Open lkiii opened 4 years ago
I have managed to install the plugin.
First thing I had to include dependencies to $SENTRY_INSTALL_DIR/sentry/Dockerfile
...
FROM ${SENTRY_IMAGE}
RUN apt-get update && apt-get install -y gcc libsasl2-dev python-dev libldap2-dev libssl-dev
COPY . /usr/src/sentry
...
Then I had to run docker-compose build
And after that, I have started up the sentry again with docker-compose up -d
@lkiii Hello. Do you have a working config "LDAP auth" for sentry 21.1.0 ? Could you please, share it?
@lkiii Hello. Do you have a working config "LDAP auth" for sentry 21.1.0 ? Could you please, share it?
The approach I have described above is working on version 20.11.1. I have not tested it on higher versions.
@oangit @lkiii do you have guys some example working with 21.x sentry onpremise? I am blocked on it now 😢
Hi, I have version onpremise sentry sentry --version sentry, version 21.1.0 (486d790a8f52)
I have a huge Active Directory LDAP. In my case I had error(restriction) with a memcache.
auth_ldap._LDAPUserGroups._group_names.cn - longer than 250.
In the logs you see docker-compose logs web
something like this
/usr/local/lib/python3.6/site-packages/django/core/cache/backends/base.py:239: CacheKeyWarning: Cache key will cause errors if used with memcached: ':2:auth_ldap._LDAPUserGroups._group_names.cn=long_name,ou=long_name,ou=long_name,ou=long_name,ou=long_name,ou=long_name,ou=long_name,ou=long_name,ou=long_name' (longer than 250)
web_1 | '(longer than %s)' % (key, MEMCACHE_MAX_KEY_LENGTH), CacheKeyWarning
I changed section Cache in file sentry/sentry.conf.py
#########
# Cache #
#########
# Sentry currently utilizes two separate mechanisms. While CACHES is not a
# requirement, it will optimize several high throughput patterns.
#CACHES = {
# "default": {
# "BACKEND": "django.core.cache.backends.memcached.MemcachedCache",
# "LOCATION": ["memcached:11211"],
# "TIMEOUT": 3600,
# }
#}
CACHES = {
"default": {
"BACKEND": "django.core.cache.backends.locmem.LocMemCache",
"LOCATION": "unique-snowflake",
}
}
@pedrofurtado
LDAP settings in sentry/sentry.conf.py
#############
# LDAP auth #
#############
import ldap
from django_auth_ldap.config import LDAPSearch, GroupOfUniqueNamesType
AUTH_LDAP_ALWAYS_UPDATE_USER = True
AUTH_LDAP_SERVER_URI = "ldap://192.168.10.1:389"
AUTH_LDAP_BIND_DN = "AD_user"
AUTH_LDAP_BIND_PASSWORD = "password"
AUTH_LDAP_USER_SEARCH = LDAPSearch("ou=,dc=,dc=,dc=com",ldap.SCOPE_SUBTREE,"(sAMAccountName=%(user)s)"
)
AUTH_LDAP_GROUP_SEARCH = LDAPSearch(
'',
ldap.SCOPE_SUBTREE,
'(objectClass=groupOfUniqueNames)'
)
AUTH_LDAP_GROUP_TYPE = GroupOfUniqueNamesType()
AUTH_LDAP_REQUIRE_GROUP = None
AUTH_LDAP_DENY_GROUP = None
AUTH_LDAP_USER_ATTR_MAP = {
"username": "sAMAccountName",
"first_name": "givenName",
"last_name": "sn",
"email": "mail",
}
AUTH_LDAP_FIND_GROUP_PERMS = False
AUTH_LDAP_CACHE_GROUPS = True
AUTH_LDAP_GROUP_CACHE_TIMEOUT = 3600
AUTH_LDAP_DEFAULT_SENTRY_ORGANIZATION = u'Sentry'
AUTH_LDAP_SENTRY_ORGANIZATION_ROLE_TYPE = 'member'
AUTH_LDAP_SENTRY_ORGANIZATION_GLOBAL_ACCESS = True
#AUTH_LDAP_SENTRY_USERNAME_FIELD = 'uid'
AUTH_LDAP_SENTRY_SUBSCRIBE_BY_DEFAULT = False
SENTRY_MANAGED_USER_FIELDS = ('email', 'first_name', 'last_name', 'password', )
AUTHENTICATION_BACKENDS = AUTHENTICATION_BACKENDS + (
'sentry_ldap_auth.backend.SentryLdapBackend',
)
import logging
logger = logging.getLogger('django_auth_ldap')
logger.addHandler(logging.StreamHandler())
logger.setLevel('DEBUG')
#### Telemetry off
SENTRY_BEACON = False
@oangit @lkiii do you have guys some example working with 21.x sentry onpremise? I am blocked on it now 😢
No sorry. My customer decided to migrate to the cloud, so I have not upgraded on-prem to the latest versions.
I have installed Sentry using https://github.com/getsentry/sentry/releases/tag/20.9.0 I have started
./install.sh
to prepare the environment anddocker-compose up -d
to start sentry.My
$SENTRY_INSTALL_DIR/sentry/requirements.txt
:Also, I have appended
$SENTRY_INSTALL_DIR/sentry/sentry.conf.py
with required configuration, but after I am starting sentry I am getting:It seems that the plug-in is not being installed.