Help with Netdata reverse proxy

KaMoS69 · February 22, 2017, 9:53am

I’ve setup Netdata and it’s working fine. I can access it using http://mydomain.com:19999. However, I’d like to enable reverse proxy and use the default server authentication, similar to how it’s done for plexpy.

I copied plexpy’s .conf file and edited it according to what I think is required for Netdata. This is what the /etc/apache2/sites-enabled/netdata.conf file looks like:

<Location /netdata>
ProxyPass http://localhost:19999/netdata
ProxyPassReverse http://localhost:19999/netdata
AuthType Digest
AuthName "rutorrent"
AuthUserFile '/etc/htpasswd'
Require user kamos
</Location>

When I restart apache2 and load http://mydomain.com/netdata it gives me the following error:

File does not exist, or is not accessible: /usr/share/netdata/web/netdata

I’ve tried the Netdata guide to Running behind apache but that gave me a 404 error.

Please could you offer some assistance.

PastaGringo · February 22, 2017, 11:15am

Hello @KaMoS69

I tried and succeed to set reverse proxy for netdata as http://YourIP/netdata with the following netdata.conf located in /etc/apache2/sites-enabled :

<virtualhost YourDomain.tld:80>                                                                                                                                                      
        RewriteEngine On                                                                                                                                                       
        ProxyRequests Off                                                                                                                                                                                                                                                                                                  
        <proxy>                                                                                                                                                                
                Order deny,allow                                                                                                                                               
                Allow from all                                                                                                                                                 
        </proxy>                                                                                                                                                                                                                                                                                                                        
        ProxyPass "/netdata" "http://127.0.0.1:19999/" connectiontimeout=5 timeout=30                                                                                          
        ProxyPassReverse "/netdata" "http://127.0.0.1:19999/"                                                                                                                  
        RewriteRule ^/netdata$ http://%{HTTP_HOST}/netdata/ [L,R=301]                                                                                                                                                                                                                                                                     
        <Location /netdata>                                                                                                                                                    
                AuthType Digest                                                                                                                                                
                AuthName "rutorrent"                                                                                                                                           
                AuthUserFile '/etc/htpasswd'                                                                                                                                   
                Require user YourMasterUser                                                                                                                                         
        </Location>                                                                                                                                                                                                                                                                                                                
        CustomLog /var/log/apache2/netdata.YourDomain.tld.log combined                                                                                                               
        ErrorLog /var/log/apache2/netdata.YourDomain.tld.error.log                                                                                                                   
</virtualhost>

I’m not Apache2 expert so it’s possible that some things are useless
Please restart Apache2 and Netdata after the netdata.conf file modification :

sudo service netdata restart && sudo service apache2 restart

PastaGringo · February 22, 2017, 11:25am

I guess that works for you @KaMoS69 ?

KaMoS69 · February 22, 2017, 11:27am

Thanks! That worked.

I added the netdata.conf file to /etc/apache2/sites-available and not /etc/apache2/sites-enabled

PastaGringo · February 22, 2017, 11:31am

Great, did you use the a2ensite command to enable the app ? (it simply creates a symlinks from sites-availables to site-enabled for the app). Since I work on QuickBox I think like JMsolo and use the sites-enabled directly

KaMoS69 · February 22, 2017, 11:36am

I did yes.

I also don’t have a lot of experience with apache. I have another server on DO where a few websites are hosted. I’m used to creating the Virtual Host .conf file in site-available, running a2ensite and service apache2 restart. But when I do that on the QB server it doesn’t work. I’ve tried it with other things like speedtest-mini. I get it working easily on my DO box but I just can’t get it right on the QB box. I’ll try just adding the VH .conf files to sites-enabled to see if that works.

d2dyno · March 28, 2017, 6:12am

I’m trying to get this to work with SSL (Letsencrypt), but keep hitting a 404 page.

The structure is:
/etc/apache2/sites-enabled/netdata-ssl.conf

This is my config:

<VirtualHost _default_:443>
    RewriteEngine On
    ProxyRequests Off

    # Local 127.0.0.1:19999 netdata server accessed with '/netdata'
    ProxyPass "/netdata" "http://127.0.0.1:19999/" connectiontimeout=5 timeout=30
    ProxyPassReverse "/netdata" "http://127.0.0.1:19999/"
    RewriteRule ^/netdata$ https://%{HTTP_HOST}/netdata/ [L,R=301]

    <Location /netdata>
            AuthType Digest
            AuthName "rutorrent"
            AuthUserFile '/etc/htpasswd'
            Require user USER
    </Location>

    ErrorLog ${APACHE_LOG_DIR}/netdata-error.log
    CustomLog ${APACHE_LOG_DIR}/netdata-access.log combined