I’m trying to setup a docker instance of Graylog based on the docker-compose example provided by Docker — Graylog 3.0.2 documentation and I’m in need of some guidance on getting this to work.
The monogo db, elasticsearch, and graylog containers all start up successfully however I’m unable to get anything with the web UI to work through Caddy. Looking at the caddy logs every call to the Graylog API results in a 404.
This link explains how the Graylog Web UI connects to the API where it pulls all its files from.
My network:
10.19.75.4 = host server running the docker containers
172.31.220.4 = docker instance of caddy
172.31.220.100 = docker instance of graylog
Graylog configuration:
http_bind_address = 172.31.220.100:9000
http_publish_uri = https://graylog.example.com/
trusted_proxies = 172.31.220.4/32
Caddy configuration:
(options) {
gzip
timeouts none
realip {
from cloudflare
from 10.0.0.0/8
from 172.16.0.0/12
from 192.168.0.0/16
}
}
(tls) {
tls myadmin@email.com {
dns cloudflare
protocols tls1.2
#ca https://acme-staging-v02.api.letsencrypt.org/directory
}
}
(block_external_at_root) {
ipfilter / {
rule allow
ip 192.168.0.0/16
ip 172.16.0.0/12
ip 10.0.0.0/8
}
}
graylog.example.com {
import block_external_at_root
import options
import tls
proxy / http://graylog:9000 {
transparent
websocket
insecure_skip_verify
header_upstream X-Forwarded-Host {hostonly}
header_upstream X-Forwarded-Server {hostonly}
header_upstream X-Graylog-Server-URL https://graylog.example.com/api/
}
proxy /api/ http://graylog:9000/api/ {
transparent
websocket
insecure_skip_verify
header_upstream X-Forwarded-Host {hostonly}
header_upstream X-Forwarded-Server {hostonly}
header_upstream X-Graylog-Server-URL https://graylog.example.com/api/
}
log / /var/logs/sites/app/graylog-access.log {$LOG_LONG}
errors /var/logs/sites/app/graylog-errors.log
}
Docker compose:
graylog:
image: graylog/graylog:3.0
container_name: graylog
hostname: graylog
volumes:
- graylog_journal:/usr/share/graylog/data/journal
- graylog_config:/usr/share/graylog/data/config
links:
- mongodb:mongo
- elasticsearch
depends_on:
- mongodb
- elasticsearch
networks:
dockernet:
ipv4_address: 172.31.220.100
ports:
- 9000:9000
- 514:514
- 514:514/udp
- 12201:12201
- 12201:12201/udp