From 01df790e30c4f77f6cfcb8217fd4c8f9e98a90d7 Mon Sep 17 00:00:00 2001
From: WeebDataHoarder <weebdatahoarder@noreply.gammaspectra.live>
Date: Fri, 25 Apr 2025 13:04:19 +0200
Subject: [PATCH] docker: added config/metrics/debug options

---
 Dockerfile | 9 +++++++++
 README.md  | 9 +++++++++
 2 files changed, 18 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index 7277056..33e0bbd 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -35,9 +35,13 @@ COPY --from=build /go/bin/go-away /bin/go-away
 
 ENV TZ UTC
 
+ENV GOAWAY_METRICS_BIND=""
+ENV GOAWAY_DEBUG_BIND=""
+
 ENV GOAWAY_BIND=":8080"
 ENV GOAWAY_BIND_NETWORK="tcp"
 ENV GOAWAY_SOCKET_MODE="0770"
+ENV GOAWAY_CONFIG=""
 ENV GOAWAY_POLICY="/policy.yml"
 ENV GOAWAY_POLICY_SNIPPETS="/policy/snippets"
 ENV GOAWAY_CHALLENGE_TEMPLATE="anubis"
@@ -50,12 +54,17 @@ ENV GOAWAY_BACKEND=""
 ENV GOAWAY_ACME_AUTOCERT=""
 ENV GOAWAY_CACHE="/cache"
 
+
 EXPOSE 8080/tcp
 EXPOSE 8080/udp
+EXPOSE 9090/tcp
+EXPOSE 6060/tcp
 
 ENV JWT_PRIVATE_KEY_SEED="${GOAWAY_JWT_PRIVATE_KEY_SEED}"
 
 ENTRYPOINT  /bin/go-away --bind "${GOAWAY_BIND}" --bind-network "${GOAWAY_BIND_NETWORK}" --socket-mode "${GOAWAY_SOCKET_MODE}" \
+            --metrics-bind "${GOAWAY_METRICS_BIND}" --debug-bind "${GOAWAY_DEBUG_BIND}" \
+            --config "${GOAWAY_CONFIG}" \
             --policy "${GOAWAY_POLICY}" --policy-snippets "${GOAWAY_POLICY_SNIPPETS}" \
             --client-ip-header "${GOAWAY_CLIENT_IP_HEADER}" --backend-ip-header "${GOAWAY_BACKEND_IP_HEADER}" \
             --cache "${GOAWAY_CACHE}" \
diff --git a/README.md b/README.md
index 32c4fc3..8a72b1d 100644
--- a/README.md
+++ b/README.md
@@ -373,6 +373,11 @@ services:
       # Supported tcp, unix, and proxy (for enabling PROXY module for request unwrapping)
       #GOAWAY_BIND_NETWORK: "tcp"
       #GOAWAY_SOCKET_MODE: "0770"
+
+      # Enable Prometheus metrics under /metrics on this bind
+      #GOAWAY_METRICS_BIND: ":9090"
+      # Enable Go debug profiles under this bind
+      #GOAWAY_DEBUG_BIND: ":6060"
       
       # set to letsencrypt or other directory URL to enable HTTPS. Above ports will be TLS only.
       # enables request JA3N / JA4 client TLS fingerprinting
@@ -401,6 +406,10 @@ services:
       # If left empty, the header on GOAWAY_CLIENT_IP_HEADER will be left as-is
       #GOAWAY_BACKEND_IP_HEADER: ""
       
+      # Alternate way of specifying parameters or more advanced settings
+      # Pass path to YAML file
+      #GOAWAY_CONFIG: ""
+      
       GOAWAY_POLICY: "/policy.yml"
 
       GOAWAY_POLICY_SNIPPETS: "/policy/snippets"