Sentry tunneler is a proxy that forwards requests to Sentry-compatible services. This was heavily inspired by https://github.com/gbip/sentry_tunnel.
As the official Sentry documentation notes:
A tunnel is an HTTP endpoint that acts as a proxy between Sentry and your application. Because you control this server, there is no risk of any requests sent to it being blocked. When the endpoint lives under the same origin (although it does not have to in order for the tunnel to work), the browser will not treat any requests to the endpoint as a third-party request. As a result, these requests will have different security measures applied which, by default, don't trigger ad-blockers.
The original sentry_tunnel is also a Rust project, but it is using gotham which doesn't have an easy way to enable CORS for some reason. This project instead uses axum, which allows for a much less involved setup.
The following environment variables are used to configure the tunneler:
CORS_ALLOWED_ORIGINS=https://example.com
ALLOWED_SENTRY_HOSTS=https://sentry.example.com
ALLOWED_PROJECT_IDS=1,2,3
TUNNEL_PATH="/tunnel"
LISTEN_PORT=3000CORS_ALLOWED_ORIGINS, ALLOWED_SENTRY_HOSTS, and ALLOWED_PROJECT_IDS are all comma-separated lists of values. TUNNEL_PATH is the path that the tunneler will listen on. LISTEN_PORT is the port that the tunneler will listen on.
If CORS_ALLOWED_ORIGINS is not set, Access-Control-Allow-Origin will be set to *. If ALLOWED_SENTRY_HOSTS is not set, all hosts will be allowed. If ALLOWED_PROJECT_IDS is not set, all projects will be allowed. This is a depature from the original sentry_tunnel which required all of these to be set.
This project is designed to be run as a docker container:
docker run --rm -p 3000:3000 ghcr.io/joeyeamigh/sentry-tunneler:latestRunning locally is easiest if you enable the dotenv feature and copy .env.example to .env:
cargo run --features dotenv