Issue Summary

I’m trying to setup a production environment of redash on my AWS EC2 instance.

While trying to follow the instructions to setup HTTPS located in https://redash.io/help/open-source/admin-guide/https-ssl-setup

However, after logging into the ec2 server using SSH, I can’t find the file /etc/nginx/sites-available/redash mentioned in the instructions because the folder /etc/nginx doesn’t exist.

I’m not familiar with nginx so I have no idea where to look for it.

(My intention is to use AWS CloudFront in front of the Redash server, in order to use HTTPS, like mentioned here )

Technical details:

  • Redash Version: 5.0.2
  • Browser/OS: N/A
  • How did you install Redash: Using AMI on AWS EC2

If you put Redash behind an ELB or Cloudfront, then you don’t need to apply any changes except for updating the number of proxies configuration.

If you want Redash’s server to serve HTTPS traffic, then you need to follow this guide:

The one in the Knowledge Base is for the legacy AMIs we were distributing… I added a note about this to this page, to avoid future confusion. And eventually we will publish the gist as part of the Knowledge Base.

2 Likes

Thanks for the clarifications!

I successfully set up a Cloudfront distribution to use HTTPS on my Redash server.

Here is a quick guide if anyone else is trying to do that:

  1. Create a HTTPS certificate with AWS Certificate Manager for your redash server domain name (ex: redash. yourdomain. com) and validate it

  2. Go to CloudFront, create a web distribution with the following configuration:

a) At “Alternate Domain Names (CNAMEs)” enter your custom domain (ex: redash.yourdomain.com)
b) Select Custom SSL Certificate and choose the certificate created at the previous step
c) At “Origin Domain Name” enter the “Public DNS” of your EC2 server (something like ec2-XXXXXXX. amazonaws. com where your redash server is located)
d) At Behaviors, set “Viewer Protocol Policy” to “Redirect HTTP to HTTPS”
e) At “Allowed HTTP Methods” choose “GET, HEAD, OPTIONS, PUT, POST, PATCH, DELETE”
f) At “Cache Based on Selected Request Headers” and “Forward Cookies” choose All
g) At “Query String Forwarding and Caching” choose “Forward all, cache based on all”

  1. Wait for your CloudFront distribution to show up as Deployed. You can check it by going to its address (something like xxxxxx. cloudfront. net)

  2. At Route53, point your custom domain to the Cloudfront distribution, using A, selecting Alias=yes, and choosing your CloudFront distribution

3 Likes

Hey @rrlevy

Thanks for the super helpful guide.

Did you run into any login issues when setting this up?

I can successfully reach the Redash login page (served over HTTPS), but logging in attempts seem to result in 301/302 responses.

Possibly related to this

Any advice you might have would be greatly appreciated. cc @arikfr

I decided to update the Redash server to serve HTTPS traffic directly (per Nginx config file location to set up HTTPS), and it worked perfectly.

I’d still love to figure out the solution to the login redirect issue when working with Cloudfront, but above solution works just fine :slight_smile:

1 Like