×

In this guide, we will show you how to install Netdata and prevent public access to its web area because Netdata does not have an authentication feature.

 

What is needed for this Installation to go through;

  1. A Root access to a Server.
  2. A fresh instance of a CentOS or Ubuntu Linux Distribution.

 

Steps to be Taken.

 

1. Installation and Configuration of Netdata

 

i. Installation

To make a successful installation of Netdata, you can use the bash script provided by Netdata.

Enter the command below to implement this;

 

bash <(curl -Ss https://my-netdata.io/kickstart.sh)

 

You will see a similar activity as shown above.

As soon as Netdata installation is complete, the service will be automatically started and enabled. To confirm the status, simply run the command below;


systemctl status netdata

 

Then you will be able to access Netdata web portal via;

 

Your_server_ip:19999

Where “Your_server_ip”  is your server.

 

ii. Configuration

To configure Netdata correctly, you need to ensure that it listens to 127.0.0.1 because we don’t want it to be accessible on the web.

 

To implement this, do the following:

Edit /etc/netdata/netdata.conf , Use the following command ;

 

In Ubuntu, enter;

sudo nano /etc/netdata/netdata.conf

In CentOS, use;

vi /etc/netdata/netdata.conf

 

All you must do now is to uncomment “bind to” as follows;

 

bind to = 127.0.0.1

 

 

 

2. Install and Configure Nginx

To enable access to the web portal by the Netdata, we need to install Nginx to set up reverse proxy.


  1. Installation of Nginx

To install Nginx, run the following command;

 

In Debian/Ubuntu, use;

 

sudo apt install nginx apache2-utils

 

In CentOS, use;

 

sudo yum install Nginx apache2-utils

 

  1. Authentication Processing

We need to create a username and password. use the command below;

 

sudo htpasswd -c /etc/nginx/.htpasswd username1 

 

Where the assigned username is "username1", you will be prompted to enter a password and that would be your Nginx password.

 

To confirm that the username and password has been correctly implemented, use the following command;

 

 cat /etc/nginx/.htpasswd

 

 

  1. Nginx Configuration

 Edit your Nginx configuration which is usually located in the /usr/local/nginx/conf/etc/nginx, or /usr/local/etc/nginx  Directory.

 

In Ubuntu, use;\

 

sudo nano /usr/local/nginx/conf

 

In Centos, Use;

 

vi /usr/local/nginx/conf

 

We will change the http block within the configuration file. So, locate the http block section!

 

It will be like;

 

upstream backend {
   server 127.0.0.1:19999;
   keepalive 64;
}
 
server {
   listen <10.0.0.1>:80;
   server_name ;
 
   auth_basic "Protected";
  auth_basic_user_file /etc/nginx/.htpasswd;
 
   location / {
    proxy_set_header X-Forwarded-Host $host;
    proxy_set_header X-Forwarded-Server $host;
     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
     proxy_pass http://backend;
    proxy_http_version 1.1;
    proxy_pass_request_headers on;
    proxy_set_header Connection "keep-alive";
     proxy_store off;
   }
}

 

 

What you should do is to is that in the http block section;

 

Replace the <10.0.0.1> with your server ip, and <domain.com> with your domain.

 

Next, you should save the file and confirm it with the following command;

 

sudo nginx -t

 

For error check, reload Nginx by using the command below;

 

sudo systemctl reload nginx

 

Finally, to test your netdata, enter your server ip or domain on a web browser.

 

 

Conclusion.

We have successfully done a setup of Netdata on a Linux server. Contact us, if you need us to get it set up on your own server. We offer Linux Server installation and configuration services.


Conclusion