asbiin / laravel-sentry-tunnel
Provides an endpoint to use the `tunnel`-parameter of the Sentry SDK
Fund package maintenance!
asbiin
Requires
- php: ^8.1
- illuminate/http: ^10.0 || ^11.0
- illuminate/routing: ^10.0 || ^11.0
- illuminate/support: ^10.0 || ^11.0
- thecodingmachine/safe: ^2.5
Requires (Dev)
- guzzlehttp/guzzle: ^7.8
- larastan/larastan: ^2.8
- laravel/pint: ^1.14
- orchestra/testbench: ^8.0 || ^9.0
- phpstan/phpstan-deprecation-rules: ^1.1
- phpstan/phpstan-strict-rules: ^1.5
- phpunit/phpunit: ^10.1 || ^11.0
- psalm/plugin-laravel: ^2.0
- thecodingmachine/phpstan-safe-rule: ^1.2
README
This package provides a URL for use with the tunnel-option of the Sentry SDK.
Installation
composer require asbiin/laravel-sentry-tunnel
Configuration
You can optionally publish the configuration files:
php artisan vendor:publish --provider=Naugrim\\LaravelSentryTunnel\\Provider
You must place at least one allowed host in your .env file:
SENTRY_TUNNEL_ALLOWED_HOSTS=my.host.com
NOTE: This essentially creates a reverse proxy to the SENTRY_TUNNEL_ALLOWED_HOSTS. As the Sentry DSN is not kept secret, this enables everyone to send messages to these hosts that seem to originate from your server.
Therefore, the default middleware list for the tunnel URL includes web and auth (so that only authenticated users can use the endpoint).
As you currently cannot pass a dynamic X-XSRF-TOKEN header in Sentry's transportOptions you either have to implement your own transport or place the tunnel URL in the exclude-list in the VerifyCsrfToken middleware.
If you want to change this behavior, provide a custom implementation of \SentryTunnel\Contracts\MiddlewareList via the container:
// app/Services/MyMiddlewareList.php namespace App\Services; use SentryTunnel\Services\MiddlewareList; class MyMiddlewareList extends MiddlewareList { public function getMiddlewareList() : array{ return array_merge( parent::getMiddlewareList(), [ "throttle", ] ); } }
Then add it to the container in your AppServiceProvider:
// app/Providers/AppServiceProvider.php use Illuminate\Support\ServiceProvider; use SentryTunnel\Contracts\MiddlewareList; use App\Services\MyMiddlewareList; class AppServiceProvider extends ServiceProvider { public function register(){ $this->app->alias(MyMiddlewareList::class, MiddlewareList::class); } }
Optionally you can restrict the project IDs that are allowed to use this endpoint. The default behavior is to allow all projects.
SENTRY_TUNNEL_ALLOWED_PROJECTS=1234,456,78
You can change the URL of the tunnel if required. The default value is /sentry/tunnel
SENTRY_TUNNEL_URL="/super/secret/tunnel"
Usage
Consult Sentry's documentation.