Unable to access graylog 2.4 behind nginx


#1

Hi Everybody,

I am struggling to access graylog 2.4 behind nginx. If i try to access via web interface, the browser can download the page, but every links in the page point to bad script address:

<body>
   <script src="/config.js"></script>
   <script src="/assets/vendor.552834c48b86209e305c.js"></script>
   <script src="/assets/polyfill.0cbba45d8aad71248f6d.js"></script>
   ...
</body>

As I understand correctly web_endpoint_uri or X-Graylog-Server-URL should do the trick and set the correct prefixes of the sources, but none of them seems to work.
My graylog.conf:

rest_listen_uri = http://d-graylog:9000/api/
rest_transport_uri = http://nginx-srv/graylog/api
web_listen_uri = http://d-graylog:9000
#web_endpoint_uri=

where “d-graylog” is the docker container name that runs graylog.

my nginx.conf:

upstream docker-graylog{
    server d-graylog:9000;
   }

 server {
    listen 80 default_server;
    listen [::]:80 default_server ipv6only=on;
    server_name nginx-srv;

        location /graylog/{
          proxy_set_header Host $http_host;
          proxy_set_header    X-Forwarded-Host $host;
          proxy_set_header    X-Forwarded-Server $host;
          proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_set_header    X-Graylog-Server-URL http://$server_name/graylog;
          rewrite          ^/graylog/(.*)$  /$1  break;
          proxy_pass http://docker-graylog;
    }
}

The most interesting thing, if I try to use the 3.0 graylog image with the following config (nginx conf remains the same), everything works properly.

http_bind_address = d-graylog:9000
http_publish_uri = http://$http_bind_address/
web_listen_uri = http://d-graylog:9000

Does 2.4 version support “under a path” reverse proxy? Or where did I make the mistake?

Thanks for the help!


(Jan Doberstein) #2

you mighr want to check my lab that is actually exact with the same setup.

the configuration is on github: https://github.com/jalogisch/d-gray-lab


#3

ohh, thanks Jan, for the link. I can compare line by line your and my configuration and figured out the problem. My working configuration is:
nginx.conf

    location ^~ /graylog{
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Server $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Graylog-Server-URL http://$server_name/graylog/api;#<---/api!  
        #<---rewrite is not necessary
        proxy_pass http://docker-graylog;
    }

graylog.conf:

...
rest_listen_uri = http://d-graylog:9000/graylog/api #<---missing /graylog from path
rest_transport_uri = http://nginx-srv/graylog/api
web_listen_uri = http://d-graylog:9000/graylog #<---missing /graylog from path
...

The root of my problem was the missing /graylog from path after the port. I don’t know the reason why I can’t use the root of the d-graylog. If you could clarify this I would be really grateful.


(Jan Doberstein) #4

you can use Graylog in a sub-path. Then you need to configuration like you can see in my lab. If you want to have that on your root - then you just remove the sub-path on all configurations.


(system) #5

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.