Self-Host Grafana with Greffon
Grafana turns metrics into dashboards you actually read. Run it on a greffer you own, with the honest notes on data sources, storage, and backups.
Grafana is the dashboard layer most self-hosters end up wanting: a single place to graph metrics, logs, and uptime from the rest of what you run. It does not collect data on its own. It connects to data sources and draws what they hold. Hosted Grafana exists, but if you are already running your own infrastructure, the dashboards that watch it may as well live on hardware you own too. The Greffon catalog ships Grafana, and grafting it takes the reverse-proxy and TLS plumbing off your plate.
Why own your dashboards
Grafana is open-source analytics and visualization: you point it at a data source (Prometheus, a SQL database, Loki for logs, and many more), build panels, and arrange them into dashboards. Running it yourself means the dashboards, the saved queries, and the data-source credentials all sit on a machine you control, not a SaaS account. For a tool whose whole job is to see into your other systems, that is a sensible place for it to live.
Graft it from the catalog
You do not hand-write a compose file or wire a reverse proxy. Pick Grafana from the catalog and graft it onto your greffer. You set the admin password on first start, and Greffon issues the certificate and routes the app, so it comes up reachable over HTTPS without you assembling that plumbing by hand.
admin. The data-source secret key is generated for you by the platform, so you do not need to invent one.Reach it over HTTPS
A dashboard is only useful if you can pull it up from wherever you are. On the same network as your greffer, that works the moment Grafana starts. To reach it from anywhere else, you have two honest options.
The simplest is tunnel mode: a greffer connects outbound to the manager's tunnel and serves its apps without opening a single inbound port, which is the answer for a box behind NAT or CGNAT with no public IP. Grafana is a plain HTTP app, so the tunnel carries it cleanly. If you would rather expose the greffer directly, port forwarding plus dynamic DNS still works. Either way the dashboard stays reachable over HTTPS.
Grafana needs data to show
This is the part dashboard walkthroughs tend to skip. Grafana does not store metrics itself. A fresh install shows you an empty dashboard until you add a data source. If you want graphs of your own systems, you need something producing the data first: Prometheus scraping your hosts, a database you already run, or Loki collecting logs. Plan that side before you expect to see anything interesting.
localhost, the same way an external client would reach it.Where the dashboards live
Grafana keeps its state (dashboards, users, data-source definitions, and settings) in a database. By default that is a SQLite file inside the greffon's persistent storage, which is plenty for a single-instance setup and survives restarts and updates. It is light on memory and runs comfortably on a modest greffer. The thing to remember is that this state is the value: the panels you build over months are not regenerated from anywhere if the storage is lost.
Back up the config
Losing Grafana does not lose your metrics (those live in your data sources), but it does lose every dashboard and saved query you built, which can be a lot of work to recreate. Greffon handles TLS and routing today, and native one-click backups are coming in M2. Until then, bring your own backup tool (restic or borgbackup are the usual choices), back up the Grafana data directory on a schedule, and store a copy off the greffer.