From eba6f0a9294cc9fbf1da7ed9d08155bd6f7a6ac9 Mon Sep 17 00:00:00 2001 From: Suguru Hirahara Date: Mon, 10 Mar 2025 00:22:23 +0900 Subject: [PATCH] Update docs/configuring-playbook-prometheus-grafana.md: warning message Signed-off-by: Suguru Hirahara --- docs/configuring-playbook-prometheus-grafana.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/configuring-playbook-prometheus-grafana.md b/docs/configuring-playbook-prometheus-grafana.md index 6a32b5ab1..f16745021 100644 --- a/docs/configuring-playbook-prometheus-grafana.md +++ b/docs/configuring-playbook-prometheus-grafana.md @@ -6,7 +6,7 @@ SPDX-FileCopyrightText: 2021 Kim Brose SPDX-FileCopyrightText: 2021 Luca Di Carlo SPDX-FileCopyrightText: 2022 Olivér Falvai SPDX-FileCopyrightText: 2023 Michael Hollister -SPDX-FileCopyrightText: 2024 Suguru Hirahara +SPDX-FileCopyrightText: 2024 - 2025 Suguru Hirahara SPDX-License-Identifier: AGPL-3.0-or-later --> @@ -16,9 +16,9 @@ SPDX-License-Identifier: AGPL-3.0-or-later The playbook can install [Prometheus](https://prometheus.io/) with [Grafana](https://grafana.com/) and configure performance metrics of your homeserver with graphs for you. > [!WARNING] -> Metrics and resulting graphs can contain a lot of information. This includes system specs but also usage patterns. This applies especially to small personal/family scale homeservers. Someone might be able to figure out when you wake up and go to sleep by looking at the graphs over time. Think about this before enabling (anonymous) access. And you should really not forget to change your Grafana password. +> Metrics and graphs contain a lot of information, and anyone who has access to them can make an educated guess about your server usage patterns. This especially applies to small personal/family scale homeservers, where the number of samples is fairly limited. Analyzing the metrics over time, one might be able to figure out about your life cycle, such as when you wake up, go to bed, etc. Before enabling (anonymous) access, you should carefully evaluate the risk, and if you do enable it, it is highly recommended to change your Grafana password from the default one. > -> Most of our docker containers run with limited system access, but the `prometheus-node-exporter` has access to the host network stack and (readonly) root filesystem. This is required to report on them. If you don't like that, you can set `prometheus_node_exporter_enabled: false` (which is actually the default). You will still get Synapse metrics with this container disabled. Both of the dashboards will always be enabled, so you can still look at historical data after disabling either source. +> Most of our docker containers run with limited system access, but the `prometheus-node-exporter` can access to the host network stack and (readonly) root filesystem. If it is fine, you can enable it to have it report on them (see [below](#enable-metrics-and-graphs-for-generic-system-information-optional) for the instruction). Even if it is not enabled, you will still get Synapse metrics. Note that as the dashboards of them will always be enabled, you can still see historical data after disabling either source. ## Adjusting DNS records