Grafana behind an Nginx from a Different Domain returns "Origin not allowed" on Panels-CodePudding

Grafana (version 9) is running without proxy on a domainA. I would like to add an Nginx proxy from another domainB.

According to this post, Grafana doesn't support multiples domains and need smart proxy.

Based on official documentation, this first post and this second post, Nginx configuration should looks like

# this is required to proxy Grafana Live WebSocket connections.
map $http_upgrade $connection_upgrade {
  default upgrade;
  '' close;
}

upstream grafana {
  server domainA;
}

server {
  listen 8080;
  server_name domainB;


  location / {
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host domainA;
    proxy_pass https://grafana-prj-sso-monitoring.apps.okd.svc.elca.ch;
  }

  # Proxy Grafana Live WebSocket connections.
  location /api/live/ {
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;
    proxy_set_header Host domainA;
    proxy_pass https://domainA;
  }
}

I can reach Grafana through the proxy but panels return "Origin not allowed". I tried to add standard CORS header on both location with no luck

add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST';
add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type';
add_header 'Access-Control-Allow-Credentials' 'true';

CodePudding user response：

Finally this works with a single location

location / {
  proxy_set_header Host domainA;
  proxy_set_header Origin https://domainA;
  proxy_pass https://domainA;
}

The trick was to change both Host and Origin headers.