Vivek Shukla

Deploy OpenObserve binary behind Nginx on Ubuntu

Quickstart guide by OpenObserve.

🔗Installing OpenObserve

Download binary:

mkdir ~/openobserve && cd $_

curl -L https://raw.githubusercontent.com/openobserve/openobserve/main/download.sh | sh

chmod +x openobserve

Create Environment file

tee openobserve.env << 'EOF'
# Data directory for OpenObserve. This is crucial for local storage.
ZO_DATA_DIR="/home/ubuntu/openobserve/data"

# The port OpenObserve will listen on (default is 5080)
ZO_PORT=5080

# The root user email and password for initial login.
# CHANGE THESE TO SECURE VALUES!
ZO_ROOT_USER_EMAIL="admin@example.com"
ZO_ROOT_USER_PASSWORD="SecurePassword123"

ZO_META_STORE="sqlite"

ZO_WEB_URL="https://your-domain

# disabling OpenObserve's telemetry to their server
ZO_TELEMETRY=false
EOF

sudo chmod 600 openobserve.env

Creating systemd service

sudo tee /etc/systemd/system/openobserve.service << 'EOF'
[Unit]
Description=OpenObserve Observability Platform
After=network-online.target
Wants=network-online.target

[Service]
# Service type: 'simple' means the process will be the main process
Type=simple

User=ubuntu
Group=ubuntu
WorkingDirectory=/home/ubuntu/openobserve
EnvironmentFile=/home/ubuntu/openobserve/openobserve.env
ExecStart=/home/ubuntu/openobserve/openobserve
Restart=on-failure
RestartSec=5s

# Limit the number of open file descriptors, important for high-concurrency apps.
# Adjust as needed based on your expected load.
LimitNOFILE=65536

# Redirect standard output and error to systemd journal.
StandardOutput=journal
StandardError=journal

# How long to wait before forcefully terminating the service on stop.
TimeoutStopSec=30s

[Install]
# This unit should be enabled for multi-user systems.
# Allows it to start automatically on boot.
WantedBy=multi-user.target
EOF

Start service

# Reload systemd daemon to pick up the new service file
sudo systemctl daemon-reload

# Enable the service to start on boot
sudo systemctl enable openobserve

# Start the OpenObserve service
sudo systemctl start openobserve

Check the service status and logs

# Check service status
sudo systemctl status openobserve

# View logs
sudo journalctl -u openobserve -f

🔗Reverse Proxy - Nginx

Install Nginx

sudo apt -y install nginx
sudo tee /etc/nginx/sites-available/openobserve << 'EOF'
map $http_upgrade $connection_upgrade {
  default upgrade;
  '' close;
}

server {
        listen 80;          # IPv4
        listen [::]:80;     # IPv6
        server_name your-domain;

        # Hide server information headers
        server_tokens off;

        # Enable gzip compression
        gzip on;
        gzip_vary on;
        gzip_proxied any;
        gzip_comp_level 6;
        gzip_min_length 1024; # Only gzip if size is at least 1KB
        gzip_types text/plain text/css text/xml application/json application/javascript application/rss+xml application/atom+xml image/svg+xml;

        # Proxy settings
        location / {
            include proxy_params;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection $connection_upgrade;
            proxy_redirect off;
            proxy_pass http://localhost:5080;
        }

        location /metrics {
            # allow 192.168.1.100; # <--- REPLACE WITH YOUR MONITORING SERVER'S IP
            deny all;
        }

        # Security headers
        add_header X-Content-Type-Options "nosniff" always;
        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
}
EOF
sudo ln -s /etc/nginx/sites-available/openobserve /etc/nginx/sites-enabled/

# test nginx conf
sudo nginx -t
sudo systemctl restart nginx

Afterwards, to gracefully restart nginx, do this:

sudo nginx -s reload # OR sudo systemctl reload nginx

🔗TLS Installation

sudo snap install core; sudo snap refresh core

sudo apt remove certbot

sudo snap install --classic certbot

sudo ln -s /snap/bin/certbot /usr/bin/certbot

sudo certbot --nginx -d your-domain

Recent Posts

Previous

docker buildx: Multi-platform Builds

Next

Rust Release Build & Publish