Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
NGINX reverse proxy config for Graylog
location / {
# Only Allow the Cloudflare Servers to use this URL (Not Scope)
include /etc/nginx/snippets/enatec_CloudFlareAllowlist.conf;
# Set some Default for Reverse Proxies (Not Scope)
include /etc/nginx/snippets/enatec_proxydefaults.conf;
# This is not required
add_header Front-End-Https on;
add_header Cache-Control "public, must-revalidate";
# Mostly the GrayLog defaults
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Graylog-Server-URL https://$server_name/;
# This is not required
proxy_http_version 1.1;
# We want do control the returned content/URLs
proxy_redirect off;
# Apply the Filter to every content the Backend returns
sub_filter_types *;
sub_filter_once off;
# Modify the Header (not required)
sub_filter_last_modified on;
# This is where we replace with the called hostname
sub_filter "http://$proxy_host" "$scheme://$host:$server_port";
# Remove the Version string (optinal)
sub_filter "4.0.5+d95b909" "latest";
# Fix the Link (optional)
sub_filter "" "";
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment