Setting Netdata server monitoring with password authentication on Apache proxy.
Password protected server monitoring.
Netdata, a beautiful, lightweight, monitoring tool.
What do we want?
The aim of this tutorial is to allow the monitoring of a Linux server through apache not using other ports than 80/443 (443 is used here) in a way that the local 127.0.0.1:19999 will be accessible only from www.example.com/netdata previous authentication.
Netdata installation
The first thing needed is netdata installed on the server.
To do so you can either run:
and let the automatic installer do the work for you
or you can visit Netdata Github installer page for other instructions and details.
Once you have done you should have an output like this.
Now you should be able to see the netdata page on the http:/IP:19999
If the server is under iptables protection you need to add a rule for INPUT packets: NOTE: you won't need this if you are going to proxy data throug normal 80/443 port. You can skip this or you can use to test the right functioning of netdata.
Apache configuration
We need to create a new Virtual Host which will proxy all the requests coming to a specified external URL through our netdata local page.
We first need to install some modules for Apache:
Then we need to activate some mods:
If you already have a vhost with your www.example.com and SSL configuration use that (in my case is default-ssl.conf) located in /etc/apache2/sites-available/
You will have something starting similar to this
Just add at the end these lines right before the end of VirtualHost tag
And create the directory /var/www/netdata (as is your config).
NOTE: if you don't have a vhost configured for SSL/TLS for your domain go here for a quick guide.
Now we are going to create the credentials for accessing the html page
Install apache2-utils if you don't have already and create a netdata user
You have to insert the password for the user 'netdata' twice.
Finally restart apache2
Add a rule to block netdata on port 19999
Now you can go to www.example.com/netdata (as your vhost ServerName is) to access your logs under HTTPS and password protection.
**Please feel free to make any comment! If anything is unclear, just write in the comment and I will update the post!Thanks for reading!**