IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #524 from acedrew/master

Browse Source 
Added nginx config examples to docs.
This commit is contained in:
Torkel Ödegaard 2014-06-21 22:07:04 +02:00
commit 7848a35941
1 changed files with 22 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
README.md
View File

@ -71,7 +71,14 @@ Header set Access-Control-Allow-Headers "origin, authorization, accept"
``` ```
Note that using "\*" leaves your graphite instance quite open so you might want to consider using "http://my.graphite-dom.ain" in place of "\*" Note that using "\*" leaves your graphite instance quite open so you might want to consider using "http://my.graphite-dom.ain" in place of "\*"
If your Graphite web is proteced by basic authentication, you have to enable the HTTP verb OPTIONS, origin Here is the same thing, in nginx format:
```
add_header "Access-Control-Allow-Origin" "*";
add_header "Access-Control-Allow-Credentials" "true";
add_header "Access-Control-Allow-Methods" "GET, OPTIONS";
add_header "Access-Control-Allow-Headers" "Authorization, origin, accept";
```
If your Graphite web is protected by basic authentication, you have to enable the HTTP verb OPTIONS, origin
(no wildcards are allowed in this case) and add Access-Control-Allow-Credentials. This looks like the following for Apache: (no wildcards are allowed in this case) and add Access-Control-Allow-Credentials. This looks like the following for Apache:
``` ```
Header set Access-Control-Allow-Origin "http://mygrafana.com:5656" Header set Access-Control-Allow-Origin "http://mygrafana.com:5656"
@ -86,7 +93,20 @@ Header set Access-Control-Allow-Credentials true
</LimitExcept> </LimitExcept>
</Location> </Location>
``` ```
And in nginx:
```
auth_basic "Restricted";
auth_basic_user_file /path/to/my/htpasswd/file;
if ($http_origin ~* (https?://[^/]*\.somedomain\.com(:[0-9]+)?)) { #Test if request is from allowed domain, you can use multiple if
set $cors "true"; #statements to allow multiple domains, simply setting $cors to true in each one.
}
if ($cors = 'true') {
add_header Access-Control-Allow-Origin $http_origin; #this mirrors back whatever domain the request came from as authorized, as
add_header "Access-Control-Allow-Credentials" "true"; #as long as it matches one of your if statements
add_header "Access-Control-Allow-Methods" "GET, OPTIONS";
add_header "Access-Control-Allow-Headers" "Authorization, origin, accept";
}
```
# Roadmap # Roadmap
- Improve and refine the target parser and editing - Improve and refine the target parser and editing
- Improve graphite import feature - Improve graphite import feature