How to install firehol netdata on a Linux Ubuntu 14.04 Box and run it behind an Apache2 Proxy with Basic Auth Protection
2016-04-03 00:00:00
IN1
,
2023-04-10 14:16:28
IN1
Installing
Get firehol netdata sources from github and install into /opt
folder.
$ cd /tmp
$ git clone https://github.com/firehol/netdata.git --depth=1
$ cd netdata
$ sudo ./netdata-installer.sh --install /opt
Update iptables
deny any access to the webinterface
iptables -A INPUT -p tcp --dport 19999 -s 127.0.0.0/8 -j ACCEPT
iptables -A INPUT -p tcp --dport 19999 -j REJECT --reject-with icmp-port-unreachable
Apache2
Basic Auth
install apache2-utils
and create a basic auth password for user netdata
$ sudo apt-get install apache2-utils
$ sudo htpasswd -c /etc/apache2/.htpasswd netdata
Proxy
Install and enable Proxy Module for Apache2
$ sudo apt-get install libapache2-mod-proxy-html
$ sudo a2enmod proxy
$ sudo a2enmod proxy_http
Add a Apache2 VHost Entry
$ sudo vim /etc/apache2/sites-available/999-netdata.conf
-
Vhost Entry for Domain
netdata.example.com
on host999.999.999.999
. Replace those by real values:<virtualhost netdata.example.com:80> RewriteEngine On ProxyRequests Off <proxy> Order deny,allow Allow from all </proxy> ProxyPass "/netdata/box/" "http://999.999.999.999:19999/" connectiontimeout=5 timeout=30 ProxyPassReverse "/netdata/box/" "http://999.999.999.999:19999/" RewriteRule ^/$ http://%{HTTP_HOST}/netdata/box/ [L,R=301] ServerName netdata.example.com DocumentRoot /var/www/html/ <location></location> AuthType Basic AuthName "Restricted Content" AuthUserFile /etc/apache2/.htpasswd Require valid-user Order deny,allow Allow from all CustomLog /var/log/apache2/netdata.example.com.log combined ErrorLog /var/log/apache2/netdata.example.com.error.log </virtualhost>
symlink the new vhost entry to the sites-enabled
folder.
$ sudo ln -s /etc/apache2/sites-available/999-netdata.conf /etc/apache2/sites-enabled/
Restart Apache2
$ sudo service apache2 restart
Run
Open http://netdata.example.com/netdata/box/
Links
- netdata: https://github.com/firehol/netdata
- password protection: https://github.com/firehol/netdata/issues/120
- iptables / Enable authentication: https://github.com/firehol/netdata/wiki/Running-behind-nginx#enable-authentication
- netdata via apache's mod_proxy: https://github.com/firehol/netdata/wiki/Running-behind-apache
- Apache2 & Proxy / AuthType Basic