Make all requests redirect to secure HTTPS access 8 in Debian 11

Posted on by

Grafana is a free, open source data visualization tool, Grafana is a free, open source data visualization tool.
Grafana is a free, open source data visualization tool.

Grafana is a free, open source data visualization tool:

1
apt-get update -y

We install the necessary packages:

1
apt-get install gnupg2 curl wget git software-properties-common -y

Grafana is a free, open source data visualization tool:

1
2
curl https://packages.grafana.com/gpg.key | apt-key add -
add-apt-repository "deb https://packages.grafana.com/oss/deb stable main"

Grafana is a free, open source data visualization tool:

1
apt-get update -y

Grafana is a free, open source data visualization tool:

1
apt-get install grafana -y

We run it in the system:

1
systemctl start grafana-server

1
systemctl enable grafana-server

We run it in the system:

1
apt-get install nginx -y

We run it in the system:

1
nano /etc/nginx/conf.d/grafana.conf

The content:

1
2
3
4
5
6
7
8
9
10
11
12
13
server {
        server_name grafana.naszadomena.pl;
        listen 80;
        access_log /var/log/nginx/grafana.log;
 
        
        location / {
                proxy_pass http://localhost:3000;
                proxy_set_header X-Forwarded-Host $host:$server_port;
                proxy_set_header X-Forwarded-Server $host;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }
}

We run it in the system:

1
nginx -t

If everything is ok as in this case:

1
2
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

We reload nginx

1
systemctl restart nginx

If everything was ok and we redirected the subdomain with the A record in the dns zone to the server ip, i.e.

grafana A IP server

After going to the address grafana.naszadomena.pl

We should see something like this:

We enter your username and password.

The next step is to change the password.

If everything went well, you should see the graphans dashboard.

As an addition, we can secure the whole with a Let's Encrypt certificate

We install the necessary packages:

1
apt-get install certbot python3-certbot-nginx -y

The following guide describes how to reset the password for the administration console accessible through the litespped browser:

1
certbot --nginx -d grafana.naszadomena.pl

apt-get install certbot python3-certbot-nginx -y

1
2
3
4
5
6
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(A)gree/(C)ancel: A

apt-get install certbot python3-certbot-nginx -y://

1
2
3
4
5
6
7
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2

Make all requests redirect to secure HTTPS access.

How useful this post was?

Click on the star, to evaluate it!

Average grade / 5. number of votes:

So far, no votes! Be the first to rate this post.

Related entries:

Monitoring network traffic by Ntopng in Ubuntu 18.04
Bandwidth consumption statistics using vnstat
Installation and configuration of Zabbix monitoring. Centos7
Nmap - Utility for scanning open ports
Installation netdate Real-time monitoring on Ubuntu 18.04