This commit is contained in:
Caffeine Fueled 2026-07-10 21:38:38 +02:00
commit 39c625f57f
Signed by: cf7
GPG key ID: CA295D643074C68C
9 changed files with 679 additions and 0 deletions

90
README.md Normal file
View file

@ -0,0 +1,90 @@
# metrica
AI README PLACEHOLDER
```
POST /api/{script}/ push JSON (requires a token)
GET /api/{script}/ read JSON (requires a token)
GET / dashboard (open)
GET /health liveness
```
## Quick start
```bash
# 1. configure a token (or let the app print a temporary one on first start)
cp .env.example .env
$EDITOR .env
# 2. run it (uv installs deps into an ephemeral env automatically)
uv run app.py
# → http://127.0.0.1:8000
```
If you don't set `METRICA_TOKENS`, the app generates a temporary token and
prints it to the console on startup.
## Pushing data
Any valid token authorizes any script. A script is auto-created the first time
it pushes — no registration step.
```bash
TOKEN=change-me-token-1
# a single number
curl -X POST http://127.0.0.1:8000/api/nightly-backup/ \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d "$(ls /var/backups | wc -l)"
# a structured payload
curl -X POST http://127.0.0.1:8000/api/disk-check/ \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{"files": 1423, "used_gb": 38.2, "status": "ok"}'
```
`X-API-Key: $TOKEN` works as an alternative to the `Authorization` header.
The dashboard draws a sparkline from the first numeric value it finds in each
payload (so both examples above chart automatically).
### From cron
```cron
# count files in a directory every hour
0 * * * * curl -sf -X POST https://metrica.example.com/api/inbox-count/ \
-H "Authorization: Bearer $METRICA_TOKEN" \
-d "$(ls /srv/inbox | wc -l)"
```
## Storage
Each script is one file: `data/{script}.jsonl`. Every push appends one line:
```json
{"ts": "2026-07-08T16:42:00Z", "data": {"files": 1423, "used_gb": 38.2}}
```
Delete a script by deleting its file. Trim history with `tail`. Back it up by
copying the `data/` directory.
## Configuration
| Variable | Default | Purpose |
|---|---|---|
| `METRICA_TOKENS` | *(generated)* | Comma/space-separated valid push tokens |
| `METRICA_TOKENS_FILE` | | File of tokens, one per line |
| `METRICA_DATA_DIR` | `data` | Where JSONL files are written |
| `METRICA_MAX_HISTORY` | `100` | Recent points shown per script |
| `METRICA_HOST` / `METRICA_PORT` | `127.0.0.1` / `8000` | Bind address |
## Notes on security
- The **push and read APIs require a token**; script names are restricted to
`[A-Za-z0-9_-]` so they can't escape the data directory.
- The **dashboard is open** (read-only). If the metrics are sensitive, keep the
service on a private network or put a reverse proxy / VPN / basic-auth in
front of `/`.
- Always run behind HTTPS in production so tokens aren't sent in clear text.