Hello,
I installed grafana 8.5.3 behind a proxy reverse and in a subdirectory, it works well.
But when I run https://www.domain.com/grafana, I’m redirected to https://www.domain.com/grafana/login for ever. (stopped after 50 loops).
Here the log :
...
logger=context traceID=00000000000000000000000000000000 userId=0 orgId=0 uname= t=2022-05-20T17:15:31.13+0200 lvl=info msg="Request Completed" method=GET path=//login status=302 remote_addr=127.0.0.1 time_ms=0 d
uration=574.839µs size=61 referer= traceID=00000000000000000000000000000000
logger=context traceID=00000000000000000000000000000000 userId=0 orgId=0 uname= t=2022-05-20T17:15:31.15+0200 lvl=info msg="Request Completed" method=GET path=//login status=302 remote_addr=127.0.0.1 time_ms=0 d
uration=435.698µs size=61 referer= traceID=00000000000000000000000000000000
...
Here the configuration:
pp_mode = production
[paths]
data = /var/lib/grafana
logs = /var/log/grafana
[server]
protocol = https
http_addr = 127.0.0.1
http_port = 3000
domain = www.domain.com
# Redirect to correct domain if host header does not match domain
# Prevents DNS rebinding attacks
;enforce_domain = false
root_url = https://www.domain.com/grafana
serve_from_sub_path = true
router_logging = false
enable_gzip = true
# https certs & key file
cert_file = /etc/letsencrypt/live/domain.com/fullchain.pem
cert_key = /etc/letsencrypt/live/domain.com/privkey.pem
nginx config :
location /grafana {
proxy_set_header Host $http_host;
proxy_pass https://127.0.0.1:3000/;
}
# Proxy Grafana Live WebSocket connections.
location /grafana/api/live {
rewrite ^/(.*) /$1 break;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $http_host;
proxy_pass https://127.0.0.1:3000/;
}
And a test with curl :
curl -IL https://www.domain.com/grafana
HTTP/2 302
server: nginx
date: Fri, 20 May 2022 15:28:47 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache
expires: -1
location: /grafana/login
pragma: no-cache
set-cookie: redirect_to=%2Fgrafana%2F; Path=/grafana; HttpOnly; Secure
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
HTTP/2 302
server: nginx
date: Fri, 20 May 2022 15:28:47 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache
expires: -1
location: /grafana/login
pragma: no-cache
set-cookie: redirect_to=%2Fgrafana%2F%2Flogin; Path=/grafana; HttpOnly; Secure
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
...
Thanks for your help!