Add health status endpoint

[pufferffish]

Close #96

ping @erikschul @fmierlo

This adds an argument --info/-i which specifies an address and port (e.g. localhost:9080), which exposes a HTTP server that provides health status metric of the server.

Currently two endpoints are implemented: /metrics: Exposes information of the wireguard daemon, this provides the same information you would get with wg show. This shows an example of what the response would look like.

/readyz: This responds with a json which shows the last time a pong is received from an IP specified with CheckAlive. When CheckAlive is set, a ping is sent out to addresses in CheckAlive per CheckAliveInterval seconds (defaults to 5) via wireguard. If a pong has not been received from one of the addresses within the last CheckAliveInterval seconds (+2 seconds for some leeway to account for latency), then it would respond with a 503, otherwise a 200.

For example:

[Interface]
PrivateKey = censored
Address = 10.2.0.2/32
DNS = 10.2.0.1
CheckAlive = 1.1.1.1, 3.3.3.3
CheckAlive = 3

[Peer]
PublicKey = censored
AllowedIPs = 0.0.0.0/0
Endpoint = 149.34.244.174:51820

[Socks5]
BindAddress = 127.0.0.1:25344

/readyz would respond with

< HTTP/1.1 503 Service Unavailable
< Date: Thu, 11 Apr 2024 00:54:59 GMT
< Content-Length: 35
< Content-Type: text/plain; charset=utf-8
<
{"1.1.1.1":1712796899,"3.3.3.3":0}

And for:

[Interface]
PrivateKey = censored
Address = 10.2.0.2/32
DNS = 10.2.0.1
CheckAlive = 1.1.1.1

/readyz would respond with

< HTTP/1.1 200 OK
< Date: Thu, 11 Apr 2024 00:56:21 GMT
< Content-Length: 23
< Content-Type: text/plain; charset=utf-8
<
{"1.1.1.1":1712796979}

If nothing is set for CheckAlive, an empty JSON object with 200 will be the response.

The peer which the ICMP ping packet is routed to depends on the AllowedIPs set for each peers.

[erikschul]

Looks good!

for

CheckAlive = 3

I assume you meant

CheckAliveInterval = 3

[pufferffish]

Oops you're right