authentik icon indicating copy to clipboard operation
authentik copied to clipboard

Published 20 hours ago verified publisher icon goauthentik

Make SENTRY_DSN configurable

Open benedikt-bartscher opened this issue 2 years ago • 2 comments

Could we add an environment Variable to make SENTRY_DSN in authentik/root/settings.py:359 configurable?

benedikt-bartscher avatar Mar 19 '22 20:03 benedikt-bartscher

The main reason why this is not configurable currently is that that the outposts, the web interface and the terraform provider all get their sentry config from the main server, and if that endpoints also needs to serve the DSN it would also be public. And adding authentication for that endpoint would make it almost impossible to use sentry during flows.

For the webinterface there's also additionally the fact that sentry requests are proxied via the main instance (via some Go code actually, to not take up python cpu time), which also checks that the client-side DSN matches the server-side configured one.

BeryJu avatar Apr 04 '22 16:04 BeryJu

But looking into it, GitLab has a configurable Sentry DSN and that just exposes it everywhere so I guess that's not an issue; I just don't want to make assumptions about how people want to handle their DSNs

BeryJu avatar Apr 04 '22 17:04 BeryJu

@BeryJu thanks! I think its pretty normal to expose sentry DSNs.

benedikt-bartscher avatar Nov 10 '22 13:11 benedikt-bartscher

implemented by https://github.com/goauthentik/authentik/pull/4016

benedikt-bartscher avatar Nov 20 '22 02:11 benedikt-bartscher