hello
After change to https web interface I had an error - 502 bad gateway:
Can you help me, what is wrong in this configuration:
graylog:
server.conf:
rest_listen_uri=http://10.1.4.108:12900/
rest_transport_uri=http://10.1.4.108:12900/
web_listen_uri = http://10.1.4.108:9000/
web_endpoint_uri = http://10.1.4.108:9000/api
nginx.conf:
server {
listen 80;
return 301 https://$host$request_uri;
}
server {
listen 443;
server_name 10.1.4.108;
ssl_certificate /root/graylog.pem;
ssl_certificate_key /root/key_pk8.pem;
ssl on;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Graylog-Server-URL https://10.1.4.108/api;
proxy_pass http://10.1.4.108:9000;
proxy_read_timeout 90;
}
location /api/ {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_pass http://10.1.4.108:12900/;
}
}
thx in advance for your help
jochen
(Jochen)
July 18, 2017, 7:38am
2
What’s the output of the following curl commands when you run them on the same machine running nginx?
$ curl -i -H 'Accept: application/json' 'http://10.1.4.108:12900/?pretty=true'
$ curl -i -H 'Accept: text/html' 'http://10.1.4.108:9000/'
damn …
Failed connect to 10.1.4.108:12900; Connection refused
Failed connect to 10.1.4.108:9000; Connection refused
what should I do next ?
jochen
(Jochen)
July 18, 2017, 7:44am
4
Is 10.1.4.108
the correct IP address?
Is nginx running on the same machine as Graylog?
jochen
(Jochen)
July 18, 2017, 7:49am
6
If nginx is running on the same machine, you can simply use the defaults of rest_listen_uri
, rest_transport_uri
, and web_listen_uri
.
What’s the output of the following commands:
$ ip addr show
$ netstat -tulpen
$ ping -c 1 10.1.4.108
everything works:
inet 10.1.4.108/24
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 0 34831 4398/nginx: master
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 0 34832 4398/nginx: master
64 bytes from 10.1.4.108: icmp_seq=1 ttl=64 time=0.017 ms
Firewall is off
jochen
(Jochen)
July 18, 2017, 8:15am
8
Please post the complete output of each command.
It looks like Graylog isn’t running on that system. Check the logs of your Graylog node.
of course graylog-server, mongodb, elasticsearch, nginx) are running.
# systemctl status graylog-server.service
● graylog-server.service - Graylog server
Loaded: loaded (/usr/lib/systemd/system/graylog-server.service; enabled; vendor preset: disabled)
Active: active (running) since Tue 2017-07-18 10:17:48 CEST; 410ms ago
Docs: http://docs.graylog.org/
Main PID: 14234 (graylog-server)
CGroup: /system.slice/graylog-server.service
├─14234 /bin/sh /usr/share/graylog-server/bin/graylog-server
└─14235 /usr/bin/java -Xms1g -Xmx1g -XX:NewRatio=1 -server -XX:+ResizeTLAB -XX:+UseConcMarkSweepGC -XX:+CMSConcurrentMTEnabled...
everything works when I return to http configuration.
Maybe sth is wrong with my nginx config?
jochen
(Jochen)
July 18, 2017, 8:25am
10
Check the logs of your Graylog node. It sure wasn’t bound to the configured network interface, according to the output of the previous commands I’ve told you.
I checked it. I cannot see the reason in logs … everythings see ok …
jochen
(Jochen)
July 18, 2017, 8:52am
12
Sorry, but I can’t help you if you don’t provide the necessary information, such as the unabridged output of the commands I’ve asked for and the unabridged logs of your Graylog node.
I’ve also told you that you could use the default settings for various configuration settings. Have you tried that?
Do you have a sample cofiguration of nginx of graylog on 443? (nginx.conf file) if yes can you send me it?
jochen
(Jochen)
July 18, 2017, 9:19am
14
do you think that my configuration of ngix is ok ?
jochen
(Jochen)
July 18, 2017, 2:14pm
16
Since http://10.1.4.108:12900/
and http://10.1.4.108:9000/
are obviously not reachable from the machine running nginx, it’s probably wrong.
sanbar
(sanbar)
July 18, 2017, 2:23pm
17
probably ur firewall is blocking the connection request.
everything is all_in_one : nginx and graylog, firewall is turned off
system
(system)
Closed
August 1, 2017, 2:35pm
19
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.