DevSecOps Engineer
Let's install & Setup Sentry on Docker Container using the CentOS platform, but you can use any other platform as well.
In our script, we will install the below containers.
Before we start with Sentry installation, please make sure your base operating system is ready with CentOS or Ubuntu and also install Docker on top of it.
To install Docker please follow the below official docker documentation:
Execute below commands to deploy sentry
For Manuall Installation:
Add 2 files under env directory
#mkdir env
#cd env
Create .envpostgres under env directory and add below lines.
#vim .envpostgres
POSTGRES_USER=sentry
POSTGRES_HOST_AUTH_METHOD=trust
Create .envsentry file under env directory add below lines
#vim .envsentry
SENTRY_SECRET_KEY=Hhdjabcjajaajhjaa12121jk
SENTRY_POSTGRES_HOST=postgres
SENTRY_DB_USER=sentry
SENTRY_DB_PASSWORD=sentry
SENTRY_REDIS_HOST=redis
SENTRY_EMAIL_HOST=smtp.gmail.com
SENTRY_EMAIL_PORT=587
SENTRY_EMAIL_USER=yourname.domain.com
SENTRY_EMAIL_PASSWORD=ki2432hj312hj422
SENTRY_EMAIL_USE_TLS=true
SENTRY_EVENT_RETENTION_DAYS=30
SENTRY_URL_PREFIX=https://sentry.domain.com
SECURE_PROXY_SSL_HEADER=('HTTP_X_FORWARDED_PROTO', 'https')
USE_X_FORWARDED_HOST=True
ENVIRONMENT=production
ALLOWED_HOSTS=https://sentry.domain.com
SENTRY_USE_SSL=1
To Deploy REDIS for Sentry:
docker run -d --name sentry-redis redis
docker run -d --name sentry-postgres --env-file env/.envpostgres -v /root/container-backup/sentry/postgress:/var/lib/postgresql/data postgres && \
secret_key=$(docker run --rm sentry config generate-secret-key) && \
docker volume create --driver local --opt type=none --opt device=/root/container-backup/sentry/config --opt o=bind sentry-config
docker run -it --rm -e SENTRY_SECRET_KEY=${secret_key} -p 9000:9000 --link sentry-postgres:postgres --link sentry-redis:redis sentry upgrade && \
docker run -d --name sentry -e SENTRY_SECRET_KEY=${secret_key} --env-file env/.envsentry -p 9000:9000 -v sentry-config:/etc/sentry -v /root/container-backup/sentry/files:/var/lib/sentry --link sentry-redis:redis --link sentry-postgres:postgres sentry && \
docker run -d --name sentry-cron -e SENTRY_SECRET_KEY=$secret_key --env-file env/.envsentry -v sentry-config:/etc/sentry -v /root/container-backup/sentry/files:/var/lib/sentry --link sentry-postgres:postgres --link sentry-redis:redis sentry run cron && \
docker run -d --name sentry-worker-1 -e SENTRY_SECRET_KEY=${secret_key} --env-file env/.envsentry -v sentry-config:/etc/sentry -v /root/container-backup/sentry/files:/var/lib/sentry --link sentry-postgres:postgres --link sentry-redis:redis sentry run worker
To enable NGINX proxy please use below method. (optional)
Create nginx.conf file under nginx directory and add below lines:
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
events {
worker_connections 1024;
}
http {
log_format main
'$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
server {
listen 80;
server_name sentry.domain.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_tokens off;
ssl_certificate /etc/nginx/ssl/ssl.crt;
ssl_certificate_key /etc/nginx/ssl/ssl.key;
ssl_session_timeout 15m;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
server_name sentry.domain.com;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
error_page 404 401 /401.html;
location = /401.html {
root /usr/share/nginx/html;
internal;
}
location / {
proxy_connect_timeout 600;
proxy_send_timeout 600;
proxy_read_timeout 600;
send_timeout 600;
proxy_redirect off;
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_pass http://localhost:9000;
}
}
} ##End of main HTTP
Generate & Add your own SSL certificate and SSL key under SSL directory. Refer:
Now deploy NGINX docker container using below commands:
docker run -p 443:443 --name nginx -v $(pwd)/nginx/nginx.conf:/etc/nginx/nginx.conf -v $(pwd)/ssl:/etc/nginx/ssl -d nginx
To verify, if the docker containers are running or not
docker ps -a
Please make sure all containers are up.
Once everything is up and working, please use your defined URL in any of your favorite browser https://sentry.domain.com
If you guys has any doubt in sentry installation, please comment me. Thanks