Only expose /metrics for Fly internal scraper

I just added a /metrics endpoint to my app to leverage the prometheus instance of Fly. But I don’t want to expose it publicly.
For Elixir there is a library to bind conditions to a plug (e.g. authentication or whatever can be passed). What’s the best practice way here at Fly to expose a metrics endpoint without exposing it publicly? Thanks.

Hi @mmore

A fairly easy way is to expose metrics on a different port that is not exposed publicly in fly.toml, only in the metrics section.
The fly metrics scraper will still be able to access the port and it won’t be publicly accessible.

1 Like