https://blog.crox.net/ en Serendipity 2.5.0 - http://www.s9y.org/ Tue, 26 Dec 2017 19:57:00 GMT https://blog.crox.net/templates/2k11/img/s9y_banner_small.png https://blog.crox.net/ 100 21 https://blog.crox.net/archives/107-Grafana-auto-login.html https://blog.crox.net/archives/107-Grafana-auto-login.html#comments https://blog.crox.net/wfwcomment.php?cid=107 0 https://blog.crox.net/rss.php?version=2.0&type=comments&cid=107 nospam@example.com (crox) The solution described <a href="http://docs.grafana.org/tutorials/authproxy/#grafana-authproxy">here</a> works for me.<br /> <br /> I did the following on the internal host where Grafana is installed:<br /> <br /> <ul><li>Configured Apache (on port 80) as reverse proxy to Grafana (on port 3000)</li><li>Setup the virtualhost to add/set the required headers to login automatically as user admin</li></ul><br /> Relevant section from /etc/grafana/grafana.ini:<br /> <br /> <pre>[auth.proxy]<br />enabled = true<br />;header_name = X-WEBAUTH-USER<br />;header_property = username<br />auto_sign_up = false</pre><br /> Apache config extract (you will need to enable mod_proxy, mod_proxy_http and mod_headers for this to work):<br /> <br /> <pre>&lt;VirtualHost &#42;:80&gt;<br /> ProxyPreserveHost On<br /> ProxyRequests Off<br /> ProxyPass / http://localhost:3000/<br /> ProxyPassReverse / http://localhost:3000/<br /> RequestHeader set "X-WEBAUTH-USER" "admin"<br />&lt;/VirtualHost&gt;</pre><br /> On a separate Apache instance exposed to more networks I did the following:<br /> <br /> <ul><li>Configured Apache as reverse proxy to the internal instance</li><li>Restricted access from specific IP addresses</li><li>Setup a rule to redirect requests to the root of the website (and only those) to a specific dashboard</li></ul><br /> This is how the Apache config looks like (requires mod_proxy, mod_proxy_http and mod_alias; IP addresses, host names etc. changed)<br /> <br /> <pre>&lt;VirtualHost &#42;:80&gt;<br /> ServerName sub.example.org<br /> ServerAlias www.sub.example.org<br /> &lt;Location /&gt;<br /> Require ip 192.0.2.0/24<br /> Require ip 203.0.113.0/24<br /> Require ip 2001:0db8:85a4::/64<br /> Require ip 2001:0db8:85a5::/64<br /> RedirectMatch ^/$ /dashboard/db/mydashboard<br /> &lt;/Location&gt;<br /> ProxyPreserveHost On<br /> ProxyRequests Off<br /> ProxyPass / http://[2001:0db8:85a3::aaaa:8a2e:0370:7334]/<br /> ProxyPassReverse / http://[2001:0db8:85a3::aaaa:8a2e:0370:7334]/<br />&lt;/VirtualHost&gt;</pre><br /> Using a public IPv6 address on the internal host allows the whole thing to work with just a few firewall rules, without the need to mess with NAT or a VPN.<br /> Tue, 26 Dec 2017 19:57:00 +0000 https://blog.crox.net/archives/107-guid.html apache grafana ipv6 proxy web https://blog.crox.net/archives/103-The-solution-to-all-favicon-questions-favicon-generator,-analyzer-and-more.html https://blog.crox.net/archives/103-The-solution-to-all-favicon-questions-favicon-generator,-analyzer-and-more.html#comments https://blog.crox.net/wfwcomment.php?cid=103 0 https://blog.crox.net/rss.php?version=2.0&type=comments&cid=103 nospam@example.com (crox) This website is a really useful resource: <a href="https://realfavicongenerator.net/">https://realfavicongenerator.net/</a><br /> <br /> Sun, 08 Jan 2017 16:36:12 +0000 https://blog.crox.net/archives/103-guid.html code favicon web