sentry.conf.py 8.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264
  1. # flake8: noqa
  2. # This file is just Python, with a touch of Django which means
  3. # you can inherit and tweak settings to your hearts content.
  4. import os
  5. import os.path
  6. # For Docker, the following environment variables are supported:
  7. # SENTRY_POSTGRES_HOST
  8. # SENTRY_POSTGRES_PORT
  9. # SENTRY_DB_NAME
  10. # SENTRY_DB_USER
  11. # SENTRY_DB_PASSWORD
  12. # SENTRY_RABBITMQ_HOST
  13. # SENTRY_RABBITMQ_USERNAME
  14. # SENTRY_RABBITMQ_PASSWORD
  15. # SENTRY_RABBITMQ_VHOST
  16. # SENTRY_REDIS_HOST
  17. # SENTRY_REDIS_PASSWORD
  18. # SENTRY_REDIS_PORT
  19. # SENTRY_REDIS_DB
  20. # SENTRY_MEMCACHED_HOST
  21. # SENTRY_MEMCACHED_PORT
  22. # SENTRY_FILESTORE_DIR
  23. # SENTRY_SERVER_EMAIL
  24. # SENTRY_EMAIL_HOST
  25. # SENTRY_EMAIL_PORT
  26. # SENTRY_EMAIL_USER
  27. # SENTRY_EMAIL_PASSWORD
  28. # SENTRY_EMAIL_USE_TLS
  29. # SENTRY_EMAIL_USE_SSL
  30. # SENTRY_ENABLE_EMAIL_REPLIES
  31. # SENTRY_SMTP_HOSTNAME
  32. # SENTRY_MAILGUN_API_KEY
  33. # SENTRY_SINGLE_ORGANIZATION
  34. # SENTRY_SECRET_KEY
  35. from sentry.conf.server import *
  36. from sentry.utils.types import Bool
  37. CONF_ROOT = os.path.dirname(__file__)
  38. env = os.environ.get
  39. postgres = env("SENTRY_POSTGRES_HOST") or (env("POSTGRES_PORT_5432_TCP_ADDR") and "postgres")
  40. if postgres:
  41. DATABASES = {
  42. "default": {
  43. "ENGINE": "sentry.db.postgres",
  44. "NAME": (env("SENTRY_DB_NAME") or env("POSTGRES_ENV_POSTGRES_USER") or "postgres"),
  45. "USER": (env("SENTRY_DB_USER") or env("POSTGRES_ENV_POSTGRES_USER") or "postgres"),
  46. "PASSWORD": (env("SENTRY_DB_PASSWORD") or env("POSTGRES_ENV_POSTGRES_PASSWORD") or ""),
  47. "HOST": postgres,
  48. "PORT": (env("SENTRY_POSTGRES_PORT") or ""),
  49. }
  50. }
  51. # You should not change this setting after your database has been created
  52. # unless you have altered all schemas first
  53. SENTRY_USE_BIG_INTS = True
  54. # If you're expecting any kind of real traffic on Sentry, we highly recommend
  55. # configuring the CACHES and Redis settings
  56. ###########
  57. # General #
  58. ###########
  59. # Instruct Sentry that this install intends to be run by a single organization
  60. # and thus various UI optimizations should be enabled.
  61. SENTRY_SINGLE_ORGANIZATION = Bool(env("SENTRY_SINGLE_ORGANIZATION", True))
  62. #########
  63. # Redis #
  64. #########
  65. # Generic Redis configuration used as defaults for various things including:
  66. # Buffers, Quotas, TSDB
  67. redis = env("SENTRY_REDIS_HOST") or (env("REDIS_PORT_6379_TCP_ADDR") and "redis")
  68. if not redis:
  69. raise Exception(
  70. "Error: REDIS_PORT_6379_TCP_ADDR (or SENTRY_REDIS_HOST) is undefined, did you forget to `--link` a redis container?"
  71. )
  72. redis_password = env("SENTRY_REDIS_PASSWORD") or ""
  73. redis_port = env("SENTRY_REDIS_PORT") or "6379"
  74. redis_db = env("SENTRY_REDIS_DB") or "0"
  75. SENTRY_OPTIONS.update(
  76. {
  77. "redis.clusters": {
  78. "default": {
  79. "hosts": {
  80. 0: {
  81. "host": redis,
  82. "password": redis_password,
  83. "port": redis_port,
  84. "db": redis_db,
  85. }
  86. }
  87. }
  88. }
  89. }
  90. )
  91. #########
  92. # Cache #
  93. #########
  94. # Sentry currently utilizes two separate mechanisms. While CACHES is not a
  95. # requirement, it will optimize several high throughput patterns.
  96. memcached = env("SENTRY_MEMCACHED_HOST") or (env("MEMCACHED_PORT_11211_TCP_ADDR") and "memcached")
  97. if memcached:
  98. memcached_port = env("SENTRY_MEMCACHED_PORT") or "11211"
  99. CACHES = {
  100. "default": {
  101. "BACKEND": "django.core.cache.backends.memcached.MemcachedCache",
  102. "LOCATION": [memcached + ":" + memcached_port],
  103. "TIMEOUT": 3600,
  104. }
  105. }
  106. # A primary cache is required for things such as processing events
  107. SENTRY_CACHE = "sentry.cache.redis.RedisCache"
  108. #########
  109. # Queue #
  110. #########
  111. # See https://develop.sentry.dev/services/queue/ for more information on
  112. # configuring your queue broker and workers. Sentry relies on a Python
  113. # framework called Celery to manage queues.
  114. rabbitmq = env("SENTRY_RABBITMQ_HOST") or (env("RABBITMQ_PORT_5672_TCP_ADDR") and "rabbitmq")
  115. if rabbitmq:
  116. BROKER_URL = (
  117. "amqp://"
  118. + (env("SENTRY_RABBITMQ_USERNAME") or env("RABBITMQ_ENV_RABBITMQ_DEFAULT_USER") or "guest")
  119. + ":"
  120. + (env("SENTRY_RABBITMQ_PASSWORD") or env("RABBITMQ_ENV_RABBITMQ_DEFAULT_PASS") or "guest")
  121. + "@"
  122. + rabbitmq
  123. + "/"
  124. + (env("SENTRY_RABBITMQ_VHOST") or env("RABBITMQ_ENV_RABBITMQ_DEFAULT_VHOST") or "/")
  125. )
  126. else:
  127. BROKER_URL = "redis://:" + redis_password + "@" + redis + ":" + redis_port + "/" + redis_db
  128. ###############
  129. # Rate Limits #
  130. ###############
  131. # Rate limits apply to notification handlers and are enforced per-project
  132. # automatically.
  133. SENTRY_RATELIMITER = "sentry.ratelimits.redis.RedisRateLimiter"
  134. ##################
  135. # Update Buffers #
  136. ##################
  137. # Buffers (combined with queueing) act as an intermediate layer between the
  138. # database and the storage API. They will greatly improve efficiency on large
  139. # numbers of the same events being sent to the API in a short amount of time.
  140. # (read: if you send any kind of real data to Sentry, you should enable buffers)
  141. SENTRY_BUFFER = "sentry.buffer.redis.RedisBuffer"
  142. ##########
  143. # Quotas #
  144. ##########
  145. # Quotas allow you to rate limit individual projects or the Sentry install as
  146. # a whole.
  147. SENTRY_QUOTAS = "sentry.quotas.redis.RedisQuota"
  148. ########
  149. # TSDB #
  150. ########
  151. # The TSDB is used for building charts as well as making things like per-rate
  152. # alerts possible.
  153. SENTRY_TSDB = "sentry.tsdb.redis.RedisTSDB"
  154. ###########
  155. # Digests #
  156. ###########
  157. # The digest backend powers notification summaries.
  158. SENTRY_DIGESTS = "sentry.digests.backends.redis.RedisBackend"
  159. ##############
  160. # Web Server #
  161. ##############
  162. # If you're using a reverse SSL proxy, you should enable the X-Forwarded-Proto
  163. # header and uncomment the following settings:
  164. # SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
  165. # SESSION_COOKIE_SECURE = True
  166. # CSRF_COOKIE_SECURE = True
  167. SENTRY_WEB_HOST = "0.0.0.0"
  168. SENTRY_WEB_PORT = 9000
  169. SENTRY_WEB_OPTIONS = {
  170. # 'workers': 1, # the number of web workers
  171. }
  172. ###############
  173. # Mail Server #
  174. ###############
  175. email = env("SENTRY_EMAIL_HOST") or (env("SMTP_PORT_25_TCP_ADDR") and "smtp")
  176. if email:
  177. SENTRY_OPTIONS["mail.backend"] = "smtp"
  178. SENTRY_OPTIONS["mail.host"] = email
  179. SENTRY_OPTIONS["mail.password"] = env("SENTRY_EMAIL_PASSWORD") or ""
  180. SENTRY_OPTIONS["mail.username"] = env("SENTRY_EMAIL_USER") or ""
  181. SENTRY_OPTIONS["mail.port"] = int(env("SENTRY_EMAIL_PORT") or 25)
  182. SENTRY_OPTIONS["mail.use-tls"] = Bool(env("SENTRY_EMAIL_USE_TLS", False))
  183. SENTRY_OPTIONS["mail.use-ssl"] = Bool(env("SENTRY_EMAIL_USE_SSL", False))
  184. else:
  185. SENTRY_OPTIONS["mail.backend"] = "dummy"
  186. # The email address to send on behalf of
  187. SENTRY_OPTIONS["mail.from"] = env("SENTRY_SERVER_EMAIL") or "root@localhost"
  188. # If you're using mailgun for inbound mail, set your API key and configure a
  189. # route to forward to /api/hooks/mailgun/inbound/
  190. SENTRY_OPTIONS["mail.mailgun-api-key"] = env("SENTRY_MAILGUN_API_KEY") or ""
  191. # If you specify a MAILGUN_API_KEY, you definitely want EMAIL_REPLIES
  192. if SENTRY_OPTIONS["mail.mailgun-api-key"]:
  193. SENTRY_OPTIONS["mail.enable-replies"] = True
  194. else:
  195. SENTRY_OPTIONS["mail.enable-replies"] = Bool(env("SENTRY_ENABLE_EMAIL_REPLIES", False))
  196. if SENTRY_OPTIONS["mail.enable-replies"]:
  197. SENTRY_OPTIONS["mail.reply-hostname"] = env("SENTRY_SMTP_HOSTNAME") or ""
  198. # If this value ever becomes compromised, it's important to regenerate your
  199. # SENTRY_SECRET_KEY. Changing this value will result in all current sessions
  200. # being invalidated.
  201. secret_key = env("SENTRY_SECRET_KEY")
  202. if not secret_key:
  203. raise Exception(
  204. "Error: SENTRY_SECRET_KEY is undefined, run `generate-secret-key` and set to -e SENTRY_SECRET_KEY"
  205. )
  206. if "SENTRY_RUNNING_UWSGI" not in os.environ and len(secret_key) < 32:
  207. print("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!")
  208. print("!! CAUTION !!")
  209. print("!! Your SENTRY_SECRET_KEY is potentially insecure. !!")
  210. print("!! We recommend at least 32 characters long. !!")
  211. print("!! Regenerate with `generate-secret-key`. !!")
  212. print("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!")
  213. SENTRY_OPTIONS["system.secret-key"] = secret_key