Graylog installation behind NGINX for proxy and CloudFlare for SSL

dlevenden · February 12, 2018, 3:57pm

I’m looking for a Graylog Installation playbook that is causing me some troubles.

I’m trying to get graylog installed behind nginx as a proxy, and then behind cloudflare for SSL.

Anyone know of a blog I can take a look at that addresses this? I’m hosting my platform on http and using cloudflare for the SSL cert. (FYI)

Thanks.

jochen · February 12, 2018, 4:55pm

There probably won’t be a blog post 100% matching your requirements.

This being said, an example of a working nginx setup is described in the documentation of Graylog:
http://docs.graylog.org/en/2.4/pages/configuration/web_interface.html#making-the-web-interface-work-with-load-balancers-proxies

dlevenden · February 12, 2018, 5:11pm

Right. I thought that might be the case.

I followed that documentation article to get NGINX up and running. I can access the site without using the SSL cert, but get the following error when trying to access it via the SSL cert.

“We are experiencing problems connecting to the Graylog server running on http://XXX.XXX.XXX.XXX:9000/. Please verify that the server is healthy and working correctly.”

Please note: I removed the public IP and replaced with X’s. Thank you.

Any suggestions on how to solve that? I assume it’s Cloudflare blocking the request, but just can’t quite pin it down. Also I have no errors in the logs for Graylog or NGINX.

jan · February 12, 2018, 5:19pm

n http://XXX.XXX.XXX.XXX:9000/.

you might have something configured not using https - maybe you need to set the X-Graylog-Server-URL to something including https and the correct port

dlevenden · February 12, 2018, 5:27pm

Yea maybe. Let me try something and I’ll let you know if I figure it out.

Thanks for the help.

dlevenden · February 12, 2018, 5:47pm

So I figured it out. In order to work behind cloudflare, just like you said, you have to redirect the X-Graylog-Server-URL url to https://$server_name/api/, then add an API catch in your NGINX to filter/redirect the API requests. I was missing the “Location /api/” section. Thanks again for the help.

    server_name graylog.example.org;

    location / {
            proxy_set_header Host $http_host;
            proxy_set_header X-Forwarded-Host $host;
            proxy_set_header X-Forwarded-Server $host;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Graylog-Server-URL https://$server_name/api;
            proxy_pass       http://127.0.0.1:9000;
    }
    location /api/ {
            proxy_pass      http://127.0.0.1:9000/api/;
    }

system · February 26, 2018, 5:54pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Web interface not working behind Nginx Graylog Central (peer support)	9	3661	March 5, 2020
Graylog Web interface doesnt open with HTTPS Graylog Central (peer support)	2	354	August 5, 2020
Graylog behind nginx Graylog Central (peer support)	14	3715	April 28, 2021
Nginx Reverse Proxy +HTTPS with Graylog 3.0 on subdirectory (e.g., server.com/graylog) Graylog Central (peer support)	8	10399	March 6, 2019
GrayLog Nginx Reverse Proxy Https Graylog Central (peer support)	9	4761	May 1, 2020

Graylog installation behind NGINX for proxy and CloudFlare for SSL

Related Topics