I’ve set up Grafana using IIS and port forwarding to port 3000 which is the default https port used by Grafana.

Setup as:

Protocol (http, https, h2, socket)

protocol = https

The ip address to bind to, empty will bind to all interfaces

;http_addr =

The http port to use

http_port = 443

The public facing domain name used to access grafana from a browser

domain = domain.com.au

root_url = https://grafana.domain.com.au:3000

I wanted to update this to 443 so users don’t need to type in the port in the URL, however, when defining port 443 in the custom.ini file used, I recieve the below errors in the log:

msg=“Initializing Stream Manager”
t=2020-03-13T13:54:08+1000 lvl=eror msg=“Stopped HTTPServer” logger=server reason=“failed to open listener on address 0.0.0.0:443: listen tcp 0.0.0.0:443: bind: An attempt was made to access a socket in a way forbidden by its access permissions.”
t=2020-03-13T13:54:08+1000 lvl=info msg=“Stopped Stream Manager”
t=2020-03-13T13:54:08+1000 lvl=info msg=“Stopped CleanUpService” logger=server reason=“context canceled”
t=2020-03-13T13:54:08+1000 lvl=info msg=“Stopped NotificationService” logger=server reason=“context canceled”
t=2020-03-13T13:54:08+1000 lvl=info msg=“Stopped provisioningServiceImpl” logger=server reason=“context canceled”
t=2020-03-13T13:54:08+1000 lvl=info msg=“Stopped UserAuthTokenService” logger=server reason=“context canceled”
t=2020-03-13T13:54:08+1000 lvl=info msg=“Stopped RemoteCache” logger=server reason=“context canceled”
t=2020-03-13T13:54:08+1000 lvl=info msg=“Stopped InternalMetricsService” logger=server reason=“context canceled”
t=2020-03-13T13:54:08+1000 lvl=info msg=“Stopped BackendPluginManager” logger=server reason=“context canceled”
t=2020-03-13T13:54:08+1000 lvl=info msg=“Stopped AlertEngine” logger=server reason=“context canceled”
t=2020-03-13T13:54:08+1000 lvl=info msg=“Stopped UsageStatsService” logger=server reason=“context canceled”
t=2020-03-13T13:54:08+1000 lvl=info msg=“Stopped PluginManager” logger=server reason=“context canceled”
t=2020-03-13T13:54:08+1000 lvl=eror msg=“A service failed” logger=server err=“failed to open listener on address 0.0.0.0:443: listen tcp 0.0.0.0:443: bind: An attempt was made to access a socket in a way forbidden by its access permissions.”
t=2020-03-13T13:54:08+1000 lvl=eror msg=“Server shutdown” logger=server reason="failed to open listener on address 0.0.0.0:443: listen tcp 0.0.0.0:443: bind: An attempt was made to access a socket in a way forbidden by its access permissions.

Any advice is much appreciated!

Thank you
Steelo

setcap 'cap_net_bind_service=+ep' /usr/sbin/grafana-server

that should solve the issue? or what?

would really appreciate if someone can help with this as i am trying to do the same.

Adding this for people stumbling upon this old post while looking for solution to bind the port 443 to the grafana-server exec file.

Please note the latest Grafana binary (starting Grafana 10.x) was changed to use grafana as executable instead of grafana-server file.

So, you should use:

setcap 'cap_net_bind_service=+ep' /usr/sbin/grafana

Also, you should change the grafana-server to grafana server in the ExecStart line in your grafana-server.service file (usual location: /etc/systemd/system/grafana-server.service )