So I figured it out. In order to work behind cloudflare, just like you said, you have to redirect the X-Graylog-Server-URL url to https://$server_name/api/, then add an API catch in your NGINX to filter/redirect the API requests. I was missing the “Location /api/” section. Thanks again for the help.
server_name graylog.example.org;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Graylog-Server-URL https://$server_name/api;
proxy_pass http://127.0.0.1:9000;
}
location /api/ {
proxy_pass http://127.0.0.1:9000/api/;
}