Expose debug API with pprof

Runs along the provisioning API with same authentication.

config/bridge.go

@@ -85,6 +85,7 @@ type BridgeConfig struct {
 	Provisioning struct {
 		Prefix         string `yaml:"prefix"`
 		SharedSecret   string `yaml:"shared_secret"`
+		DebugEndpoints bool   `yaml:"debug_endpoints"`
 	} `yaml:"provisioning"`
 
 	Permissions bridgeconfig.PermissionConfig `yaml:"permissions"`

config/upgrade.go

@@ -113,6 +113,7 @@ func DoUpgrade(helper *up.Helper) {
 	} else {
 		helper.Copy(up.Str, "bridge", "provisioning", "shared_secret")
 	}
+	helper.Copy(up.Bool, "bridge", "provisioning", "debug_endpoints")
 
 	helper.Copy(up.Map, "bridge", "permissions")
 	//helper.Copy(up.Bool, "bridge", "relay", "enabled")

example-config.yaml

@@ -332,6 +332,8 @@ bridge:
         # Shared secret for authentication. If set to "generate", a random secret will be generated,
         # or if set to "disable", the provisioning API will be disabled.
         shared_secret: generate
+        # Enable debug API at /debug with provisioning authentication.
+        debug_endpoints: false
 
     # Permissions for using the bridge.
     # Permitted values:

provisioning.go

@@ -7,6 +7,7 @@ import (
 	"errors"
 	"net"
 	"net/http"
+	_ "net/http/pprof"
 	"strings"
 	"time"
 
@@ -71,6 +72,13 @@ func newProvisioningAPI(br *DiscordBridge) *ProvisioningAPI {
 	r.HandleFunc("/v1/guilds/{guildID}", p.guildsBridge).Methods(http.MethodPost)
 	r.HandleFunc("/v1/guilds/{guildID}", p.guildsUnbridge).Methods(http.MethodDelete)
 
+	if p.bridge.Config.Bridge.Provisioning.DebugEndpoints {
+		p.log.Debugln("Enabling debug API at /debug")
+		r := p.bridge.AS.Router.PathPrefix("/debug").Subrouter()
+		r.Use(p.authMiddleware)
+		r.PathPrefix("/pprof").Handler(http.DefaultServeMux)
+	}
+
 	return p
 }