Graylog2-server: Clicking a stream's title from the streams page returns "page not found" when graylog is under a subpath

Created on 13 Feb 2020  路  7Comments  路  Source: Graylog2/graylog2-server

Expected Behavior

I have nginx in front of graylog, accessible under a subpath using the instructions at https://docs.graylog.org/en/latest/pages/configuration/web_interface.html#making-the-web-interface-work-with-load-balancers-proxies .

Clicking a stream such as "All messages" when not using a subpath will load a page at https://hostname.tld/streams/000000000000000000000001/search which is essentially the search page with the stream selected. This should also work when using a subpath.

Current Behavior

When clicking the stream name from the streams page when graylog is under a subpath I see the "page not found" page.

The rest of the application appears to be working normally.

Steps to Reproduce (for bugs)

  1. Configure nginx as a reverse proxy, accessible under a subpath
  2. Click the streams tab at the top
  3. Click a stream such as "All events"
    4.

Your Environment

  • Graylog Version: Graylog 3.2.1+dbaac33 (docker tag graylog:3.2)
  • Elasticsearch Version: docker tag elasticsearch-oss:6.8.2
  • MongoDB Version: 3.6.17 (docker tag mongo:3)
  • Operating System: Debian unstable
  • Browser version: Firefox 72.0.2 & Chrome 80.0.3987.87
bug triaged
Source
picture s1shed

Most helpful comment

Thanks, @s1shed, @zoledian, @cubed-it & @davama for reporting this issue and supporting us debugging it.

I have found the underlying cause and created a PR for it, that is going into the next patch release of Graylog, hopefully being released soon.

picture dennisoelkers on 17 Feb 2020
🎉2 👍2

All 7 comments

he @s1shed
what is your nginx configuration look like? Did you include the rewrite?

jalogisch picture jalogisch on 13 Feb 2020

Hi,

My nginx config is practically the same as what's documented other than

  • using /gl/ as the subpath instead of /graylog/ ; and
  • adding proxy_set_header X-Forwarded-Proto $scheme; (the problem existed without this line)
  location /gl/ {
      proxy_set_header Host $http_host;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header X-Forwarded-Host $host;
      proxy_set_header X-Forwarded-Server $host;                                                                                      
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Graylog-Server-URL https://$server_name/gl/;
      rewrite ^/gl/(.*)$ /$1 break;
      proxy_pass http://127.0.0.1:9000;
    }
 ```

and the related config from the file `docker-compose.yml`


environment:
  - GRAYLOG_HTTP_EXTERNAL_URI=https://mydomain.tld/gl/

```

As said earlier, the other parts of the application appear to be functional for me when using nginx as a reverse proxy.

I do not see this behaviour when I access the application at http://127.0.0.1:9000 directly.

not_found

s1shed picture s1shed on 13 Feb 2020

FYI
You can reproduce this bug without a proxy by simply putting a subpath in these server.conf values:
http_publish_uri = http://example.com:9000/subpath/
http_external_uri = http://example.com:9000/subpath/

zoledian picture zoledian on 13 Feb 2020

me too, why I did the update... ;)

apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: monitoring-ingress
  namespace: monitoring
  annotations:
    kubernetes.io/ingress.class: nginx
    # kubernetes.io/ingress.allow-http: "false" gce only
    cert-manager.io/cluster-issuer: letsencrypt-prod
    nginx.ingress.kubernetes.io/rewrite-target: /$1 
    nginx.ingress.kubernetes.io/lua-resty-waf: "active"
    #nginx.ingress.kubernetes.io/lua-resty-waf: "simulate"
    nginx.ingress.kubernetes.io/lua-resty-waf-allow-unknown-content-types: "true"
    nginx.ingress.kubernetes.io/lua-resty-waf-ignore-rulesets: "41000_sqli"   
spec:
  tls:
  - hosts:
    -  <secret>
    secretName: tls-secret
  rules:
  - host: <secret>
    http:
      paths:
      - backend:
          serviceName: graylog3
          servicePort: 9000
        path: /gray/(.*)
      - backend:
          serviceName: prom-operator-grafana
          servicePort: 3000
        path: /(.*)

and 

- name: GRAYLOG_HTTP_EXTERNAL_URI
          value: <secret>/gray/
cubed-it picture cubed-it on 13 Feb 2020

Wow!
I have been back and forth with this: https://community.graylog.org/t/stream-page-not-found-gorilla/13898/6

Was going to report but I guess it's done!

FYI: streams work when you do not use a subdirectoy in nginx.

Nice!

davama picture davama on 13 Feb 2020

Thanks, @s1shed, @zoledian, @cubed-it & @davama for reporting this issue and supporting us debugging it.

I have found the underlying cause and created a PR for it, that is going into the next patch release of Graylog, hopefully being released soon.

dennisoelkers picture dennisoelkers on 17 Feb 2020
🎉2 👍2

Perfect in 3.2.2 :+1:

s1shed picture s1shed on 20 Feb 2020
1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

mhaasEFD picture mhaasEFD  路  4Comments
ajpen picture ajpen  路  3Comments
jalogisch picture jalogisch  路  3Comments
edmundoa picture edmundoa  路  3Comments
jalogisch picture jalogisch  路  4Comments