In the default Icinga dashboard there are two frames used to display host and service problems.
I can’t seem to get them working. I’m getting server.fqdn refused to connect.
I’ve tried locahost and the fqdn, i’ve also ensured I have an API user configured. I’ve have moved my Icingaweb2 onto HTTPS and removed HTTP. I’ve configured the address to use HTTPS but it still doesn’t work. I see no reason for the connection failure.
Below is what the browser tries to render
<!-- Icinga Web 2 iFrame. getIcingaWeb2Url() is defined in config.ru and reads from config/icinga2*.json -->
<li data-row="3" data-col="1" data-sizex="2" data-sizey="2">
<div data-id="iframe" data-view="Iframe" data-title="Icinga Web Host Problems" data-url="https://server.fqdn/icingaweb2/monitoring/list/hosts?host_problem=1&sort=host_severity&showFullscreen&showCompact"></div>
</li>
<li data-row="3" data-col="3" data-sizex="2" data-sizey="2">
<div data-id="iframe" data-view="Iframe" data-title="Icinga Web Service Problems" data-url="https://server.fqdn/icingaweb2/monitoring/list/services?service_problem=1&sort=service_severity&dir=desc&showFullscreen&showCompact"></div>
</li>
</ul>
Have you tried the default icinga2.erb content for the iFrames?
<!-- Icinga Web 2 iFrame. getIcingaWeb2Url() is defined in config.ru and reads from config/icinga2*.json -->
<li data-row="3" data-col="1" data-sizex="2" data-sizey="2">
<div data-id="iframe" data-view="Iframe" data-title="Icinga Web Host Problems" data-url="<%=getIcingaWeb2Url()%>/monitoring/list/hosts?host_problem=1&sort=host_severity&showFullscreen&showCompact"></div>
</li>
<li data-row="3" data-col="3" data-sizex="2" data-sizey="2">
<div data-id="iframe" data-view="Iframe" data-title="Icinga Web Service Problems" data-url="<%=getIcingaWeb2Url()%>/monitoring/list/services?service_problem=1&sort=service_severity&dir=desc&showFullscreen&showCompact"></div>
</li>
managed to find the following error in the browser
Refused to display 'https://server.fqdn/icingaweb2/monitoring/list/hosts?host_problem=1&sort=host_severity&showFullscreen&showCompact' in a frame because it set 'X-Frame-Options' to 'deny'.
Looking at the headers from Icingaweb2 it’s has X-Frame-Options: DENY set.
I’m assuming this is preventing it being embedded into the Dashing page. My Dashing is http, while Icinga is on https.
Do you think I’ve missed configured something or is this expected.
@winem wrote a nice howto with putting an HTTP proxy in front of Dashing, terminating the TLS endpoint there as well. I’d recommend having a look instead of mixing http/https where browsers may block this even further in the future.