dustin
/
configpolicy
1
1
Fork 0
Code Issues Releases Activity

r/grafana: Fix Origin not allowed error 

Grafana 8.3.5 introduced a new CSRF protection mechanism that requires
the value of the Host HTTP request header to be preserved from the
original client request.

https://github.com/grafana/grafana/issues/45117#issuecomment-1033842787
btop
Dustin 2022-07-24 10:07:45 -05:00
parent 3e8da609e7
commit be4bbc0092
3 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
roles/grafana/defaults/main.yml
View File

@ -1,3 +1,4 @@
grafana_domain: '{{ ansible_fqdn }}'
grafana_ldap_enabled: false grafana_ldap_enabled: false
grafana_http_addr: grafana_http_addr:
grafana_ldap_host: 127.0.0.1 grafana_ldap_host: 127.0.0.1

1
roles/grafana/files/grafana.nginx.conf
View File

@ -1,3 +1,4 @@
location / { location / {
proxy_pass http://[::1]:3000/; proxy_pass http://[::1]:3000/;
proxy_set_header Host $http_host;
} }

2
roles/grafana/templates/grafana.ini.j2
View File

@ -38,7 +38,7 @@ http_addr = {{ grafana_http_addr }}
http_port = 3000 http_port = 3000
# The public facing domain name used to access grafana from a browser # The public facing domain name used to access grafana from a browser
domain = localhost domain = {{ grafana_domain }}
# Redirect to correct domain if host header does not match domain # Redirect to correct domain if host header does not match domain
# Prevents DNS rebinding attacks # Prevents DNS rebinding attacks