Setting Up Sentry With Remote PostgreSQL And Redis On Ubuntu 24.04
Introduction
Hey guys! Ever thought about setting up Sentry, the awesome error tracking tool, but wanted to keep your Ubuntu server clean by using remote PostgreSQL and Redis instances? Well, you're in the right place! This guide will walk you through setting up a self-hosted Sentry on Ubuntu 24.04, while connecting it to your remote PostgreSQL and Redis servers. This way, you can avoid installing these databases directly on your Ubuntu machine, keeping things nice and tidy. Let's dive in!
Prerequisites
Before we jump into the setup, let's make sure we have everything we need. Here’s a quick checklist:
- An Ubuntu 24.04 server: This is where Sentry will live. Make sure you have SSH access and sudo privileges.
- A remote PostgreSQL server: You'll need the connection details (host, port, database name, username, and password).
- A remote Redis server: Similarly, you'll need the connection details (host, port, and password, if applicable).
- Docker and Docker Compose: We’ll be using Docker to make the installation process smoother. If you don’t have them installed, we’ll cover that in the next section.
- A domain name (optional): If you want to access your Sentry instance via a domain name, make sure you have one and it’s pointing to your server’s IP address.
With these prerequisites in place, you're all set to get started!
Installing Docker and Docker Compose
If you haven't already, let's get Docker and Docker Compose installed on your Ubuntu server. Docker makes it super easy to run applications in containers, which keeps everything isolated and tidy. Docker Compose helps us define and manage multi-container applications, like Sentry, with ease.
First, update your package index:
sudo apt update
Next, install the necessary packages to allow apt to use a repository over HTTPS:
sudo apt install apt-transport-https ca-certificates curl software-properties-common
Add Docker’s official GPG key:
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
Set up the stable repository:
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
Update the package index again:
sudo apt update
Finally, install Docker Engine and Docker Compose:
sudo apt install docker-ce docker-compose-plugin
Verify that Docker is installed correctly by running the hello-world image:
sudo docker run hello-world
If everything is set up correctly, you should see a “Hello from Docker!” message. Awesome! Docker and Docker Compose are now ready to rock.
Downloading and Configuring Sentry
Now that we have Docker set up, let's get Sentry! We’ll start by downloading the onpremise repository from Sentry’s GitHub. This repository contains the Docker Compose files and scripts we need to get Sentry up and running.
First, let’s clone the repository. You might want to create a directory specifically for Sentry, like ~/sentry, to keep things organized:
mkdir ~/sentry
cd ~/sentry
Now, clone the repository:
git clone https://github.com/getsentry/self-hosted.git
cd self-hosted
Once you've cloned the repository, it’s time to configure Sentry to use your remote PostgreSQL and Redis instances. We’ll do this by modifying the .env file.
Copy the example .env file to .env:
cp .env.example .env
Now, open the .env file in your favorite text editor (like nano or vim) and let’s tweak some settings:
nano .env
Here are the key settings you'll need to adjust:
SENTRY_POSTGRES_HOST: Set this to the hostname or IP address of your remote PostgreSQL server.SENTRY_POSTGRES_PORT: Set this to the port number your PostgreSQL server is listening on (usually 5432).SENTRY_POSTGRES_USER: Set this to the username you use to connect to your PostgreSQL database.SENTRY_POSTGRES_PASSWORD: Set this to the password for the PostgreSQL user.SENTRY_POSTGRES_DB: Set this to the name of the PostgreSQL database Sentry will use.SENTRY_REDIS_HOST: Set this to the hostname or IP address of your remote Redis server.SENTRY_REDIS_PORT: Set this to the port number your Redis server is listening on (usually 6379).SENTRY_REDIS_PASSWORD: If your Redis server requires a password, set it here. If not, leave it blank.SENTRY_EMAIL: Set this to the email address you'll use for your Sentry administrator account.SENTRY_PASSWORD: Set this to the password for your Sentry administrator account.SENTRY_SECRET_KEY: This is a crucial setting! If it's missing, generate a secret key using a tool likeopenssl rand -hex 32and paste it here. This key is used to secure your Sentry instance.
For example, your .env file might look something like this:
SENTRY_POSTGRES_HOST=your_remote_postgres_host
SENTRY_POSTGRES_PORT=5432
SENTRY_POSTGRES_USER=your_postgres_user
SENTRY_POSTGRES_PASSWORD=your_postgres_password
SENTRY_POSTGRES_DB=sentry
SENTRY_REDIS_HOST=your_remote_redis_host
SENTRY_REDIS_PORT=6379
SENTRY_REDIS_PASSWORD=your_redis_password
[email protected]
SENTRY_PASSWORD=your_admin_password
SENTRY_SECRET_KEY=a_very_long_and_random_secret_key
Make sure to replace the placeholder values with your actual connection details. Once you’ve updated the .env file, save and close it. Now Sentry knows how to connect to your remote databases!
Configuring sentry.conf.py (Optional)
For more advanced configurations, you might want to tweak the sentry.conf.py file. This file allows you to customize various Sentry settings, such as email configuration, rate limiting, and more. It is located inside the self-hosted directory that was cloned from GitHub. Most users won't need to modify this file for basic setups, but if you have specific requirements, it's worth exploring.
To customize sentry.conf.py, first, make a copy of config.example.yml as sentry.conf.py:
cp config.example.yml sentry.conf.py
Then, open the file in a text editor:
nano sentry.conf.py
Inside, you'll find a variety of settings. For example, if you want to configure email sending (which is crucial for receiving alerts and password reset emails), you'll need to set the mail.backend, mail.host, mail.port, mail.username, and mail.password options.
mail.backend: 'smtp'
mail.host: 'your_smtp_host'
mail.port: 587
mail.username: 'your_smtp_username'
mail.password: 'your_smtp_password'
mail.use-tls: True
Replace the placeholder values with your actual SMTP server details. Similarly, you can configure other settings according to your needs. Once you're done, save and close the file. Remember, incorrect settings in sentry.conf.py can cause issues, so double-check your changes before proceeding.
Running the Sentry Installation Script
With the configuration out of the way, it's time to run the Sentry installation script. This script sets up the necessary Docker containers, creates the database schema, and initializes your Sentry instance. It’s a crucial step, so let’s get it right!
Navigate to the self-hosted directory if you’re not already there:
cd ~/sentry/self-hosted
Now, run the install.sh script:
./install.sh
The script will start by checking for the required dependencies (like Docker and Docker Compose) and then proceed with pulling the necessary Docker images. This process might take a while, depending on your internet connection speed. Be patient and let the script do its thing.
During the installation, the script will ask you a few questions, such as whether you want to create a superuser. Answer these questions as prompted. Creating a superuser is essential for accessing the Sentry web interface and managing your Sentry instance.
Once the script finishes, Sentry should be up and running in Docker containers. You’re almost there!
Starting Sentry with Docker Compose
Now that Sentry is installed, we need to start it using Docker Compose. Docker Compose will spin up all the necessary containers defined in the docker-compose.yml file, including the Sentry web application, Redis, and any other services Sentry needs.
Make sure you’re in the self-hosted directory:
cd ~/sentry/self-hosted
To start Sentry in detached mode (which means it will run in the background), use the following command:
docker compose up -d
This command tells Docker Compose to build and start the containers defined in the docker-compose.yml file. The -d flag ensures that the containers run in the background, so you can continue using your terminal.
Docker Compose will output the names of the containers it’s creating and starting. Once it’s done, Sentry should be running! To verify that everything is working correctly, you can check the status of the containers:
docker ps
This command lists all the running Docker containers. You should see containers for Sentry, Redis, and possibly other services, depending on your configuration. If the containers are listed and their status is “Up,” then Sentry is running smoothly!
Accessing the Sentry Web Interface
With Sentry up and running, it’s time to access the web interface and start using it! By default, Sentry runs on port 9000 of your server. So, if your server’s IP address is 192.168.1.100, you can access Sentry by navigating to http://192.168.1.100:9000 in your web browser.
If you’ve set up a domain name to point to your server, you can use that instead. For example, if your domain is sentry.example.com, you can access Sentry by navigating to http://sentry.example.com:9000.
When you access the Sentry web interface for the first time, you’ll be greeted with a login page. Use the email address and password you set during the installation script (the SENTRY_EMAIL and SENTRY_PASSWORD in your .env file) to log in.
Once you’re logged in, you’ll see the Sentry dashboard. From here, you can create organizations, projects, and start configuring error tracking for your applications. Congratulations, you’ve successfully set up Sentry with remote PostgreSQL and Redis!
Setting up Nginx as a Reverse Proxy (Optional)
While accessing Sentry directly on port 9000 works, it’s not ideal for production environments. It’s much better to set up a reverse proxy using Nginx or Apache. A reverse proxy sits in front of your Sentry application and handles incoming requests, providing benefits like SSL/TLS encryption, load balancing, and improved security.
In this section, we’ll walk through setting up Nginx as a reverse proxy for Sentry. First, make sure Nginx is installed on your Ubuntu server. If it’s not, you can install it using apt:
sudo apt update
sudo apt install nginx
Once Nginx is installed, we need to create a configuration file for Sentry. This file will tell Nginx how to route incoming requests to your Sentry application running in Docker containers.
Create a new Nginx configuration file for Sentry. You can name it sentry and place it in the /etc/nginx/conf.d/ directory:
sudo nano /etc/nginx/conf.d/sentry
Now, paste the following configuration into the file:
server {
listen 80;
server_name sentry.example.com; # Replace with your domain name
location / {
proxy_pass http://localhost:9000; # Sentry’s default port
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# Add SSL/TLS configuration here (optional)
# listen 443 ssl;
# ssl_certificate /path/to/your/certificate.pem;
# ssl_certificate_key /path/to/your/private_key.pem;
}
Make sure to replace sentry.example.com with your actual domain name. This configuration tells Nginx to listen on port 80 (HTTP) and forward all requests to http://localhost:9000, which is where Sentry is running in the Docker container.
If you want to set up SSL/TLS encryption (which is highly recommended for security), you’ll need to add the SSL/TLS configuration to this file. You’ll need an SSL certificate and private key, which you can obtain from a certificate authority like Let’s Encrypt. Uncomment the lines in the configuration file and replace /path/to/your/certificate.pem and /path/to/your/private_key.pem with the actual paths to your certificate and key files.
Save and close the Nginx configuration file. Now, create a symbolic link to enable the configuration:
sudo ln -s /etc/nginx/conf.d/sentry /etc/nginx/sites-enabled/
Remove the default Nginx configuration file, as we don’t need it:
sudo rm /etc/nginx/sites-enabled/default
sudo rm /etc/nginx/sites-available/default
Test the Nginx configuration for any syntax errors:
sudo nginx -t
If the configuration is correct, you should see a message saying “syntax is okay” and “test is successful.” Finally, restart Nginx to apply the changes:
sudo systemctl restart nginx
Now, you should be able to access your Sentry instance via your domain name (e.g., http://sentry.example.com) or, if you’ve set up SSL/TLS, via https://sentry.example.com. Nginx is now acting as a reverse proxy, handling incoming requests and forwarding them to your Sentry application!
Setting Up SSL with Let's Encrypt (Optional)
To further enhance the security of your Sentry instance, it's highly recommended to set up SSL/TLS encryption using Let's Encrypt. Let's Encrypt provides free SSL certificates, making it easy to secure your web applications. In this section, we'll walk through how to set up SSL for your Sentry instance using Let's Encrypt and Certbot, a tool that automates the process of obtaining and installing SSL certificates.
First, you'll need to install Certbot on your Ubuntu server. Certbot is available in the Ubuntu repositories, so you can install it using apt:
sudo apt update
sudo apt install certbot python3-certbot-nginx
This command installs Certbot and the Certbot plugin for Nginx, which will automatically configure Nginx to use the SSL certificate.
Once Certbot is installed, you can use it to obtain an SSL certificate for your domain. Run the following command:
sudo certbot --nginx -d sentry.example.com # Replace with your domain
Replace sentry.example.com with your actual domain name. Certbot will prompt you to answer a few questions, such as your email address and whether you want to redirect HTTP traffic to HTTPS. It will then automatically obtain an SSL certificate from Let's Encrypt and configure Nginx to use it.
Certbot will also set up automatic certificate renewal, so your SSL certificate will be renewed automatically before it expires. This ensures that your Sentry instance remains secure without any manual intervention.
After Certbot finishes, your Nginx configuration will be updated to use SSL/TLS encryption. You can verify this by accessing your Sentry instance via https://sentry.example.com. You should see a padlock icon in your browser's address bar, indicating that the connection is secure. With SSL set up, your Sentry instance is now protected by encryption, ensuring the privacy and security of your data!
Conclusion
And there you have it! You’ve successfully set up Sentry on Ubuntu 24.04 using remote PostgreSQL and Redis instances. This setup keeps your Ubuntu server clean and allows you to leverage your existing database infrastructure. We covered everything from installing Docker and Docker Compose, configuring Sentry, running the installation script, starting Sentry with Docker Compose, and accessing the web interface. We even went over setting up Nginx as a reverse proxy and securing your Sentry instance with SSL using Let’s Encrypt. Whether you want to setup Sentry for your personal projects or for an enterprise deployment, this guide should give you a solid foundation. Happy error tracking, guys!