
559
564
}
560
565
}
···
609
614
Message string
610
615
}{}
611
616
if err := s.tmpl.ExecuteTemplate(w, "404.html", data); err != nil {
612
-
s.logger.Error("render 404", "err", err)
617
+
s.logger.Warn("render 404", "err", err)
613
618
http.Error(w, "Not Found", http.StatusNotFound)
614
619
}
615
620
}
···
624
629
Message: message,
625
630
}
626
631
if err := s.tmpl.ExecuteTemplate(w, "404.html", data); err != nil {
627
-
s.logger.Error("render 404", "err", err)
632
+
s.logger.Warn("render 404", "err", err)
628
633
http.Error(w, "Not Found", http.StatusNotFound)
629
634
}
630
635
}
+113
web/metrics.go
+113
web/metrics.go
···
1
+
package web
2
+
3
+
import (
4
+
"encoding/json"
5
+
"net/http"
6
+
"runtime"
7
+
"sync/atomic"
8
+
"time"
9
+
)
10
+
11
+
// Metrics holds runtime metrics for observability
12
+
type Metrics struct {
13
+
StartTime time.Time
14
+
RequestsTotal atomic.Uint64
15
+
RequestsActive atomic.Int64
16
+
EmailsSent atomic.Uint64
17
+
FeedsFetched atomic.Uint64
18
+
ItemsSeen atomic.Uint64
19
+
ConfigsActive atomic.Uint64
20
+
ErrorsTotal atomic.Uint64
21
+
RateLimitHits atomic.Uint64
22
+
}
23
+
24
+
// NewMetrics creates a new Metrics instance
25
+
func NewMetrics() *Metrics {
26
+
return &Metrics{
27
+
StartTime: time.Now(),
28
+
}
29
+
}
30
+
31
+
// MetricsSnapshot represents a point-in-time view of metrics
32
+
type MetricsSnapshot struct {
33
+
// System info
34
+
UptimeSeconds int64 `json:"uptime_seconds"`
35
+
GoVersion string `json:"go_version"`
36
+
NumGoroutines int `json:"goroutines"`
37
+
MemAllocMB uint64 `json:"mem_alloc_mb"`
38
+
MemTotalAllocMB uint64 `json:"mem_total_alloc_mb"`
39
+
MemSysMB uint64 `json:"mem_sys_mb"`
40
+
41
+
// Application metrics
42
+
RequestsTotal uint64 `json:"requests_total"`
43
+
RequestsActive int64 `json:"requests_active"`
44
+
EmailsSent uint64 `json:"emails_sent"`
45
+
FeedsFetched uint64 `json:"feeds_fetched"`
46
+
ItemsSeen uint64 `json:"items_seen"`
47
+
ConfigsActive uint64 `json:"configs_active"`
48
+
ErrorsTotal uint64 `json:"errors_total"`
49
+
RateLimitHits uint64 `json:"rate_limit_hits"`
50
+
}
51
+
52
+
// Snapshot creates a snapshot of current metrics
53
+
func (m *Metrics) Snapshot() MetricsSnapshot {
54
+
var mem runtime.MemStats
55
+
runtime.ReadMemStats(&mem)
56
+
57
+
return MetricsSnapshot{
58
+
UptimeSeconds: int64(time.Since(m.StartTime).Seconds()),
59
+
GoVersion: runtime.Version(),
60
+
NumGoroutines: runtime.NumGoroutine(),
61
+
MemAllocMB: mem.Alloc / 1024 / 1024,
62
+
MemTotalAllocMB: mem.TotalAlloc / 1024 / 1024,
63
+
MemSysMB: mem.Sys / 1024 / 1024,
64
+
RequestsTotal: m.RequestsTotal.Load(),
65
+
RequestsActive: m.RequestsActive.Load(),
66
+
EmailsSent: m.EmailsSent.Load(),
67
+
FeedsFetched: m.FeedsFetched.Load(),
68
+
ItemsSeen: m.ItemsSeen.Load(),
69
+
ConfigsActive: m.ConfigsActive.Load(),
70
+
ErrorsTotal: m.ErrorsTotal.Load(),
71
+
RateLimitHits: m.RateLimitHits.Load(),
72
+
}
73
+
}
74
+
75
+
// handleMetrics serves the /metrics endpoint
76
+
func (s *Server) handleMetrics(w http.ResponseWriter, r *http.Request) {
77
+
if r.Method != http.MethodGet {
78
+
http.Error(w, "Method Not Allowed", http.StatusMethodNotAllowed)
79
+
return
80
+
}
81
+
82
+
snapshot := s.metrics.Snapshot()
83
+
84
+
w.Header().Set("Content-Type", "application/json")
85
+
w.Header().Set("Cache-Control", "no-cache, no-store, must-revalidate")
86
+
87
+
if err := json.NewEncoder(w).Encode(snapshot); err != nil {
88
+
s.logger.Warn("failed to encode metrics", "error", err)
89
+
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
90
+
}
91
+
}
92
+
93
+
// handleHealth serves the /health endpoint
94
+
func (s *Server) handleHealth(w http.ResponseWriter, r *http.Request) {
95
+
if r.Method != http.MethodGet {
96
+
http.Error(w, "Method Not Allowed", http.StatusMethodNotAllowed)
97
+
return
98
+
}
99
+
100
+
// Simple health check - could be extended to check DB connection, etc.
101
+
w.Header().Set("Content-Type", "application/json")
102
+
w.Header().Set("Cache-Control", "no-cache, no-store, must-revalidate")
103
+
104
+
response := map[string]string{
105
+
"status": "ok",
106
+
"uptime": time.Since(s.metrics.StartTime).String(),
107
+
}
108
+
109
+
if err := json.NewEncoder(w).Encode(response); err != nil {
110
+
s.logger.Warn("failed to encode health response", "error", err)
111
+
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
112
+
}
113
+
}
+46
-1
web/server.go
+46
-1
web/server.go
···
7
7
"net"
8
8
"net/http"
9
9
"strings"
10
+
"time"
10
11
11
12
"github.com/charmbracelet/log"
12
13
"github.com/kierank/herald/ratelimit"
···
25
26
tmpl *template.Template
26
27
commitHash string
27
28
rateLimiter *ratelimit.Limiter
29
+
metrics *Metrics
28
30
}
29
31
30
32
func NewServer(st *store.DB, addr string, origin string, sshPort int, logger *log.Logger, commitHash string) *Server {
···
38
40
tmpl: tmpl,
39
41
commitHash: commitHash,
40
42
rateLimiter: ratelimit.New(10, 20), // 10 req/sec, burst of 20
43
+
metrics: NewMetrics(),
41
44
}
42
45
}
43
46
···
46
49
47
50
mux.HandleFunc("/", s.routeHandler)
48
51
mux.HandleFunc("/style.css", s.handleStyleCSS)
52
+
mux.HandleFunc("/health", s.handleHealth)
53
+
mux.HandleFunc("/metrics", s.handleMetrics)
49
54
50
55
srv := &http.Server{
51
56
Addr: s.addr,
52
-
Handler: s.rateLimitMiddleware(mux),
57
+
Handler: s.loggingMiddleware(s.rateLimitMiddleware(mux)),
53
58
}
54
59
55
60
go func() {
···
73
78
}
74
79
75
80
if !s.rateLimiter.Allow(ip) {
81
+
s.metrics.RateLimitHits.Add(1)
76
82
s.logger.Warn("rate limit exceeded", "ip", ip, "path", r.URL.Path)
77
83
http.Error(w, "Too Many Requests", http.StatusTooManyRequests)
78
84
return
···
80
86
81
87
next.ServeHTTP(w, r)
82
88
})
89
+
}
90
+
91
+
func (s *Server) loggingMiddleware(next http.Handler) http.Handler {
92
+
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
93
+
start := time.Now()
94
+
95
+
s.metrics.RequestsTotal.Add(1)
96
+
s.metrics.RequestsActive.Add(1)
97
+
defer s.metrics.RequestsActive.Add(-1)
98
+
99
+
// Wrap response writer to capture status code
100
+
lrw := &loggingResponseWriter{ResponseWriter: w, statusCode: http.StatusOK}
101
+
102
+
next.ServeHTTP(lrw, r)
103
+
104
+
duration := time.Since(start)
105
+
106
+
s.logger.Info("http request",
107
+
"method", r.Method,
108
+
"path", r.URL.Path,
109
+
"status", lrw.statusCode,
110
+
"duration_ms", duration.Milliseconds(),
111
+
"remote_addr", r.RemoteAddr,
112
+
)
113
+
114
+
if lrw.statusCode >= 500 {
115
+
s.metrics.ErrorsTotal.Add(1)
116
+
}
117
+
})
118
+
}
119
+
120
+
type loggingResponseWriter struct {
121
+
http.ResponseWriter
122
+
statusCode int
123
+
}
124
+
125
+
func (lrw *loggingResponseWriter) WriteHeader(code int) {
126
+
lrw.statusCode = code
127
+
lrw.ResponseWriter.WriteHeader(code)
83
128
}
84
129
85
130
func (s *Server) routeHandler(w http.ResponseWriter, r *http.Request) {