diff --git a/roles/paas-docker/containers/files/sentry/etc/sentry.conf.py b/roles/paas-docker/containers/files/sentry/etc/sentry.conf.py
--- a/roles/paas-docker/containers/files/sentry/etc/sentry.conf.py
+++ b/roles/paas-docker/containers/files/sentry/etc/sentry.conf.py
@@ -53,13 +53,21 @@
     return "{0:s}/{1:d}".format(base, netmask_bits)
 
 
-def read_secret(key):
+def read_secret(mount_point, prefix, key):
     secret = vault_client.secrets.kv.read_secret_version(
-        mount_point="ops", path="secrets/" + key
+        mount_point=mount_point, path=prefix + "/" + key
     )
     return secret["data"]["data"]
 
 
+def read_ops_secret(key):
+    return read_secret("ops", "secrets", key)
+
+
+def read_app_secret(key):
+    return read_secret("apps", "sentry", key)
+
+
 #   -------------------------------------------------------------
 #   Authenticate to Vault
 #
@@ -84,7 +92,7 @@
 
 INTERNAL_SYSTEM_IPS = (get_internal_network(),)
 
-secret = read_secret("{{ args.credentials.postgresql }}")
+secret = read_ops_secret("{{ args.credentials.postgresql }}")
 DATABASES = {
     "default": {
         "ENGINE": "sentry.db.postgres",
@@ -103,6 +111,7 @@
 #   General
 #   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 
+REALM = "{{ realm }}"
 
 SENTRY_SINGLE_ORGANIZATION = False
 
@@ -110,7 +119,7 @@
     env("SENTRY_EVENT_RETENTION_DAYS", "90")
 )
 
-secret_key = read_secret("{{ args.credentials.secret_key }}")
+secret_key = read_ops_secret("{{ args.credentials.secret_key }}")
 SENTRY_OPTIONS["system.secret-key"] = secret_key["password"]
 
 GEOIP_PATH_MMDB = "/usr/local/share/geoip/GeoLite2-City.mmdb"
@@ -254,6 +263,19 @@
 SENTRY_OPTIONS["mail.from"] = "{{ args.email_from }}"
 
 
+#   -------------------------------------------------------------
+#   Integration - GitHub
+#   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+
+if REALM == "nasqueron":
+    secret = read_app_secret("github")
+    for k, v in secret.items():
+        if k == "id":
+            v = int(v)
+        SENTRY_OPTIONS["github-app." + k] = v
+
+
 #   -------------------------------------------------------------
 #   Features
 #   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
diff --git a/roles/vault/policies/files/sentry.hcl b/roles/vault/policies/files/sentry.hcl
--- a/roles/vault/policies/files/sentry.hcl
+++ b/roles/vault/policies/files/sentry.hcl
@@ -13,6 +13,10 @@
 #       and will be lost if the state is redeployed.
 #   </auto-generated>
 
+path "apps/data/sentry/github" {
+    capabilities = [ "read" ]
+}
+
 path "ops/data/secrets/nasqueron.sentry.app_key" {
     capabilities = [ "read" ]
 }