-
Notifications
You must be signed in to change notification settings - Fork 8.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add docs on all available console server config options
- Loading branch information
Showing
4 changed files
with
62 additions
and
11 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
[[configuring-console]] | ||
== Configuring Console | ||
|
||
You can add the following options in the `config/kibana.yml` file: | ||
|
||
`console.enabled`:: *Default: true* Set to false to disable Console. Toggling this will cause the server to regenerate assets on the next startup, which may cause a delay before pages start being served. | ||
|
||
`console.proxyFilter`:: *Default: `.*`* A list of regular expressions that are used to validate any outgoing request from Console. If none | ||
of these match, the request will be rejected. See <<securing-console>> for more details. | ||
|
||
`console.proxyConfig`:: A list of configuration options that are based on the proxy target. Use this to set custom timeouts or SSL settings for specific hosts. This is done by defining a set of `match` criteria using wildcards/globs which will be checked against each request. The configuration from all matching rules will then be merged together to configure the proxy used for that request. | ||
+ | ||
The valid match keys are `match.protocol`, `match.host`, `match.port`, and `match.path`. All of these keys default to `*`, which means they will match any value. | ||
+ | ||
Example: | ||
+ | ||
[source,yaml] | ||
-------- | ||
console.proxyConfig: | ||
- match: | ||
host: "*.internal.org" # allow any host that ends in .internal.org | ||
port: "{9200..9299}" # allow any port from 9200-9299 | ||
ssl: | ||
ca: "/opt/certs/internal.ca" | ||
# "key" and "cert" are also valid options here | ||
- match: | ||
protocol: "https" | ||
ssl: | ||
verify: false # allows any certificate to be used, even self-signed certs | ||
# since this rule has no "match" section it matches everything | ||
- timeout: 180000 # 3 minutes | ||
-------- | ||
|
||
[[securing-console]] | ||
=== Securing Console | ||
|
||
Console is meant to be used as a local development tool. As such, it will send requests to any host & port combination, | ||
just as a local curl command would. To overcome the CORS limitations enforced by browsers, Console's Node.js backend | ||
serves as a proxy to send requests on behalf of the browser. However, if put on a server and exposed to the internet | ||
this can become a security risk. In those cases, we highly recommend you lock down the proxy by setting the | ||
`console.proxyFilter` setting. The setting accepts a list of regular expressions that are evaluated against each URL | ||
the proxy is requested to retrieve. If none of the regular expressions match the proxy will reject the request. | ||
|
||
Here is an example configuration the only allows Console to connect to localhost: | ||
|
||
[source,yaml] | ||
-------- | ||
console.proxyFilter: | ||
- ^https?://(localhost|127\.0\.0\.1|\[::0\]).* | ||
-------- | ||
|
||
You will need to restart Kibana for these changes to take effect. | ||
|
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters