Changing Kibana to listen on port 80 without running it as root
As I'm tidying up my ELK setup I thought that accessing kibana via :5601 is not necessary, so I modified the /etc/kibana/kibana.yml
server port to 80
just to be reminded, that on linux ports below 1024 are accessible only by root.
Running kibana as root is not an option, so I looked at other solutions. The quickest one is to redirect the port 5601 to 80 using IPTABLES. As that VM only runs kibana and elasticsearch I will not have port clashes.
Next step is to open port 80 in UFWsudo ufw allow 80/tcp
Having that sorted we can add redirect. UFW does not have commands to set it up, but it's quite easu to do it in config files
Execute sudo vim /etc/ufw/before.rules
and just before *filter
add:
*nat
:PREROUTING ACCEPT [0:0]
-A PREROUTING -p tcp --dport 80 -j REDIRECT --to-poty 5601
COMMIT
Restart ufw sudo ufw enable
and you should be all set
Links
https://serverfault.com/questions/238563/can-i-use-ufw-to-setup-a-port-forward
https://serverfault.com/questions/112795/how-to-run-a-server-on-port-80-as-a-normal-user-on-linux