It will help you to improve your skills or how to understand how to start this journey!
This is a Grafana Dashboard as example. It is an open source tool that you can install in your VPS that is an interface to various DB that create this dashboards and are easy to configure without develop.
So in my company in our VPS we have Grafana with various Prometheus exporter that now I will show to you.
First let’s talk about Prometheus. As Grafana, it is developed in Go and are of course open source like many other things in this world. Prometheus is a database that works with scrapers that you configure with an interval and some parameters. Those scrapers are web server with an endpoint with a rule at every line with this data that Prometheus will parse and import. You can configure Prometheus to keep the data the time that you prefer, in our case 2 days.
Usually those exporters are used on LAN where they can reach the various server easily without expose those pages to the internet.
Another feature of Grafana is the notification that you can configure by the specific data on various channels from emails to discord and various user access with different permissions.
I implemented 4 exporters (and 2 are by us for our needs, one from the title).
PageSpeed Exporter
Do you need to track the Google PageSpeed metrics? Now you can with this exporter in Go that you need to compile. We are running without Docker like the others just because we have various things in this VPS. Ideally is better to have a VPS just for that but it isn’t so resource heavy.
You can configure it as you can see for various websites and create different dashboard to let access to specific user groups.
Prometheus Metrics in WordPress
This is an example of exporters in PHP, it is a WordPress plugin by me that export various stuff for Prometheus.
To block the access use a token that you need to configure in WP and in the Prometheus parameters.
SSLLabs Exporter
Do you want to check if your website is ok with certificates? Let’s check with this exporter in Go that you need to compile. It uses the SSLlabs API to check also various things.
PHP Error Log Exporter
This one is a fork by me updated with the latest Go and Prometheus libraries as the original is abandoned since 2016.
In this case require the name of the site and the path of the PHP error log to parse. Support various files to parse and it was the first time that I work with Go.
Anyway find the 5 type of PHP errors and show on a graph (in Grafana).
Alerts
As now in Grafana you can get Alerts but only in Graph fields type (the widgets above) as you can have Gauge/Stats etc.
Just remember to disable in the Alert the OK notification or you will get a lot of them.
User groups access
You can have an access for your customers to the dashboard that you want. In this way if they care they can monitor what they need and if they want you can configure the alerts for them.
Reverse proxy
As default Grafana use 3000 as port so with Apache on Nginx you can do a reverse proxy to block that port and remap to a specific url.
Block ports
iptables -A INPUT -p tcp -s localhost --dport 9090 -j ACCEPT iptables -A INPUT -p tcp --dport 9090 -j DROP iptables -A INPUT -p tcp -s localhost --dport 9271 -j ACCEPT iptables -A INPUT -p tcp --dport 9271 -j DROP iptables -A INPUT -p tcp -s localhost --dport 9100 -j ACCEPT iptables -A INPUT -p tcp --dport 9100 -j DROP iptables -A INPUT -p tcp -s localhost --dport 19215 -j ACCEPT iptables -A INPUT -p tcp --dport 19215 -j DROP iptables -A INPUT -p tcp -s localhost --dport 3000 -j ACCEPT iptables -A INPUT -p tcp --dport 3000 -j DROP iptables -A INPUT -p tcp -s localhost --dport 9423 -j ACCEPT iptables -A INPUT -p tcp --dport 9423 -j DROP
In this way you block the various ports of the exporter, 9090 is Prometheus and 3000 is Grafana.
You can configure your SSH to port local forwarding when you access it, in this way you can see those ports if you need them locally.
Host domain.tld LocalForward 9090 localhost:9090 LocalForward 9271 localhost:9271 LocalForward 9217 localhost:9217 LocalForward 9243 localhost:9243 LocalForward 9100 localhost:9100
Bye!
