When to use it
Create a GitHub App when source context should work for private repos.
Logister can show the default stacktrace without any GitHub access. The GitHub App adds source-aware context after a project is explicitly connected to one or more repositories: code excerpts for stack frames, repository and branch links, CODEOWNERS hints, GitHub issue creation when write permission is granted, and deployment context when events or CI include commit metadata.
The App model avoids long-lived personal access tokens. GitHub issues short-lived installation tokens for the repositories where the App is installed, and Logister stores only App configuration, installation metadata, repository metadata, project-to-installation links, and your project-to-repository mappings.
Hosted and self-hosted
The hosted Logister service can use the official Logister GitHub App. Self-hosted instances should create their own GitHub App so repository access stays under their GitHub organization and their Logister deployment.
Before you start
Make sure GitHub can reach your Logister instance.
- A public HTTPS URL for the Logister web process, set with
LOGISTER_PUBLIC_URL. - Project owner or project admin access to the Logister project where repositories will be mapped.
- GitHub owner or admin access to create a GitHub App and install it on the target organization or repositories.
- A secret store for the App ID, private key, webhook secret, and install URL or slug.
- The runtime paths your application reports in stack frames, such as
/appor/workspace/service.
For local development, GitHub cannot post webhooks to plain localhost. Use a temporary HTTPS tunnel such as ngrok, Cloudflare Tunnel, or Smee, set LOGISTER_PUBLIC_URL to that URL, and update the GitHub App URLs while testing.
Create the app
Register the GitHub App with Logister's setup and webhook URLs.
- In GitHub, open your user or organization settings, then go to Developer settings, GitHub Apps, and create a new GitHub App.
- Name it for your instance, for example
Logister Acme. - Set the Homepage URL to your Logister public URL, for example
https://logister.example.com. - Set the Setup URL to the value shown in Project settings, Integrations, Source repositories, GitHub setup callback. It should look like
https://logister.example.com/github/setup. - Keep webhooks active and set the Webhook URL to the value shown in the same Logister settings card. It should look like
https://logister.example.com/github/webhooks. - Create a long random webhook secret. Put the same value in GitHub and
LOGISTER_GITHUB_WEBHOOK_SECRET. - Generate a private key for the App. Store the PEM in your secret manager as
LOGISTER_GITHUB_APP_PRIVATE_KEY. - Copy the App ID into
LOGISTER_GITHUB_APP_ID. - Save the App, then copy the App slug or installation URL for Logister config.
GitHub's registration screen may also offer a callback URL for OAuth user flows. Logister uses the GitHub App setup URL and webhooks for repository installation, so the setup URL and webhook URL are the important fields.
Update redirects
Enable GitHub's redirect-on-update option when available. That sends users back to Logister after installation changes so Logister can sync repository access immediately.
Permissions
Start with read access and add issue writing only when the workflow needs it.
GitHub Apps start with no permissions. Give the App the smallest set that matches the features your teams will use.
| GitHub permission or event | Access | Why Logister uses it |
|---|---|---|
| Repository metadata | Read-only | Required to identify installed repositories, branches, URLs, and repository metadata. |
| Repository contents | Read-only | Required for private repository source excerpts and files such as CODEOWNERS. |
| Issues | Read and write | Optional. Enables Logister to create GitHub issues from error groups. Without it, source lookup still works and teams can attach links manually. |
| Installation event | Webhook event | Keeps installation state, permissions, suspension, and deletion in sync. |
| Installation repositories event | Webhook event | Keeps selected repository additions and removals in sync. |
Changing permissions
When you add a permission later, GitHub may require an organization owner to accept the change. After that, use Sync repositories on the linked installation in Logister project settings so repository metadata and permissions are fresh.
Configure Logister
Put the GitHub App values in your deployment environment.
Set these on the Rails web process and the Sidekiq worker, then restart both. The web process handles setup callbacks and webhooks; workers and request paths may need the same configuration when they resolve source context.
LOGISTER_GITHUB_APP_ID=123456
LOGISTER_GITHUB_APP_PRIVATE_KEY="-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----"
LOGISTER_GITHUB_WEBHOOK_SECRET=replace-with-a-long-random-secret
LOGISTER_GITHUB_APP_SLUG=logister-acme
# Or set the install URL directly when you do not want Logister to derive it from the slug:
# LOGISTER_GITHUB_APP_INSTALL_URL=https://github.com/apps/logister-acme/installations/new
# Optional. Keep these defaults for github.com.
# LOGISTER_GITHUB_API_URL=https://api.github.com
# LOGISTER_GITHUB_WEB_URL=https://github.com
# LOGISTER_GITHUB_API_VERSION=2026-03-10
# LOGISTER_GITHUB_STATELESS_S2S_TOKEN=enabled| Variable | Use |
|---|---|
LOGISTER_GITHUB_APP_ID | The numeric App ID from GitHub. |
LOGISTER_GITHUB_APP_PRIVATE_KEY | The App private key PEM. Multiline PEM values work when your platform supports them; escaped \n sequences also work. |
LOGISTER_GITHUB_WEBHOOK_SECRET | The secret GitHub uses to sign webhook requests. Logister rejects unsigned or mismatched webhooks. |
LOGISTER_GITHUB_APP_SLUG | The App slug from its GitHub URL. Logister uses it to build the install URL. |
LOGISTER_GITHUB_APP_INSTALL_URL | Optional explicit install URL. Use this instead of the slug when your GitHub host or App path is unusual. |
LOGISTER_GITHUB_API_URL | Optional GitHub API base URL. Use https://github.example.com/api/v3 for GitHub Enterprise Server. |
LOGISTER_GITHUB_WEB_URL | Optional GitHub web URL. Use your GitHub Enterprise Server origin when not using github.com. |
LOGISTER_GITHUB_API_VERSION | Optional REST API version header. Leave the default unless you have a specific compatibility reason. |
LOGISTER_GITHUB_STATELESS_S2S_TOKEN | Optional temporary rollout override for GitHub App installation tokens. Leave unset for normal operation, set enabled to proactively request stateless S2S tokens, or set disabled only while diagnosing rollout issues. |
GitHub Enterprise Server
For GHES, set LOGISTER_GITHUB_WEB_URL to the browser URL, set LOGISTER_GITHUB_API_URL to the REST API URL, and prefer an explicit LOGISTER_GITHUB_APP_INSTALL_URL if the derived install path does not match your server.
Install and sync
Use project settings to install or link the App and pull repository metadata.
- Restart Logister after setting the environment variables.
- Open Project settings, Integrations, then Source repositories.
- Check the GitHub App access card. App ID, private key, webhook secret, and install URL should all show as configured.
- Click Install GitHub App when the target GitHub account does not have an installation yet.
- Choose all repositories or selected repositories in GitHub, then finish the installation.
- After GitHub redirects back to Logister, confirm that the installation appears under Linked installations and repositories appear under Available repositories.
- If the installation already exists, use Available installations, then click Link to project.
- Use Sync repositories after repository access or App permissions change.
Installing or linking the App makes repositories available to the project. It does not connect a source repository mapping by itself. Click Connect next to each repository Logister should use for this project, then review its runtime path prefix, source root, and default branch under Connected repositories.
No automatic mapping
Logister does not auto-connect repositories by project name, a sole synced repository, or telemetry. Source lookup starts only after a project manager connects a repository explicitly.
Project scope
Installations are reusable; repository mappings belong to one project.
A GitHub App installation is scoped to a GitHub account or organization. In Logister, a project owner or project admin links that installation to a specific project. Project admins can manage linked installations and repositories for projects they administer, even when another user originally installed the App.
One GitHub installation can be linked to multiple Logister projects. Each project still chooses its own connected repositories and path mappings, so a shared organization installation can support separate backend, worker, mobile, and front-end projects without sharing source lookup settings between them.
Repository visibility
Project admins are trusted to see repository names from installations linked to that project. Repositories from unlinked installations do not appear in that project's picker.
Map repositories
Tell Logister how stack frame paths line up with files in GitHub.
After repositories sync, connect one or more source repository mappings from Project settings, Integrations, Source repositories. Connected repositories appear separately from available repositories so each project can keep its own path mapping.
| Field | Example | How to choose it |
|---|---|---|
| Available repository | acme/api | Click Connect for a repository exposed by a linked GitHub App installation. |
| GitHub repository | acme/api | Use advanced manual entry only as a placeholder or fallback. Source lookup still needs a connected repository from a linked installation. |
| Default branch | main | Used when events do not include a branch, release, or commit SHA that can identify a source ref. |
| Runtime path prefix | /app | The prefix seen in stack frames before the repository-relative path. |
| Repository source root | packages/api | Optional folder to prepend inside a monorepo or nested service repository. |
For best results, SDKs and direct HTTP clients should send repository, commit_sha, branch, release, and environment on error events. Exact commit metadata gives Logister a better source ref than guessing from the default branch.
Deployment context
Send deployments when CI knows what changed.
The GitHub App gives Logister access to repository files. Deployment records tell Logister what commit, PR, release tag, and environment were deployed. Together they make error pages more useful: source excerpts point to the right code, PR or release links can be shown from metadata, and Logister can explain when a group started after a deployment.
CI can POST a deployment envelope to /api/v1/deployments with repository, commit_sha, branch, release, environment, pull_request_number, release_tag, and GitHub URLs. The GitHub App does not need write permission for deployment indexing.
Troubleshooting
Most setup failures are URL, secret, or permission mismatches.
| Symptom | Likely fix |
|---|---|
| Install button is missing | Set LOGISTER_GITHUB_APP_SLUG or LOGISTER_GITHUB_APP_INSTALL_URL, then restart the web process. |
| GitHub setup redirects but Logister shows an error | Check LOGISTER_GITHUB_APP_ID, the private key, the setup URL, and that the user finishing setup is signed into Logister. |
Webhook returns 503 | LOGISTER_GITHUB_WEBHOOK_SECRET is missing in Logister. |
Webhook returns 401 | The GitHub webhook secret and LOGISTER_GITHUB_WEBHOOK_SECRET do not match, or a proxy stripped GitHub's signature header. |
| No repositories appear | Install the App on the correct organization or repositories, link the installation to the project, accept any requested permission changes, then click Sync repositories. |
| The inbox says no source repository mapping exists | Setup and sync only make repositories available. Open Project settings, Integrations, Source repositories, then click Connect for the repository this project reports in event metadata. |
| Source excerpts are unavailable | Confirm Contents read permission, a connected repository mapping, the runtime path prefix, source root, and event commit or branch metadata. |
| Create issue is unavailable | Grant Issues read/write permission, accept the permission update in GitHub, and sync repositories again. |
| Private key fails to load | Store the full PEM value. If your platform does not support multiline secrets, keep escaped \n sequences in the environment value. |
Useful logs
When debugging, check the Rails logs around GitHub setup failed, GitHub webhook sync failed, and GitHub installation sync failed. Do not paste private keys, webhook secrets, installation tokens, or request signatures into support tickets.
For GitHub's side of the setup, see GitHub's docs for registering a GitHub App, choosing permissions, and using webhooks with GitHub Apps.