diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2019-02-08 07:30:37 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2019-02-08 07:30:37 +0000 |
commit | 8a7b72f7cd1ccd547a03eb4243294e741d661d3f (patch) | |
tree | 7bc7be4a8e9e298daa1349348400aa2a653866f2 /doc/Running-behind-lighttpd.md | |
parent | New upstream version 1.11.1+dfsg (diff) | |
download | netdata-8a7b72f7cd1ccd547a03eb4243294e741d661d3f.tar.xz netdata-8a7b72f7cd1ccd547a03eb4243294e741d661d3f.zip |
Adding upstream version 1.12.0.upstream/1.12.0
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'doc/Running-behind-lighttpd.md')
-rw-r--r-- | doc/Running-behind-lighttpd.md | 60 |
1 files changed, 0 insertions, 60 deletions
diff --git a/doc/Running-behind-lighttpd.md b/doc/Running-behind-lighttpd.md deleted file mode 100644 index 17fb9c629..000000000 --- a/doc/Running-behind-lighttpd.md +++ /dev/null @@ -1,60 +0,0 @@ -# lighttpd v1.4.x - -Here is a config for accessing netdata in a suburl via lighttpd 1.4.46 and newer: - -```txt -$HTTP["url"] =~ "^/netdata/" { - proxy.server = ( "" => ("netdata" => ( "host" => "127.0.0.1", "port" => 19999 ))) - proxy.header = ( "map-urlpath" => ( "/netdata/" => "/") ) -} -``` - -If you have older lighttpd you have to use a chain (such as bellow), as explained [at this stackoverflow answer](http://stackoverflow.com/questions/14536554/lighttpd-configuration-to-proxy-rewrite-from-one-domain-to-another). - -```txt -$HTTP["url"] =~ "^/netdata/" { - proxy.server = ( "" => ("" => ( "host" => "127.0.0.1", "port" => 19998 ))) -} - -$SERVER["socket"] == ":19998" { - url.rewrite-once = ( "^/netdata(.*)$" => "/$1" ) - proxy.server = ( "" => ( "" => ( "host" => "127.0.0.1", "port" => 19999 ))) -} -``` - ---- - -If the only thing the server is exposing via the web is netdata (and thus no suburl rewriting required), -then you can get away with just -``` -proxy.server = ( "" => ( ( "host" => "127.0.0.1", "port" => 19999 ))) -``` -Though if it's public facing you might then want to put some authentication on it. htdigest support -looks like: -``` -auth.backend = "htdigest" -auth.backend.htdigest.userfile = "/etc/lighttpd/lighttpd.htdigest" -auth.require = ( "" => ( "method" => "digest", - "realm" => "netdata", - "require" => "valid-user" - ) - ) -``` -other auth methods, and more info on htdigest, can be found in lighttpd's [mod_auth docs](http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModAuth). - ---- - -It seems that lighttpd (or some versions of it), fail to proxy compressed web responses. -To solve this issue, disable web response compression in netdata. - -Open /etc/netdata/netdata.conf and set in [global]: - -``` -enable web responses gzip compression = no -``` - -## limit direct access to netdata - -You would also need to instruct netdata to listen only to `127.0.0.1` or `::1`. - -To limit access to netdata only from localhost, set `bind socket to IP = 127.0.0.1` or `bind socket to IP = ::1` in `/etc/netdata/netdata.conf`. |