feat: add Prometheus metrics endpoint and Docker image (PLAN.md 4.2)

Add internal/metrics package with dedicated Prometheus registry exposing SSH connection, auth attempt, session, and build info metrics. Wire into SSH server (4 instrumentation points) and web server (/metrics endpoint). Add dockerImage output to flake.nix via dockerTools.buildLayeredImage. Bump version to 0.7.0. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-15 05:47:16 +01:00
parent b8fcbc7e10
commit ab07e6a8dc
14 changed files with 342 additions and 19 deletions
--- a/README.md
+++ b/README.md
@@ -44,6 +44,7 @@ Key settings:
 - `web.enabled` — enable the web dashboard (default `false`)
 - `web.listen_addr` — web dashboard listen address (default `:8080`)
  - Session detail pages at `/sessions/{id}` include terminal replay via xterm.js
+- `web.metrics_enabled` — expose Prometheus metrics at `/metrics` (default `true`)
 - `detection.enabled` — enable human detection scoring (default `false`)
 - `detection.threshold` — score threshold (0.0–1.0) for flagging sessions (default `0.6`)
 - `detection.update_interval` — how often to recompute scores (default `5s`)
@@ -82,3 +83,15 @@ Add the flake as an input and enable the service:
 ```

 Alternatively, use `configFile` to pass a pre-written TOML file instead of `settings`.
+
+### Docker
+
+Build a Docker image via nix:
+
+```sh
+nix build .#dockerImage
+docker load < result
+docker run -v /path/to/data:/data -p 2222:2222 -p 8080:8080 oubliette:0.7.0
+```
+
+Place your `oubliette.toml` in the data volume. The container exposes ports 2222 (SSH) and 8080 (web/metrics).