Установка Sentry — различия между версиями
Root (обсуждение | вклад) (Новая страница: «Ставим Sentry 9.0.0 на Debian Stretch Установим нужные пакеты # apt install python python-setuptools python-pip python-dev libxslt…») |
Root (обсуждение | вклад) |
||
(не показана 31 промежуточная версия этого же участника) | |||
Строка 1: | Строка 1: | ||
Ставим Sentry 9.0.0 на Debian Stretch | Ставим Sentry 9.0.0 на Debian Stretch | ||
− | Установим нужные пакеты | + | |
+ | '''1. Установим нужные пакеты''' | ||
# apt install python python-setuptools python-pip python-dev libxslt1-dev libjpeg-dev libxml2-dev libpq-dev libffi-dev gcc libxslt-dev libyaml-dev | # apt install python python-setuptools python-pip python-dev libxslt1-dev libjpeg-dev libxml2-dev libpq-dev libffi-dev gcc libxslt-dev libyaml-dev | ||
− | + | '''2. Nginx''' | |
+ | # apt install nginx | ||
− | sentry.conf | + | Правим конфиг <code bash>/etc/nginx/sites-available/sentry.conf</code> |
− | server { | + | server { |
listen 80; | listen 80; | ||
− | server_name sentry. | + | server_name sentry.megapuper.ru; |
location / { | location / { | ||
proxy_pass http://localhost:9000; | proxy_pass http://localhost:9000; | ||
Строка 18: | Строка 20: | ||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||
proxy_set_header X-Forwarded-Proto $scheme; | proxy_set_header X-Forwarded-Proto $scheme; | ||
− | + | } | |
− | } | + | } |
− | ==================== | + | |
+ | |||
+ | '''3. Postgresql''' | ||
+ | # apt install postgresql | ||
+ | |||
+ | Создаём БД | ||
+ | # cd /tmp/ | ||
+ | /tmp # su postgres | ||
+ | postgres@sentry01:/tmp$ psql | ||
+ | CREATE DATABASE sentry encoding utf8; | ||
+ | CREATE USER sentry WITH password 'PASS_FOR_USER_sentry'; | ||
+ | GRANT ALL privileges ON DATABASE sentry TO sentry; | ||
+ | \q | ||
+ | |||
+ | |||
+ | '''4. Redis''' | ||
+ | # apt install redis-server | ||
+ | |||
+ | |||
+ | '''5. Устанавливаем Sentry''' | ||
+ | # pip install -U virtualenv | ||
+ | # virtualenv /srv/www/sentry/ | ||
+ | # source /srv/www/sentry/bin/activate | ||
+ | (sentry)# pip install -U sentry | ||
+ | (sentry)# sentry init /etc/sentry | ||
+ | |||
+ | Правим конфиги<br> | ||
+ | <code bash>/etc/sentry/config.yml</code><spoiler> | ||
+ | # While a lot of configuration in Sentry can be changed via the UI, for all | ||
+ | # new-style config (as of 8.0) you can also declare values here in this file | ||
+ | # to enforce defaults or to ensure they cannot be changed via the UI. For more | ||
+ | # information see the Sentry documentation. | ||
+ | |||
+ | ############### | ||
+ | # Mail Server # | ||
+ | ############### | ||
+ | |||
+ | mail.backend: 'smtp' # Use dummy if you want to disable email entirely | ||
+ | # mail.host: 'localhost' | ||
+ | # mail.port: 25 | ||
+ | # mail.username: '' | ||
+ | # mail.password: '' | ||
+ | # mail.use-tls: false | ||
+ | # The email address to send on behalf of | ||
+ | mail.from: 'sentry@encry.ru' | ||
+ | |||
+ | # If you'd like to configure email replies, enable this. | ||
+ | # mail.enable-replies: false | ||
+ | |||
+ | # When email-replies are enabled, this value is used in the Reply-To header | ||
+ | # mail.reply-hostname: '' | ||
+ | |||
+ | # If you're using mailgun for inbound mail, set your API key and configure a | ||
+ | # route to forward to /api/hooks/mailgun/inbound/ | ||
+ | # mail.mailgun-api-key: '' | ||
+ | |||
+ | ################### | ||
+ | # System Settings # | ||
+ | ################### | ||
+ | |||
+ | # If this file ever becomes compromised, it's important to regenerate your a new key | ||
+ | # Changing this value will result in all current sessions being invalidated. | ||
+ | # A new key can be generated with `$ sentry config generate-secret-key` | ||
+ | system.secret-key: 'e)_e)t+^t3x3(q!ljx@^d2f(_%bgyc^ck-jjf#)o8(t!_@t+%3' | ||
+ | |||
+ | # The ``redis.clusters`` setting is used, unsurprisingly, to configure Redis | ||
+ | # clusters. These clusters can be then referred to by name when configuring | ||
+ | # backends such as the cache, digests, or TSDB backend. | ||
+ | # | ||
+ | # Two types of clusters are currently supported: | ||
+ | # | ||
+ | # rb.Cluster | ||
+ | # A redis blaster cluster is the traditional cluster used by most services | ||
+ | # within sentry. This is the default type cluster type. | ||
+ | # | ||
+ | # rediscluster.StrictRedisCluster | ||
+ | # An official Redis Cluster can be configured by marking the named group with | ||
+ | # the ``is_redis_cluster: True`` flag. In future versions of Sentry more | ||
+ | # services will require this type of cluster. | ||
+ | # | ||
+ | redis.clusters: | ||
+ | default: | ||
+ | hosts: | ||
+ | 0: | ||
+ | host: 127.0.0.1 | ||
+ | port: 6379 | ||
+ | |||
+ | ################ | ||
+ | # File storage # | ||
+ | ################ | ||
+ | |||
+ | # Uploaded media uses these `filestore` settings. The available | ||
+ | # backends are: `filesystem`, `gcs`, and `s3`. | ||
+ | |||
+ | filestore.backend: 'filesystem' | ||
+ | filestore.options: | ||
+ | location: '/tmp/sentry-files' | ||
+ | |||
+ | # NOTE: See docs/filestore for instructions on configuring the shell environment | ||
+ | # with authentication credentials for Google Cloud. | ||
+ | # filestore.backend: 'gcs' | ||
+ | # filestore.options: | ||
+ | # bucket_name: 's3-bucket-name' | ||
+ | |||
+ | # filestore.backend: 's3' | ||
+ | # filestore.options: | ||
+ | # access_key: 'AKIXXXXXX' | ||
+ | # secret_key: 'XXXXXXX' | ||
+ | # bucket_name: 's3-bucket-name' | ||
+ | |||
+ | system.url-prefix: 'http://sentry.megapuper.ru' | ||
+ | </spoiler> | ||
+ | <code bash>/etc/sentry/sentry.conf.py</code><spoiler> | ||
+ | # This file is just Python, with a touch of Django which means | ||
+ | # you can inherit and tweak settings to your hearts content. | ||
+ | from sentry.conf.server import * | ||
+ | |||
+ | import os.path | ||
+ | |||
+ | CONF_ROOT = os.path.dirname(__file__) | ||
+ | |||
+ | DATABASES = { | ||
+ | 'default': { | ||
+ | 'ENGINE': 'sentry.db.postgres', | ||
+ | 'NAME': 'sentry', | ||
+ | 'USER': 'sentry', | ||
+ | 'PASSWORD': 'PASS_FOR_USER_sentry', | ||
+ | 'HOST': 'localhost', | ||
+ | 'PORT': '', | ||
+ | 'AUTOCOMMIT': True, | ||
+ | 'ATOMIC_REQUESTS': False, | ||
+ | } | ||
+ | } | ||
+ | |||
+ | # You should not change this setting after your database has been created | ||
+ | # unless you have altered all schemas first | ||
+ | SENTRY_USE_BIG_INTS = True | ||
+ | |||
+ | # If you're expecting any kind of real traffic on Sentry, we highly recommend | ||
+ | # configuring the CACHES and Redis settings | ||
+ | |||
+ | ########### | ||
+ | # General # | ||
+ | ########### | ||
+ | |||
+ | # Instruct Sentry that this install intends to be run by a single organization | ||
+ | # and thus various UI optimizations should be enabled. | ||
+ | SENTRY_SINGLE_ORGANIZATION = 0 | ||
+ | DEBUG = False | ||
+ | |||
+ | ######### | ||
+ | # Cache # | ||
+ | ######### | ||
+ | |||
+ | # Sentry currently utilizes two separate mechanisms. While CACHES is not a | ||
+ | # requirement, it will optimize several high throughput patterns. | ||
+ | |||
+ | # If you wish to use memcached, install the dependencies and adjust the config | ||
+ | # as shown: | ||
+ | # | ||
+ | # pip install python-memcached | ||
+ | # | ||
+ | # CACHES = { | ||
+ | # 'default': { | ||
+ | # 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache', | ||
+ | # 'LOCATION': ['127.0.0.1:11211'], | ||
+ | # } | ||
+ | # } | ||
+ | |||
+ | # A primary cache is required for things such as processing events | ||
+ | SENTRY_CACHE = 'sentry.cache.redis.RedisCache' | ||
+ | |||
+ | ######### | ||
+ | # Queue # | ||
+ | ######### | ||
+ | |||
+ | # See https://docs.sentry.io/on-premise/server/queue/ for more | ||
+ | # information on configuring your queue broker and workers. Sentry relies | ||
+ | # on a Python framework called Celery to manage queues. | ||
+ | |||
+ | BROKER_URL = 'redis://localhost:6379' | ||
+ | |||
+ | ############### | ||
+ | # Rate Limits # | ||
+ | ############### | ||
+ | |||
+ | # Rate limits apply to notification handlers and are enforced per-project | ||
+ | # automatically. | ||
+ | |||
+ | SENTRY_RATELIMITER = 'sentry.ratelimits.redis.RedisRateLimiter' | ||
+ | |||
+ | ################## | ||
+ | # Update Buffers # | ||
+ | ################## | ||
+ | |||
+ | # Buffers (combined with queueing) act as an intermediate layer between the | ||
+ | # database and the storage API. They will greatly improve efficiency on large | ||
+ | # numbers of the same events being sent to the API in a short amount of time. | ||
+ | # (read: if you send any kind of real data to Sentry, you should enable buffers) | ||
+ | |||
+ | SENTRY_BUFFER = 'sentry.buffer.redis.RedisBuffer' | ||
+ | |||
+ | ########## | ||
+ | # Quotas # | ||
+ | ########## | ||
+ | |||
+ | # Quotas allow you to rate limit individual projects or the Sentry install as | ||
+ | # a whole. | ||
+ | |||
+ | SENTRY_QUOTAS = 'sentry.quotas.redis.RedisQuota' | ||
+ | |||
+ | ######## | ||
+ | # TSDB # | ||
+ | ######## | ||
+ | |||
+ | # The TSDB is used for building charts as well as making things like per-rate | ||
+ | # alerts possible. | ||
+ | |||
+ | SENTRY_TSDB = 'sentry.tsdb.redis.RedisTSDB' | ||
+ | |||
+ | ########### | ||
+ | # Digests # | ||
+ | ########### | ||
+ | |||
+ | # The digest backend powers notification summaries. | ||
+ | |||
+ | SENTRY_DIGESTS = 'sentry.digests.backends.redis.RedisBackend' | ||
+ | |||
+ | ############## | ||
+ | # Web Server # | ||
+ | ############## | ||
+ | |||
+ | # If you're using a reverse SSL proxy, you should enable the X-Forwarded-Proto | ||
+ | # header and uncomment the following settings | ||
+ | # SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https') | ||
+ | # SESSION_COOKIE_SECURE = True | ||
+ | # CSRF_COOKIE_SECURE = True | ||
+ | |||
+ | # If you're not hosting at the root of your web server, | ||
+ | # you need to uncomment and set it to the path where Sentry is hosted. | ||
+ | # FORCE_SCRIPT_NAME = '/sentry' | ||
+ | |||
+ | SENTRY_WEB_HOST = '0.0.0.0' | ||
+ | SENTRY_WEB_PORT = 9000 | ||
+ | SENTRY_WEB_OPTIONS = { | ||
+ | # 'workers': 3, # the number of web workers | ||
+ | # 'protocol': 'uwsgi', # Enable uwsgi protocol instead of http | ||
+ | } | ||
+ | </spoiler> | ||
+ | |||
+ | |||
+ | Заводим пользователя | ||
+ | # useradd -u 20005 -s /bin/bash -m -d /home/sentry sentry | ||
+ | # chown -R sentry:sentry /srv/www/sentry/ | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | ======================== | + | '''6. Supervisor''' |
− | + | # apt install supervisor | |
+ | Создаём конфиг <code bash>/etc/supervisor/conf.d/sentry.conf</code><spoiler> | ||
+ | [program:sentry-web] | ||
+ | environment=SENTRY_CONF="/etc/sentry/" | ||
+ | directory=/srv/www/sentry/ | ||
+ | command=/srv/www/sentry/bin/sentry run web | ||
+ | autostart=true | ||
+ | autorestart=true | ||
+ | redirect_stderr=true | ||
+ | user=sentry | ||
+ | |||
+ | [program:sentry-worker] | ||
+ | environment=SENTRY_CONF="/etc/sentry/" | ||
+ | directory=/srv/www/sentry/ | ||
+ | command=/srv/www/sentry/bin/sentry run worker | ||
+ | autostart=true | ||
+ | autorestart=true | ||
+ | redirect_stderr=true | ||
+ | user=sentry | ||
+ | |||
+ | [program:sentry-cron] | ||
+ | environment=SENTRY_CONF="/etc/sentry/" | ||
+ | directory=/srv/www/sentry/ | ||
+ | command=/srv/www/sentry/bin/sentry run cron | ||
+ | autostart=true | ||
+ | autorestart=true | ||
+ | redirect_stderr=true | ||
+ | killasgroup=true | ||
+ | </spoiler> | ||
+ | Рестартим supervisor и заходим в sentry, должно работать) | ||
− | |||
− | |||
− | |||
− | + | Если во время sentry upgrade будет падать с ошибкой<br/> | |
− | sentry | + | django.db.utils.ProgrammingError: ProgrammingError('permission denied to create extension "citext"\nHINT: Must be superuser to create this extension.\n',)<br/> |
+ | перед запуском sentry update, дадим sentry права суперюзера, потом заберём: | ||
+ | alter role sentry superuser; | ||
+ | alter role sentry nosuperuser; | ||
− | |||
− | |||
− | |||
− | + | '''7. Подключение Telegram-бота для оповещений''' (https://github.com/butorov/sentry-telegram)<br/> | |
− | + | # pip install sentry-telegram | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | Добавляем в конфиг <code bash>/etc/sentry/sentry.conf.py</code> | |
+ | INSTALLED_APPS += ('sentry_telegram',) | ||
− | + | Рестартим Sentry | |
− | |||
− | |||
− | |||
− | + | Затем заходим в настройки проекта и в меню INTEGRATIONS настраиваем плагин Telegram Notifications | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | '''8. Подключение плагина redmine''' (https://github.com/getsentry/sentry-redmine)<br/> | |
− | + | # pip install sentry-redmine | |
− | + | Далее в настройках проекта, в меню INTEGRATIONS появляется пункт Redmine, конфигурим его с параметрами, которые берём из нашего redmine. | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | pip install sentry-redmine | ||
− | в настройках проекта, в | ||
− | + | Если плагин не подтягивается из-за конфликта версий | |
− | Failed to load plugin 'redmine': | + | Failed to load plugin 'redmine': |
− | + | ContextualVersionConflict: (redis 2.10.5 (/srv/www/sentry/lib/python2.7/site-packages), Requirement.parse('redis==2.10.6'), set(['redis-py-cluster'])) | |
− | ContextualVersionConflict: (redis 2.10.5 (/srv/www/sentry/lib/python2.7/site-packages), Requirement.parse('redis==2.10.6'), set(['redis-py-cluster'])) | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | Грохаем redis-py-cluster и ставим версию 1.3.4 | |
− | + | # pip uninstall redis-py-cluster | |
+ | # pip install redis-py-cluster==1.3.4 | ||
+ | # pip install sentry-redmine | ||
+ | Рестартим supervisor-web |
Текущая версия на 00:07, 13 июля 2022
Ставим Sentry 9.0.0 на Debian Stretch
1. Установим нужные пакеты
# apt install python python-setuptools python-pip python-dev libxslt1-dev libjpeg-dev libxml2-dev libpq-dev libffi-dev gcc libxslt-dev libyaml-dev
2. Nginx
# apt install nginx
Правим конфиг /etc/nginx/sites-available/sentry.conf
server { listen 80; server_name sentry.megapuper.ru; location / { proxy_pass http://localhost:9000; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } }
3. Postgresql
# apt install postgresql
Создаём БД
# cd /tmp/ /tmp # su postgres postgres@sentry01:/tmp$ psql CREATE DATABASE sentry encoding utf8; CREATE USER sentry WITH password 'PASS_FOR_USER_sentry'; GRANT ALL privileges ON DATABASE sentry TO sentry; \q
4. Redis
# apt install redis-server
5. Устанавливаем Sentry
# pip install -U virtualenv # virtualenv /srv/www/sentry/ # source /srv/www/sentry/bin/activate (sentry)# pip install -U sentry (sentry)# sentry init /etc/sentry
Правим конфиги
/etc/sentry/config.yml
Spoiler
/etc/sentry/sentry.conf.py
Spoiler
Заводим пользователя
# useradd -u 20005 -s /bin/bash -m -d /home/sentry sentry # chown -R sentry:sentry /srv/www/sentry/
6. Supervisor
# apt install supervisor
Создаём конфиг /etc/supervisor/conf.d/sentry.conf
Spoiler
Рестартим supervisor и заходим в sentry, должно работать)
Если во время sentry upgrade будет падать с ошибкой
django.db.utils.ProgrammingError: ProgrammingError('permission denied to create extension "citext"\nHINT: Must be superuser to create this extension.\n',)
перед запуском sentry update, дадим sentry права суперюзера, потом заберём:
alter role sentry superuser; alter role sentry nosuperuser;
7. Подключение Telegram-бота для оповещений (https://github.com/butorov/sentry-telegram)
# pip install sentry-telegram
Добавляем в конфиг /etc/sentry/sentry.conf.py
INSTALLED_APPS += ('sentry_telegram',)
Рестартим Sentry
Затем заходим в настройки проекта и в меню INTEGRATIONS настраиваем плагин Telegram Notifications
8. Подключение плагина redmine (https://github.com/getsentry/sentry-redmine)
# pip install sentry-redmine
Далее в настройках проекта, в меню INTEGRATIONS появляется пункт Redmine, конфигурим его с параметрами, которые берём из нашего redmine.
Если плагин не подтягивается из-за конфликта версий
Failed to load plugin 'redmine': ContextualVersionConflict: (redis 2.10.5 (/srv/www/sentry/lib/python2.7/site-packages), Requirement.parse('redis==2.10.6'), set(['redis-py-cluster']))
Грохаем redis-py-cluster и ставим версию 1.3.4
# pip uninstall redis-py-cluster # pip install redis-py-cluster==1.3.4 # pip install sentry-redmine
Рестартим supervisor-web