Reverse proxy documentation for Apache

So I read: The Reverse Proxy Documentation

And although I followed what it says there I had a hard time getting reverse proxy to work. Basically because I missed a ‘/’ in the Apache configuration.

The situation at hand:

• Internet facing server/router reachable by https://grafana.myserver.com
  (correct certificates available on that server). Apache installed reverse proxy rules in use
• A local server running Grafana on the same LAN reachable by http://mini-server.my.lan:3000

Apache config:

<VirtualHost *:443>
        ServerName grafana.myserver.com
        DocumentRoot /var/www/virtual/grafana.myserver.com/html
        ErrorLog /var/www/virtual/grafana.myserver.com/logs/grafana.myserver.com_error_log
        CustomLog /var/www/virtual/grafana.myserver.com/logs/grafana.myserver.com_access_log combined
        SSLEngine on
        SSLCertificateFile /etc/letsencrypt/live/grafana.myserver.com/cert.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/grafana.myserver.com/privkey.pem
        SSLCertificateChainFile /etc/letsencrypt/live/grafana.myserver.com/chain.pem
        # No weak export crypto allowed
        SSLHonorCipherOrder on
        SSLProtocol all -SSLv2 -SSLv3 -TLSv1
        SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!3DES:!aNULL:!MD5
        SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
#Starts here
        ReWriteEngine on
        ProxyPass "/"  "http://mini-server.my.lan:3000/"
        ProxyPassReverse "/"  "http://mini-server.my.lan:3000/"
#Ends here
</VirtualHost>

My grafana.conf :

# The public facing domain name used to access grafana from a browser
domain = grafana.myserver.com

# Redirect to correct domain if host header does not match domain
# Prevents DNS rebinding attacks
;enforce_domain = false

# The full public facing url you use in browser, used for redirects and emails
# If you use reverse proxy and sub path specify full url (with sub path)
root_url = https://%(domain)s/

Of course it would have been better to use Nginx or HAProxy but my server is already running Apache, so I wanted to use that. Maybe others can benefit from this too.

Hello! Thanks for this post!
Where do I find the grafana.conf file on Ubuntu 18.04 using Apache2?

You don’t “find” it anywhere - you create it yourself and put it under
/etc/apache2/sites-available and then enable the site using a2ensite.

Antony.

Thanks Antony!

I created file /etc/apache2/sites-available/grafana.conf and changed only the line ‘domain’ with my domain.

run a2ensite grafana.conf

and when I am going to restart apache2, I’ve got:
“Invalid command ‘domain’, perhaps misspelled or defined by a module not included in the server configuration”

I apologise. I mis-read ddt3’s recommendation - what s/he has called the
“Apache config” goes into the directory I mentioned, and I can only assume that
“grafana.conf” is actually “/etc/grafana/grafana.ini” - and note that only a
“snippet” was quoted - that is not the entire file

I have no file called “grafana.cof” on my system.

Regards,

Antony.

it worked, Thanks so much