Hi!
I am running into issues with my Kibana instance behind an Nginx reverse proxy. I have a very minimal Kibana config which could be an issue though it seems like I have what I need.
That being said, I am quite sure that my Nginx configuration is going to be the issue. Just hoping that someone knowledgeable might be able to point out my error.
I have included my Nginx configuration, Kibana configuration, as well as the output from my Kibana container. Kibana is running inside of Docker, Nginx is not.
Kibana:
---
server.host: "0"
server.name: "kibana"
elasticsearch.hosts: [ "http://localhost:9200" ]
xpack.monitoring.ui.container.elasticsearch.enabled: true
elasticsearch.username: elastic
elasticsearch.password: <password>
Nginx:
server {
listen 443 ssl;
server_name kibana.example.gg;
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
add_header X-Content-Type-Options nosniff;
add_header Referrer-Policy "same-origin";
add_header Feature-Policy "geolocation 'none'; microphone 'none'; camera 'none'";
add_header Content-Security-Policy "default-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; connect-src 'self' wss:; img-src 'self' data:; frame-ancestors https://example.gg; base-uri 'self'; form-action 'self'";
add_header Cache-Control no-cache;
expires 0;
error_log /var/log/nginx/error_kibana.log;
access_log /var/log/nginx/access_kibana.log;
ssl_certificate /etc/letsencrypt/live/example.gg/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.gg/privkey.pem;
set $proxy_pass_url http://127.0.0.1:5601;
# Main location which proxy's Kibana backend server
location / {
proxy_set_header Host $proxy_pass_url;
proxy_set_header X-Real-IP $remote_addr;
proxy_http_version 1.1;
proxy_set_header Connection "Keep-Alive";
proxy_set_header Proxy-Connection "Keep-Alive";
proxy_set_header Authorization "";
proxy_pass $proxy_pass_url/;
proxy_redirect $proxy_pass_url/ /;
}
# Reverse proxy of assets and front end app
location ~ (/app|/translations|/node_modules|/built_assets/|/bundles|/es_admin|/plugins|/api|/ui|/elasticsearch|/spaces/enter) {
proxy_pass $proxy_pass_url;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header Authorization "";
proxy_hide_header Authorization;
}
}
server {
listen 80;
server_name kibana.example.gg;
return 302 https://$host$request_uri;
}
Kibana logs:
https://pastebin.com/raw/aExsbbSU
My apologies if this is too much detail or if this should be directed elsewhere, I didn't want to miss anything. Thank you for your time in advance!