Hello, I have set up my sentry on-premise using docker-compose. without SSL it is running smoothly. But then I set up Amazon CloudFront as a reverse proxy, to enable SSL for my sentry setup. Using HTTPS login page shows ok but when I tried to log in it shows me CSRF Verification Failed
So far following changes I have made in my sentry setup
-
In config.yml I have added following line
system.url-prefix: 'https://sentry.company-domain.com' -
In sentry.conf.py I have made following changes in SSL/TLS section
SECURE_PROXY_SSL_HEADER = (‘HTTP_X_FORWARDED_PROTO’, ‘https’)
SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True
SOCIAL_AUTH_REDIRECT_IS_HTTPS = True -
In nginx.conf I have added following line in server
server { listen 80; location /api/store/ { proxy_set_header Host $http_host; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-For $remote_addr; proxy_pass http://relay; } location ~ ^/api/[1-9]\d*/ { proxy_set_header Host $http_host; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-For $remote_addr; proxy_pass http://relay; } location / { proxy_set_header Host $http_host; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-For $remote_addr; proxy_pass http://sentry; } }
Can someone help me to get it right