2 files changed, 38 insertions, 0 deletions

diff --git a/debian/local/apache2/netdata.conf b/debian/local/apache2/netdata.conf
new file mode 100644
index 0000000..c7f0387
--- /dev/null
+++ b/debian/local/apache2/netdata.conf
@@ -0,0 +1,19 @@
+<IfModule mod_proxy.c>
+	ProxyRequests Off
+	ProxyPreserveHost On
+
+	ProxyPass /netdata http://localhost:19999 connectiontimeout=5 timeout=30 keepalive=on
+	ProxyPassReverse /netdata http://localhost:19999
+</IfModule>
+
+<IfModule mod_rewrite.c>
+	RewriteEngine On
+
+	RewriteRule ^/netdata$ %{HTTP_HOST}/netdata/ [L,R=301]
+</IfModule>
+
+<Location /netdata>
+	<IfModule mod_headers.c>
+		Header always set Content-Security-Policy "default-src 'unsafe-inline' http: 'self' 'unsafe-eval'; script-src 'unsafe-inline' http: 'self' 'unsafe-eval'; style-src http: 'self' 'unsafe-inline'"
+	</IfModule>
+</Location>
diff --git a/debian/local/netdata/netdata.conf b/debian/local/netdata/netdata.conf
new file mode 100644
index 0000000..e15f9b8
--- /dev/null
+++ b/debian/local/netdata/netdata.conf
@@ -0,0 +1,19 @@
+# NetData Configuration
+
+# The current full configuration can be retrieved from the running
+# server at the URL
+#
+#   http://localhost:19999/netdata.conf
+#
+# for example:
+#
+#   wget -O /etc/netdata/netdata.conf http://localhost:19999/netdata.conf
+#
+
+[global]
+	run as user = netdata
+	web files owner = root
+	web files group = root
+	# Netdata is not designed to be exposed to potentially hostile
+	# networks. See https://github.com/netdata/netdata/issues/164
+	bind socket to IP = 127.0.0.1