Hello I have a question about the port 9000 I did a sentry installation with docker compose everything works perfect but the port is exposed in the url. I would like to know if it can be hidden in some way I am using a vm instance in google cloud to run the sentry.
I just want to put my ip and load without the port thank you very much.
You should definitely not expose this port 9000 publicly. You need to run something like nginx in front of this, and let nginx proxy back to port 9000 internally. The server being run on 9000 is not battle hardened like nginx is.
Hello dear sentry team,
with the current build i was unable to limit the open port 9000 to localhost for the onpremise self hosted sentry.
I’m using a nginx outside of docker in order to expose the app to the outside world.
Version: 21.1.0
I tried the following:
sudo lsof -i -P -n | grep LISTEN
show:
docker-pr 959431 root 4u IPv4 6250422 0t0 TCP *:9000 (LISTEN)
This port should be limited to 127.0.0.1
My outside nginx:
location / {
proxy_pass http://localhost:9000;
add_header Strict-Transport-Security “max-age=31536000”;
}
Which works fine.
I manipulated the following files which had no effect at all:
docker-compose.yml
nginx:
<< : *restart_policy
ports:
- ‘127.0.0.1:$SENTRY_BIND:80/tcp’
.env
SENTRY_BIND=127.0.0.1:9000
sentry/sentry.conf.py
##############
##############
SENTRY_WEB_HOST = “127.0.0.1”
SENTRY_WEB_PORT = 9000
I tried all of these approaches seperately. Especially the sentry/sentry.conf.py looked exactly what i was looking for but the result was always:
sudo lsof -i -P -n | grep LISTEN
show:
docker-pr 959431 root 4u IPv4 6250422 0t0 TCP *:9000 (LISTEN)
I couldnt find any documentation and just some mentions on the internet where people had similar issues like:
Here the last comment is unfortunately " please keep this discussion over at the forum - couldnt find anything related here.
Am i doing something wrong or is this a potential bug?