opensource/grafana
1
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-07-28 19:52:27 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
grafana/docs/sources/shared/systemd/bind-net-capabilities.md
Jack Baldry c1c48dd610 Use relative aliases for all non-current Grafana aliases (#60062) 
* Use relative aliases for all non-current Grafana aliases

Prevents non-latest documentation "stealing" the page away from latest
and through permanent redirects for latest pages that no longer exist.

The redirected pages are indexed by search engines but our robots.txt
forbids them crawling the non-latest page.

Signed-off-by: Jack Baldry <jack.baldry@grafana.com>

* Remove aliases from shared pages

Signed-off-by: Jack Baldry <jack.baldry@grafana.com>

* Rewrite all current latest aliases to be next

Signed-off-by: Jack Baldry <jack.baldry@grafana.com>

* Fix typo in latest alias

Signed-off-by: Jack Baldry <jack.baldry@grafana.com>

* Remove all current page aliases

find docs/sources -type f -name '*.md' -exec sed -z -i 's#\n *- /docs/grafana/next/[^\n]*\n#\n#' {} \;
find docs/sources -type f -name '*.md' -exec sed -Ez -i 's#\n((aliases:\n *-)|aliases:\n)#\n\2#' {} \;

Signed-off-by: Jack Baldry <jack.baldry@grafana.com>

* Prettier

Signed-off-by: Jack Baldry <jack.baldry@grafana.com>

Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
2022-12-09 12:36:04 -04:00

26 lines
907 B
Markdown
Raw Blame History

---
title: Serving Grafana on a port < 1024
---
If you are using `systemd` and want to start Grafana on a port that is less than 1024, then you must add a `systemd` unit override.
1. The following command creates an override file in your configured editor:
```bash
# Alternatively, create a file in /etc/systemd/system/grafana-server.service.d/override.conf
systemctl edit grafana-server.service
```
1 Add these additional settings to grant the `CAP_NET_BIND_SERVICE` capability. To read more about capabilities, see [the manual page on capabilities.](https://man7.org/linux/man-pages/man7/capabilities.7.html)
```
[Service]
# Give the CAP_NET_BIND_SERVICE capability
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_BIND_SERVICE
# A private user cannot have process capabilities on the host's user
# namespace and thus CAP_NET_BIND_SERVICE has no effect.
PrivateUsers=false
```
Reference in New Issue View Git Blame Copy Permalink