Cloudron v6.2.4 - Nginx Access-Control-Allow-Origin Policy blocks Grafana to access Prometheus
-
I tried looking into the diff of Box
v6.1.2
andv6.2.4
https://git.cloudron.io/cloudron/box/-/compare/v6.1.2...v6.2.4
Found this line
- add_header Referrer-Policy "same-origin"; + proxy_hide_header Referrer-Policy;
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
Then I tried to edit
/etc/nginx/applications/default.conf
and the both apps from Grafana and Prometheus to add cors:https://enable-cors.org/server_nginx.html
Nothing worked, I am clueless.
-
@brutalbirdie CORS headers are set by the app, it shouldn't be platform related. So, if Grafana cannot access prometheus, it's because prometheus needs some CORS setting.
-
It seems one can set --web.cors.origin as per https://manpages.debian.org/unstable/prometheus/prometheus.1.en.html . I guess we have to fix the Cloudron package to have CLI args.
-
@girish
My problem with that is, both Grafana and Prometheus did not get updated for 2 weeks on thev6.2.4
instance.
Grafana 7.4.3
andPrometheus Server 2.25.0
They did not change but the version of Cloudron got upgraded fromv6.1.2
=>v6.2.4
that's the only thing that changed. -
@brutalbirdie Nothing has changed in the reverse proxy configs other than referrer-policy. So, I am surprised that it worked before. I can only think of some app update causing a problem.
-
@brutalbirdie I haven't tried this yet. Do you know if this setup requires basic auth to work in the apps?
-
@brutalbirdie yes, that is most likely the issue. Let me try to push a fix.
-
@brutalbirdie I have enabled it in package v1.4.1 . Can you please try?