Mercurial > prosody-modules
annotate mod_firewall/marks.lib.lua @ 5668:ecfd7aece33b
mod_measure_modules: Report module statuses via OpenMetrics
Someone in the chat asked about a health check endpoint, which reminded
me of mod_http_status, which provides access to module statuses with
full details. After that, this idea came about, which seems natural.
As noted in the README, it could be used to monitor that critical
modules are in fact loaded correctly.
As more modules use the status API, the more useful this module and
mod_http_status becomes.
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Fri, 06 Oct 2023 18:34:39 +0200 |
| parents | 048284447643 |
| children |
| rev | line source |
|---|---|
|
2894
165d2877eeac
mod_firewall: Add experimental user-centric persistent marks behind a feature flag
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 local mark_storage = module:open_store("firewall_marks"); |
|
5536
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2894
diff
changeset
|
2 local mark_map_storage = module:open_store("firewall_marks", "map"); |
|
2894
165d2877eeac
mod_firewall: Add experimental user-centric persistent marks behind a feature flag
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 |
|
165d2877eeac
mod_firewall: Add experimental user-centric persistent marks behind a feature flag
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 local user_sessions = prosody.hosts[module.host].sessions; |
|
165d2877eeac
mod_firewall: Add experimental user-centric persistent marks behind a feature flag
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 |
|
5536
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2894
diff
changeset
|
6 module:hook("firewall/marked/user", function (event) |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2894
diff
changeset
|
7 local user = user_sessions[event.username]; |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2894
diff
changeset
|
8 local marks = user and user.firewall_marks; |
|
5541
3804ee5117ca
mod_firewall: Load marks from storage on demand rather than at login
Matthew Wild <mwild1@gmail.com>
parents:
5536
diff
changeset
|
9 if user and not marks then |
|
3804ee5117ca
mod_firewall: Load marks from storage on demand rather than at login
Matthew Wild <mwild1@gmail.com>
parents:
5536
diff
changeset
|
10 -- Load marks from storage to cache on the user object |
|
3804ee5117ca
mod_firewall: Load marks from storage on demand rather than at login
Matthew Wild <mwild1@gmail.com>
parents:
5536
diff
changeset
|
11 marks = mark_storage:get(event.username) or {}; |
|
3804ee5117ca
mod_firewall: Load marks from storage on demand rather than at login
Matthew Wild <mwild1@gmail.com>
parents:
5536
diff
changeset
|
12 user.firewall_marks = marks; --luacheck: ignore 122 |
|
3804ee5117ca
mod_firewall: Load marks from storage on demand rather than at login
Matthew Wild <mwild1@gmail.com>
parents:
5536
diff
changeset
|
13 end |
|
5536
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2894
diff
changeset
|
14 if marks then |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2894
diff
changeset
|
15 marks[event.mark] = event.timestamp; |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2894
diff
changeset
|
16 end |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2894
diff
changeset
|
17 local ok, err = mark_map_storage:set(event.username, event.mark, event.timestamp); |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2894
diff
changeset
|
18 if not ok then |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2894
diff
changeset
|
19 module:log("error", "Failed to mark user %q with %q: %s", event.username, event.mark, err); |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2894
diff
changeset
|
20 end |
|
5542
048284447643
mod_firewall: Add console commands to mark/unmark users
Matthew Wild <mwild1@gmail.com>
parents:
5541
diff
changeset
|
21 return true; |
|
048284447643
mod_firewall: Add console commands to mark/unmark users
Matthew Wild <mwild1@gmail.com>
parents:
5541
diff
changeset
|
22 end, -1); |
|
2894
165d2877eeac
mod_firewall: Add experimental user-centric persistent marks behind a feature flag
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
23 |
|
5536
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2894
diff
changeset
|
24 module:hook("firewall/unmarked/user", function (event) |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2894
diff
changeset
|
25 local user = user_sessions[event.username]; |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2894
diff
changeset
|
26 local marks = user and user.firewall_marks; |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2894
diff
changeset
|
27 if marks then |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2894
diff
changeset
|
28 marks[event.mark] = nil; |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2894
diff
changeset
|
29 end |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2894
diff
changeset
|
30 local ok, err = mark_map_storage:set(event.username, event.mark, nil); |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2894
diff
changeset
|
31 if not ok then |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2894
diff
changeset
|
32 module:log("error", "Failed to unmark user %q with %q: %s", event.username, event.mark, err); |
|
96dec7681af8
mod_firewall: Update user marks to store instantly via map store
Matthew Wild <mwild1@gmail.com>
parents:
2894
diff
changeset
|
33 end |
|
5542
048284447643
mod_firewall: Add console commands to mark/unmark users
Matthew Wild <mwild1@gmail.com>
parents:
5541
diff
changeset
|
34 return true; |
|
048284447643
mod_firewall: Add console commands to mark/unmark users
Matthew Wild <mwild1@gmail.com>
parents:
5541
diff
changeset
|
35 end, -1); |