mirror of
https://github.com/outbackdingo/firezone.git
synced 2026-01-28 10:18:51 +00:00
6be7cf6b45
This adds https://github.com/getsentry/sentry-elixir to the portal for automatic process crash and exception trace reporting. It also configures Logger reporting for the `warning` level and higher, and sets the data scrubbing rules to allow all Logger metadata keys (`logger_metadata.*` in the Sentry project settings). Lastly, it configures automatic HTTP error reporting by tying into the `api` and `web` endpoint modules with a custom `plug` middleware so we get automatic reporting of unsuccessful Phoenix responses. It is expected this will be noisy when we first deploy and we'll need to tune it down a bit. This is the same approach used with other Sentry platforms.
78 lines
2.0 KiB
Elixir
78 lines
2.0 KiB
Elixir
defmodule API.Endpoint do
|
|
use Sentry.PlugCapture
|
|
use Phoenix.Endpoint, otp_app: :api
|
|
|
|
if Application.compile_env(:domain, :sql_sandbox) do
|
|
plug Phoenix.Ecto.SQL.Sandbox
|
|
end
|
|
|
|
plug Plug.RewriteOn, [:x_forwarded_host, :x_forwarded_port, :x_forwarded_proto]
|
|
plug Plug.MethodOverride
|
|
plug :put_hsts_header
|
|
plug Plug.Head
|
|
|
|
if code_reloading? do
|
|
plug Phoenix.CodeReloader
|
|
end
|
|
|
|
plug RemoteIp,
|
|
headers: ["x-forwarded-for"],
|
|
proxies: {__MODULE__, :external_trusted_proxies, []},
|
|
clients: {__MODULE__, :clients, []}
|
|
|
|
plug Plug.RequestId
|
|
# TODO: Rework LoggerJSON to use Telemetry and integrate it
|
|
# https://hexdocs.pm/phoenix/Phoenix.Logger.html
|
|
plug Plug.Telemetry, event_prefix: [:phoenix, :endpoint]
|
|
|
|
socket "/gateway", API.Gateway.Socket, API.Sockets.options(timeout: :timer.seconds(37))
|
|
socket "/client", API.Client.Socket, API.Sockets.options(timeout: :timer.seconds(307))
|
|
socket "/relay", API.Relay.Socket, API.Sockets.options(timeout: :timer.seconds(41))
|
|
|
|
plug :fetch_user_agent
|
|
plug API.Router
|
|
|
|
plug Sentry.PlugContext
|
|
|
|
def fetch_user_agent(%Plug.Conn{} = conn, _opts) do
|
|
case Plug.Conn.get_req_header(conn, "user-agent") do
|
|
[user_agent | _] -> Plug.Conn.assign(conn, :user_agent, user_agent)
|
|
_ -> conn
|
|
end
|
|
end
|
|
|
|
def put_hsts_header(conn, _opts) do
|
|
scheme =
|
|
config(:url, [])
|
|
|> Keyword.get(:scheme)
|
|
|
|
if scheme == "https" do
|
|
put_resp_header(
|
|
conn,
|
|
"strict-transport-security",
|
|
"max-age=63072000; includeSubDomains; preload"
|
|
)
|
|
else
|
|
conn
|
|
end
|
|
end
|
|
|
|
def real_ip_opts do
|
|
[
|
|
headers: ["x-forwarded-for"],
|
|
proxies: {__MODULE__, :external_trusted_proxies, []},
|
|
clients: {__MODULE__, :clients, []}
|
|
]
|
|
end
|
|
|
|
def external_trusted_proxies do
|
|
Domain.Config.fetch_env!(:api, :external_trusted_proxies)
|
|
|> Enum.map(&to_string/1)
|
|
end
|
|
|
|
def clients do
|
|
Domain.Config.fetch_env!(:api, :private_clients)
|
|
|> Enum.map(&to_string/1)
|
|
end
|
|
end
|