Adding SSL to Grafana by Bitnami on AWS with LetsEncrypt

I recently launched a small Grafana server using the Bitnami certified image for AWS located here:
https://aws.amazon.com/marketplace/pp/Bitnami-Grafana-Certified-by-Bitnami/B07JQ4LGF1

It was a pretty straightforward install and setup process. For my implementation however I needed to ensure our Grafana was using SSL or HTTP for access to Grafana. These commands helped me get that up and running.

Let’s assume at this point you can SSH into your Bitnami Grafana server and can access it via HTTP.

Firs thing you’ll want to do is install the Lego client like this:

cd /tmp
curl -Ls https://api.github.com/repos/xenolf/lego/releases/latest | grep browser_download_url | grep linux_amd64 | cut -d '"' -f 4 | wget -i -

As of this writing the latest version is 3.0.2 but you’ll need to make sure you change “v3.0.2” below to use the latest version listed at the Git repo.

tar xf lego_v3.0.2_linux_amd64.tar.gz
sudo mkdir -p /opt/bitnami/letsencrypt
sudo mv lego /opt/bitnami/letsencrypt/lego

Next you must turn off all Bitnami services via:

sudo /opt/bitnami/ctlscript.sh stop

Now you’re ready to request your SSL certificate. Make sure you change “EMAIL-ADDRESS” and “DOMAIN” to your e-mail and domain name you are creating the certificate for.

sudo /opt/bitnami/letsencrypt/lego --tls --email="EMAIL-ADDRESS" --domains="DOMAIN" --path="/opt/bitnami/letsencrypt" run

Last thing you need to do is update the Grafana config in /opt/bitnami/grafana/conf. Under the [server] header you’ll want to make sure you change the protocol to “https” and then add the “cert_file” and “cert_key” locations. Make sure to change “DOMAIN” to your domain name.

[server]
protocol=https
cert_file=/opt/bitnami/letsencrypt/certificates/DOMAIN.crt
cert_key=/opt/bitnami/letsencrypt/certificates/DOMAIN.key

After editing the config file, restart the bitnami services and you will now be able to access Grafana via SSL!

sudo /opt/bitnami/ctlscript.sh start

How To: Install Homebrew on Amazon Linux

I recently needed to get brew installed on an Amazon Linux EC2 server. I tried a few articles I found online, but ended up just building from source with four simple commands.

First, clone the Homebrew “Linuxbrew” git repository to your local machine by running the following command.

git clone https://github.com/Homebrew/brew ~/.linuxbrew/Homebrew

Next you’ll want to create a new directory for the compiled code.

mkdir ~/.linuxbrew/bin

Third you’ll want to make a link between the bin/brew folder from the git repository we pulled in earlier.

ln -s ../Homebrew/bin/brew ~/.linuxbrew/bin

Then finally you’ll want to enable the “brew” command to run from your shell.

eval $(~/.linuxbrew/bin/brew shellenv)