Nginx Reverse Proxy +HTTPS with Graylog 3.0 on subdirectory (e.g., server.com/graylog)

lmm5247 · January 29, 2019, 4:31pm

I have Graylog setup and running and can access it on the server’s IP (e.g., 10.10.2.29:9000).

I’d rather not install Nginx on the Graylog server, since I have a separate server that is running Nginx with Let’s Encrypt and a reverse proxy. I can successfully access other services with this reverse proxy.

I would like to setup Graylog to run on a subdirectory (e.g., https://nginx02.internal.server.com/graylog). I’ve seen these examples, but I don’t know what to set in the Graylog server.conf file to make this work.

My applicable server.conf settings (I can post the entire config if needed).
http_bind_address = 10.10.2.29:9000

My Nginx config. Do I have the correct settings here?

server {
  listen 443 ssl http2;
  server_name internal.server.com;

  #SSL/TLS settings
  include /etc/nginx/sites-available/_ssl.conf;
  ssl_certificate /etc/letsencrypt/live/internal.server.com/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/internal.server.com/privkey.pem;
  ssl_dhparam /etc/nginx/ssl/nginx02/dhparam4096.pem;

  root /var/www/dashboard;
  autoindex off;
  index index.php index.html;

  location /graylog/ {
      proxy_set_header Host $http_host;
      proxy_set_header X-Forwarded-Host $host;
      proxy_set_header X-Forwarded-Server $host;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Graylog-Server-URL https://$server_name/graylog/;
      rewrite          ^/graylog/(.*)$  /$1  break;
      proxy_pass       http://10.10.2.29:9000;
  }

}

pterodaktysz · January 30, 2019, 10:18am

I’m having exactly the same problem.

kotecek · February 4, 2019, 10:52am

Same issue here. Does anyone know how to solve this?

jan · February 4, 2019, 11:07am

this is a documentation issue - what will be hopefully fixed in the next week.

jan · February 15, 2019, 9:41am

nope - not yet updated.

knobbysideup · February 18, 2019, 3:31pm

FWIW, I have some issues proxying this way with apache as well. Everything works fine except for everything under the ‘‘System’’ menu. Everything there adds an extra ‘’/graylog/’’ to the path in the returned html. See https://github.com/Graylog2/graylog2-server/issues/5610#issue-403893017

Here is the relevant part of my apache config:

<Location /graylog>
    RequestHeader set X-Graylog-Server-URL "https://$public/graylog/"
    ProxyPass http://$private:9000
    ProxyPassReverse http://$private:9000
</Location>

I could possibly address this with a rewrite, but I’d rather not if there is something going on with the code that generates the system menu.

jan · February 20, 2019, 4:40pm

I have created an issue for that:

system · March 6, 2019, 4:45pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Nginx proxy subdirectory graylog server Graylog Central (peer support)	4	1495	January 4, 2019
Graylog behind nginx sub directory how-to configure Graylog Central (peer support)	12	8315	February 14, 2018
External access through separate nginx proxy Graylog Central (peer support)	4	4236	October 27, 2017
NGINX & Graylog Integration Graylog Central (peer support)	2	3291	December 15, 2022
Graylog Docker & Swag Docker (with NGINX Reverse-Proxy) [fixed] Graylog Central (peer support)	2	999	November 4, 2020

Nginx Reverse Proxy +HTTPS with Graylog 3.0 on subdirectory (e.g., server.com/graylog)

Related topics