add support for otel in env variable

http_proxy.go

@@ -78,9 +78,19 @@ import (
 const (
 	timeoutToDialOriginSite = 10 * time.Second
 
-	teleportHost = "telemetry.iantem.io:443"
+	defaultTeleportHost = "telemetry.iantem.io:443"
 )
 
+// getTelemetryEndpoint returns the OTEL endpoint to use for telemetry.
+// It checks the OTEL_EXPORTER_OTLP_ENDPOINT environment variable first,
+// falling back to the default if not set.
+func getTelemetryEndpoint() string {
+	if endpoint := os.Getenv("OTEL_EXPORTER_OTLP_ENDPOINT"); endpoint != "" {
+		return endpoint
+	}
+	return defaultTeleportHost
+}
+
 var (
 	log = golog.LoggerFor("lantern-proxy")
 
@@ -594,7 +604,7 @@ func (p *Proxy) createFilterChain(bl *blacklist.Blacklist) (filters.Chain, proxy
 
 func (p *Proxy) configureTeleportProxiedBytes() func() {
 	log.Debug("Configuring Teleport proxied bytes")
-	tp, stop := otel.BuildTracerProvider(p.buildOTELOpts(teleportHost, true))
+	tp, stop := otel.BuildTracerProvider(p.buildOTELOpts(getTelemetryEndpoint(), true))
 	if tp != nil {
 		go p.instrument.ReportProxiedBytesPeriodically(1*time.Hour, tp)
 		ogStop := stop
@@ -609,7 +619,7 @@ func (p *Proxy) configureTeleportProxiedBytes() func() {
 func (p *Proxy) configureTeleportOriginBytes() func() {
 	log.Debug("Configuring Teleport origin bytes")
 	// Note - we do not include the proxy name here to avoid associating origin site usage with devices on that proxy name
-	tp, stop := otel.BuildTracerProvider(p.buildOTELOpts(teleportHost, false))
+	tp, stop := otel.BuildTracerProvider(p.buildOTELOpts(getTelemetryEndpoint(), false))
 	if tp != nil {
 		go p.instrument.ReportOriginBytesPeriodically(1*time.Hour, tp)
 		ogStop := stop
@@ -624,7 +634,7 @@ func (p *Proxy) configureTeleportOriginBytes() func() {
 func (p *Proxy) configureOTELMetrics() (func(), error) {
 	return otel.InitGlobalMeterProvider(
 		p.buildOTELOpts(
-			teleportHost,
+			getTelemetryEndpoint(),
 			false, // don't include proxy name in order to reduce DataDog costs
 		))
 }

otel/otel.go

@@ -2,6 +2,7 @@ package otel
 
 import (
 	"context"
+	"strings"
 	"time"
 
 	sdkotel "go.opentelemetry.io/otel"
@@ -88,10 +89,18 @@ func (opts *Opts) buildResource() *resource.Resource {
 
 func BuildTracerProvider(opts *Opts) (*sdktrace.TracerProvider, func()) {
 	// Create HTTP client to talk to OTEL collector
-	client := otlptracehttp.NewClient(
+	clientOpts := []otlptracehttp.Option{
 		otlptracehttp.WithEndpoint(opts.Endpoint),
 		otlptracehttp.WithHeaders(opts.Headers),
-	)
+	}
+
+	// If endpoint doesn't use port 443, assume insecure (HTTP not HTTPS)
+	if !strings.Contains(opts.Endpoint, ":443") {
+		log.Debugf("Using insecure connection for OTEL endpoint %v", opts.Endpoint)
+		clientOpts = append(clientOpts, otlptracehttp.WithInsecure())
+	}
+
+	client := otlptracehttp.NewClient(clientOpts...)
 
 	// Create an exporter that exports to the OTEL collector
 	exporter, err := otlptrace.New(context.Background(), client)
@@ -127,7 +136,7 @@ func BuildTracerProvider(opts *Opts) (*sdktrace.TracerProvider, func()) {
 }
 
 func InitGlobalMeterProvider(opts *Opts) (func(), error) {
-	exp, err := otlpmetrichttp.New(context.Background(),
+	metricOpts := []otlpmetrichttp.Option{
 		otlpmetrichttp.WithEndpoint(opts.Endpoint),
 		otlpmetrichttp.WithHeaders(opts.Headers),
 		otlpmetrichttp.WithTemporalitySelector(func(kind sdkmetric.InstrumentKind) metricdata.Temporality {
@@ -142,7 +151,15 @@ func InitGlobalMeterProvider(opts *Opts) (func(), error) {
 				return metricdata.CumulativeTemporality
 			}
 		}),
-	)
+	}
+
+	// If endpoint doesn't use port 443, assume insecure (HTTP not HTTPS)
+	if !strings.Contains(opts.Endpoint, ":443") {
+		log.Debugf("Using insecure connection for OTEL metrics endpoint %v", opts.Endpoint)
+		metricOpts = append(metricOpts, otlpmetrichttp.WithInsecure())
+	}
+
+	exp, err := otlpmetrichttp.New(context.Background(), metricOpts...)
 	if err != nil {
 		return nil, err
 	}