Hey Everyone,
I’m trying to get our grafana instance set up behind an apache reverse proxy. I’ve been getting “origin not allowed” messages when doing any datasource additions or dashboard saving. It seems to be anything attempting to hit the API. I have set the ProxyPreserveHost On but still seeing the same issues. I’ve got SELinux disabled for this. And have searched high and low on the internet for what the issue could be. Any suggestions what I might be missing? I’m using Grafana version 7.5.15
My current httpd config looks like this:
ProxyPreserveHost On
ProxyPass "/grafana" "http://localhost:52391/grafana"
ProxyPassReverse "/grafana" "http://localhost:52391/grafana"
Header set Content-Security-Policy "frame-ancestors 'none';"
My grafana.ini:
[server]
protocol = http
http_port = 52391
domain = localhost
enforce_domain = false
root_url= %(protocol)s://%(domain)s:%(http_port)s/grafana
serve_from_sub_path = true
Here is the request & response headers I get:
HTTP/1.1 403 Forbidden
Date: Wed, 08 Mar 2023 16:22:19 GMT
Server: Apache
Content-Type: text/plain; charset=utf-8
X-Content-Type-Options: nosniff
Content-Length: 19
Content-Security-Policy: frame-ancestors 'none';
Pragma: no-cache
X-Xss-Protection: 1; mode=block
X-Frame-Options: deny
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
POST /grafana/api/datasources HTTP/1.1
Host: 192.168.122.108
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/110.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://192.168.122.108/grafana/datasources/new
content-type: application/json
x-grafana-org-id: 1
Content-Length: 76
Origin: http://192.168.122.108
Connection: keep-alive
Cookie: grafana_session=