From e901a731292d7cfe3e8523d0421ed3f1eb4586cb Mon Sep 17 00:00:00 2001
From: MrMelon54 <github@mrmelon54.com>
Date: Fri, 16 Feb 2024 01:41:42 +0000
Subject: [PATCH] Add metrics

---
 cmd/violet/serve.go               |  35 ++++------
 go.mod                            |  11 +++-
 go.sum                            |  27 ++++++--
 servers/api/api.go                |   7 +-
 servers/api/api_test.go           |   6 +-
 servers/http.go                   |   8 ++-
 servers/http_test.go              |   2 +-
 servers/https.go                  |  32 ++++++----
 servers/https_test.go             |   2 +-
 servers/metrics/httpmiddleware.go | 102 ++++++++++++++++++++++++++++++
 10 files changed, 181 insertions(+), 51 deletions(-)
 create mode 100644 servers/metrics/httpmiddleware.go

diff --git a/cmd/violet/serve.go b/cmd/violet/serve.go
index 4722892..b3be1c8 100644
--- a/cmd/violet/serve.go
+++ b/cmd/violet/serve.go
@@ -19,13 +19,13 @@ import (
 	"github.com/1f349/violet/utils"
 	"github.com/MrMelon54/exit-reload"
 	"github.com/google/subcommands"
+	"github.com/prometheus/client_golang/prometheus"
+	"github.com/prometheus/client_golang/prometheus/collectors"
 	"io/fs"
 	"log"
 	"net/http"
-	_ "net/http/pprof"
 	"os"
 	"path/filepath"
-	"runtime/pprof"
 )
 
 type serveCmd struct {
@@ -37,10 +37,9 @@ func (s *serveCmd) Name() string     { return "serve" }
 func (s *serveCmd) Synopsis() string { return "Serve reverse proxy server" }
 func (s *serveCmd) SetFlags(f *flag.FlagSet) {
 	f.StringVar(&s.configPath, "conf", "", "/path/to/config.json : path to the config file")
-	f.StringVar(&s.cpuprofile, "cpuprofile", "", "write cpu profile to file")
 }
 func (s *serveCmd) Usage() string {
-	return `serve [-conf <config file>] [-cpuprofile <profile file>]
+	return `serve [-conf <config file>]
   Serve reverse proxy server using information from config file
 `
 }
@@ -48,17 +47,6 @@ func (s *serveCmd) Usage() string {
 func (s *serveCmd) Execute(_ context.Context, _ *flag.FlagSet, _ ...interface{}) subcommands.ExitStatus {
 	log.Println("[Violet] Starting...")
 
-	// Enable cpu profiling
-	if s.cpuprofile != "" {
-		f, err := os.Create(s.cpuprofile)
-		if err != nil {
-			log.Fatal(err)
-		}
-		log.Printf("[Violet] CPU profiling enabled, writing to '%s'\n", s.cpuprofile)
-		_ = pprof.StartCPUProfile(f)
-		defer pprof.StopCPUProfile()
-	}
-
 	if s.configPath == "" {
 		log.Println("[Violet] Error: config flag is missing")
 		return subcommands.ExitUsageError
@@ -127,6 +115,13 @@ func normalLoad(startUp startUpConfig, wd string) {
 	certDir := os.DirFS(filepath.Join(wd, "certs"))
 	keyDir := os.DirFS(filepath.Join(wd, "keys"))
 
+	// setup registry for metrics
+	promRegistry := prometheus.NewRegistry()
+	promRegistry.MustRegister(
+		collectors.NewGoCollector(),
+		collectors.NewProcessCollector(collectors.ProcessCollectorOpts{}),
+	)
+
 	ws := websocket.NewServer()
 	allowedDomains := domains.New(db)                              // load allowed domains
 	acmeChallenges := utils.NewAcmeChallenge()                     // load acme challenge store
@@ -158,28 +153,24 @@ func normalLoad(startUp startUpConfig, wd string) {
 
 	var srvApi, srvHttp, srvHttps *http.Server
 	if srvConf.ApiListen != "" {
-		srvApi = api.NewApiServer(srvConf, allCompilables)
+		srvApi = api.NewApiServer(srvConf, allCompilables, promRegistry)
 		srvApi.SetKeepAlivesEnabled(false)
 		log.Printf("[API] Starting API server on: '%s'\n", srvApi.Addr)
 		go utils.RunBackgroundHttp("API", srvApi)
 	}
 	if srvConf.HttpListen != "" {
-		srvHttp = servers.NewHttpServer(srvConf)
+		srvHttp = servers.NewHttpServer(srvConf, promRegistry)
 		srvHttp.SetKeepAlivesEnabled(false)
 		log.Printf("[HTTP] Starting HTTP server on: '%s'\n", srvHttp.Addr)
 		go utils.RunBackgroundHttp("HTTP", srvHttp)
 	}
 	if srvConf.HttpsListen != "" {
-		srvHttps = servers.NewHttpsServer(srvConf)
+		srvHttps = servers.NewHttpsServer(srvConf, promRegistry)
 		srvHttps.SetKeepAlivesEnabled(false)
 		log.Printf("[HTTPS] Starting HTTPS server on: '%s'\n", srvHttps.Addr)
 		go utils.RunBackgroundHttps("HTTPS", srvHttps)
 	}
 
-	go func() {
-		log.Println(http.ListenAndServe("localhost:6600", nil))
-	}()
-
 	exit_reload.ExitReload("Violet", func() {
 		allCompilables.Compile()
 	}, func() {
diff --git a/go.mod b/go.mod
index b236cdf..c12f711 100644
--- a/go.mod
+++ b/go.mod
@@ -15,6 +15,7 @@ require (
 	github.com/gorilla/websocket v1.5.1
 	github.com/julienschmidt/httprouter v1.3.0
 	github.com/mattn/go-sqlite3 v1.14.18
+	github.com/prometheus/client_golang v1.18.0
 	github.com/rs/cors v1.10.1
 	github.com/sethvargo/go-limiter v0.7.2
 	github.com/stretchr/testify v1.8.4
@@ -24,19 +25,25 @@ require (
 
 require (
 	github.com/becheran/wildmatch-go v1.0.0 // indirect
+	github.com/beorn7/perks v1.0.1 // indirect
+	github.com/cespare/xxhash/v2 v2.2.0 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/golang-jwt/jwt/v4 v4.5.0 // indirect
 	github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 // indirect
-	github.com/kr/pretty v0.3.1 // indirect
+	github.com/kr/text v0.2.0 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
+	github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect
 	github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/prometheus/client_model v0.5.0 // indirect
+	github.com/prometheus/common v0.45.0 // indirect
+	github.com/prometheus/procfs v0.12.0 // indirect
 	github.com/rogpeppe/go-internal v1.11.0 // indirect
 	golang.org/x/sys v0.15.0 // indirect
 	golang.org/x/term v0.15.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
-	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
+	google.golang.org/protobuf v1.31.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
diff --git a/go.sum b/go.sum
index 8eae7b8..f46489e 100644
--- a/go.sum
+++ b/go.sum
@@ -16,6 +16,10 @@ github.com/Netflix/go-expect v0.0.0-20220104043353-73e0943537d2 h1:+vx7roKuyA63n
 github.com/Netflix/go-expect v0.0.0-20220104043353-73e0943537d2/go.mod h1:HBCaDeC1lPdgDeDbhX8XFpy1jqjK0IBG8W5K+xYqA0w=
 github.com/becheran/wildmatch-go v1.0.0 h1:mE3dGGkTmpKtT4Z+88t8RStG40yN9T+kFEGj2PZFSzA=
 github.com/becheran/wildmatch-go v1.0.0/go.mod h1:gbMvj0NtVdJ15Mg/mH9uxk2R1QCistMyU7d9KFzroX4=
+github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
+github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
+github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=
+github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
 github.com/creack/pty v1.1.17 h1:QeVUsEDNrLBW4tMgZHvxy18sKtr6VI492kBhUfhDJNI=
 github.com/creack/pty v1.1.17/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4=
@@ -24,6 +28,10 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg=
 github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
+github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
+github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
+github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/subcommands v1.2.0 h1:vWQspBTo2nEqTUFita5/KeEWlUL8kQObDFbub/EN9oE=
 github.com/google/subcommands v1.2.0/go.mod h1:ZjhPrFU+Olkh9WazFPsl27BQ4UPiG37m3yTrtFlrHVk=
 github.com/google/uuid v1.4.0 h1:MtMxsa51/r9yyhkyLsVeVt0B+BGQZzpQiTQ4eHZ8bc4=
@@ -36,11 +44,8 @@ github.com/julienschmidt/httprouter v1.3.0 h1:U0609e9tgbseu3rBINet9P48AI/D3oJs4d
 github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM=
 github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNUXsshfwJMBgNA0RU6/i7WVaAegv3PtuIHPMs=
 github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8=
-github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
 github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
 github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
-github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
-github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
 github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
@@ -52,15 +57,23 @@ github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWE
 github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
 github.com/mattn/go-sqlite3 v1.14.18 h1:JL0eqdCOq6DJVNPSvArO/bIV9/P7fbGrV00LZHc+5aI=
 github.com/mattn/go-sqlite3 v1.14.18/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg=
+github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 h1:jWpvCLoY8Z/e3VKvlsiIGKtc+UG6U5vzxaoagmhXfyg=
+github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0/go.mod h1:QUyp042oQthUoa9bqDv0ER0wrtXnBruoNd7aNjkbP+k=
 github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b/go.mod h1:01TrycV0kFyexm33Z7vhZRXopbI8J3TDReVlkTgMUxE=
 github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d h1:5PJl274Y63IEHC+7izoQE9x6ikvDFZS2mDVS3drnohI=
 github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d/go.mod h1:01TrycV0kFyexm33Z7vhZRXopbI8J3TDReVlkTgMUxE=
-github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=
 github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs=
+github.com/prometheus/client_golang v1.18.0 h1:HzFfmkOzH5Q8L8G+kSJKUx5dtG87sewO+FoDDqP5Tbk=
+github.com/prometheus/client_golang v1.18.0/go.mod h1:T+GXkCk5wSJyOqMIzVgvvjFDlkOQntgjkJWKrN5txjA=
+github.com/prometheus/client_model v0.5.0 h1:VQw1hfvPvk3Uv6Qf29VrPF32JB6rtbgI6cYPYQjL0Qw=
+github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI=
+github.com/prometheus/common v0.45.0 h1:2BGz0eBc2hdMDLnO/8n0jeB3oPrt2D08CekT0lneoxM=
+github.com/prometheus/common v0.45.0/go.mod h1:YJmSTw9BoKxJplESWWxlbyttQR4uaEcGyv9MZjVOJsY=
+github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo=
+github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo=
 github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M=
 github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA=
 github.com/rs/cors v1.10.1 h1:L0uuZVXIKlI1SShY2nhFfo44TYvDPQ1w4oFkUJNfhyo=
@@ -108,6 +121,10 @@ golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGm
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
+google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8=
+google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
diff --git a/servers/api/api.go b/servers/api/api.go
index 15f322d..36bbd55 100644
--- a/servers/api/api.go
+++ b/servers/api/api.go
@@ -7,6 +7,8 @@ import (
 	"github.com/1f349/violet/servers/conf"
 	"github.com/1f349/violet/utils"
 	"github.com/julienschmidt/httprouter"
+	"github.com/prometheus/client_golang/prometheus"
+	"github.com/prometheus/client_golang/prometheus/promhttp"
 	"net/http"
 	"time"
 )
@@ -15,12 +17,15 @@ import (
 // endpoints for the software
 //
 // `/compile` - reloads all domains, routes and redirects
-func NewApiServer(conf *conf.Conf, compileTarget utils.MultiCompilable) *http.Server {
+func NewApiServer(conf *conf.Conf, compileTarget utils.MultiCompilable, registry *prometheus.Registry) *http.Server {
 	r := httprouter.New()
 
 	r.GET("/", func(rw http.ResponseWriter, req *http.Request, params httprouter.Params) {
 		http.Error(rw, "Violet API Endpoint", http.StatusOK)
 	})
+	r.GET("/metrics", func(rw http.ResponseWriter, req *http.Request, params httprouter.Params) {
+		promhttp.HandlerFor(registry, promhttp.HandlerOpts{}).ServeHTTP(rw, req)
+	})
 
 	// Endpoint for compile action
 	r.POST("/compile", checkAuthWithPerm(conf.Signer, "violet:compile", func(rw http.ResponseWriter, req *http.Request, _ httprouter.Params, b AuthClaims) {
diff --git a/servers/api/api_test.go b/servers/api/api_test.go
index addc0f7..2ac3184 100644
--- a/servers/api/api_test.go
+++ b/servers/api/api_test.go
@@ -17,7 +17,7 @@ func TestNewApiServer_Compile(t *testing.T) {
 		Signer:  fake.SnakeOilProv,
 	}
 	f := &fake.Compilable{}
-	srv := NewApiServer(apiConf, utils.MultiCompilable{f})
+	srv := NewApiServer(apiConf, utils.MultiCompilable{f}, nil)
 
 	req, err := http.NewRequest(http.MethodPost, "https://example.com/compile", nil)
 	assert.NoError(t, err)
@@ -43,7 +43,7 @@ func TestNewApiServer_AcmeChallenge_Put(t *testing.T) {
 		Acme:    utils.NewAcmeChallenge(),
 		Signer:  fake.SnakeOilProv,
 	}
-	srv := NewApiServer(apiConf, utils.MultiCompilable{})
+	srv := NewApiServer(apiConf, utils.MultiCompilable{}, nil)
 	acmeKey := fake.GenSnakeOilKey("violet:acme-challenge")
 
 	// Valid domain
@@ -87,7 +87,7 @@ func TestNewApiServer_AcmeChallenge_Delete(t *testing.T) {
 		Acme:    utils.NewAcmeChallenge(),
 		Signer:  fake.SnakeOilProv,
 	}
-	srv := NewApiServer(apiConf, utils.MultiCompilable{})
+	srv := NewApiServer(apiConf, utils.MultiCompilable{}, nil)
 	acmeKey := fake.GenSnakeOilKey("violet:acme-challenge")
 
 	// Valid domain
diff --git a/servers/http.go b/servers/http.go
index 673bffb..69edc6c 100644
--- a/servers/http.go
+++ b/servers/http.go
@@ -3,8 +3,10 @@ package servers
 import (
 	"fmt"
 	"github.com/1f349/violet/servers/conf"
+	"github.com/1f349/violet/servers/metrics"
 	"github.com/1f349/violet/utils"
 	"github.com/julienschmidt/httprouter"
+	"github.com/prometheus/client_golang/prometheus"
 	"net/http"
 	"net/url"
 	"time"
@@ -15,7 +17,7 @@ import (
 //
 // `/.well-known/acme-challenge/{token}` is used for outputting answers for
 // acme challenges, this is used for Let's Encrypt HTTP verification.
-func NewHttpServer(conf *conf.Conf) *http.Server {
+func NewHttpServer(conf *conf.Conf, registry *prometheus.Registry) *http.Server {
 	r := httprouter.New()
 	var secureExtend string
 	_, httpsPort, ok := utils.SplitDomainPort(conf.HttpsListen, 443)
@@ -61,10 +63,12 @@ func NewHttpServer(conf *conf.Conf) *http.Server {
 		utils.FastRedirect(rw, req, u.String(), http.StatusPermanentRedirect)
 	})
 
+	metricsMiddleware := metrics.New(registry, nil).WrapHandler("violet-http-insecure", r)
+
 	// Create and run http server
 	return &http.Server{
 		Addr:              conf.HttpListen,
-		Handler:           r,
+		Handler:           metricsMiddleware,
 		ReadTimeout:       time.Minute,
 		ReadHeaderTimeout: time.Minute,
 		WriteTimeout:      time.Minute,
diff --git a/servers/http_test.go b/servers/http_test.go
index 81ea87b..cb66080 100644
--- a/servers/http_test.go
+++ b/servers/http_test.go
@@ -18,7 +18,7 @@ func TestNewHttpServer_AcmeChallenge(t *testing.T) {
 		Acme:    utils.NewAcmeChallenge(),
 		Signer:  fake.SnakeOilProv,
 	}
-	srv := NewHttpServer(httpConf)
+	srv := NewHttpServer(httpConf, nil)
 	httpConf.Acme.Put("example.com", "456", "456def")
 
 	req, err := http.NewRequest(http.MethodGet, "https://example.com/.well-known/acme-challenge/456", nil)
diff --git a/servers/https.go b/servers/https.go
index 8a1e405..c0e474c 100644
--- a/servers/https.go
+++ b/servers/https.go
@@ -5,7 +5,9 @@ import (
 	"fmt"
 	"github.com/1f349/violet/favicons"
 	"github.com/1f349/violet/servers/conf"
+	"github.com/1f349/violet/servers/metrics"
 	"github.com/1f349/violet/utils"
+	"github.com/prometheus/client_golang/prometheus"
 	"github.com/sethvargo/go-limiter/httplimit"
 	"github.com/sethvargo/go-limiter/memorystore"
 	"log"
@@ -17,31 +19,33 @@ import (
 
 // NewHttpsServer creates and runs a http server containing the public https
 // endpoints for the reverse proxy.
-func NewHttpsServer(conf *conf.Conf) *http.Server {
+func NewHttpsServer(conf *conf.Conf, registry *prometheus.Registry) *http.Server {
 	r := http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
 		log.Printf("[Debug] Request: %s - '%s' - '%s' - '%s' - len: %d - thread: %d\n", req.Method, req.URL.String(), req.RemoteAddr, req.Host, req.ContentLength, runtime.NumGoroutine())
 		conf.Router.ServeHTTP(rw, req)
 	})
 	favMiddleware := setupFaviconMiddleware(conf.Favicons, r)
 	rateLimiter := setupRateLimiter(conf.RateLimit, favMiddleware)
+	metricsMiddleware := metrics.New(registry, nil).WrapHandler("violet-https", rateLimiter)
+	hsts := http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
+		rw.Header().Set("Strict-Transport-Security", "max-age=63072000; includeSubDomains")
+		metricsMiddleware.ServeHTTP(rw, req)
+	})
 
 	return &http.Server{
-		Addr: conf.HttpsListen,
-		Handler: http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
-			rw.Header().Set("Strict-Transport-Security", "max-age=63072000; includeSubDomains")
-			rateLimiter.ServeHTTP(rw, req)
-		}),
+		Addr:    conf.HttpsListen,
+		Handler: hsts,
 		TLSConfig: &tls.Config{
 			// Suggested by https://ssl-config.mozilla.org/#server=go&version=1.21.5&config=intermediate
 			MinVersion: tls.VersionTLS12,
-		        CipherSuites: []uint16{
-		            tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
-		            tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
-		            tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
-		            tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
-		            tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
-		            tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
-		        },
+			CipherSuites: []uint16{
+				tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+				tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+				tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+				tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+				tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
+				tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
+			},
 			GetCertificate: func(info *tls.ClientHelloInfo) (*tls.Certificate, error) {
 				// error out on invalid domains
 				if !conf.Domains.IsValid(info.ServerName) {
diff --git a/servers/https_test.go b/servers/https_test.go
index 4412c49..ef86813 100644
--- a/servers/https_test.go
+++ b/servers/https_test.go
@@ -36,7 +36,7 @@ func TestNewHttpsServer_RateLimit(t *testing.T) {
 		Signer:    fake.SnakeOilProv,
 		Router:    router.NewManager(db, proxy.NewHybridTransportWithCalls(ft, ft, &websocket.Server{})),
 	}
-	srv := NewHttpsServer(httpsConf)
+	srv := NewHttpsServer(httpsConf, nil)
 
 	req, err := http.NewRequest(http.MethodGet, "https://example.com", nil)
 	req.RemoteAddr = "127.0.0.1:1447"
diff --git a/servers/metrics/httpmiddleware.go b/servers/metrics/httpmiddleware.go
new file mode 100644
index 0000000..2ffc0ff
--- /dev/null
+++ b/servers/metrics/httpmiddleware.go
@@ -0,0 +1,102 @@
+package metrics
+
+import (
+	"github.com/prometheus/client_golang/prometheus"
+	"github.com/prometheus/client_golang/prometheus/promauto"
+	"github.com/prometheus/client_golang/prometheus/promhttp"
+	"net/http"
+)
+
+// Copyright 2022 The Prometheus Authors
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Package metrics is adapted from
+// https://github.com/bwplotka/correlator/tree/main/examples/observability/ping/pkg/httpinstrumentation
+// https://github.com/prometheus/client_golang/blob/main/examples/middleware/httpmiddleware/httpmiddleware.go
+
+type Middleware interface {
+	// WrapHandler wraps the given HTTP handler for instrumentation.
+	WrapHandler(handlerName string, handler http.Handler) http.HandlerFunc
+}
+
+type middleware struct {
+	buckets  []float64
+	registry prometheus.Registerer
+}
+
+// WrapHandler wraps the given HTTP handler for instrumentation:
+// It registers four metric collectors (if not already done) and reports HTTP
+// metrics to the (newly or already) registered collectors.
+// Each has a constant label named "handler" with the provided handlerName as
+// value.
+func (m *middleware) WrapHandler(handlerName string, handler http.Handler) http.HandlerFunc {
+	reg := prometheus.WrapRegistererWith(prometheus.Labels{"handler": handlerName}, m.registry)
+
+	requestsTotal := promauto.With(reg).NewCounterVec(
+		prometheus.CounterOpts{
+			Name: "http_requests_total",
+			Help: "Tracks the number of HTTP requests.",
+		}, []string{"method", "code"},
+	)
+	requestDuration := promauto.With(reg).NewHistogramVec(
+		prometheus.HistogramOpts{
+			Name:    "http_request_duration_seconds",
+			Help:    "Tracks the latencies for HTTP requests.",
+			Buckets: m.buckets,
+		},
+		[]string{"method", "code"},
+	)
+	requestSize := promauto.With(reg).NewSummaryVec(
+		prometheus.SummaryOpts{
+			Name: "http_request_size_bytes",
+			Help: "Tracks the size of HTTP requests.",
+		},
+		[]string{"method", "code"},
+	)
+	responseSize := promauto.With(reg).NewSummaryVec(
+		prometheus.SummaryOpts{
+			Name: "http_response_size_bytes",
+			Help: "Tracks the size of HTTP responses.",
+		},
+		[]string{"method", "code"},
+	)
+
+	// Wraps the provided http.Handler to observe the request result with the provided metrics.
+	base := promhttp.InstrumentHandlerCounter(
+		requestsTotal,
+		promhttp.InstrumentHandlerDuration(
+			requestDuration,
+			promhttp.InstrumentHandlerRequestSize(
+				requestSize,
+				promhttp.InstrumentHandlerResponseSize(
+					responseSize,
+					handler,
+				),
+			),
+		),
+	)
+
+	return base.ServeHTTP
+}
+
+// New returns a Middleware interface.
+func New(registry prometheus.Registerer, buckets []float64) Middleware {
+	if buckets == nil {
+		buckets = prometheus.ExponentialBuckets(0.1, 1.5, 5)
+	}
+
+	return &middleware{
+		buckets:  buckets,
+		registry: registry,
+	}
+}