This article is written for those who were searching for a detailed and simple for the understanding guide on how to install Grafana on Ubuntu Server.

Grafana is multi-platform open-source analytics and interactive visualization software. It provides charts, graphs, and alerts for the web when connected to supported data sources.

In this guide, we will consider the case when you already have a server with the Ubuntu Server 18.04 LTS operating system installed on it.

You can read more about how to install Ubuntu Server 18.04 LTS in my guide «Installing Ubuntu Server 18.04 LTS».

In addition, OpenSSH must be installed on the server, and port 22 must be open in order to be able to connect to the server using the SSH protocol.

To install OpenSSH on the server, you can use the command:

sudo apt-get install openssh-server

If you plan to connect to the server using the Windows operating system, you can use PuTTY, a freeware client for various remote access protocols, including SSH, Telnet, rlogin.

This guide covers connecting to a server using the iTerm2 terminal emulator installed on the macOS operating system.

Please note that you will need to open the following TCP ports to access your server:

  • 80 – to receive a free cryptographic certificate through the Let’s Encrypt certificate authority.
  • 443 – to access the Grafana web interface.
  • 3000 – to access the Grafana web interface.

Connect to the server on which it is planned to install Grafana.

This guide discusses how to obtain a free cryptographic certificate through the Let’s Encrypt Certificate Authority. To receive and further update the free SSL certificate, we will use the Certbot software client, which is designed to simplify the receipt and renewal of the certificate through the Let’s Encrypt certificate authority.

Add the Certbot repository using the command:

sudo add-apt-repository ppa:certbot/certbot

Press the “Enter” button to confirm the addition of a new repository.

Now install the packages necessary for Grafana to work using the command:

sudo apt install -y apache2 apt-transport-https certbot python-certbot-apache

Configure Apache for further work with the Grafana.

Enable the Apache webserver module called “proxy_http” with the command:

sudo a2enmod proxy_http

Please note that the “proxy_http” module acts like a proxy server for the HTTP and HTTPS protocols.

Enable the Apache webserver module called “rewrite” with the command:

sudo a2enmod rewrite

Please note that the “rewrite” module is one of the most commonly used Apache webserver modules and provides a flexible and powerful way to manipulate URLs.

Now you need to create two virtual host files (called block in Nginx), with which Grafana will continue to work.

Two virtual host files will be required to provide access to Grafana via HTTPS, as well as to realize the possibility of using Grafana at https://grafana.heyvaldemar.net, without specifying port 8080 in the address bar of the browser.

In this manual, the grafana.heyvaldemar.net subdomain will be used to access the Grafana control panel from the Internet. You will need to specify your domain or subdomain by which your Grafana will be accessible from the Internet.

Create the first virtual host file using a text editor using the command:

sudo vim /etc/apache2/sites-available/grafana.heyvaldemar.net.conf

Press the “i” button to enter the editing mode, then insert the following configuration for the webserver to work:

In this manual, the grafana.heyvaldemar.net subdomain will be used to access the Grafana control panel from the Internet. You will need to specify your domain or subdomain by which your Grafana will be accessible from the Internet.

Now press the “Esc” button to exit the editing mode, and then enter “:x” and press the “Enter” button to save the changes and exit the editor.

Create a second virtual host file using a text editor using the command:

sudo vim /etc/apache2/sites-available/grafana.heyvaldemar.net-ssl.conf

Press the “i” button to enter the editing mode, then insert the following configuration for the webserver to work:

In this manual, the grafana.heyvaldemar.net subdomain will be used to access the Grafana control panel from the Internet. You will need to specify your domain or subdomain by which your Grafana will be accessible from the Internet.

Now press the “Esc” button to exit the editing mode, and then enter “:x” and press the “Enter” button to save the changes and exit the editor.

Activate the first virtual host using the command:

sudo a2ensite grafana.heyvaldemar.net.conf

Activate the second virtual host using the command:

sudo a2ensite grafana.heyvaldemar.net-ssl.conf

Deactivate the default virtual host using the command:

sudo a2dissite 000-default.conf

Make sure that there are no errors in the syntax of the new Apache configuration file using the command:

sudo apache2ctl configtest

Restart Apache to apply the changes using the command:

sudo systemctl restart apache2

Verify that Apache started successfully using the command:

sudo systemctl status apache2

Now, to increase the security level of the webserver, it is necessary to obtain a cryptographic certificate for the domain or subdomain, through which the Grafana will be accessible from the Internet.

To obtain and subsequently renew a free SSL certificate, we will use the Let’s Encrypt Certificate Authority, as well as the Certbot software client, which is designed to simplify the receipt and renewal of the certificate through the Let’s Encrypt Certificate Authority.

In this manual, the grafana.heyvaldemar.net subdomain will be used to access the Grafana control panel from the Internet. You will need to specify your domain or subdomain by which your Grafana will be accessible from the Internet.

Request a cryptographic certificate using the command:

sudo certbot --apache -d grafana.heyvaldemar.net

Next, indicate the email address to which Let’s Encrypt will send notifications about the expiration of the cryptographic certificate and press the “Enter” button.

The next step is to read and accept the terms of use of the services provided.

Press the “a” button, then “Enter” if you agree to the terms of use of the services provided.

At the next stage, you need to choose: do you want to share the email address indicated above with the Electronic Frontier Foundation to receive newsletters.

Press the “n” button, then “Enter”.

The next step is to choose: do you want the parameters to automatically redirect HTTP traffic to HTTPS be automatically added to the Apache configuration file.

Press the button “2”, then “Enter”.

Please note that the cryptographic certificates received through the Let’s Encrypt Certificate Authority are valid for ninety days. Certbot automatically adds a script to renew the certificate in the task scheduler, and the script runs twice a day, automatically updating any cryptographic certificate that expires within thirty days.

You can check the operability of the cryptographic certificate renewal process using the command:

sudo certbot renew --dry-run

Now add the official Grafana key using the command:

wget -q -O - https://packages.grafana.com/gpg.key | sudo apt-key add -

Next, connect the Grafana repository using the command:

sudo add-apt-repository "deb https://packages.grafana.com/oss/deb stable main"

Now install Grafana with the command:

sudo apt install -y grafana

Restart “systemd” to search for changed or new units using the command:

sudo systemctl daemon-reload

Start Grafana with the command:

sudo systemctl start grafana-server

Check that Grafana started successfully with the command:

sudo systemctl status grafana-server

Turn on the autostart of the Grafana service when the operating system starts using the command:

sudo systemctl enable grafana-server.service

From the workstation, follow the link https://grafana.heyvaldemar.net, where grafana.heyvaldemar.net is the name of my subdomain for accessing the Grafana control panel. You will need to specify your domain or subdomain by which your Grafana control panel will be accessible from the Internet.

Grafana admin account default login: admin

The default password for the Grafana admin account is admin

Specify the username and password of an account with administrator rights Grafana, and click on the “Log in” button.

Next, you need to change the password for the Grafana administrator account.

Specify the new password for the Grafana administrator account and click on the “Save” button.

Welcome to the Grafana Control Panel.

Now you need to make changes to the Grafana configuration file to disable the ability to register users without the knowledge of the Grafana administrator and login for anonymous users.

Open the Grafana configuration file in a text editor using the command:

sudo vim /etc/grafana/grafana.ini

Press the “i” button to enter the editing mode, in the “[users]” section we find the parameter “allow_sign_up = false” and uncomment it by deleting the “;” symbol.

In the section “[auth.anonymous]” we find the parameter “enabled = false” and uncomment it by deleting the symbol “;”.

Now press the “Esc” button to exit the editing mode, and then enter “:x” and press the “Enter” button to save the changes and exit the editor.

Restart Grafana to apply the changes using the command:

sudo systemctl restart grafana-server

Check that Grafana started successfully with the command:

sudo systemctl status grafana-server

Everything is ready to use Grafana.

Author

Hi, I’m Vladimir Mikhalev, but my friends call me Valdemar. I have a lot of experience in the design and maintenance of various information systems. On my website, you will find detailed and clear guides for setting up IT solutions. Dive into the ocean, full of positive and technology! For cooperation: callvaldemar@gmail.com

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.