This tutorial guides you through the setup process of Sentry (onpremise / self hosted) using Ubuntu 18.04, nginx as webserver and LetsEncrypt certificates.
First step is to get Ubuntu 18.04 up and running. In my case, I use a cloud server from Hetzner. You should use a server with at least 4GB or RAM, because the setup process checks for at least 2.5GB of RAM available for Docker. That’s why I chose a CX21 server.
First step is to update the system:
apt-get update
apt-get full-upgrade
reboot
Next step is to install Docker:
sudo apt-get remove docker docker-engine docker.io containerd runc
sudo apt-get update
sudo apt-get install \
apt-transport-https \
ca-certificates \
curl \
gnupg-agent \
software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
When using a 64 bit environment, use the command below, otherwise check this link for the required command:
sudo add-apt-repository \
"deb [arch=amd64] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) \
stable"
sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io
You can perform a check if docker has been installed successfully by running:
sudo docker run hello-world
There should be a ‘Hello World’ output if everything is working as expected.
To install docker compose, run these commands (you can check for updated versions here):
sudo curl -L "https://github.com/docker/compose/releases/download/1.25.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
Optional: If docker compose is not working after installation, you may have to create a symbolic link:
sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
To install Sentry itself, use these commands:
git clone https://github.com/getsentry/onpremise.git
Before installing Sentry, check for the configuration parameters here. After checking the page and configure the desired settings (e.g. mail), run:
./install.sh
After the installation process has finished, run this command to start Sentry:
docker-compose up -d
After the installation of Sentry, you have to install nginx as kind of reverse proxy. To install nginx, run:
apt-get install nginx-full
After the setup has completed, replace the default site configuration by:
mv /etc/nginx/sites-available/default /etc/nginx/sites-available/old_default
Now, create a new default configuration (replace your.server.name):
server {
listen 80;
server_name your.server.name;
location / {
proxy_pass http://localhost:9000;
add_header Strict-Transport-Security "max-age=31536000";
}
}
Now, check your configuration for errors:
sudo nginx -t
If everything is fine, reload nginx:
sudo systemctl reload nginx
When accessing http://your.server.name, you should be able to access your Sentry installation, but it is a HTTP connection. We want a HTTPS connection instead, so let’s install a LetsEncrypt certificate.
Run these commands:
sudo add-apt-repository ppa:certbot/certbot
sudo apt install python-certbot-nginx
Run this command to get the desired certificate (replace your.server.name with the domain you want):
sudo certbot --nginx -d your.server.name
A wizard will guide you through the setup process.
If everything worked fine, you can check, if the automated certificate renewal works by running:
sudo certbot renew --dry-run
To add some security, let’s configure a firewall. First, check the status by running:
sudo ufw status
Now, add the desired rule for ssh and nginx:
sudo ufw allow ssh
sudo ufw allow 'Nginx Full'
Enable the firewall by:
sudo ufw enable
Now, the server setup is finished. Be careful, that is a total basic setup. You have to know, what you do, before running this server in a productive environment!