参考资料 https://www.jianshu.com/p/103d5cfb6c07
https://www.iocoder.cn/Sentry/install/
1.下载Sentry代码
这里以Sentry版本22.1.0为主
https://github.com/getsentry/self-hosted
2.安装Sentry
默认会全部安装完成,下载镜像可能会有点慢
./install
3.接入LDAP
3.1 进入容器添加扩展
docker run -it getsentry/sentry:nightly /bin/bash
apt-get update && apt-get install -y libsasl2-dev python-dev libldap2-dev libssl-dev gcc-devel
pip install python-ldap sentry-ldap-auth
3.2 重新打tag
docker commit 12e16b1278ee getsentry/sentry:new
3.3 修改启动文件
vi .env
#SENTRY_IMAGE=getsentry/sentry:22.1.0
SENTRY_IMAGE=getsentry/sentry:new
3.4 修改配置文件接入LDAP
vi sentry/sentry.conf.py
###########
LDAP/AD
##########
import ldap, logging
from django_auth_ldap.config import LDAPSearch, PosixGroupType
AUTH_LDAP_SERVER_URI = 'ldap://192.168.3.xxx:389'
AUTH_LDAP_BIND_DN = 'cn=admin,dc=xxx,dc=com'
AUTH_LDAP_BIND_PASSWORD = 'xxx'
AUTH_LDAP_USER_SEARCH = LDAPSearch(
'dc=simplove,dc=com',
ldap.SCOPE_SUBTREE,
'(uid=%(user)s)',
)
AUTH_LDAP_GROUP_SEARCH = LDAPSearch(
'cn=sentry,ou=Sentry,ou=Services,dc=xxx,dc=com',
ldap.SCOPE_SUBTREE,
'(objectClass=groupOfNames)'
)
AUTH_LDAP_GROUP_TYPE = PosixGroupType()
AUTH_LDAP_REQUIRE_GROUP = None
AUTH_LDAP_DENY_GROUP = None
AUTH_LDAP_USER_ATTR_MAP = {
'first_name': 'givenName',
'last_name': 'sn',
'email': 'mail'
}
AUTH_LDAP_FIND_GROUP_PERMS = False
AUTH_LDAP_CACHE_GROUPS = True
AUTH_LDAP_GROUP_CACHE_TIMEOUT = 3600
AUTH_LDAP_DEFAULT_SENTRY_ORGANIZATION = u'simplove'
AUTH_LDAP_SENTRY_ORGANIZATION_ROLE_TYPE = 'member'
AUTH_LDAP_SENTRY_ORGANIZATION_GLOBAL_ACCESS = True
AUTHENTICATION_BACKENDS = AUTHENTICATION_BACKENDS + (
'sentry_ldap_auth.backend.SentryLdapBackend',
)
logger = logging.getLogger('django_auth_ldap')
logger.setLevel('DEBUG')
3.5 接入邮件
vi sentry/config.yml
mail.host: 'smtp.exmail.qq.com'
mail.port: 587
mail.username: 'xxx'
mail.password: 'xxx'
mail.use-tls: true
mail.from: 'xxx'