Nginx反向代理kibana实现认证访问

一修改kibana配置文件

[root@Centos-node6 ~]# vim /etc/kibana/kibana.yml
server.host: "127.0.0.1"

二安装Nginx并启动测试

[root@Centos-node6 ~]# yum -y install nginx
[root@Centos-node6 ~]# systemctl enable nginx
Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service.
[root@Centos-node6 ~]# systemctl start nginx
[root@Centos-node6 ~]# systemctl status nginx
● nginx.service - The nginx HTTP and reverse proxy server
   Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
   Active: active (running) since 日 2018-08-05 19:25:48 CST; 3min 18s ago
 Main PID: 15439 (nginx)
   CGroup: /system.slice/nginx.service
           ├─15439 nginx: master process /usr/sbin/nginx
           ├─15440 nginx: worker process
           └─15441 nginx: worker process

8月 05 19:25:48 Centos-node6 systemd[1]: Starting The nginx HTTP...
8月 05 19:25:48 Centos-node6 nginx[15433]: nginx: the configurat...
8月 05 19:25:48 Centos-node6 nginx[15433]: nginx: configuration ...
8月 05 19:25:48 Centos-node6 systemd[1]: Started The nginx HTTP ...
Hint: Some lines were ellipsized, use -l to show in full.

三使用http-tools生成用户密码

[root@Centos-node6 nginx]# yum -y install httpd-tools
[root@Centos-node6 nginx]# htpasswd -bc /etc/nginx/httppass.txt kibana 123.com
Adding password for user kibana
[root@Centos-node6 nginx]# cat /etc/nginx/httppass.txt 
kibana:$apr1$dGp8h60Q$uPxB.anbrH9XgX0/h3FmF.
[root@Centos-node6 nginx]# ll /etc/nginx/httppass.txt 
-rw-r--r-- 1 root root 45 8月   5 19:20 /etc/nginx/httppass.txt
[root@Centos-node6 nginx]# chown nginx.nginx /etc/nginx/httppass.txt 
[root@Centos-node6 nginx]# ll /etc/nginx/httppass.txt 
-rw-r--r-- 1 nginx nginx 45 8月   5 19:20 /etc/nginx/httppass.txt

四修改Nginx conf文件配置代理

[root@Centos-node6 ~]# cat /etc/nginx/conf.d/kibana.conf 
upstream kibana_server {
        server  127.0.0.1:5601 weight=1 max_fails=3  fail_timeout=60;
}

server {
        listen 80;
        server_name 192.168.10.142;
        auth_basic "Restricted Access";
        auth_basic_user_file /etc/nginx/httppass.txt;  
        location / {
        proxy_pass http://kibana_server;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
        }
}

[root@Centos-node6 ~]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@Centos-node6 ~]# systemctl restart nginx