Kernel

使用 nginx 做為反向代理(reverse proxy)連接後方的 Kibana

記錄公司內用 nginx 反向代理後方的 kibana 做分析用
因為用戶希望無腦的存取站台 HTTP/HTTPS 不要帶 Port, 在 kibana 上啟用了 Security Feature 後HTTPS 就變成強制性啟用,所以設置最簡單的 nginx 去反向代理

將 HTTP Request 做 HTTP 301 redirect 至 https 頁面
將 HTTPS request 反代至後方的 Kibana 5601 Port

其Certificate/Key 都掛在 nginx 上,所以最簡單的設置如下.

server {
# Redirect All 80 access to 443
    listen *:80;
    server_name _;
    return 301 https://$host$request_uri;
}
server {
# Adding HTTPS 
    listen 443 ssl default_server;
    listen [::]:443 ssl default_server;

# My Cert and Key path
    ssl_certificate /etc/kibana/config/certs/client.cer;
    ssl_certificate_key /etc/kibana/config/certs/client.key;
# Reverse Proxy to backend Kibana service
    location / {
        proxy_pass https://elk2.etzone.net:5601;
    }
}

 

Author: jerryw1974

learning and focus on computer science, cloud infrastructure, virtualization and information security, technical, networking,platform system and cyber-security related topic.