Hello dear sentry team,
with the current build i was unable to limit the open port 9000 to localhost for the onpremise self hosted sentry.
I’m using a nginx outside of docker in order to expose the app to the outside world.
Version: 21.1.0
I tried the following:
sudo lsof -i -P -n | grep LISTEN
show:
docker-pr 959431 root 4u IPv4 6250422 0t0 TCP *:9000 (LISTEN)
This port should be limited to 127.0.0.1
My outside nginx:
location / {
proxy_pass http://localhost:9000;
add_header Strict-Transport-Security “max-age=31536000”;
}
Which works fine.
I manipulated the following files which had no effect at all:
docker-compose.yml
nginx:
<< : *restart_policy
ports:
- ‘127.0.0.1:$SENTRY_BIND:80/tcp’
.env
SENTRY_BIND=127.0.0.1:9000
sentry/sentry.conf.py
##############
Web Server
##############
SENTRY_WEB_HOST = “127.0.0.1”
SENTRY_WEB_PORT = 9000
I tried all of these approaches seperately . Especially the sentry/sentry.conf.py looked exactly what i was looking for but the result was always:
sudo lsof -i -P -n | grep LISTEN
show:
docker-pr 959431 root 4u IPv4 6250422 0t0 TCP *:9000 (LISTEN)
I couldnt find any documentation and just some mentions on the internet where people had similar issues like:
github.com/getsentry/onpremise
Here the last comment is unfortunately " please keep this discussion over at the forum - couldnt find anything related here.
Am i doing something wrong or is this a potential bug?