Hey i gave the nightly a crack with docker last night,
docker-compose went so smoothly
my only issue i’m having is i cant seem to have port 80 serve the proxy pass to port 9000?
server {
listen 80;
server_name DOMAIN.com.au;
location /api/store/ {
proxy_pass http://relay;
}
location ~ ^/api/[1-9]\d*/ {
proxy_pass http://relay;
}
location / {
proxy_pass http://sentry;
}
}
domain.com.au:9000 serves sentry as to be expected but domain.com.au just seems to do nothing?
i had a quick look at the nginx image that is used and i saw EXPOSE 80 so it should be getting exposed?
any idea what i have messed up?
thanks!
Edit: i dont really have much experience with “upstream” so maybe thats were im getting stuck?
/facepalm its pointing 80 TO 9000. right
why does it do this? or is there some sort of expectation that we spin up another nginx container for a reverse proxy to the included nginx box?
just want to make sure im not breaking anything by overriding this back to 80:80 instead of 9000:80
so im trying these compose overrides,
nginx:
<< : *restart_policy
expose:
- '443'
ports:
- '9000:80/tcp'
- '443:443'
and this is my nginx override
server {
listen 80 ssl;
listen 443 ssl;
ssl_certificate /etc/nginx/ssl/cert.crt;
ssl_certificate_key /etc/nginx/ssl/cert.key;
server_name sentry.*;
location /api/store/ {
proxy_pass http://relay;
}
location ~ ^/api/[1-9]\d*/ {
proxy_pass http://relay;
}
location / {
proxy_pass http://sentry;
}
}
and i have uncommented the senty.config.py ssl related stuff.
but i seem to keep getting this at the https://sentry.DOMAIN.com.au
failed (113: No route to host) while connecting to upstream, client: xx.xx.xx.xx, server: sentry.*, request: "GET / HTTP/1.1", upstream: "http://172.19.0.24:9000/", host: "sentry.DOMAIN.com.au"
am i just being stupid again
Alright got https working,
turns out enabling the ssl related stuff in sentry.conf.py causes it to start 502ing?
so ill have to keep investigating as i also see this in the certificate prompt
okay im out of ideas for this weekend
so i decided to spin up another nginx container and use that as a reverse proxy (its the same as the included box interms of config besides the below)
upstream nginx {
server 0.0.0.0:9000;
}
server {
listen 443 ssl;
ssl_certificate /etc/nginx/ssl/cert.crt;
ssl_certificate_key /etc/nginx/ssl/cert.key;
server_name sentry.DOMAIN.com.au;
location /api/store/ {
proxy_pass http://nginx;
}
location ~ ^/api/[1-9]\d*/ {
proxy_pass http://nginx;
}
location / {
proxy_pass http://nginx;
}
}
and new compose stuff
nginx-reverse:
<< : *restart_policy
expose:
- '443'
ports:
- '443:443'
image: 'nginx:1.16'
volumes:
- type: bind
read_only: true
source: ./nginx-reverse
target: /etc/nginx
depends_on:
- nginx
nginx:
<< : *restart_policy
#expose:
# - '443'
ports:
- '9000:80/tcp'
# - '443:443'
image: 'nginx:1.16'
volumes:
- type: bind
read_only: true
source: ./nginx
target: /etc/nginx
depends_on:
- web
- relay
but i still end up with a 502 haha… it must be something super simple…
BYK
June 30, 2020, 10:52am
7
Responded to your initial port question over at GitHub: https://github.com/getsentry/onpremise/issues/553#issuecomment-651717844
TL;DR we use port 9000 by default and have a PR to make this configurable:
getsentry:master ← getsentry:byk/feat/change-web-port
opened 07:45PM - 23 May 20 UTC
jackc
July 1, 2020, 10:44am
8
Turned out my issue was actualy use to on the first install i set the sentry.url-prefix to http + port 9000 so there was just a few things inwhich the reverse proxy could not control. going to /manage/settings and updating this value fixed the rest
created a pr documenting what is required for https/ssl for make this easier for others in the future closing as resolved
1 Like
