hoborg/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Replace Cockpit with Netdata in nginx reverse proxy config

Browse Source 
- Remove Cockpit reverse proxy configuration
- Add Netdata reverse proxy with basic auth protection
- Configure same authentication as Glances for consistency
- Maintain security headers and WebSocket support
- Use port 19999 for Netdata service
This commit is contained in:
Arpad Krejczinger
2025-09-09 21:12:13 +02:00
parent 5c4d959ed8
commit fe9651f2fa
1 changed files with 37 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
config/nginx/homelab.conf
View File

@@ -120,6 +120,43 @@ server {
proxy_request_buffering off;
}
# System monitoring with basic auth (Glances)
location /glances/ {
auth_basic "Homelab Admin Access";
auth_basic_user_file /etc/nginx/auth/glances;
proxy_pass http://127.0.0.1:61208/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
# System monitoring (Netdata) - Real-time system metrics
location /netdata/ {
auth_basic "Homelab Admin Access";
auth_basic_user_file /etc/nginx/auth/glances;
proxy_pass http://127.0.0.1:19999/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
# Docker management (Portainer)
location /portainer/ {
proxy_pass http://127.0.0.1:9000/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
ssl_certificate /etc/letsencrypt/live/ak-homelab.duckdns.org/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/ak-homelab.duckdns.org/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot