ipn/ipnlocal: add a few metrics for PeerAPI and LocalAPI

Mainly motivated by wanting to know how much Taildrop is used, but also useful when tracking down how many invalid requests are generated. Signed-off-by: Mihai Parparita <mihai@tailscale.com>
2025-08-11 21:27:31 +00:00 · 2022-12-09 14:21:53 -08:00
parent 53e2010b8a
commit 47002d93a3
2 changed files with 27 additions and 0 deletions
--- a/ipn/localapi/localapi.go
+++ b/ipn/localapi/localapi.go
@@ -146,6 +146,7 @@ func (h *Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	if r.Referer() != "" || r.Header.Get("Origin") != "" || !validHost(r.Host) {
+		metricInvalidRequests.Add(1)
 		http.Error(w, "invalid localapi request", http.StatusForbidden)
 		return
 	}
@@ -156,10 +157,12 @@ func (h *Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	if h.RequiredPassword != "" {
 		_, pass, ok := r.BasicAuth()
 		if !ok {
+			metricInvalidRequests.Add(1)
 			http.Error(w, "auth required", http.StatusUnauthorized)
 			return
 		}
 		if pass != h.RequiredPassword {
+			metricInvalidRequests.Add(1)
 			http.Error(w, "bad password", http.StatusForbidden)
 			return
 		}
@@ -895,6 +898,8 @@ func (h *Handler) serveFileTargets(w http.ResponseWriter, r *http.Request) {
 //
 //   - PUT /localapi/v0/file-put/:stableID/:escaped-filename
 func (h *Handler) serveFilePut(w http.ResponseWriter, r *http.Request) {
+	metricFilePutCalls.Add(1)
+
 	if !h.PermitWrite {
 		http.Error(w, "file access denied", http.StatusForbidden)
 		return
@@ -1425,3 +1430,10 @@ func defBool(a string, def bool) bool {
 	}
 	return v
 }
+
+var (
+	metricInvalidRequests = clientmetric.NewCounter("localapi_invalid_requests")
+
+	// User-visible LocalAPI endpoints.
+	metricFilePutCalls = clientmetric.NewCounter("localapi_file_put")
+)