node_exporter/https/README.md

# HTTPS Package for Prometheus

The `https` directory contains a Go package and a sample configuration file for
running `node_exporter` with HTTPS instead of HTTP. We currently support TLS 1.3
and TLS 1.2.

To run a server with TLS, use the flag `--web.config`.

e.g. `./node_exporter --web.config="web-config.yml"`
If the config is kept within the https directory.

The config file should be written in YAML format, and is reloaded on each connection to check for new certificates and/or authentication policy.

## Sample Config

```
tls_config:
  # Certificate and key files for server to use to authenticate to client
  cert_file: <filename>
  key_file: <filename>

  # Server policy for client authentication. Maps to ClientAuth Policies
  # For more detail on clientAuth options: [ClientAuthType](https://golang.org/pkg/crypto/tls/#ClientAuthType)
  [ client_auth_type: <string> | default = "NoClientCert" ]

  # CA certificate for client certificate authentication to the server
  [ client_ca_file: <filename> ]
```
Adding TLS to node exporter - cleaner version (#1277) Add support for https connections. Signed-off-by: ksherryBAE <kieran.sherry@baesystems.com> Signed-off-by: James Ritchie <james.g.ritchie@baesystems.com> Signed-off-by: Simon Pasquier <spasquie@redhat.com> Signed-off-by: Ben RIdley <benridley29@gmail.com> 2019-11-15 23:12:57 +00:00			`# HTTPS Package for Prometheus`

Add tls versions Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu> 2020-04-27 17:19:09 +00:00			The `https` directory contains a Go package and a sample configuration file for
			running `node_exporter` with HTTPS instead of HTTP. We currently support TLS 1.3
			`and TLS 1.2.`

			To run a server with TLS, use the flag `--web.config`.
Adding TLS to node exporter - cleaner version (#1277) Add support for https connections. Signed-off-by: ksherryBAE <kieran.sherry@baesystems.com> Signed-off-by: James Ritchie <james.g.ritchie@baesystems.com> Signed-off-by: Simon Pasquier <spasquie@redhat.com> Signed-off-by: Ben RIdley <benridley29@gmail.com> 2019-11-15 23:12:57 +00:00
			e.g. `./node_exporter --web.config="web-config.yml"`
			`If the config is kept within the https directory.`

			`The config file should be written in YAML format, and is reloaded on each connection to check for new certificates and/or authentication policy.`

Fix typo in README.md Signed-off-by: J0WI <J0WI@users.noreply.github.com> 2020-02-20 22:41:14 +00:00			`## Sample Config`
Make TLS config consistent with Prometheus (#1685) Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu> 2020-04-25 11:42:45 +00:00
Adding TLS to node exporter - cleaner version (#1277) Add support for https connections. Signed-off-by: ksherryBAE <kieran.sherry@baesystems.com> Signed-off-by: James Ritchie <james.g.ritchie@baesystems.com> Signed-off-by: Simon Pasquier <spasquie@redhat.com> Signed-off-by: Ben RIdley <benridley29@gmail.com> 2019-11-15 23:12:57 +00:00			```
Make TLS config consistent with Prometheus (#1685) Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu> 2020-04-25 11:42:45 +00:00			`tls_config:`
Adding TLS to node exporter - cleaner version (#1277) Add support for https connections. Signed-off-by: ksherryBAE <kieran.sherry@baesystems.com> Signed-off-by: James Ritchie <james.g.ritchie@baesystems.com> Signed-off-by: Simon Pasquier <spasquie@redhat.com> Signed-off-by: Ben RIdley <benridley29@gmail.com> 2019-11-15 23:12:57 +00:00			`# Certificate and key files for server to use to authenticate to client`
Make TLS config consistent with Prometheus (#1685) Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu> 2020-04-25 11:42:45 +00:00			`cert_file: <filename>`
			`key_file: <filename>`
Adding TLS to node exporter - cleaner version (#1277) Add support for https connections. Signed-off-by: ksherryBAE <kieran.sherry@baesystems.com> Signed-off-by: James Ritchie <james.g.ritchie@baesystems.com> Signed-off-by: Simon Pasquier <spasquie@redhat.com> Signed-off-by: Ben RIdley <benridley29@gmail.com> 2019-11-15 23:12:57 +00:00
			`# Server policy for client authentication. Maps to ClientAuth Policies`
			`# For more detail on clientAuth options: [ClientAuthType](https://golang.org/pkg/crypto/tls/#ClientAuthType)`
Make TLS config consistent with Prometheus (#1685) Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu> 2020-04-25 11:42:45 +00:00			`[ client_auth_type: <string> \| default = "NoClientCert" ]`
Adding TLS to node exporter - cleaner version (#1277) Add support for https connections. Signed-off-by: ksherryBAE <kieran.sherry@baesystems.com> Signed-off-by: James Ritchie <james.g.ritchie@baesystems.com> Signed-off-by: Simon Pasquier <spasquie@redhat.com> Signed-off-by: Ben RIdley <benridley29@gmail.com> 2019-11-15 23:12:57 +00:00
			`# CA certificate for client certificate authentication to the server`
Make TLS config consistent with Prometheus (#1685) Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu> 2020-04-25 11:42:45 +00:00			`[ client_ca_file: <filename> ]`
Adding TLS to node exporter - cleaner version (#1277) Add support for https connections. Signed-off-by: ksherryBAE <kieran.sherry@baesystems.com> Signed-off-by: James Ritchie <james.g.ritchie@baesystems.com> Signed-off-by: Simon Pasquier <spasquie@redhat.com> Signed-off-by: Ben RIdley <benridley29@gmail.com> 2019-11-15 23:12:57 +00:00			```