Can we disable or run dashboard on different port?

1

Hi,

I have configured Sentry on our server. Great application !! We want to enable front-end logging however we don’t want to expose our dashboard publicly. Is it possible to run dashboard on different dashboard and receive the logging on port 80? I will be great full to any help.

Thank you,
Vady

2

You can definitely do this purely in nginx, but what you want here is going to vary drastically depending on what exactly you want. Either way, this is entirely unrelated to Sentry and just more about configuring a load balancer.

With that said, if you have something started or something to go with, I can probably help.

3

Hi Matt,

Thank you for the reply. I am using EC2 instance and it is behind AWS ELB.

Here is my Nginx config file

server {
listen 80; ## listen for ipv4; this line is default and implied
listen [::]:80 default_server ipv6only=on; ## listen for ipv6

server_name sentry.example.com;

access_log /var/log/nginx/sentry/nginx_access.log;
error_log /var/log/nginx/sentry/nginx_error.log error;

root /webapps/sentry/public/static;

client_max_body_size 10M;

Common

#include /etc/nginx/sites-available/_include_common.conf;

Static Files

location /static/ {
access_log off;
alias /webapps/sentry/public/static/;
expires 33d;
}

APP - Assets

location / {
if ($http_x_forwarded_proto != https) {
rewrite ^ https://$host$request_uri? permanent;
}

include uwsgi_params;
uwsgi_param UWSGI_SCHEME $scheme;
uwsgi_pass unix:/webapps/sentry/socket;
}
}

This is the uwsgi config file.

[uwsgi]
chdir = /webapps/sentry
env = SENTRY_CONF=/webapps/sentry/sentry.conf.py
module = sentry.wsgi

uid = www-data
gid = www-data

logger = file:/var/log/uwsgi/sentry/uwsgi.log
virtualenv = /webapps/sentry/env

; spawn the master and 1 processes
socket = /webapps/sentry/socket
master = true
processes = 1

; allow longer headers for raven.js if applicable
; default: 4096
buffer-size = 32768

Let me know if you need any other information

Thank you,

Vady

4

Hi Matt,

Is there any solution?

Thank you.

Vady

5

First, based on your config, this looks like you’re running a really old version of Sentry. Seems like 7.x.

With that said, you should be able to just have a server{} block that listens on a different port or domain that only passes along requests for the store endpoint.

Somethign like:

server {
  listen 443;
  server_name frontend.yoursentry.com;

  location ~ ^/api/(\d+)/store/$ {
    uwsgi_pass ...
  }
}

This config will only allow request to this endpoint through this server block.

6

Hi Matt,

Thank you so much. It worked like charm.

Thank you again,

Vady

7

Hi, regarding the solution that @matt gave in 2016 I have slight addition. We had a problem where we needed to add a prefix in front of our api-gateway. I learnt the hard way… or at least the stackoverflow-way that query-params doesn’t get sent by default. The solution is adding them explisit in the location-block:

   location ~ ^/api/(\d+\/store\/.*) {
        proxy_pass "http://mygateway/some-prefix/api/$1$is_args$args";
    }

ref: https://stackoverflow.com/questions/8130692/how-can-query-string-parameters-be-forwarded-through-a-proxy-pass-with-nginx