mirror of
https://github.com/coder/coder.git
synced 2025-07-12 00:14:10 +00:00
docs: convert alerts to use GitHub Flavored Markdown (GFM) (#16850)
followup to #16761 thanks @lucasmelin ! + thanks: @ethanndickson @Parkreiner @matifali @aqandrew - [x] update snippet - [x] find/replace - [x] spot-check [preview](https://coder.com/docs/@16761-gfm-callouts/admin/templates/managing-templates/schedule) (and others) --------- Co-authored-by: EdwardAngert <17991901+EdwardAngert@users.noreply.github.com> Co-authored-by: M Atif Ali <atif@coder.com>
This commit is contained in:
17
.vscode/markdown.code-snippets
vendored
17
.vscode/markdown.code-snippets
vendored
@ -1,14 +1,14 @@
|
|||||||
{
|
{
|
||||||
// For info about snippets, visit https://code.visualstudio.com/docs/editor/userdefinedsnippets
|
// For info about snippets, visit https://code.visualstudio.com/docs/editor/userdefinedsnippets
|
||||||
|
// https://docs.github.com/en/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax#alerts
|
||||||
|
|
||||||
"admonition": {
|
"alert": {
|
||||||
"prefix": "#callout",
|
"prefix": "#alert",
|
||||||
"body": [
|
"body": [
|
||||||
"<blockquote class=\"admonition ${1|caution,important,note,tip,warning|}\">\n",
|
"> [!${1|CAUTION,IMPORTANT,NOTE,TIP,WARNING|}]",
|
||||||
"${TM_SELECTED_TEXT:${2:add info here}}\n",
|
"> ${TM_SELECTED_TEXT:${2:add info here}}\n"
|
||||||
"</blockquote>\n"
|
|
||||||
],
|
],
|
||||||
"description": "callout admonition caution info note tip warning"
|
"description": "callout admonition caution important note tip warning"
|
||||||
},
|
},
|
||||||
"fenced code block": {
|
"fenced code block": {
|
||||||
"prefix": "#codeblock",
|
"prefix": "#codeblock",
|
||||||
@ -23,9 +23,8 @@
|
|||||||
"premium-feature": {
|
"premium-feature": {
|
||||||
"prefix": "#premium-feature",
|
"prefix": "#premium-feature",
|
||||||
"body": [
|
"body": [
|
||||||
"<blockquote class=\"info\">\n",
|
"> [!NOTE]\n",
|
||||||
"${1:feature} ${2|is,are|} an Enterprise and Premium feature. [Learn more](https://coder.com/pricing#compare-plans).\n",
|
"> ${1:feature} ${2|is,are|} an Enterprise and Premium feature. [Learn more](https://coder.com/pricing#compare-plans).\n"
|
||||||
"</blockquote>"
|
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"tabs": {
|
"tabs": {
|
||||||
|
@ -117,9 +117,7 @@ This mode is useful for testing HA or validating more complex setups.
|
|||||||
|
|
||||||
### Deploying a PR
|
### Deploying a PR
|
||||||
|
|
||||||
> You need to be a member or collaborator of the of
|
You need to be a member or collaborator of the [coder](https://github.com/coder) GitHub organization to be able to deploy a PR.
|
||||||
> [coder](https://github.com/coder) GitHub organization to be able to deploy a
|
|
||||||
> PR.
|
|
||||||
|
|
||||||
You can test your changes by creating a PR deployment. There are two ways to do
|
You can test your changes by creating a PR deployment. There are two ways to do
|
||||||
this:
|
this:
|
||||||
@ -142,7 +140,8 @@ this:
|
|||||||
name and PR number, etc.
|
name and PR number, etc.
|
||||||
- `-y` or `--yes`, will skip the CLI confirmation prompt.
|
- `-y` or `--yes`, will skip the CLI confirmation prompt.
|
||||||
|
|
||||||
> Note: PR deployment will be re-deployed automatically when the PR is updated.
|
> [!NOTE]
|
||||||
|
> PR deployment will be re-deployed automatically when the PR is updated.
|
||||||
> It will use the last values automatically for redeployment.
|
> It will use the last values automatically for redeployment.
|
||||||
|
|
||||||
Once the deployment is finished, a unique link and credentials will be posted in
|
Once the deployment is finished, a unique link and credentials will be posted in
|
||||||
@ -256,8 +255,7 @@ Our frontend guide can be found [here](./contributing/frontend.md).
|
|||||||
|
|
||||||
## Reviews
|
## Reviews
|
||||||
|
|
||||||
> The following information has been borrowed from
|
The following information has been borrowed from [Go's review philosophy](https://go.dev/doc/contribute#reviews).
|
||||||
> [Go's review philosophy](https://go.dev/doc/contribute#reviews).
|
|
||||||
|
|
||||||
Coder values thorough reviews. For each review comment that you receive, please
|
Coder values thorough reviews. For each review comment that you receive, please
|
||||||
"close" it by implementing the suggestion or providing an explanation on why the
|
"close" it by implementing the suggestion or providing an explanation on why the
|
||||||
@ -345,6 +343,7 @@ Breaking changes can be triggered in two ways:
|
|||||||
|
|
||||||
### Security
|
### Security
|
||||||
|
|
||||||
|
> [!CAUTION]
|
||||||
> If you find a vulnerability, **DO NOT FILE AN ISSUE**. Instead, send an email
|
> If you find a vulnerability, **DO NOT FILE AN ISSUE**. Instead, send an email
|
||||||
> to <security@coder.com>.
|
> to <security@coder.com>.
|
||||||
|
|
||||||
|
@ -90,7 +90,8 @@ CODER_EXTERNAL_AUTH_0_CLIENT_SECRET=xxxxxxx
|
|||||||
CODER_EXTERNAL_AUTH_0_AUTH_URL="https://login.microsoftonline.com/<TENANT ID>/oauth2/authorize"
|
CODER_EXTERNAL_AUTH_0_AUTH_URL="https://login.microsoftonline.com/<TENANT ID>/oauth2/authorize"
|
||||||
```
|
```
|
||||||
|
|
||||||
> Note: Your app registration in Entra ID requires the `vso.code_write` scope
|
> [!NOTE]
|
||||||
|
> Your app registration in Entra ID requires the `vso.code_write` scope
|
||||||
|
|
||||||
### Bitbucket Server
|
### Bitbucket Server
|
||||||
|
|
||||||
@ -120,11 +121,8 @@ The Redirect URI for Gitea should be
|
|||||||
|
|
||||||
### GitHub
|
### GitHub
|
||||||
|
|
||||||
<blockquote class="admonition tip">
|
> [!TIP]
|
||||||
|
> If you don't require fine-grained access control, it's easier to [configure a GitHub OAuth app](#configure-a-github-oauth-app).
|
||||||
If you don't require fine-grained access control, it's easier to [configure a GitHub OAuth app](#configure-a-github-oauth-app).
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
```env
|
```env
|
||||||
CODER_EXTERNAL_AUTH_0_ID="USER_DEFINED_ID"
|
CODER_EXTERNAL_AUTH_0_ID="USER_DEFINED_ID"
|
||||||
@ -179,7 +177,8 @@ CODER_EXTERNAL_AUTH_0_VALIDATE_URL="https://your-domain.com/oauth/token/info"
|
|||||||
CODER_EXTERNAL_AUTH_0_REGEX=github\.company\.org
|
CODER_EXTERNAL_AUTH_0_REGEX=github\.company\.org
|
||||||
```
|
```
|
||||||
|
|
||||||
> Note: The `REGEX` variable must be set if using a custom git domain.
|
> [!NOTE]
|
||||||
|
> The `REGEX` variable must be set if using a custom git domain.
|
||||||
|
|
||||||
## Custom scopes
|
## Custom scopes
|
||||||
|
|
||||||
@ -222,26 +221,16 @@ CODER_EXTERNAL_AUTH_0_SCOPES="repo:read repo:write write:gpg_key"
|
|||||||
|
|
||||||

|

|
||||||
|
|
||||||
## Multiple External Providers
|
## Multiple External Providers (Enterprise)(Premium)
|
||||||
|
|
||||||
<blockquote class="info">
|
|
||||||
|
|
||||||
Multiple providers is an Enterprise and Premium feature.
|
|
||||||
[Learn more](https://coder.com/pricing#compare-plans).
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
Below is an example configuration with multiple providers:
|
Below is an example configuration with multiple providers:
|
||||||
|
|
||||||
<blockquote class="admonition warning">
|
> [!IMPORTANT]
|
||||||
|
> To support regex matching for paths like `github\.com/org`, add the following `git config` line to the [Coder agent startup script](https://registry.terraform.io/providers/coder/coder/latest/docs/resources/agent#startup_script):
|
||||||
**Note:** To support regex matching for paths like `github\.com/org`, add the following `git config` line to the [Coder agent startup script](https://registry.terraform.io/providers/coder/coder/latest/docs/resources/agent#startup_script):
|
>
|
||||||
|
> ```shell
|
||||||
```shell
|
> git config --global credential.useHttpPath true
|
||||||
git config --global credential.useHttpPath true
|
> ```
|
||||||
```
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
```env
|
```env
|
||||||
# Provider 1) github.com
|
# Provider 1) github.com
|
||||||
|
@ -28,7 +28,8 @@ hardware sizing recommendations.
|
|||||||
| Kubernetes (GKE) | 4 cores | 16 GB | 2 | db-custom-8-30720 | 2000 | 50 | 2000 simulated | `v2.8.4` | Feb 28, 2024 |
|
| Kubernetes (GKE) | 4 cores | 16 GB | 2 | db-custom-8-30720 | 2000 | 50 | 2000 simulated | `v2.8.4` | Feb 28, 2024 |
|
||||||
| Kubernetes (GKE) | 2 cores | 4 GB | 2 | db-custom-2-7680 | 1000 | 50 | 1000 simulated | `v2.10.2` | Apr 26, 2024 |
|
| Kubernetes (GKE) | 2 cores | 4 GB | 2 | db-custom-2-7680 | 1000 | 50 | 1000 simulated | `v2.10.2` | Apr 26, 2024 |
|
||||||
|
|
||||||
> Note: A simulated connection reads and writes random data at 40KB/s per connection.
|
> [!NOTE]
|
||||||
|
> A simulated connection reads and writes random data at 40KB/s per connection.
|
||||||
|
|
||||||
## Scale testing utility
|
## Scale testing utility
|
||||||
|
|
||||||
@ -36,19 +37,16 @@ Since Coder's performance is highly dependent on the templates and workflows you
|
|||||||
support, you may wish to use our internal scale testing utility against your own
|
support, you may wish to use our internal scale testing utility against your own
|
||||||
environments.
|
environments.
|
||||||
|
|
||||||
<blockquote class="admonition important">
|
> [!IMPORTANT]
|
||||||
|
> This utility is experimental.
|
||||||
This utility is experimental.
|
>
|
||||||
|
> It is not subject to any compatibility guarantees and may cause interruptions
|
||||||
It is not subject to any compatibility guarantees and may cause interruptions
|
> for your users.
|
||||||
for your users.
|
> To avoid potential outages and orphaned resources, we recommend that you run
|
||||||
To avoid potential outages and orphaned resources, we recommend that you run
|
> scale tests on a secondary "staging" environment or a dedicated
|
||||||
scale tests on a secondary "staging" environment or a dedicated
|
> [Kubernetes playground cluster](https://github.com/coder/coder/tree/main/scaletest/terraform).
|
||||||
[Kubernetes playground cluster](https://github.com/coder/coder/tree/main/scaletest/terraform).
|
>
|
||||||
|
> Run it against a production environment at your own risk.
|
||||||
Run it against a production environment at your own risk.
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
### Create workspaces
|
### Create workspaces
|
||||||
|
|
||||||
|
@ -36,9 +36,8 @@ cloud/on-premise computing, containerization, and the Coder platform.
|
|||||||
| Reference architectures for up to 3,000 users | An approval of your architecture; the CVA solely provides recommendations and guidelines |
|
| Reference architectures for up to 3,000 users | An approval of your architecture; the CVA solely provides recommendations and guidelines |
|
||||||
| Best practices for building a Coder deployment | Recommendations for every possible deployment scenario |
|
| Best practices for building a Coder deployment | Recommendations for every possible deployment scenario |
|
||||||
|
|
||||||
> For higher level design principles and architectural best practices, see
|
For higher level design principles and architectural best practices, see Coder's
|
||||||
> Coder's
|
[Well-Architected Framework](https://coder.com/blog/coder-well-architected-framework).
|
||||||
> [Well-Architected Framework](https://coder.com/blog/coder-well-architected-framework).
|
|
||||||
|
|
||||||
## General concepts
|
## General concepts
|
||||||
|
|
||||||
|
@ -131,11 +131,8 @@ To set this up, follow these steps:
|
|||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
<blockquote class="info">
|
> [!NOTE]
|
||||||
|
> The admin-level access token is used to provision user tokens and is never exposed to developers or stored in workspaces.
|
||||||
The admin-level access token is used to provision user tokens and is never exposed to developers or stored in workspaces.
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
If you don't want to use the official modules, you can read through the [example template](https://github.com/coder/coder/tree/main/examples/jfrog/docker), which uses Docker as the underlying compute. The
|
If you don't want to use the official modules, you can read through the [example template](https://github.com/coder/coder/tree/main/examples/jfrog/docker), which uses Docker as the underlying compute. The
|
||||||
same concepts apply to all compute types.
|
same concepts apply to all compute types.
|
||||||
|
@ -56,14 +56,11 @@ workspaces using Coder's [JFrog Xray Integration](https://github.com/coder/coder
|
|||||||
--set artifactory.secretName="jfrog-token"
|
--set artifactory.secretName="jfrog-token"
|
||||||
```
|
```
|
||||||
|
|
||||||
<blockquote class="admonition warning">
|
> [!IMPORTANT]
|
||||||
|
> To authenticate with the Artifactory registry, you may need to
|
||||||
To authenticate with the Artifactory registry, you may need to
|
> create a [Docker config](https://jfrog.com/help/r/jfrog-artifactory-documentation/docker-advanced-topics) and use it in the
|
||||||
create a [Docker config](https://jfrog.com/help/r/jfrog-artifactory-documentation/docker-advanced-topics) and use it in the
|
> `imagePullSecrets` field of the Kubernetes Pod.
|
||||||
`imagePullSecrets` field of the Kubernetes Pod. See the [Defining ImagePullSecrets for Coder workspaces](../../tutorials/image-pull-secret.md) guide for more
|
> See the [Defining ImagePullSecrets for Coder workspaces](../../tutorials/image-pull-secret.md) guide for more information.
|
||||||
information.
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
## Validate your installation
|
## Validate your installation
|
||||||
|
|
||||||
|
@ -2,7 +2,8 @@
|
|||||||
|
|
||||||
<!-- Keeping this in as a placeholder for supporting OpenTofu. We should fix support for custom terraform binaries ASAP. -->
|
<!-- Keeping this in as a placeholder for supporting OpenTofu. We should fix support for custom terraform binaries ASAP. -->
|
||||||
|
|
||||||
> ⚠️ This guide is a work in progress. We do not officially support using custom
|
> [!IMPORTANT]
|
||||||
|
> This guide is a work in progress. We do not officially support using custom
|
||||||
> Terraform binaries in your Coder deployment. To track progress on the work,
|
> Terraform binaries in your Coder deployment. To track progress on the work,
|
||||||
> see this related [GitHub Issue](https://github.com/coder/coder/issues/12009).
|
> see this related [GitHub Issue](https://github.com/coder/coder/issues/12009).
|
||||||
|
|
||||||
@ -10,9 +11,8 @@ Coder deployments support any custom Terraform binary, including
|
|||||||
[OpenTofu](https://opentofu.org/docs/) - an open source alternative to
|
[OpenTofu](https://opentofu.org/docs/) - an open source alternative to
|
||||||
Terraform.
|
Terraform.
|
||||||
|
|
||||||
> You can read more about OpenTofu and Hashicorp's licensing in our
|
You can read more about OpenTofu and Hashicorp's licensing in our
|
||||||
> [blog post](https://coder.com/blog/hashicorp-license) on the Terraform
|
[blog post](https://coder.com/blog/hashicorp-license) on the Terraform licensing changes.
|
||||||
> licensing changes.
|
|
||||||
|
|
||||||
## Using a custom Terraform binary
|
## Using a custom Terraform binary
|
||||||
|
|
||||||
|
@ -7,8 +7,7 @@ features, you can [request a trial](https://coder.com/trial) or
|
|||||||
|
|
||||||
<!-- markdown-link-check-disable -->
|
<!-- markdown-link-check-disable -->
|
||||||
|
|
||||||
> If you are an existing customer, you can learn more our new Premium plan in
|
You can learn more about Coder Premium in the [Coder v2.16 blog post](https://coder.com/blog/release-recap-2-16-0)
|
||||||
> the [Coder v2.16 blog post](https://coder.com/blog/release-recap-2-16-0)
|
|
||||||
|
|
||||||
<!-- markdown-link-check-enable -->
|
<!-- markdown-link-check-enable -->
|
||||||
|
|
||||||
|
@ -40,7 +40,7 @@ If there is an issue, you may see one of the following errors reported:
|
|||||||
[`url.Parse`](https://pkg.go.dev/net/url#Parse). Example:
|
[`url.Parse`](https://pkg.go.dev/net/url#Parse). Example:
|
||||||
`https://dev.coder.com/`.
|
`https://dev.coder.com/`.
|
||||||
|
|
||||||
> **Tip:** You can check this [here](https://go.dev/play/p/CabcJZyTwt9).
|
You can use [the Go playground](https://go.dev/play/p/CabcJZyTwt9) for additional testing.
|
||||||
|
|
||||||
### EACS03
|
### EACS03
|
||||||
|
|
||||||
@ -117,15 +117,12 @@ Coder's current activity and usage. It may be necessary to increase the
|
|||||||
resources allocated to Coder's database. Alternatively, you can raise the
|
resources allocated to Coder's database. Alternatively, you can raise the
|
||||||
configured threshold to a higher value (this will not address the root cause).
|
configured threshold to a higher value (this will not address the root cause).
|
||||||
|
|
||||||
<blockquote class="admonition tip">
|
> [!TIP]
|
||||||
|
> You can enable
|
||||||
You can enable
|
> [detailed database metrics](../../reference/cli/server.md#--prometheus-collect-db-metrics)
|
||||||
[detailed database metrics](../../reference/cli/server.md#--prometheus-collect-db-metrics)
|
> in Coder's Prometheus endpoint. If you have
|
||||||
in Coder's Prometheus endpoint. If you have
|
> [tracing enabled](../../reference/cli/server.md#--trace), these traces may also
|
||||||
[tracing enabled](../../reference/cli/server.md#--trace), these traces may also
|
> contain useful information regarding Coder's database activity.
|
||||||
contain useful information regarding Coder's database activity.
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
## DERP
|
## DERP
|
||||||
|
|
||||||
@ -150,12 +147,9 @@ This is not necessarily a fatal error, but a possible indication of a
|
|||||||
misconfigured reverse HTTP proxy. Additionally, while workspace users should
|
misconfigured reverse HTTP proxy. Additionally, while workspace users should
|
||||||
still be able to reach their workspaces, connection performance may be degraded.
|
still be able to reach their workspaces, connection performance may be degraded.
|
||||||
|
|
||||||
<blockquote class="admonition note">
|
> [!NOTE]
|
||||||
|
> This may also be shown if you have
|
||||||
**Note:** This may also be shown if you have
|
> [forced websocket connections for DERP](../../reference/cli/server.md#--derp-force-websockets).
|
||||||
[forced websocket connections for DERP](../../reference/cli/server.md#--derp-force-websockets).
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
**Solution:** ensure that any proxies you use allow connection upgrade with the
|
**Solution:** ensure that any proxies you use allow connection upgrade with the
|
||||||
`Upgrade: derp` header.
|
`Upgrade: derp` header.
|
||||||
@ -305,13 +299,10 @@ that they are able to successfully connect to Coder. Otherwise, ensure
|
|||||||
[`--provisioner-daemons`](../../reference/cli/server.md#--provisioner-daemons)
|
[`--provisioner-daemons`](../../reference/cli/server.md#--provisioner-daemons)
|
||||||
is set to a value greater than 0.
|
is set to a value greater than 0.
|
||||||
|
|
||||||
<blockquote class="admonition note">
|
> [!NOTE]
|
||||||
|
> This may be a transient issue if you are currently in the process of
|
||||||
**Note:** This may be a transient issue if you are currently in the process of
|
|
||||||
updating your deployment.
|
updating your deployment.
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
### EPD02
|
### EPD02
|
||||||
|
|
||||||
#### Provisioner Daemon Version Mismatch
|
#### Provisioner Daemon Version Mismatch
|
||||||
@ -324,13 +315,10 @@ of API incompatibility.
|
|||||||
**Solution:** Update the provisioner daemon to match the currently running
|
**Solution:** Update the provisioner daemon to match the currently running
|
||||||
version of Coder.
|
version of Coder.
|
||||||
|
|
||||||
<blockquote class="admonition note">
|
> [!NOTE]
|
||||||
|
> This may be a transient issue if you are currently in the process of
|
||||||
**Note:** This may be a transient issue if you are currently in the process of
|
|
||||||
updating your deployment.
|
updating your deployment.
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
### EPD03
|
### EPD03
|
||||||
|
|
||||||
#### Provisioner Daemon API Version Mismatch
|
#### Provisioner Daemon API Version Mismatch
|
||||||
@ -343,13 +331,10 @@ connect to Coder.
|
|||||||
**Solution:** Update the provisioner daemon to match the currently running
|
**Solution:** Update the provisioner daemon to match the currently running
|
||||||
version of Coder.
|
version of Coder.
|
||||||
|
|
||||||
<blockquote class="admonition note">
|
> [!NOTE]
|
||||||
|
> This may be a transient issue if you are currently in the process of
|
||||||
**Note:** This may be a transient issue if you are currently in the process of
|
|
||||||
updating your deployment.
|
updating your deployment.
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
### EUNKNOWN
|
### EUNKNOWN
|
||||||
|
|
||||||
#### Unknown Error
|
#### Unknown Error
|
||||||
|
@ -43,7 +43,8 @@ Agent logs are also stored in the workspace filesystem by default:
|
|||||||
[azure-windows](https://github.com/coder/coder/blob/2cfadad023cb7f4f85710cff0b21ac46bdb5a845/examples/templates/azure-windows/Initialize.ps1.tftpl#L64))
|
[azure-windows](https://github.com/coder/coder/blob/2cfadad023cb7f4f85710cff0b21ac46bdb5a845/examples/templates/azure-windows/Initialize.ps1.tftpl#L64))
|
||||||
to see where logs are stored.
|
to see where logs are stored.
|
||||||
|
|
||||||
> Note: Logs are truncated once they reach 5MB in size.
|
> [!NOTE]
|
||||||
|
> Logs are truncated once they reach 5MB in size.
|
||||||
|
|
||||||
Startup script logs are also stored in the temporary directory of macOS and
|
Startup script logs are also stored in the temporary directory of macOS and
|
||||||
Linux workspaces.
|
Linux workspaces.
|
||||||
|
@ -242,12 +242,9 @@ notification is indicated on the right hand side of this table.
|
|||||||
|
|
||||||
## Delivery Preferences
|
## Delivery Preferences
|
||||||
|
|
||||||
<blockquote class="info">
|
> [!NOTE]
|
||||||
|
> Delivery preferences is an Enterprise and Premium feature.
|
||||||
Delivery preferences is an Enterprise and Premium feature.
|
> [Learn more](https://coder.com/pricing#compare-plans).
|
||||||
[Learn more](https://coder.com/pricing#compare-plans).
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
Administrators can configure which delivery methods are used for each different
|
Administrators can configure which delivery methods are used for each different
|
||||||
[event type](#event-types).
|
[event type](#event-types).
|
||||||
|
@ -181,12 +181,11 @@ To build the server to receive webhooks and interact with Slack:
|
|||||||
Slack requires the bot to acknowledge when a user clicks on a URL action button.
|
Slack requires the bot to acknowledge when a user clicks on a URL action button.
|
||||||
This is handled by setting up interactivity.
|
This is handled by setting up interactivity.
|
||||||
|
|
||||||
1. Under "Interactivity & Shortcuts" in your Slack app settings, set the Request
|
Under "Interactivity & Shortcuts" in your Slack app settings, set the Request
|
||||||
URL to match the public URL of your web server's endpoint.
|
URL to match the public URL of your web server's endpoint.
|
||||||
|
|
||||||
> Notice: You can use any public endpoint that accepts and responds to POST
|
You can use any public endpoint that accepts and responds to POST requests with HTTP 200.
|
||||||
> requests with HTTP 200. For temporary testing, you can set it to
|
For temporary testing, you can set it to `https://httpbin.org/status/200`.
|
||||||
> `https://httpbin.org/status/200`.
|
|
||||||
|
|
||||||
Once this is set, Slack will send interaction payloads to your server, which
|
Once this is set, Slack will send interaction payloads to your server, which
|
||||||
must respond appropriately.
|
must respond appropriately.
|
||||||
|
@ -18,7 +18,8 @@ networking logic.
|
|||||||
|
|
||||||
In order for clients and workspaces to be able to connect:
|
In order for clients and workspaces to be able to connect:
|
||||||
|
|
||||||
> **Note:** We strongly recommend that clients connect to Coder and their
|
> [!NOTE]
|
||||||
|
> We strongly recommend that clients connect to Coder and their
|
||||||
> workspaces over a good quality, broadband network connection. The following
|
> workspaces over a good quality, broadband network connection. The following
|
||||||
> are minimum requirements:
|
> are minimum requirements:
|
||||||
>
|
>
|
||||||
@ -33,7 +34,8 @@ In order for clients and workspaces to be able to connect:
|
|||||||
|
|
||||||
In order for clients to be able to establish direct connections:
|
In order for clients to be able to establish direct connections:
|
||||||
|
|
||||||
> **Note:** Direct connections via the web browser are not supported. To improve
|
> [!NOTE]
|
||||||
|
> Direct connections via the web browser are not supported. To improve
|
||||||
> latency for browser-based applications running inside Coder workspaces in
|
> latency for browser-based applications running inside Coder workspaces in
|
||||||
> regions far from the Coder control plane, consider deploying one or more
|
> regions far from the Coder control plane, consider deploying one or more
|
||||||
> [workspace proxies](./workspace-proxies.md).
|
> [workspace proxies](./workspace-proxies.md).
|
||||||
@ -172,12 +174,9 @@ more.
|
|||||||
|
|
||||||
## Browser-only connections
|
## Browser-only connections
|
||||||
|
|
||||||
<blockquote class="info">
|
> [!NOTE]
|
||||||
|
> Browser-only connections is an Enterprise and Premium feature.
|
||||||
Browser-only connections is an Enterprise and Premium feature.
|
> [Learn more](https://coder.com/pricing#compare-plans).
|
||||||
[Learn more](https://coder.com/pricing#compare-plans).
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
Some Coder deployments require that all access is through the browser to comply
|
Some Coder deployments require that all access is through the browser to comply
|
||||||
with security policies. In these cases, pass the `--browser-only` flag to
|
with security policies. In these cases, pass the `--browser-only` flag to
|
||||||
@ -189,12 +188,9 @@ via the web terminal and
|
|||||||
|
|
||||||
### Workspace Proxies
|
### Workspace Proxies
|
||||||
|
|
||||||
<blockquote class="info">
|
> [!NOTE]
|
||||||
|
> Workspace proxies are an Enterprise and Premium feature.
|
||||||
Workspace proxies are an Enterprise and Premium feature.
|
> [Learn more](https://coder.com/pricing#compare-plans).
|
||||||
[Learn more](https://coder.com/pricing#compare-plans).
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
Workspace proxies are a Coder Enterprise feature that allows you to provide
|
Workspace proxies are a Coder Enterprise feature that allows you to provide
|
||||||
low-latency browser experiences for geo-distributed teams.
|
low-latency browser experiences for geo-distributed teams.
|
||||||
|
@ -48,17 +48,17 @@ For more examples, see `coder port-forward --help`.
|
|||||||
|
|
||||||
## Dashboard
|
## Dashboard
|
||||||
|
|
||||||
> To enable port forwarding via the dashboard, Coder must be configured with a
|
To enable port forwarding via the dashboard, Coder must be configured with a
|
||||||
> [wildcard access URL](../../admin/setup/index.md#wildcard-access-url). If an
|
[wildcard access URL](../../admin/setup/index.md#wildcard-access-url). If an
|
||||||
> access URL is not specified, Coder will create
|
access URL is not specified, Coder will create
|
||||||
> [a publicly accessible URL](../../admin/setup/index.md#tunnel) to reverse
|
[a publicly accessible URL](../../admin/setup/index.md#tunnel) to reverse
|
||||||
> proxy the deployment, and port forwarding will work.
|
proxy the deployment, and port forwarding will work.
|
||||||
>
|
|
||||||
> There is a
|
There is a
|
||||||
> [DNS limitation](https://datatracker.ietf.org/doc/html/rfc1035#section-2.3.1)
|
[DNS limitation](https://datatracker.ietf.org/doc/html/rfc1035#section-2.3.1)
|
||||||
> where each segment of hostnames must not exceed 63 characters. If your app
|
where each segment of hostnames must not exceed 63 characters. If your app
|
||||||
> name, agent name, workspace name and username exceed 63 characters in the
|
name, agent name, workspace name and username exceed 63 characters in the
|
||||||
> hostname, port forwarding via the dashboard will not work.
|
hostname, port forwarding via the dashboard will not work.
|
||||||
|
|
||||||
### From an coder_app resource
|
### From an coder_app resource
|
||||||
|
|
||||||
@ -131,12 +131,9 @@ to the app.
|
|||||||
|
|
||||||
### Configure maximum port sharing level
|
### Configure maximum port sharing level
|
||||||
|
|
||||||
<blockquote class="info">
|
> [!NOTE]
|
||||||
|
> Configuring port sharing level is an Enterprise and Premium feature.
|
||||||
Configuring port sharing level is an Enterprise and Premium feature.
|
> [Learn more](https://coder.com/pricing#compare-plans).
|
||||||
[Learn more](https://coder.com/pricing#compare-plans).
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
Premium-licensed template admins can control the maximum port sharing level for
|
Premium-licensed template admins can control the maximum port sharing level for
|
||||||
workspaces under a given template in the template settings. By default, the
|
workspaces under a given template in the template settings. By default, the
|
||||||
@ -179,12 +176,14 @@ must include credentials (set `credentials: "include"` if using `fetch`) or the
|
|||||||
requests cannot be authenticated and you will see an error resembling the
|
requests cannot be authenticated and you will see an error resembling the
|
||||||
following:
|
following:
|
||||||
|
|
||||||
> Access to fetch at
|
```text
|
||||||
> '<https://coder.example.com/api/v2/applications/auth-redirect>' from origin
|
Access to fetch at
|
||||||
> '<https://8000--dev--user--apps.coder.example.com>' has been blocked by CORS
|
'<https://coder.example.com/api/v2/applications/auth-redirect>' from origin
|
||||||
> policy: No 'Access-Control-Allow-Origin' header is present on the requested
|
'<https://8000--dev--user--apps.coder.example.com>' has been blocked by CORS
|
||||||
> resource. If an opaque response serves your needs, set the request's mode to
|
policy: No 'Access-Control-Allow-Origin' header is present on the requested
|
||||||
> 'no-cors' to fetch the resource with CORS disabled.
|
resource. If an opaque response serves your needs, set the request's mode to
|
||||||
|
'no-cors' to fetch the resource with CORS disabled.
|
||||||
|
```
|
||||||
|
|
||||||
#### Headers
|
#### Headers
|
||||||
|
|
||||||
|
@ -1,13 +1,13 @@
|
|||||||
# STUN and NAT
|
# STUN and NAT
|
||||||
|
|
||||||
> [Session Traversal Utilities for NAT (STUN)](https://www.rfc-editor.org/rfc/rfc8489.html)
|
[Session Traversal Utilities for NAT (STUN)](https://www.rfc-editor.org/rfc/rfc8489.html)
|
||||||
> is a protocol used to assist applications in establishing peer-to-peer
|
is a protocol used to assist applications in establishing peer-to-peer
|
||||||
> communications across Network Address Translations (NATs) or firewalls.
|
communications across Network Address Translations (NATs) or firewalls.
|
||||||
>
|
|
||||||
> [Network Address Translation (NAT)](https://en.wikipedia.org/wiki/Network_address_translation)
|
[Network Address Translation (NAT)](https://en.wikipedia.org/wiki/Network_address_translation)
|
||||||
> is commonly used in private networks to allow multiple devices to share a
|
is commonly used in private networks to allow multiple devices to share a
|
||||||
> single public IP address. The vast majority of home and corporate internet
|
single public IP address. The vast majority of home and corporate internet
|
||||||
> connections use at least one level of NAT.
|
connections use at least one level of NAT.
|
||||||
|
|
||||||
## Overview
|
## Overview
|
||||||
|
|
||||||
@ -33,8 +33,9 @@ counterpart can be reached. Once communication succeeds in one direction, we can
|
|||||||
inspect the source address of the received packet to determine the return
|
inspect the source address of the received packet to determine the return
|
||||||
address.
|
address.
|
||||||
|
|
||||||
> The below glosses over a lot of the complexity of traversing NATs. For a more
|
> [!TIP]
|
||||||
> in-depth technical explanation, see
|
> The below glosses over a lot of the complexity of traversing NATs.
|
||||||
|
> For a more in-depth technical explanation, see
|
||||||
> [How NAT traversal works (tailscale.com)](https://tailscale.com/blog/how-nat-traversal-works).
|
> [How NAT traversal works (tailscale.com)](https://tailscale.com/blog/how-nat-traversal-works).
|
||||||
|
|
||||||
At a high level, STUN works like this:
|
At a high level, STUN works like this:
|
||||||
|
@ -104,10 +104,10 @@ CODER_TLS_KEY_FILE="<key_file_location>"
|
|||||||
|
|
||||||
### Running on Kubernetes
|
### Running on Kubernetes
|
||||||
|
|
||||||
Make a `values-wsproxy.yaml` with the workspace proxy configuration:
|
Make a `values-wsproxy.yaml` with the workspace proxy configuration.
|
||||||
|
|
||||||
> Notice the `workspaceProxy` configuration which is `false` by default in the
|
Notice the `workspaceProxy` configuration which is `false` by default in the
|
||||||
> coder Helm chart.
|
Coder Helm chart:
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
coder:
|
coder:
|
||||||
|
@ -104,10 +104,9 @@ tags.
|
|||||||
|
|
||||||
## Global PSK (Not Recommended)
|
## Global PSK (Not Recommended)
|
||||||
|
|
||||||
> Global pre-shared keys (PSK) make it difficult to rotate keys or isolate
|
We do not recommend using global PSK.
|
||||||
> provisioners.
|
|
||||||
>
|
Global pre-shared keys (PSK) make it difficult to rotate keys or isolate provisioners.
|
||||||
> We do not recommend using global PSK.
|
|
||||||
|
|
||||||
A deployment-wide PSK can be used to authenticate any provisioner. To use a
|
A deployment-wide PSK can be used to authenticate any provisioner. To use a
|
||||||
global PSK, set a
|
global PSK, set a
|
||||||
@ -158,7 +157,7 @@ coder templates push on-prem-chicago \
|
|||||||
|
|
||||||
This can also be done in the UI when building a template:
|
This can also be done in the UI when building a template:
|
||||||
|
|
||||||
> 
|

|
||||||
|
|
||||||
Alternatively, a template can target a provisioner via
|
Alternatively, a template can target a provisioner via
|
||||||
[workspace tags](https://github.com/coder/coder/tree/main/examples/workspace-tags)
|
[workspace tags](https://github.com/coder/coder/tree/main/examples/workspace-tags)
|
||||||
@ -226,7 +225,8 @@ This is illustrated in the below table:
|
|||||||
| scope=user owner=aaa environment=on-prem datacenter=chicago | scope=user owner=aaa environment=on-prem datacenter=new_york | ✅ | ❌ |
|
| scope=user owner=aaa environment=on-prem datacenter=chicago | scope=user owner=aaa environment=on-prem datacenter=new_york | ✅ | ❌ |
|
||||||
| scope=organization owner= environment=on-prem | scope=organization owner= environment=on-prem | ❌ | ❌ |
|
| scope=organization owner= environment=on-prem | scope=organization owner= environment=on-prem | ❌ | ❌ |
|
||||||
|
|
||||||
> **Note to maintainers:** to generate this table, run the following command and
|
> [!TIP]
|
||||||
|
> To generate this table, run the following command and
|
||||||
> copy the output:
|
> copy the output:
|
||||||
>
|
>
|
||||||
> ```go
|
> ```go
|
||||||
|
@ -42,7 +42,8 @@ failed to check whether the API key corresponds to a deleted user.
|
|||||||
|
|
||||||
## Indications of Compromise
|
## Indications of Compromise
|
||||||
|
|
||||||
> 💡 Automated remediation steps in the upgrade purge all affected API keys.
|
> [!TIP]
|
||||||
|
> Automated remediation steps in the upgrade purge all affected API keys.
|
||||||
> Either perform the following query before upgrade or run it on a backup of
|
> Either perform the following query before upgrade or run it on a backup of
|
||||||
> your database from before the upgrade.
|
> your database from before the upgrade.
|
||||||
|
|
||||||
@ -81,7 +82,8 @@ Otherwise, the following information will be reported:
|
|||||||
- User API key ID
|
- User API key ID
|
||||||
- Time the affected API key was last used
|
- Time the affected API key was last used
|
||||||
|
|
||||||
> 💡 If your license includes the
|
> [!TIP]
|
||||||
|
> If your license includes the
|
||||||
> [Audit Logs](https://coder.com/docs/admin/audit-logs#filtering-logs) feature,
|
> [Audit Logs](https://coder.com/docs/admin/audit-logs#filtering-logs) feature,
|
||||||
> you can then query all actions performed by the above users by using the
|
> you can then query all actions performed by the above users by using the
|
||||||
> filter `email:$USER_EMAIL`.
|
> filter `email:$USER_EMAIL`.
|
||||||
|
@ -26,24 +26,27 @@ The following database fields are currently encrypted:
|
|||||||
|
|
||||||
Additional database fields may be encrypted in the future.
|
Additional database fields may be encrypted in the future.
|
||||||
|
|
||||||
> Implementation notes: each encrypted database column `$C` has a corresponding
|
### Implementation notes
|
||||||
> `$C_key_id` column. This column is used to determine which encryption key was
|
|
||||||
> used to encrypt the data. This allows Coder to rotate encryption keys without
|
Each encrypted database column `$C` has a corresponding
|
||||||
> invalidating existing tokens, and provides referential integrity for encrypted
|
`$C_key_id` column. This column is used to determine which encryption key was
|
||||||
> data.
|
used to encrypt the data. This allows Coder to rotate encryption keys without
|
||||||
>
|
invalidating existing tokens, and provides referential integrity for encrypted
|
||||||
> The `$C_key_id` column stores the first 7 bytes of the SHA-256 hash of the
|
data.
|
||||||
> encryption key used to encrypt the data.
|
|
||||||
>
|
The `$C_key_id` column stores the first 7 bytes of the SHA-256 hash of the
|
||||||
> Encryption keys in use are stored in `dbcrypt_keys`. This table stores a
|
encryption key used to encrypt the data.
|
||||||
> record of all encryption keys that have been used to encrypt data. Active keys
|
|
||||||
> have a null `revoked_key_id` column, and revoked keys have a non-null
|
Encryption keys in use are stored in `dbcrypt_keys`. This table stores a
|
||||||
> `revoked_key_id` column. You cannot revoke a key until you have rotated all
|
record of all encryption keys that have been used to encrypt data. Active keys
|
||||||
> values using that key to a new key.
|
have a null `revoked_key_id` column, and revoked keys have a non-null
|
||||||
|
`revoked_key_id` column. You cannot revoke a key until you have rotated all
|
||||||
|
values using that key to a new key.
|
||||||
|
|
||||||
## Enabling encryption
|
## Enabling encryption
|
||||||
|
|
||||||
> NOTE: Enabling encryption does not encrypt all existing data. To encrypt
|
> [!NOTE]
|
||||||
|
> Enabling encryption does not encrypt all existing data. To encrypt
|
||||||
> existing data, see [rotating keys](#rotating-keys) below.
|
> existing data, see [rotating keys](#rotating-keys) below.
|
||||||
|
|
||||||
- Ensure you have a valid backup of your database. **Do not skip this step.** If
|
- Ensure you have a valid backup of your database. **Do not skip this step.** If
|
||||||
@ -115,7 +118,8 @@ data:
|
|||||||
This command will re-encrypt all tokens with the specified new encryption key.
|
This command will re-encrypt all tokens with the specified new encryption key.
|
||||||
We recommend performing this action during a maintenance window.
|
We recommend performing this action during a maintenance window.
|
||||||
|
|
||||||
> Note: this command requires direct access to the database. If you are using
|
> [!IMPORTANT]
|
||||||
|
> This command requires direct access to the database. If you are using
|
||||||
> the built-in PostgreSQL database, you can run
|
> the built-in PostgreSQL database, you can run
|
||||||
> [`coder server postgres-builtin-url`](../../reference/cli/server_postgres-builtin-url.md)
|
> [`coder server postgres-builtin-url`](../../reference/cli/server_postgres-builtin-url.md)
|
||||||
> to get the connection URL.
|
> to get the connection URL.
|
||||||
@ -138,7 +142,8 @@ To disable encryption, perform the following actions:
|
|||||||
This command will decrypt all encrypted user tokens and revoke all active
|
This command will decrypt all encrypted user tokens and revoke all active
|
||||||
encryption keys.
|
encryption keys.
|
||||||
|
|
||||||
> Note: for `decrypt` command, the equivalent environment variable for
|
> [!NOTE]
|
||||||
|
> for `decrypt` command, the equivalent environment variable for
|
||||||
> `--keys` is `CODER_EXTERNAL_TOKEN_ENCRYPTION_DECRYPT_KEYS` and not
|
> `--keys` is `CODER_EXTERNAL_TOKEN_ENCRYPTION_DECRYPT_KEYS` and not
|
||||||
> `CODER_EXTERNAL_TOKEN_ENCRYPTION_KEYS`. This is explicitly named differently
|
> `CODER_EXTERNAL_TOKEN_ENCRYPTION_KEYS`. This is explicitly named differently
|
||||||
> to help prevent accidentally decrypting data.
|
> to help prevent accidentally decrypting data.
|
||||||
@ -152,7 +157,8 @@ To disable encryption, perform the following actions:
|
|||||||
|
|
||||||
## Deleting Encrypted Data
|
## Deleting Encrypted Data
|
||||||
|
|
||||||
> NOTE: This is a destructive operation.
|
> [!CAUTION]
|
||||||
|
> This is a destructive operation.
|
||||||
|
|
||||||
To delete all encrypted data from your database, perform the following actions:
|
To delete all encrypted data from your database, perform the following actions:
|
||||||
|
|
||||||
|
@ -7,6 +7,7 @@ For other security tips, visit our guide to
|
|||||||
|
|
||||||
## Security Advisories
|
## Security Advisories
|
||||||
|
|
||||||
|
> [!CAUTION]
|
||||||
> If you discover a vulnerability in Coder, please do not hesitate to report it
|
> If you discover a vulnerability in Coder, please do not hesitate to report it
|
||||||
> to us by following the instructions
|
> to us by following the instructions
|
||||||
> [here](https://github.com/coder/coder/blob/main/SECURITY.md).
|
> [here](https://github.com/coder/coder/blob/main/SECURITY.md).
|
||||||
|
@ -38,7 +38,8 @@ Users can view their public key in their account settings:
|
|||||||
|
|
||||||

|

|
||||||
|
|
||||||
> Note: SSH keys are never stored in Coder workspaces, and are fetched only when
|
> [!NOTE]
|
||||||
|
> SSH keys are never stored in Coder workspaces, and are fetched only when
|
||||||
> SSH is invoked. The keys are held in-memory and never written to disk.
|
> SSH is invoked. The keys are held in-memory and never written to disk.
|
||||||
|
|
||||||
## Dynamic Secrets
|
## Dynamic Secrets
|
||||||
|
@ -1,11 +1,8 @@
|
|||||||
# Appearance
|
# Appearance
|
||||||
|
|
||||||
<blockquote class="info">
|
> [!NOTE]
|
||||||
|
> Customizing Coder's appearance is an Enterprise and Premium feature.
|
||||||
Customizing Coder's appearance is an Enterprise and Premium feature.
|
> [Learn more](https://coder.com/pricing#compare-plans).
|
||||||
[Learn more](https://coder.com/pricing#compare-plans).
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
Customize the look of your Coder deployment to meet your enterprise
|
Customize the look of your Coder deployment to meet your enterprise
|
||||||
requirements.
|
requirements.
|
||||||
|
@ -10,8 +10,7 @@ full list of the options, run `coder server --help` or see our
|
|||||||
external URL that users and workspaces use to connect to Coder (e.g.
|
external URL that users and workspaces use to connect to Coder (e.g.
|
||||||
<https://coder.example.com>). This should not be localhost.
|
<https://coder.example.com>). This should not be localhost.
|
||||||
|
|
||||||
> Access URL should be an external IP address or domain with DNS records
|
Access URL should be an external IP address or domain with DNS records pointing to Coder.
|
||||||
> pointing to Coder.
|
|
||||||
|
|
||||||
### Tunnel
|
### Tunnel
|
||||||
|
|
||||||
@ -44,7 +43,8 @@ coder server
|
|||||||
or running [coder_apps](../templates/index.md) on an absolute path. Set this to
|
or running [coder_apps](../templates/index.md) on an absolute path. Set this to
|
||||||
a wildcard subdomain that resolves to Coder (e.g. `*.coder.example.com`).
|
a wildcard subdomain that resolves to Coder (e.g. `*.coder.example.com`).
|
||||||
|
|
||||||
> Note: We do not recommend using a top-level-domain for Coder wildcard access
|
> [!NOTE]
|
||||||
|
> We do not recommend using a top-level-domain for Coder wildcard access
|
||||||
> (for example `*.workspaces`), even on private networks with split-DNS. Some
|
> (for example `*.workspaces`), even on private networks with split-DNS. Some
|
||||||
> browsers consider these "public" domains and will refuse Coder's cookies,
|
> browsers consider these "public" domains and will refuse Coder's cookies,
|
||||||
> which are vital to the proper operation of this feature.
|
> which are vital to the proper operation of this feature.
|
||||||
@ -107,6 +107,7 @@ deployment information. Use `CODER_PG_CONNECTION_URL` to set the database that
|
|||||||
Coder connects to. If unset, PostgreSQL binaries will be downloaded from Maven
|
Coder connects to. If unset, PostgreSQL binaries will be downloaded from Maven
|
||||||
(<https://repo1.maven.org/maven2>) and store all data in the config root.
|
(<https://repo1.maven.org/maven2>) and store all data in the config root.
|
||||||
|
|
||||||
|
> [!NOTE]
|
||||||
> Postgres 13 is the minimum supported version.
|
> Postgres 13 is the minimum supported version.
|
||||||
|
|
||||||
If you are using the built-in PostgreSQL deployment and need to use `psql` (aka
|
If you are using the built-in PostgreSQL deployment and need to use `psql` (aka
|
||||||
|
@ -1,8 +1,7 @@
|
|||||||
# Telemetry
|
# Telemetry
|
||||||
|
|
||||||
<blockquote class="info">
|
> [!NOTE]
|
||||||
TL;DR: disable telemetry by setting <code>CODER_TELEMETRY_ENABLE=false</code>.
|
> TL;DR: disable telemetry by setting <code>CODER_TELEMETRY_ENABLE=false</code>.
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
Coder collects telemetry from all installations by default. We believe our users
|
Coder collects telemetry from all installations by default. We believe our users
|
||||||
should have the right to know what we collect, why we collect it, and how we use
|
should have the right to know what we collect, why we collect it, and how we use
|
||||||
|
@ -25,7 +25,8 @@ Give your template a name, description, and icon and press `Create template`.
|
|||||||
|
|
||||||

|

|
||||||
|
|
||||||
> **⚠️ Note**: If template creation fails, Coder is likely not authorized to
|
> [!NOTE]
|
||||||
|
> If template creation fails, Coder is likely not authorized to
|
||||||
> deploy infrastructure in the given location. Learn how to configure
|
> deploy infrastructure in the given location. Learn how to configure
|
||||||
> [provisioner authentication](./extending-templates/provider-authentication.md).
|
> [provisioner authentication](./extending-templates/provider-authentication.md).
|
||||||
|
|
||||||
@ -64,7 +65,8 @@ Next, push it to Coder with the
|
|||||||
coder templates push
|
coder templates push
|
||||||
```
|
```
|
||||||
|
|
||||||
> ⚠️ Note: If `template push` fails, Coder is likely not authorized to deploy
|
> [!NOTE]
|
||||||
|
> If `template push` fails, Coder is likely not authorized to deploy
|
||||||
> infrastructure in the given location. Learn how to configure
|
> infrastructure in the given location. Learn how to configure
|
||||||
> [provisioner authentication](../provisioners.md).
|
> [provisioner authentication](../provisioners.md).
|
||||||
|
|
||||||
|
@ -273,8 +273,8 @@ A
|
|||||||
can be added to your templates to add docker support. This may come in handy if
|
can be added to your templates to add docker support. This may come in handy if
|
||||||
your nodes cannot run Sysbox.
|
your nodes cannot run Sysbox.
|
||||||
|
|
||||||
> ⚠️ **Warning**: This is insecure. Workspaces will be able to gain root access
|
> [!WARNING]
|
||||||
> to the host machine.
|
> This is insecure. Workspaces will be able to gain root access to the host machine.
|
||||||
|
|
||||||
### Use a privileged sidecar container in Docker-based templates
|
### Use a privileged sidecar container in Docker-based templates
|
||||||
|
|
||||||
|
@ -31,11 +31,8 @@ you can require users authenticate via git prior to creating a workspace:
|
|||||||
|
|
||||||
### Native git authentication will auto-refresh tokens
|
### Native git authentication will auto-refresh tokens
|
||||||
|
|
||||||
<blockquote class="info">
|
> [!TIP]
|
||||||
<p>
|
> This is the preferred authentication method.
|
||||||
This is the preferred authentication method.
|
|
||||||
</p>
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
By default, the coder agent will configure native `git` authentication via the
|
By default, the coder agent will configure native `git` authentication via the
|
||||||
`GIT_ASKPASS` environment variable. Meaning, with no additional configuration,
|
`GIT_ASKPASS` environment variable. Meaning, with no additional configuration,
|
||||||
|
@ -49,8 +49,7 @@ Persistent resources stay provisioned when workspaces are stopped, where as
|
|||||||
ephemeral resources are destroyed and recreated on restart. All resources are
|
ephemeral resources are destroyed and recreated on restart. All resources are
|
||||||
destroyed when a workspace is deleted.
|
destroyed when a workspace is deleted.
|
||||||
|
|
||||||
> You can read more about how resource behavior and workspace state in the
|
You can read more about how resource behavior and workspace state in the [workspace lifecycle documentation](../../../user-guides/workspace-lifecycle.md).
|
||||||
> [workspace lifecycle documentation](../../../user-guides/workspace-lifecycle.md).
|
|
||||||
|
|
||||||
Template resources follow the
|
Template resources follow the
|
||||||
[behavior of Terraform resources](https://developer.hashicorp.com/terraform/language/resources/behavior#how-terraform-applies-a-configuration)
|
[behavior of Terraform resources](https://developer.hashicorp.com/terraform/language/resources/behavior#how-terraform-applies-a-configuration)
|
||||||
@ -65,6 +64,7 @@ When a workspace is deleted, the Coder server essentially runs a
|
|||||||
[terraform destroy](https://www.terraform.io/cli/commands/destroy) to remove all
|
[terraform destroy](https://www.terraform.io/cli/commands/destroy) to remove all
|
||||||
resources associated with the workspace.
|
resources associated with the workspace.
|
||||||
|
|
||||||
|
> [!TIP]
|
||||||
> Terraform's
|
> Terraform's
|
||||||
> [prevent-destroy](https://www.terraform.io/language/meta-arguments/lifecycle#prevent_destroy)
|
> [prevent-destroy](https://www.terraform.io/language/meta-arguments/lifecycle#prevent_destroy)
|
||||||
> and
|
> and
|
||||||
|
@ -93,7 +93,7 @@ to resolve modules via [Artifactory](https://jfrog.com/artifactory/).
|
|||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
6. Update module source as,
|
6. Update module source as:
|
||||||
|
|
||||||
```tf
|
```tf
|
||||||
module "module-name" {
|
module "module-name" {
|
||||||
@ -104,7 +104,7 @@ to resolve modules via [Artifactory](https://jfrog.com/artifactory/).
|
|||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
> Do not forget to replace example.jfrog.io with your Artifactory URL
|
Replace `example.jfrog.io` with your Artifactory URL
|
||||||
|
|
||||||
Based on the instructions
|
Based on the instructions
|
||||||
[here](https://jfrog.com/blog/tour-terraform-registries-in-artifactory/).
|
[here](https://jfrog.com/blog/tour-terraform-registries-in-artifactory/).
|
||||||
|
@ -3,8 +3,12 @@
|
|||||||
The workspace process logging feature allows you to log all system-level
|
The workspace process logging feature allows you to log all system-level
|
||||||
processes executing in the workspace.
|
processes executing in the workspace.
|
||||||
|
|
||||||
> **Note:** This feature is only available on Linux in Kubernetes. There are
|
This feature is only available on Linux in Kubernetes. There are
|
||||||
> additional requirements outlined further in this document.
|
additional requirements outlined further in this document.
|
||||||
|
|
||||||
|
> [!NOTE]
|
||||||
|
> Workspace process logging is an Enterprise and Premium feature.
|
||||||
|
> [Learn more](https://coder.com/pricing#compare-plans).
|
||||||
|
|
||||||
Workspace process logging adds a sidecar container to workspace pods that will
|
Workspace process logging adds a sidecar container to workspace pods that will
|
||||||
log all processes started in the workspace container (e.g., commands executed in
|
log all processes started in the workspace container (e.g., commands executed in
|
||||||
@ -16,10 +20,6 @@ monitoring stack, such as CloudWatch, for further analysis or long-term storage.
|
|||||||
Please note that these logs are not recorded or captured by the Coder
|
Please note that these logs are not recorded or captured by the Coder
|
||||||
organization in any way, shape, or form.
|
organization in any way, shape, or form.
|
||||||
|
|
||||||
> This is an [Premium or Enterprise](https://coder.com/pricing) feature. To
|
|
||||||
> learn more about Coder licensing, please
|
|
||||||
> [contact sales](https://coder.com/contact).
|
|
||||||
|
|
||||||
## How this works
|
## How this works
|
||||||
|
|
||||||
Coder uses [eBPF](https://ebpf.io/) (which we chose for its minimal performance
|
Coder uses [eBPF](https://ebpf.io/) (which we chose for its minimal performance
|
||||||
@ -164,7 +164,8 @@ would like to add workspace process logging to, follow these steps:
|
|||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
> **Note:** If you are using the `envbox` template, you will need to update
|
> [!NOTE]
|
||||||
|
> If you are using the `envbox` template, you will need to update
|
||||||
> the third argument to be
|
> the third argument to be
|
||||||
> `"${local.exectrace_init_script}\n\nexec /envbox docker"` instead.
|
> `"${local.exectrace_init_script}\n\nexec /envbox docker"` instead.
|
||||||
|
|
||||||
@ -212,7 +213,8 @@ would like to add workspace process logging to, follow these steps:
|
|||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
> **Note:** `exectrace` requires root privileges and a privileged container
|
> [!NOTE]
|
||||||
|
> `exectrace` requires root privileges and a privileged container
|
||||||
> to attach probes to the kernel. This is a requirement of eBPF.
|
> to attach probes to the kernel. This is a requirement of eBPF.
|
||||||
|
|
||||||
1. Add the following environment variable to your workspace pod:
|
1. Add the following environment variable to your workspace pod:
|
||||||
|
@ -1,11 +1,7 @@
|
|||||||
# Provider Authentication
|
# Provider Authentication
|
||||||
|
|
||||||
<blockquote class="danger">
|
> [!CAUTION]
|
||||||
<p>
|
> Do not store secrets in templates. Assume every user has cleartext access to every template.
|
||||||
Do not store secrets in templates. Assume every user has cleartext access
|
|
||||||
to every template.
|
|
||||||
</p>
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
The Coder server's
|
The Coder server's
|
||||||
[provisioner](https://registry.terraform.io/providers/coder/coder/latest/docs/data-sources/provisioner)
|
[provisioner](https://registry.terraform.io/providers/coder/coder/latest/docs/data-sources/provisioner)
|
||||||
|
@ -13,9 +13,8 @@ You can use `coder_metadata` to show Terraform resource attributes like these:
|
|||||||
|
|
||||||

|

|
||||||
|
|
||||||
<blockquote class="info">
|
> [!NOTE]
|
||||||
Coder automatically generates the <code>type</code> metadata.
|
> Coder automatically generates the <code>type</code> metadata.
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
You can also present automatically updating, dynamic values with
|
You can also present automatically updating, dynamic values with
|
||||||
[agent metadata](./agent-metadata.md).
|
[agent metadata](./agent-metadata.md).
|
||||||
|
@ -71,7 +71,8 @@ added that can handle its combination of tags.
|
|||||||
Before releasing the template version with configurable workspace tags, ensure
|
Before releasing the template version with configurable workspace tags, ensure
|
||||||
that every tag set is associated with at least one healthy provisioner.
|
that every tag set is associated with at least one healthy provisioner.
|
||||||
|
|
||||||
> **Note:** It may be useful to run at least one provisioner with no additional
|
> [!NOTE]
|
||||||
|
> It may be useful to run at least one provisioner with no additional
|
||||||
> tag restrictions that is able to take on any job.
|
> tag restrictions that is able to take on any job.
|
||||||
|
|
||||||
### Parameters types
|
### Parameters types
|
||||||
|
@ -94,7 +94,8 @@ directory. When you next run
|
|||||||
[`coder templates push`](../../../reference/cli/templates_push.md), the lock
|
[`coder templates push`](../../../reference/cli/templates_push.md), the lock
|
||||||
file will be stored alongside with the other template source code.
|
file will be stored alongside with the other template source code.
|
||||||
|
|
||||||
> Note: Terraform best practices also recommend checking in your
|
> [!NOTE]
|
||||||
|
> Terraform best practices also recommend checking in your
|
||||||
> `.terraform.lock.hcl` into Git or other VCS.
|
> `.terraform.lock.hcl` into Git or other VCS.
|
||||||
|
|
||||||
The next time a workspace is built from that template, Coder will make sure to
|
The next time a workspace is built from that template, Coder will make sure to
|
||||||
|
@ -11,9 +11,9 @@ practices around managing workspaces images for Coder.
|
|||||||
3. Allow developers to bring their own images and customizations with Dev
|
3. Allow developers to bring their own images and customizations with Dev
|
||||||
Containers
|
Containers
|
||||||
|
|
||||||
> Note: An image is just one of the many properties defined within the template.
|
An image is just one of the many properties defined within the template.
|
||||||
> Templates can pull images from a public image registry (e.g. Docker Hub) or an
|
Templates can pull images from a public image registry (e.g. Docker Hub) or an
|
||||||
> internal one, thanks to Terraform.
|
internal one, thanks to Terraform.
|
||||||
|
|
||||||
## Create a minimal base image
|
## Create a minimal base image
|
||||||
|
|
||||||
@ -31,9 +31,9 @@ to consider:
|
|||||||
`docker`, `bash`, `jq`, and/or internal tooling
|
`docker`, `bash`, `jq`, and/or internal tooling
|
||||||
- Consider creating (and starting the container with) a non-root user
|
- Consider creating (and starting the container with) a non-root user
|
||||||
|
|
||||||
> See Coder's
|
See Coder's
|
||||||
> [example base image](https://github.com/coder/enterprise-images/tree/main/images/minimal)
|
[example base image](https://github.com/coder/enterprise-images/tree/main/images/minimal)
|
||||||
> for reference.
|
for reference.
|
||||||
|
|
||||||
## Create general-purpose golden image(s) with standard tooling
|
## Create general-purpose golden image(s) with standard tooling
|
||||||
|
|
||||||
@ -54,10 +54,10 @@ purpose images are great for:
|
|||||||
stacks and types of projects, the golden image can be a good starting point
|
stacks and types of projects, the golden image can be a good starting point
|
||||||
for those projects.
|
for those projects.
|
||||||
|
|
||||||
> This is often referred to as a "sandbox" or "kitchen sink" image. Since large
|
This is often referred to as a "sandbox" or "kitchen sink" image. Since large
|
||||||
> multi-purpose container images can quickly become difficult to maintain, it's
|
multi-purpose container images can quickly become difficult to maintain, it's
|
||||||
> important to keep the number of general-purpose images to a minimum (2-3 in
|
important to keep the number of general-purpose images to a minimum (2-3 in
|
||||||
> most cases) with a well-defined scope.
|
most cases) with a well-defined scope.
|
||||||
|
|
||||||
Examples:
|
Examples:
|
||||||
|
|
||||||
|
@ -27,8 +27,8 @@ here!
|
|||||||
If you prefer to use Coder on the
|
If you prefer to use Coder on the
|
||||||
[command line](../../../reference/cli/index.md), `coder templates init`.
|
[command line](../../../reference/cli/index.md), `coder templates init`.
|
||||||
|
|
||||||
> Coder starter templates are also available on our
|
Coder starter templates are also available on our
|
||||||
> [GitHub repo](https://github.com/coder/coder/tree/main/examples/templates).
|
[GitHub repo](https://github.com/coder/coder/tree/main/examples/templates).
|
||||||
|
|
||||||
## Community Templates
|
## Community Templates
|
||||||
|
|
||||||
@ -46,6 +46,7 @@ any template's files directly in the Coder dashboard.
|
|||||||
If you'd prefer to use the CLI, use `coder templates pull`, edit the template
|
If you'd prefer to use the CLI, use `coder templates pull`, edit the template
|
||||||
files, then `coder templates push`.
|
files, then `coder templates push`.
|
||||||
|
|
||||||
|
> [!TIP]
|
||||||
> Even if you are a Terraform expert, we suggest reading our
|
> Even if you are a Terraform expert, we suggest reading our
|
||||||
> [guided tour of a template](../../../tutorials/template-from-scratch.md).
|
> [guided tour of a template](../../../tutorials/template-from-scratch.md).
|
||||||
|
|
||||||
@ -60,12 +61,9 @@ infrastructure, software, or security patches. Learn more about
|
|||||||
|
|
||||||
### Template update policies
|
### Template update policies
|
||||||
|
|
||||||
<blockquote class="info">
|
> [!NOTE]
|
||||||
|
> Template update policies are an Enterprise and Premium feature.
|
||||||
Template update policies are an Enterprise and Premium feature.
|
> [Learn more](https://coder.com/pricing#compare-plans).
|
||||||
[Learn more](https://coder.com/pricing#compare-plans).
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
Licensed template admins may want workspaces to always remain on the latest
|
Licensed template admins may want workspaces to always remain on the latest
|
||||||
version of their parent template. To do so, enable **Template Update Policies**
|
version of their parent template. To do so, enable **Template Update Policies**
|
||||||
|
@ -28,12 +28,9 @@ manage infrastructure costs.
|
|||||||
|
|
||||||
## Failure cleanup
|
## Failure cleanup
|
||||||
|
|
||||||
<blockquote class="info">
|
> [!NOTE]
|
||||||
|
> Failure cleanup is an Enterprise and Premium feature.
|
||||||
Failure cleanup is an Enterprise and Premium feature.
|
> [Learn more](https://coder.com/pricing#compare-plans).
|
||||||
[Learn more](https://coder.com/pricing#compare-plans).
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
Failure cleanup defines how long a workspace is permitted to remain in the
|
Failure cleanup defines how long a workspace is permitted to remain in the
|
||||||
failed state prior to being automatically stopped. Failure cleanup is only
|
failed state prior to being automatically stopped. Failure cleanup is only
|
||||||
@ -41,12 +38,9 @@ available for licensed customers.
|
|||||||
|
|
||||||
## Dormancy threshold
|
## Dormancy threshold
|
||||||
|
|
||||||
<blockquote class="info">
|
> [!NOTE]
|
||||||
|
> Dormancy threshold is an Enterprise and Premium feature.
|
||||||
Dormancy threshold is an Enterprise and Premium feature.
|
> [Learn more](https://coder.com/pricing#compare-plans).
|
||||||
[Learn more](https://coder.com/pricing#compare-plans).
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
Dormancy Threshold defines how long Coder allows a workspace to remain inactive
|
Dormancy Threshold defines how long Coder allows a workspace to remain inactive
|
||||||
before being moved into a dormant state. A workspace's inactivity is determined
|
before being moved into a dormant state. A workspace's inactivity is determined
|
||||||
@ -58,12 +52,9 @@ only available for licensed customers.
|
|||||||
|
|
||||||
## Dormancy auto-deletion
|
## Dormancy auto-deletion
|
||||||
|
|
||||||
<blockquote class="info">
|
> [!NOTE]
|
||||||
|
> Dormancy auto-deletion is an Enterprise and Premium feature.
|
||||||
Dormancy auto-deletion is an Enterprise and Premium feature.
|
> [Learn more](https://coder.com/pricing#compare-plans).
|
||||||
[Learn more](https://coder.com/pricing#compare-plans).
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
Dormancy Auto-Deletion allows a template admin to dictate how long a workspace
|
Dormancy Auto-Deletion allows a template admin to dictate how long a workspace
|
||||||
is permitted to remain dormant before it is automatically deleted. Dormancy
|
is permitted to remain dormant before it is automatically deleted. Dormancy
|
||||||
@ -71,12 +62,9 @@ Auto-Deletion is only available for licensed customers.
|
|||||||
|
|
||||||
## Autostop requirement
|
## Autostop requirement
|
||||||
|
|
||||||
<blockquote class="info">
|
> [!NOTE]
|
||||||
|
> Autostop requirement is an Enterprise and Premium feature.
|
||||||
Autostop requirement is an Enterprise and Premium feature.
|
> [Learn more](https://coder.com/pricing#compare-plans).
|
||||||
[Learn more](https://coder.com/pricing#compare-plans).
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
Autostop requirement is a template setting that determines how often workspaces
|
Autostop requirement is a template setting that determines how often workspaces
|
||||||
using the template must automatically stop. Autostop requirement ignores any
|
using the template must automatically stop. Autostop requirement ignores any
|
||||||
@ -108,12 +96,9 @@ requirement during the deprecation period, but only one can be used at a time.
|
|||||||
|
|
||||||
## User quiet hours
|
## User quiet hours
|
||||||
|
|
||||||
<blockquote class="info">
|
> [!NOTE]
|
||||||
|
> User quiet hours are an Enterprise and Premium feature.
|
||||||
User quiet hours are an Enterprise and Premium feature.
|
> [Learn more](https://coder.com/pricing#compare-plans).
|
||||||
[Learn more](https://coder.com/pricing#compare-plans).
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
User quiet hours can be configured in the user's schedule settings page.
|
User quiet hours can be configured in the user's schedule settings page.
|
||||||
Workspaces on templates with an autostop requirement will only be forcibly
|
Workspaces on templates with an autostop requirement will only be forcibly
|
||||||
|
@ -46,7 +46,8 @@ resource "coder_agent" "dev" {
|
|||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
> Note: The `dir` attribute can be set in multiple ways, for example:
|
> [!NOTE]
|
||||||
|
> The `dir` attribute can be set in multiple ways, for example:
|
||||||
>
|
>
|
||||||
> - `~/coder`
|
> - `~/coder`
|
||||||
> - `/home/coder/coder`
|
> - `/home/coder/coder`
|
||||||
|
@ -1,11 +1,8 @@
|
|||||||
# Permissions
|
# Permissions
|
||||||
|
|
||||||
<blockquote class="info">
|
> [!NOTE]
|
||||||
|
> Template permissions are a Premium feature.
|
||||||
Template permissions are an Enterprise and Premium feature.
|
> [Learn more](https://coder.com/pricing#compare-plans).
|
||||||
[Learn more](https://coder.com/pricing#compare-plans).
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
Licensed Coder administrators can control who can use and modify the template.
|
Licensed Coder administrators can control who can use and modify the template.
|
||||||
|
|
||||||
@ -24,5 +21,3 @@ user can use the template to create a workspace. To prevent this, disable the
|
|||||||
`Allow everyone to use the template` setting when creating a template.
|
`Allow everyone to use the template` setting when creating a template.
|
||||||
|
|
||||||

|

|
||||||
|
|
||||||
Permissions is a premium-only feature.
|
|
||||||
|
@ -144,7 +144,8 @@ if [ $status -ne 0 ]; then
|
|||||||
fi
|
fi
|
||||||
```
|
```
|
||||||
|
|
||||||
> **Note:** We don't use `set -x` here because we're manually echoing the
|
> [!NOTE]
|
||||||
|
> We don't use `set -x` here because we're manually echoing the
|
||||||
> commands. This protects against sensitive information being shown in the log.
|
> commands. This protects against sensitive information being shown in the log.
|
||||||
|
|
||||||
This script tells us what command is being run and what the exit status is. If
|
This script tells us what command is being run and what the exit status is. If
|
||||||
@ -152,7 +153,8 @@ the exit status is non-zero, it means the command failed and we exit the script.
|
|||||||
Since we are manually checking the exit status here, we don't need `set -e` at
|
Since we are manually checking the exit status here, we don't need `set -e` at
|
||||||
the top of the script to exit on error.
|
the top of the script to exit on error.
|
||||||
|
|
||||||
> **Note:** If you aren't seeing any logs, check that the `dir` directive points
|
> [!NOTE]
|
||||||
|
> If you aren't seeing any logs, check that the `dir` directive points
|
||||||
> to a valid directory in the file system.
|
> to a valid directory in the file system.
|
||||||
|
|
||||||
## Slow workspace startup times
|
## Slow workspace startup times
|
||||||
|
@ -47,12 +47,12 @@ GitHub will ask you for the following Coder parameters:
|
|||||||
`https://coder.domain.com`)
|
`https://coder.domain.com`)
|
||||||
- **User Authorization Callback URL**: Set to `https://coder.domain.com`
|
- **User Authorization Callback URL**: Set to `https://coder.domain.com`
|
||||||
|
|
||||||
> Note: If you want to allow multiple coder deployments hosted on subdomains
|
If you want to allow multiple Coder deployments hosted on subdomains, such as
|
||||||
> e.g. coder1.domain.com, coder2.domain.com, to be able to authenticate with the
|
`coder1.domain.com`, `coder2.domain.com`, to authenticate with the
|
||||||
> same GitHub OAuth app, then you can set **User Authorization Callback URL** to
|
same GitHub OAuth app, then you can set **User Authorization Callback URL** to
|
||||||
> the `https://domain.com`
|
the `https://domain.com`
|
||||||
|
|
||||||
Note the Client ID and Client Secret generated by GitHub. You will use these
|
Take note of the Client ID and Client Secret generated by GitHub. You will use these
|
||||||
values in the next step.
|
values in the next step.
|
||||||
|
|
||||||
Coder will need permission to access user email addresses. Find the "Account
|
Coder will need permission to access user email addresses. Find the "Account
|
||||||
@ -67,8 +67,8 @@ server:
|
|||||||
coder server --oauth2-github-allow-signups=true --oauth2-github-allowed-orgs="your-org" --oauth2-github-client-id="8d1...e05" --oauth2-github-client-secret="57ebc9...02c24c"
|
coder server --oauth2-github-allow-signups=true --oauth2-github-allowed-orgs="your-org" --oauth2-github-client-id="8d1...e05" --oauth2-github-client-secret="57ebc9...02c24c"
|
||||||
```
|
```
|
||||||
|
|
||||||
> For GitHub Enterprise support, specify the
|
> [!NOTE]
|
||||||
> `--oauth2-github-enterprise-base-url` flag.
|
> For GitHub Enterprise support, specify the `--oauth2-github-enterprise-base-url` flag.
|
||||||
|
|
||||||
Alternatively, if you are running Coder as a system service, you can achieve the
|
Alternatively, if you are running Coder as a system service, you can achieve the
|
||||||
same result as the command above by adding the following environment variables
|
same result as the command above by adding the following environment variables
|
||||||
@ -81,11 +81,12 @@ CODER_OAUTH2_GITHUB_CLIENT_ID="8d1...e05"
|
|||||||
CODER_OAUTH2_GITHUB_CLIENT_SECRET="57ebc9...02c24c"
|
CODER_OAUTH2_GITHUB_CLIENT_SECRET="57ebc9...02c24c"
|
||||||
```
|
```
|
||||||
|
|
||||||
**Note:** To allow everyone to signup using GitHub, set:
|
> [!TIP]
|
||||||
|
> To allow everyone to sign up using GitHub, set:
|
||||||
```env
|
>
|
||||||
CODER_OAUTH2_GITHUB_ALLOW_EVERYONE=true
|
> ```env
|
||||||
```
|
> CODER_OAUTH2_GITHUB_ALLOW_EVERYONE=true
|
||||||
|
> ```
|
||||||
|
|
||||||
Once complete, run `sudo service coder restart` to reboot Coder.
|
Once complete, run `sudo service coder restart` to reboot Coder.
|
||||||
|
|
||||||
@ -115,9 +116,9 @@ To upgrade Coder, run:
|
|||||||
helm upgrade <release-name> coder-v2/coder -n <namespace> -f values.yaml
|
helm upgrade <release-name> coder-v2/coder -n <namespace> -f values.yaml
|
||||||
```
|
```
|
||||||
|
|
||||||
> We recommend requiring and auditing MFA usage for all users in your GitHub
|
We recommend requiring and auditing MFA usage for all users in your GitHub
|
||||||
> organizations. This can be enforced from the organization settings page in the
|
organizations. This can be enforced from the organization settings page in the
|
||||||
> "Authentication security" sidebar tab.
|
"Authentication security" sidebar tab.
|
||||||
|
|
||||||
## Device Flow
|
## Device Flow
|
||||||
|
|
||||||
|
@ -33,12 +33,9 @@ may use personal workspaces.
|
|||||||
|
|
||||||
## Custom Roles
|
## Custom Roles
|
||||||
|
|
||||||
<blockquote class="info">
|
> [!NOTE]
|
||||||
|
> Custom roles are a Premium feature.
|
||||||
Custom roles are a Premium feature.
|
> [Learn more](https://coder.com/pricing#compare-plans).
|
||||||
[Learn more](https://coder.com/pricing#compare-plans).
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
Starting in v2.16.0, Premium Coder deployments can configure custom roles on the
|
Starting in v2.16.0, Premium Coder deployments can configure custom roles on the
|
||||||
[Organization](./organizations.md) level. You can create and assign custom roles
|
[Organization](./organizations.md) level. You can create and assign custom roles
|
||||||
|
@ -4,7 +4,7 @@ Headless user accounts that cannot use the web UI to log in to Coder. This is
|
|||||||
useful for creating accounts for automated systems, such as CI/CD pipelines or
|
useful for creating accounts for automated systems, such as CI/CD pipelines or
|
||||||
for users who only consume Coder via another client/API.
|
for users who only consume Coder via another client/API.
|
||||||
|
|
||||||
> You must have the User Admin role or above to create headless users.
|
You must have the User Admin role or above to create headless users.
|
||||||
|
|
||||||
## Create a headless user
|
## Create a headless user
|
||||||
|
|
||||||
|
@ -1,12 +1,9 @@
|
|||||||
<!-- markdownlint-disable MD024 -->
|
<!-- markdownlint-disable MD024 -->
|
||||||
# IdP Sync
|
# IdP Sync
|
||||||
|
|
||||||
<blockquote class="info">
|
> [!NOTE]
|
||||||
|
> IdP sync is an Enterprise and Premium feature.
|
||||||
IdP sync is an Enterprise and Premium feature.
|
> [Learn more](https://coder.com/pricing#compare-plans).
|
||||||
[Learn more](https://coder.com/pricing#compare-plans).
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
IdP (Identity provider) sync allows you to use OpenID Connect (OIDC) to
|
IdP (Identity provider) sync allows you to use OpenID Connect (OIDC) to
|
||||||
synchronize Coder groups, roles, and organizations based on claims from your IdP.
|
synchronize Coder groups, roles, and organizations based on claims from your IdP.
|
||||||
@ -110,13 +107,10 @@ Below is an example that uses the `groups` claim and maps all groups prefixed by
|
|||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
<blockquote class="admonition note">
|
> [!IMPORTANT]
|
||||||
|
> You must specify Coder group IDs instead of group names. The fastest way to find
|
||||||
You must specify Coder group IDs instead of group names. The fastest way to find
|
> the ID for a corresponding group is by visiting
|
||||||
the ID for a corresponding group is by visiting
|
> `https://coder.example.com/api/v2/groups`.
|
||||||
`https://coder.example.com/api/v2/groups`.
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
Here is another example which maps `coder-admins` from the identity provider to
|
Here is another example which maps `coder-admins` from the identity provider to
|
||||||
two groups in Coder and `coder-users` from the identity provider to another
|
two groups in Coder and `coder-users` from the identity provider to another
|
||||||
@ -151,13 +145,9 @@ Visit the Coder UI to confirm these changes:
|
|||||||
|
|
||||||
### Server Flags
|
### Server Flags
|
||||||
|
|
||||||
<blockquote class="admonition note">
|
> [!NOTE]
|
||||||
|
> Use server flags only with Coder deployments with a single organization.
|
||||||
Use server flags only with Coder deployments with a single organization.
|
> You can use the dashboard to configure group sync instead.
|
||||||
|
|
||||||
You can use the dashboard to configure group sync instead.
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
1. Configure the Coder server to read groups from the claim name with the
|
1. Configure the Coder server to read groups from the claim name with the
|
||||||
[OIDC group field](../../reference/cli/server.md#--oidc-group-field) server
|
[OIDC group field](../../reference/cli/server.md#--oidc-group-field) server
|
||||||
@ -284,13 +274,9 @@ role:
|
|||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
<blockquote class="admonition note">
|
> [!NOTE]
|
||||||
|
> Be sure to use the `name` field for each role, not the display name.
|
||||||
Be sure to use the `name` field for each role, not the display name. Use
|
> Use `coder organization roles show --org=<your-org>` to see roles for your organization.
|
||||||
`coder organization roles show --org=<your-org>` to see roles for your
|
|
||||||
organization.
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
To set these role sync settings, use the following command:
|
To set these role sync settings, use the following command:
|
||||||
|
|
||||||
@ -306,13 +292,9 @@ Visit the Coder UI to confirm these changes:
|
|||||||
|
|
||||||
### Server Flags
|
### Server Flags
|
||||||
|
|
||||||
<blockquote class="admonition note">
|
> [!NOTE]
|
||||||
|
> Use server flags only with Coder deployments with a single organization.
|
||||||
Use server flags only with Coder deployments with a single organization.
|
> You can use the dashboard to configure role sync instead.
|
||||||
|
|
||||||
You can use the dashboard to configure role sync instead.
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
1. Configure the Coder server to read groups from the claim name with the
|
1. Configure the Coder server to read groups from the claim name with the
|
||||||
[OIDC role field](../../reference/cli/server.md#--oidc-user-role-field)
|
[OIDC role field](../../reference/cli/server.md#--oidc-user-role-field)
|
||||||
@ -539,7 +521,8 @@ Below are some details specific to individual OIDC providers.
|
|||||||
|
|
||||||
### Active Directory Federation Services (ADFS)
|
### Active Directory Federation Services (ADFS)
|
||||||
|
|
||||||
> **Note:** Tested on ADFS 4.0, Windows Server 2019
|
> [!NOTE]
|
||||||
|
> Tested on ADFS 4.0, Windows Server 2019
|
||||||
|
|
||||||
1. In your Federation Server, create a new application group for Coder.
|
1. In your Federation Server, create a new application group for Coder.
|
||||||
Follow the steps as described in the [Windows Server documentation]
|
Follow the steps as described in the [Windows Server documentation]
|
||||||
|
@ -166,6 +166,7 @@ You can also reset a password via the CLI:
|
|||||||
coder reset-password <username>
|
coder reset-password <username>
|
||||||
```
|
```
|
||||||
|
|
||||||
|
> [!NOTE]
|
||||||
> Resetting a user's password, e.g., the initial `owner` role-based user, only
|
> Resetting a user's password, e.g., the initial `owner` role-based user, only
|
||||||
> works when run on the host running the Coder control plane.
|
> works when run on the host running the Coder control plane.
|
||||||
|
|
||||||
|
@ -32,7 +32,8 @@ signing in via OIDC as a new user. Coder will log the claim fields returned by
|
|||||||
the upstream identity provider in a message containing the string
|
the upstream identity provider in a message containing the string
|
||||||
`got oidc claims`, as well as the user info returned.
|
`got oidc claims`, as well as the user info returned.
|
||||||
|
|
||||||
> **Note:** If you need to ensure that Coder only uses information from the ID
|
> [!NOTE]
|
||||||
|
> If you need to ensure that Coder only uses information from the ID
|
||||||
> token and does not hit the UserInfo endpoint, you can set the configuration
|
> token and does not hit the UserInfo endpoint, you can set the configuration
|
||||||
> option `CODER_OIDC_IGNORE_USERINFO=true`.
|
> option `CODER_OIDC_IGNORE_USERINFO=true`.
|
||||||
|
|
||||||
@ -44,7 +45,8 @@ for the newly created user's email address.
|
|||||||
If your upstream identity provider users a different claim, you can set
|
If your upstream identity provider users a different claim, you can set
|
||||||
`CODER_OIDC_EMAIL_FIELD` to the desired claim.
|
`CODER_OIDC_EMAIL_FIELD` to the desired claim.
|
||||||
|
|
||||||
> **Note** If this field is not present, Coder will attempt to use the claim
|
> [!NOTE]
|
||||||
|
> If this field is not present, Coder will attempt to use the claim
|
||||||
> field configured for `username` as an email address. If this field is not a
|
> field configured for `username` as an email address. If this field is not a
|
||||||
> valid email address, OIDC logins will fail.
|
> valid email address, OIDC logins will fail.
|
||||||
|
|
||||||
@ -59,7 +61,8 @@ disable this behavior with the following setting:
|
|||||||
CODER_OIDC_IGNORE_EMAIL_VERIFIED=true
|
CODER_OIDC_IGNORE_EMAIL_VERIFIED=true
|
||||||
```
|
```
|
||||||
|
|
||||||
> **Note:** This will cause Coder to implicitly treat all OIDC emails as
|
> [!NOTE]
|
||||||
|
> This will cause Coder to implicitly treat all OIDC emails as
|
||||||
> "verified", regardless of what the upstream identity provider says.
|
> "verified", regardless of what the upstream identity provider says.
|
||||||
|
|
||||||
### Usernames
|
### Usernames
|
||||||
@ -70,7 +73,8 @@ claim field named `preferred_username` as the the username.
|
|||||||
If your upstream identity provider uses a different claim, you can set
|
If your upstream identity provider uses a different claim, you can set
|
||||||
`CODER_OIDC_USERNAME_FIELD` to the desired claim.
|
`CODER_OIDC_USERNAME_FIELD` to the desired claim.
|
||||||
|
|
||||||
> **Note:** If this claim is empty, the email address will be stripped of the
|
> [!NOTE]
|
||||||
|
> If this claim is empty, the email address will be stripped of the
|
||||||
> domain, and become the username (e.g. `example@coder.com` becomes `example`).
|
> domain, and become the username (e.g. `example@coder.com` becomes `example`).
|
||||||
> To avoid conflicts, Coder may also append a random word to the resulting
|
> To avoid conflicts, Coder may also append a random word to the resulting
|
||||||
> username.
|
> username.
|
||||||
@ -99,12 +103,9 @@ CODER_DISABLE_PASSWORD_AUTH=true
|
|||||||
|
|
||||||
## SCIM
|
## SCIM
|
||||||
|
|
||||||
<blockquote class="info">
|
> [!NOTE]
|
||||||
|
> SCIM is an Enterprise and Premium feature.
|
||||||
SCIM is an Enterprise and Premium feature.
|
> [Learn more](https://coder.com/pricing#compare-plans).
|
||||||
[Learn more](https://coder.com/pricing#compare-plans).
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
Coder supports user provisioning and deprovisioning via SCIM 2.0 with header
|
Coder supports user provisioning and deprovisioning via SCIM 2.0 with header
|
||||||
authentication. Upon deactivation, users are
|
authentication. Upon deactivation, users are
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
# Organizations (Premium)
|
# Organizations (Premium)
|
||||||
|
|
||||||
> Note: Organizations requires a
|
> [!NOTE]
|
||||||
|
> Organizations requires a
|
||||||
> [Premium license](https://coder.com/pricing#compare-plans). For more details,
|
> [Premium license](https://coder.com/pricing#compare-plans). For more details,
|
||||||
> [contact your account team](https://coder.com/contact).
|
> [contact your account team](https://coder.com/contact).
|
||||||
|
|
||||||
|
@ -15,7 +15,8 @@ If you remove the admin user account (or forget the password), you can run the
|
|||||||
[`coder server create-admin-user`](../../reference/cli/server_create-admin-user.md)command
|
[`coder server create-admin-user`](../../reference/cli/server_create-admin-user.md)command
|
||||||
on your server.
|
on your server.
|
||||||
|
|
||||||
> Note: You must run this command on the same machine running the Coder server.
|
> [!IMPORTANT]
|
||||||
|
> You must run this command on the same machine running the Coder server.
|
||||||
> If you are running Coder on Kubernetes, this means using
|
> If you are running Coder on Kubernetes, this means using
|
||||||
> [kubectl exec](https://kubernetes.io/docs/reference/kubectl/generated/kubectl_exec/)
|
> [kubectl exec](https://kubernetes.io/docs/reference/kubectl/generated/kubectl_exec/)
|
||||||
> to exec into the pod.
|
> to exec into the pod.
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
## Changelog
|
## Changelog
|
||||||
|
|
||||||
> **Warning**: This release has a known issue: #8351. Upgrade directly to
|
> [!WARNING]
|
||||||
|
> This release has a known issue: #8351. Upgrade directly to
|
||||||
> v0.26.0 which includes a fix
|
> v0.26.0 which includes a fix
|
||||||
|
|
||||||
### Features
|
### Features
|
||||||
|
@ -4,7 +4,8 @@
|
|||||||
|
|
||||||
Agent logs can be pushed after a workspace has started (#8528)
|
Agent logs can be pushed after a workspace has started (#8528)
|
||||||
|
|
||||||
> ⚠️ **Warning:** You will need to
|
> [!WARNING]
|
||||||
|
> You will need to
|
||||||
> [update](https://coder.com/docs/install) your local Coder CLI v0.27
|
> [update](https://coder.com/docs/install) your local Coder CLI v0.27
|
||||||
> to connect via `coder ssh`.
|
> to connect via `coder ssh`.
|
||||||
|
|
||||||
|
@ -23,11 +23,8 @@ You can run the UI and access the Coder dashboard in two ways:
|
|||||||
In both cases, you can access the dashboard on `http://localhost:8080`. If using
|
In both cases, you can access the dashboard on `http://localhost:8080`. If using
|
||||||
`./scripts/develop.sh` you can log in with the default credentials.
|
`./scripts/develop.sh` you can log in with the default credentials.
|
||||||
|
|
||||||
<blockquote class="admonition note">
|
> [!NOTE]
|
||||||
|
> **Default Credentials:** `admin@coder.com` and `SomeSecurePassword!`.
|
||||||
**Default Credentials:** `admin@coder.com` and `SomeSecurePassword!`.
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
## Tech Stack Overview
|
## Tech Stack Overview
|
||||||
|
|
||||||
@ -88,8 +85,8 @@ views, tests, and utility functions. The page component fetches necessary data
|
|||||||
and passes to the view. We explain this decision a bit better in the next
|
and passes to the view. We explain this decision a bit better in the next
|
||||||
section which talks about where to fetch data.
|
section which talks about where to fetch data.
|
||||||
|
|
||||||
> ℹ️ If code within a page becomes reusable across other parts of the app,
|
If code within a page becomes reusable across other parts of the app,
|
||||||
> consider moving it to `src/utils`, `hooks`, `components`, or `modules`.
|
consider moving it to `src/utils`, `hooks`, `components`, or `modules`.
|
||||||
|
|
||||||
### Handling States
|
### Handling States
|
||||||
|
|
||||||
@ -272,8 +269,8 @@ template", etc. We use [Playwright](https://playwright.dev/). If you only need
|
|||||||
to test if the page is being rendered correctly, you should consider using the
|
to test if the page is being rendered correctly, you should consider using the
|
||||||
**Visual Testing** approach.
|
**Visual Testing** approach.
|
||||||
|
|
||||||
> ℹ️ For scenarios where you need to be authenticated, you can use
|
For scenarios where you need to be authenticated, you can use
|
||||||
> `test.use({ storageState: getStatePath("authState") })`.
|
`test.use({ storageState: getStatePath("authState") })`.
|
||||||
|
|
||||||
For ease of debugging, it's possible to run a Playwright test in headful mode
|
For ease of debugging, it's possible to run a Playwright test in headful mode
|
||||||
running a Playwright server on your local machine, and executing the test inside
|
running a Playwright server on your local machine, and executing the test inside
|
||||||
@ -309,8 +306,8 @@ always be your first option since it is way easier to maintain. For this, we use
|
|||||||
[Storybook](https://storybook.js.org/) and
|
[Storybook](https://storybook.js.org/) and
|
||||||
[Chromatic](https://www.chromatic.com/).
|
[Chromatic](https://www.chromatic.com/).
|
||||||
|
|
||||||
> ℹ️ To learn more about testing components that fetch API data, refer to the
|
To learn more about testing components that fetch API data, refer to the
|
||||||
> [**Where to fetch data**](#where-to-fetch-data) section.
|
[**Where to fetch data**](#where-to-fetch-data) section.
|
||||||
|
|
||||||
### What should I test?
|
### What should I test?
|
||||||
|
|
||||||
|
@ -22,7 +22,8 @@ alternate installation methods (e.g. standalone binaries, system packages).
|
|||||||
|
|
||||||
## Windows
|
## Windows
|
||||||
|
|
||||||
> **Important:** If you plan to use the built-in PostgreSQL database, you will
|
> [!IMPORTANT]
|
||||||
|
> If you plan to use the built-in PostgreSQL database, you will
|
||||||
> need to ensure that the
|
> need to ensure that the
|
||||||
> [Visual C++ Runtime](https://learn.microsoft.com/en-US/cpp/windows/latest-supported-vc-redist#latest-microsoft-visual-c-redistributable-version)
|
> [Visual C++ Runtime](https://learn.microsoft.com/en-US/cpp/windows/latest-supported-vc-redist#latest-microsoft-visual-c-redistributable-version)
|
||||||
> is installed.
|
> is installed.
|
||||||
@ -58,11 +59,8 @@ coder login https://coder.example.com
|
|||||||
|
|
||||||
## Download the CLI from your deployment
|
## Download the CLI from your deployment
|
||||||
|
|
||||||
<blockquote class="admonition note">
|
> [!NOTE]
|
||||||
|
> Available in Coder 2.19 and newer.
|
||||||
Available in Coder 2.19 and newer.
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
Every Coder server hosts CLI binaries for all supported platforms. You can run a
|
Every Coder server hosts CLI binaries for all supported platforms. You can run a
|
||||||
script to download the appropriate CLI for your machine from your Coder
|
script to download the appropriate CLI for your machine from your Coder
|
||||||
|
@ -79,11 +79,8 @@ Coder's [configuration options](../admin/setup/index.md).
|
|||||||
|
|
||||||
## Install the preview release
|
## Install the preview release
|
||||||
|
|
||||||
<blockquote class="tip">
|
> [!TIP]
|
||||||
|
> We do not recommend using preview releases in production environments.
|
||||||
We do not recommend using preview releases in production environments.
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
You can install and test a
|
You can install and test a
|
||||||
[preview release of Coder](https://github.com/coder/coder/pkgs/container/coder-preview)
|
[preview release of Coder](https://github.com/coder/coder/pkgs/container/coder-preview)
|
||||||
|
@ -29,7 +29,8 @@ alternate installation methods (e.g. standalone binaries, system packages).
|
|||||||
|
|
||||||
## Windows
|
## Windows
|
||||||
|
|
||||||
> **Important:** If you plan to use the built-in PostgreSQL database, you will
|
> [!IMPORTANT]
|
||||||
|
> If you plan to use the built-in PostgreSQL database, you will
|
||||||
> need to ensure that the
|
> need to ensure that the
|
||||||
> [Visual C++ Runtime](https://learn.microsoft.com/en-US/cpp/windows/latest-supported-vc-redist#latest-microsoft-visual-c-redistributable-version)
|
> [Visual C++ Runtime](https://learn.microsoft.com/en-US/cpp/windows/latest-supported-vc-redist#latest-microsoft-visual-c-redistributable-version)
|
||||||
> is installed.
|
> is installed.
|
||||||
|
@ -116,11 +116,11 @@ coder:
|
|||||||
# - my-tls-secret-name
|
# - my-tls-secret-name
|
||||||
```
|
```
|
||||||
|
|
||||||
> You can view our
|
You can view our
|
||||||
> [Helm README](https://github.com/coder/coder/blob/main/helm#readme) for
|
[Helm README](https://github.com/coder/coder/blob/main/helm#readme) for
|
||||||
> details on the values that are available, or you can view the
|
details on the values that are available, or you can view the
|
||||||
> [values.yaml](https://github.com/coder/coder/blob/main/helm/coder/values.yaml)
|
[values.yaml](https://github.com/coder/coder/blob/main/helm/coder/values.yaml)
|
||||||
> file directly.
|
file directly.
|
||||||
|
|
||||||
We support two release channels: mainline and stable - read the
|
We support two release channels: mainline and stable - read the
|
||||||
[Releases](./releases.md) page to learn more about which best suits your team.
|
[Releases](./releases.md) page to learn more about which best suits your team.
|
||||||
|
@ -3,8 +3,8 @@
|
|||||||
All Coder features are supported in offline / behind firewalls / in air-gapped
|
All Coder features are supported in offline / behind firewalls / in air-gapped
|
||||||
environments. However, some changes to your configuration are necessary.
|
environments. However, some changes to your configuration are necessary.
|
||||||
|
|
||||||
> This is a general comparison. Keep reading for a full tutorial running Coder
|
This is a general comparison. Keep reading for a full tutorial running Coder
|
||||||
> offline with Kubernetes or Docker.
|
offline with Kubernetes or Docker.
|
||||||
|
|
||||||
| | Public deployments | Offline deployments |
|
| | Public deployments | Offline deployments |
|
||||||
|--------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|
|--------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|
||||||
@ -31,7 +31,8 @@ following:
|
|||||||
[network mirror](https://www.terraform.io/internals/provider-network-mirror-protocol).
|
[network mirror](https://www.terraform.io/internals/provider-network-mirror-protocol).
|
||||||
See below for details.
|
See below for details.
|
||||||
|
|
||||||
> Note: Coder includes the latest
|
> [!NOTE]
|
||||||
|
> Coder includes the latest
|
||||||
> [supported version](https://github.com/coder/coder/blob/main/provisioner/terraform/install.go#L23-L24)
|
> [supported version](https://github.com/coder/coder/blob/main/provisioner/terraform/install.go#L23-L24)
|
||||||
> of Terraform in the official Docker images. If you need to bundle a different
|
> of Terraform in the official Docker images. If you need to bundle a different
|
||||||
> version of terraform, you can do so by customizing the image.
|
> version of terraform, you can do so by customizing the image.
|
||||||
@ -112,6 +113,7 @@ USER coder
|
|||||||
ENV TF_CLI_CONFIG_FILE=/home/coder/.terraformrc
|
ENV TF_CLI_CONFIG_FILE=/home/coder/.terraformrc
|
||||||
```
|
```
|
||||||
|
|
||||||
|
> [!NOTE]
|
||||||
> If you are bundling Terraform providers into your Coder image, be sure the
|
> If you are bundling Terraform providers into your Coder image, be sure the
|
||||||
> provider version matches any templates or
|
> provider version matches any templates or
|
||||||
> [example templates](https://github.com/coder/coder/tree/main/examples/templates)
|
> [example templates](https://github.com/coder/coder/tree/main/examples/templates)
|
||||||
@ -174,10 +176,10 @@ services:
|
|||||||
# ...
|
# ...
|
||||||
```
|
```
|
||||||
|
|
||||||
> The
|
The
|
||||||
> [terraform providers mirror](https://www.terraform.io/cli/commands/providers/mirror)
|
[terraform providers mirror](https://www.terraform.io/cli/commands/providers/mirror)
|
||||||
> command can be used to download the required plugins for a Coder template.
|
command can be used to download the required plugins for a Coder template.
|
||||||
> This can be uploaded into the `plugins` directory on your offline server.
|
This can be uploaded into the `plugins` directory on your offline server.
|
||||||
|
|
||||||
### Kubernetes
|
### Kubernetes
|
||||||
|
|
||||||
|
@ -32,7 +32,8 @@ values:
|
|||||||
The below values are modified from Coder defaults and allow the Coder deployment
|
The below values are modified from Coder defaults and allow the Coder deployment
|
||||||
to run under the SCC `restricted-v2`.
|
to run under the SCC `restricted-v2`.
|
||||||
|
|
||||||
> Note: `readOnlyRootFilesystem: true` is not technically required under
|
> [!NOTE]
|
||||||
|
> `readOnlyRootFilesystem: true` is not technically required under
|
||||||
> `restricted-v2`, but is often mandated in OpenShift environments.
|
> `restricted-v2`, but is often mandated in OpenShift environments.
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
@ -92,7 +93,8 @@ To fix this, you can mount a temporary volume in the pod and set the
|
|||||||
example, we mount this under `/tmp` and set the cache location to `/tmp/coder`.
|
example, we mount this under `/tmp` and set the cache location to `/tmp/coder`.
|
||||||
This enables Coder to run with `readOnlyRootFilesystem: true`.
|
This enables Coder to run with `readOnlyRootFilesystem: true`.
|
||||||
|
|
||||||
> Note: Depending on the number of templates and provisioners you use, you may
|
> [!NOTE]
|
||||||
|
> Depending on the number of templates and provisioners you use, you may
|
||||||
> need to increase the size of the volume, as the `coder` pod will be
|
> need to increase the size of the volume, as the `coder` pod will be
|
||||||
> automatically restarted when this volume fills up.
|
> automatically restarted when this volume fills up.
|
||||||
|
|
||||||
@ -128,7 +130,8 @@ coder:
|
|||||||
readOnly: false
|
readOnly: false
|
||||||
```
|
```
|
||||||
|
|
||||||
> Note: OpenShift provides a Developer Catalog offering you can use to install
|
> [!NOTE]
|
||||||
|
> OpenShift provides a Developer Catalog offering you can use to install
|
||||||
> PostgreSQL into your cluster.
|
> PostgreSQL into your cluster.
|
||||||
|
|
||||||
### 4. Create the OpenShift route
|
### 4. Create the OpenShift route
|
||||||
@ -176,7 +179,8 @@ helm install coder coder-v2/coder \
|
|||||||
--values values.yaml
|
--values values.yaml
|
||||||
```
|
```
|
||||||
|
|
||||||
> Note: If the Helm installation fails with a Kubernetes RBAC error, check the
|
> [!NOTE]
|
||||||
|
> If the Helm installation fails with a Kubernetes RBAC error, check the
|
||||||
> permissions of your OpenShift user using the `oc auth can-i` command.
|
> permissions of your OpenShift user using the `oc auth can-i` command.
|
||||||
>
|
>
|
||||||
> The below permissions are the minimum required:
|
> The below permissions are the minimum required:
|
||||||
|
@ -34,8 +34,8 @@ only for security issues or CVEs.
|
|||||||
|
|
||||||
- In-product security vulnerabilities and CVEs are supported
|
- In-product security vulnerabilities and CVEs are supported
|
||||||
|
|
||||||
> For more information on feature rollout, see our
|
For more information on feature rollout, see our
|
||||||
> [feature stages documentation](../about/feature-stages.md).
|
[feature stages documentation](../about/feature-stages.md).
|
||||||
|
|
||||||
## Installing stable
|
## Installing stable
|
||||||
|
|
||||||
@ -66,7 +66,8 @@ pages.
|
|||||||
| 2.19.x | February 04, 2024 | Stable |
|
| 2.19.x | February 04, 2024 | Stable |
|
||||||
| 2.20.x | March 05, 2024 | Mainline |
|
| 2.20.x | March 05, 2024 | Mainline |
|
||||||
|
|
||||||
> **Tip**: We publish a
|
> [!TIP]
|
||||||
|
> We publish a
|
||||||
> [`preview`](https://github.com/coder/coder/pkgs/container/coder-preview) image
|
> [`preview`](https://github.com/coder/coder/pkgs/container/coder-preview) image
|
||||||
> `ghcr.io/coder/coder-preview` on each commit to the `main` branch. This can be
|
> `ghcr.io/coder/coder-preview` on each commit to the `main` branch. This can be
|
||||||
> used to test under-development features and bug fixes that have not yet been
|
> used to test under-development features and bug fixes that have not yet been
|
||||||
|
@ -68,9 +68,9 @@ sudo rm /etc/coder.d/coder.env
|
|||||||
|
|
||||||
## Coder settings, cache, and the optional built-in PostgreSQL database
|
## Coder settings, cache, and the optional built-in PostgreSQL database
|
||||||
|
|
||||||
> There is a `postgres` directory within the `coderv2` directory that has the
|
There is a `postgres` directory within the `coderv2` directory that has the
|
||||||
> database engine and database. If you want to reuse the database, consider not
|
database engine and database. If you want to reuse the database, consider not
|
||||||
> performing the following step or copying the directory to another location.
|
performing the following step or copying the directory to another location.
|
||||||
|
|
||||||
<div class="tabs">
|
<div class="tabs">
|
||||||
|
|
||||||
|
@ -2,12 +2,9 @@
|
|||||||
|
|
||||||
This article walks you through how to upgrade your Coder server.
|
This article walks you through how to upgrade your Coder server.
|
||||||
|
|
||||||
<blockquote class="danger">
|
> [!CAUTION]
|
||||||
<p>
|
> Prior to upgrading a production Coder deployment, take a database snapshot since
|
||||||
Prior to upgrading a production Coder deployment, take a database snapshot since
|
> Coder does not support rollbacks.
|
||||||
Coder does not support rollbacks.
|
|
||||||
</p>
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
To upgrade your Coder server, simply reinstall Coder using your original method
|
To upgrade your Coder server, simply reinstall Coder using your original method
|
||||||
of [install](../install).
|
of [install](../install).
|
||||||
|
@ -28,8 +28,8 @@ Containers** template by pressing **Use Template**.
|
|||||||
|
|
||||||

|

|
||||||
|
|
||||||
> You can also a find a comprehensive list of starter templates in **Templates**
|
You can also a find a comprehensive list of starter templates in **Templates**
|
||||||
> -> **Create Template** -> **Starter Templates**. s
|
-> **Create Template** -> **Starter Templates**. s
|
||||||
|
|
||||||
## 3. Create your template
|
## 3. Create your template
|
||||||
|
|
||||||
@ -75,7 +75,8 @@ This starter template lets you connect to your workspace in a few ways:
|
|||||||
haven't already, you'll have to install Coder on your local machine to
|
haven't already, you'll have to install Coder on your local machine to
|
||||||
configure your SSH client.
|
configure your SSH client.
|
||||||
|
|
||||||
> **Tip**: You can edit the template to let developers connect to a workspace in
|
> [!TIP]
|
||||||
|
> You can edit the template to let developers connect to a workspace in
|
||||||
> [a few more ways](../ides.md).
|
> [a few more ways](../ides.md).
|
||||||
|
|
||||||
When you're done, you can stop the workspace. -->
|
When you're done, you can stop the workspace. -->
|
||||||
|
@ -50,7 +50,8 @@ The Docker starter template lets you connect to your workspace in a few ways:
|
|||||||
haven't already, you'll have to install Coder on your local machine to
|
haven't already, you'll have to install Coder on your local machine to
|
||||||
configure your SSH client.
|
configure your SSH client.
|
||||||
|
|
||||||
> **Tip**: You can edit the template to let developers connect to a workspace in
|
> [!TIP]
|
||||||
|
> You can edit the template to let developers connect to a workspace in
|
||||||
> [a few more ways](../admin/templates/extending-templates/web-ides.md).
|
> [a few more ways](../admin/templates/extending-templates/web-ides.md).
|
||||||
|
|
||||||
## 3. Modify your workspace settings
|
## 3. Modify your workspace settings
|
||||||
|
@ -15,8 +15,7 @@ simplicity.
|
|||||||
|
|
||||||
First, install [Docker](https://docs.docker.com/engine/install/) locally.
|
First, install [Docker](https://docs.docker.com/engine/install/) locally.
|
||||||
|
|
||||||
> If you already have the Coder binary installed, restart it after installing
|
If you already have the Coder binary installed, restart it after installing Docker.
|
||||||
> Docker.
|
|
||||||
|
|
||||||
<div class="tabs">
|
<div class="tabs">
|
||||||
|
|
||||||
@ -30,7 +29,8 @@ curl -L https://coder.com/install.sh | sh
|
|||||||
|
|
||||||
## Windows
|
## Windows
|
||||||
|
|
||||||
> **Important:** If you plan to use the built-in PostgreSQL database, you will
|
> [!IMPORTANT]
|
||||||
|
> If you plan to use the built-in PostgreSQL database, you will
|
||||||
> need to ensure that the
|
> need to ensure that the
|
||||||
> [Visual C++ Runtime](https://learn.microsoft.com/en-US/cpp/windows/latest-supported-vc-redist#latest-microsoft-visual-c-redistributable-version)
|
> [Visual C++ Runtime](https://learn.microsoft.com/en-US/cpp/windows/latest-supported-vc-redist#latest-microsoft-visual-c-redistributable-version)
|
||||||
> is installed.
|
> is installed.
|
||||||
|
@ -39,9 +39,9 @@ module "git-clone" {
|
|||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
> You can edit the template using an IDE or terminal of your preference, or by
|
You can edit the template using an IDE or terminal of your preference, or by
|
||||||
> going into the
|
going into the
|
||||||
> [template editor UI](../admin/templates/creating-templates.md#web-ui).
|
[template editor UI](../admin/templates/creating-templates.md#web-ui).
|
||||||
|
|
||||||
You can also use
|
You can also use
|
||||||
[template parameters](../admin/templates/extending-templates/parameters.md) to
|
[template parameters](../admin/templates/extending-templates/parameters.md) to
|
||||||
@ -63,9 +63,9 @@ module "git-clone" {
|
|||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
> If you need more customization, you can read the
|
If you need more customization, you can read the
|
||||||
> [Git Clone module](https://registry.coder.com/modules/git-clone) documentation
|
[Git Clone module](https://registry.coder.com/modules/git-clone) documentation
|
||||||
> to learn more about the module.
|
to learn more about the module.
|
||||||
|
|
||||||
Don't forget to build and publish the template changes before creating a new
|
Don't forget to build and publish the template changes before creating a new
|
||||||
workspace. You can check if the repository is cloned by accessing the workspace
|
workspace. You can check if the repository is cloned by accessing the workspace
|
||||||
|
@ -11,12 +11,12 @@ December 13, 2023
|
|||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
> Okta is an identity provider that can be used for OpenID Connect (OIDC) Single
|
Okta is an identity provider that can be used for OpenID Connect (OIDC) Single
|
||||||
> Sign On (SSO) on Coder.
|
Sign On (SSO) on Coder.
|
||||||
|
|
||||||
To configure custom claims in Okta to support syncing roles and groups with
|
To configure custom claims in Okta to support syncing roles and groups with
|
||||||
Coder, you must first have setup an Okta application with
|
Coder, you must first have setup an Okta application with
|
||||||
[OIDC working with Coder](https://coder.com/docs/admin/auth#openid-connect).
|
[OIDC working with Coder](../admin/users/oidc-auth.md).
|
||||||
From here, we will add additional claims for Coder to use for syncing groups and
|
From here, we will add additional claims for Coder to use for syncing groups and
|
||||||
roles.
|
roles.
|
||||||
|
|
||||||
@ -37,10 +37,10 @@ In the “OpenID Connect ID Token” section, turn on “Groups Claim Type” an
|
|||||||
the “Claim name” to `groups`. Optionally configure a filter for which groups to
|
the “Claim name” to `groups`. Optionally configure a filter for which groups to
|
||||||
be sent.
|
be sent.
|
||||||
|
|
||||||
> !! If the user does not belong to any groups, the claim will not be sent. Make
|
> [!IMPORTANT]
|
||||||
> sure the user authenticating for testing is in at least 1 group. Defer to
|
> If the user does not belong to any groups, the claim will not be sent. Make
|
||||||
> [troubleshooting](https://coder.com/docs/admin/auth#troubleshooting) with
|
> sure the user authenticating for testing is in at least one group. Defer to
|
||||||
> issues
|
> [troubleshooting](../admin/users/index.md) with issues.
|
||||||
|
|
||||||

|

|
||||||
|
|
||||||
|
@ -123,10 +123,10 @@ icons except the web terminal.
|
|||||||
|
|
||||||
## I want to allow code-server to be accessible by other users in my deployment
|
## I want to allow code-server to be accessible by other users in my deployment
|
||||||
|
|
||||||
> It is **not** recommended to share a web IDE, but if required, the following
|
We don't recommend that you share a web IDE, but if you need to, the following
|
||||||
> deployment environment variable settings are required.
|
deployment environment variable settings are required.
|
||||||
|
|
||||||
Set deployment (Kubernetes) to allow path app sharing
|
Set deployment (Kubernetes) to allow path app sharing:
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
# allow authenticated users to access path-based workspace apps
|
# allow authenticated users to access path-based workspace apps
|
||||||
@ -160,8 +160,8 @@ If the [`CODER_ACCESS_URL`](../admin/setup/index.md#access-url) is not
|
|||||||
accessible from a workspace, the workspace may build, but the agent cannot reach
|
accessible from a workspace, the workspace may build, but the agent cannot reach
|
||||||
Coder, and thus the missing icons. e.g., Terminal, IDEs, Apps.
|
Coder, and thus the missing icons. e.g., Terminal, IDEs, Apps.
|
||||||
|
|
||||||
> By default, `coder server` automatically creates an Internet-accessible
|
By default, `coder server` automatically creates an Internet-accessible
|
||||||
> reverse proxy so that workspaces you create can reach the server.
|
reverse proxy so that workspaces you create can reach the server.
|
||||||
|
|
||||||
If you are doing a standalone install, e.g., on a MacBook and want to build
|
If you are doing a standalone install, e.g., on a MacBook and want to build
|
||||||
workspaces in Docker Desktop, everything is self-contained and workspaces
|
workspaces in Docker Desktop, everything is self-contained and workspaces
|
||||||
@ -171,8 +171,8 @@ workspaces in Docker Desktop, everything is self-contained and workspaces
|
|||||||
coder server --access-url http://localhost:3000 --address 0.0.0.0:3000
|
coder server --access-url http://localhost:3000 --address 0.0.0.0:3000
|
||||||
```
|
```
|
||||||
|
|
||||||
> Even `coder server` which creates a reverse proxy, will let you use
|
Even `coder server` which creates a reverse proxy, will let you use
|
||||||
> <http://localhost> to access Coder from a browser.
|
<http://localhost> to access Coder from a browser.
|
||||||
|
|
||||||
## I updated a template, and an existing workspace based on that template fails to start
|
## I updated a template, and an existing workspace based on that template fails to start
|
||||||
|
|
||||||
|
@ -15,8 +15,8 @@ authenticate the Coder control plane to AWS and create an EC2 workspace. The
|
|||||||
below steps assume your Coder control plane is running in Google Cloud and has
|
below steps assume your Coder control plane is running in Google Cloud and has
|
||||||
the relevant service account assigned.
|
the relevant service account assigned.
|
||||||
|
|
||||||
> For steps on assigning a service account to a resource like Coder,
|
For steps on assigning a service account to a resource like Coder, visit the
|
||||||
> [see the Google documentation here](https://cloud.google.com/iam/docs/attach-service-accounts#attaching-new-resource)
|
[Google documentation](https://cloud.google.com/iam/docs/attach-service-accounts#attaching-new-resource).
|
||||||
|
|
||||||
## 1. Get your Google service account OAuth Client ID
|
## 1. Get your Google service account OAuth Client ID
|
||||||
|
|
||||||
@ -24,8 +24,8 @@ Navigate to the Google Cloud console, and select **IAM & Admin** > **Service
|
|||||||
Accounts**. View the service account you want to use, and copy the **OAuth 2
|
Accounts**. View the service account you want to use, and copy the **OAuth 2
|
||||||
Client ID** value shown on the right-hand side of the row.
|
Client ID** value shown on the right-hand side of the row.
|
||||||
|
|
||||||
> (Optional): If you do not yet have a service account,
|
Optionally: If you do not yet have a service account, use the
|
||||||
> [here is the Google IAM documentation on creating a service account](https://cloud.google.com/iam/docs/service-accounts-create).
|
[Google IAM documentation on creating a service account](https://cloud.google.com/iam/docs/service-accounts-create) to create one.
|
||||||
|
|
||||||
## 2. Create AWS role
|
## 2. Create AWS role
|
||||||
|
|
||||||
@ -122,7 +122,8 @@ gcloud auth print-identity-token --audiences=https://aws.amazon.com --impersonat
|
|||||||
veloper.gserviceaccount.com --include-email
|
veloper.gserviceaccount.com --include-email
|
||||||
```
|
```
|
||||||
|
|
||||||
> Note: Your `gcloud` client may needed elevated permissions to run this
|
> [!NOTE]
|
||||||
|
> Your `gcloud` client may needed elevated permissions to run this
|
||||||
> command.
|
> command.
|
||||||
|
|
||||||
## 5. Set identity token in Coder control plane
|
## 5. Set identity token in Coder control plane
|
||||||
|
@ -72,6 +72,5 @@ coder:
|
|||||||
postgres://<user>:<password>@databasehost:<port>/<db-name>?sslmode=verify-full&sslrootcert="/home/coder/.postgresql/postgres-root.crt"
|
postgres://<user>:<password>@databasehost:<port>/<db-name>?sslmode=verify-full&sslrootcert="/home/coder/.postgresql/postgres-root.crt"
|
||||||
```
|
```
|
||||||
|
|
||||||
> More information on connecting to PostgreSQL databases using certificates can
|
More information on connecting to PostgreSQL databases using certificates can
|
||||||
> be found
|
be found in the [PostgreSQL documentation](https://www.postgresql.org/docs/current/libpq-ssl.html#LIBPQ-SSL-CLIENTCERT).
|
||||||
> [here](https://www.postgresql.org/docs/current/libpq-ssl.html#LIBPQ-SSL-CLIENTCERT).
|
|
||||||
|
@ -57,8 +57,8 @@ persistent environment from your main device, a tablet, or your phone.
|
|||||||
|
|
||||||
## Windows
|
## Windows
|
||||||
|
|
||||||
> **Important:** If you plan to use the built-in PostgreSQL database, ensure
|
> [!IMPORTANT]
|
||||||
> that the
|
> If you plan to use the built-in PostgreSQL database, ensure that the
|
||||||
> [Visual C++ Runtime](https://learn.microsoft.com/en-US/cpp/windows/latest-supported-vc-redist#latest-microsoft-visual-c-redistributable-version)
|
> [Visual C++ Runtime](https://learn.microsoft.com/en-US/cpp/windows/latest-supported-vc-redist#latest-microsoft-visual-c-redistributable-version)
|
||||||
> is installed.
|
> is installed.
|
||||||
|
|
||||||
|
@ -53,9 +53,9 @@
|
|||||||
|
|
||||||
## Create DNS provider credentials
|
## Create DNS provider credentials
|
||||||
|
|
||||||
> This example assumes you're using CloudFlare as your DNS provider. For other
|
This example assumes you're using CloudFlare as your DNS provider. For other
|
||||||
> providers, refer to the
|
providers, refer to the
|
||||||
> [CertBot documentation](https://eff-certbot.readthedocs.io/en/stable/using.html#dns-plugins).
|
[CertBot documentation](https://eff-certbot.readthedocs.io/en/stable/using.html#dns-plugins).
|
||||||
|
|
||||||
1. Create an API token for the DNS provider you're using: e.g.
|
1. Create an API token for the DNS provider you're using: e.g.
|
||||||
[CloudFlare](https://developers.cloudflare.com/fundamentals/api/get-started/create-token)
|
[CloudFlare](https://developers.cloudflare.com/fundamentals/api/get-started/create-token)
|
||||||
@ -92,8 +92,8 @@
|
|||||||
|
|
||||||
## Configure Apache
|
## Configure Apache
|
||||||
|
|
||||||
> This example assumes Coder is running locally on `127.0.0.1:3000` and that
|
This example assumes Coder is running locally on `127.0.0.1:3000` and that
|
||||||
> you're using `coder.example.com` as your subdomain.
|
you're using `coder.example.com` as your subdomain.
|
||||||
|
|
||||||
1. Create Apache configuration for Coder:
|
1. Create Apache configuration for Coder:
|
||||||
|
|
||||||
|
@ -36,8 +36,8 @@
|
|||||||
|
|
||||||
## Adding Coder deployment subdomain
|
## Adding Coder deployment subdomain
|
||||||
|
|
||||||
> This example assumes Coder is running locally on `127.0.0.1:3000` and that
|
This example assumes Coder is running locally on `127.0.0.1:3000` and that
|
||||||
> you're using `coder.example.com` as your subdomain.
|
you're using `coder.example.com` as your subdomain.
|
||||||
|
|
||||||
1. Create NGINX configuration for this app:
|
1. Create NGINX configuration for this app:
|
||||||
|
|
||||||
@ -60,9 +60,9 @@
|
|||||||
|
|
||||||
## Create DNS provider credentials
|
## Create DNS provider credentials
|
||||||
|
|
||||||
> This example assumes you're using CloudFlare as your DNS provider. For other
|
This example assumes you're using CloudFlare as your DNS provider. For other
|
||||||
> providers, refer to the
|
providers, refer to the
|
||||||
> [CertBot documentation](https://eff-certbot.readthedocs.io/en/stable/using.html#dns-plugins).
|
[CertBot documentation](https://eff-certbot.readthedocs.io/en/stable/using.html#dns-plugins).
|
||||||
|
|
||||||
1. Create an API token for the DNS provider you're using: e.g.
|
1. Create an API token for the DNS provider you're using: e.g.
|
||||||
[CloudFlare](https://developers.cloudflare.com/fundamentals/api/get-started/create-token)
|
[CloudFlare](https://developers.cloudflare.com/fundamentals/api/get-started/create-token)
|
||||||
|
@ -23,7 +23,8 @@ treated as such.**
|
|||||||
|
|
||||||
A brief overview of all files contained in the bundle is provided below:
|
A brief overview of all files contained in the bundle is provided below:
|
||||||
|
|
||||||
> Note: detailed descriptions of all the information available in the bundle is
|
> [!NOTE]
|
||||||
|
> Detailed descriptions of all the information available in the bundle is
|
||||||
> out of scope, as support bundles are primarily intended for internal use.
|
> out of scope, as support bundles are primarily intended for internal use.
|
||||||
|
|
||||||
| Filename | Description |
|
| Filename | Description |
|
||||||
@ -61,7 +62,8 @@ A brief overview of all files contained in the bundle is provided below:
|
|||||||
2. Ensure you have the Coder CLI installed on a local machine. See
|
2. Ensure you have the Coder CLI installed on a local machine. See
|
||||||
[installation](../install/index.md) for steps on how to do this.
|
[installation](../install/index.md) for steps on how to do this.
|
||||||
|
|
||||||
> Note: It is recommended to generate a support bundle from a location
|
> [!NOTE]
|
||||||
|
> It is recommended to generate a support bundle from a location
|
||||||
> experiencing workspace connectivity issues.
|
> experiencing workspace connectivity issues.
|
||||||
|
|
||||||
3. Ensure you are [logged in](../reference/cli/login.md#login) to your Coder
|
3. Ensure you are [logged in](../reference/cli/login.md#login) to your Coder
|
||||||
@ -80,7 +82,8 @@ A brief overview of all files contained in the bundle is provided below:
|
|||||||
6. Coder staff will provide you a link where you can upload the bundle along
|
6. Coder staff will provide you a link where you can upload the bundle along
|
||||||
with any other necessary supporting files.
|
with any other necessary supporting files.
|
||||||
|
|
||||||
> Note: It is helpful to leave an informative message regarding the nature of
|
> [!NOTE]
|
||||||
|
> It is helpful to leave an informative message regarding the nature of
|
||||||
> supporting files.
|
> supporting files.
|
||||||
|
|
||||||
Coder support will then review the information you provided and respond to you
|
Coder support will then review the information you provided and respond to you
|
||||||
|
@ -21,6 +21,7 @@ Coder can provision all Terraform modules, resources, and properties. The Coder
|
|||||||
server essentially runs a `terraform apply` every time a workspace is created,
|
server essentially runs a `terraform apply` every time a workspace is created,
|
||||||
started, or stopped.
|
started, or stopped.
|
||||||
|
|
||||||
|
> [!TIP]
|
||||||
> Haven't written Terraform before? Check out Hashicorp's
|
> Haven't written Terraform before? Check out Hashicorp's
|
||||||
> [Getting Started Guides](https://developer.hashicorp.com/terraform/tutorials).
|
> [Getting Started Guides](https://developer.hashicorp.com/terraform/tutorials).
|
||||||
|
|
||||||
|
@ -3,7 +3,8 @@
|
|||||||
Use Coder Desktop to work on your workspaces as though they're on your LAN, no
|
Use Coder Desktop to work on your workspaces as though they're on your LAN, no
|
||||||
port-forwarding required.
|
port-forwarding required.
|
||||||
|
|
||||||
> ⚠️ Note: Coder Desktop requires a Coder deployment running [v2.20.0](https://github.com/coder/coder/releases/tag/v2.20.0) or later.
|
> [!NOTE]
|
||||||
|
> Coder Desktop requires a Coder deployment running [v2.20.0](https://github.com/coder/coder/releases/tag/v2.20.0) or later.
|
||||||
|
|
||||||
## Install Coder Desktop
|
## Install Coder Desktop
|
||||||
|
|
||||||
@ -132,7 +133,8 @@ You can also connect to the SSH server in your workspace using any SSH client, s
|
|||||||
ssh your-workspace.coder
|
ssh your-workspace.coder
|
||||||
```
|
```
|
||||||
|
|
||||||
> ⚠️ Note: Currently, the Coder IDE extensions for VSCode and JetBrains create their own tunnel and do not utilize the CoderVPN tunnel to connect to workspaces.
|
> [!NOTE]
|
||||||
|
> Currently, the Coder IDE extensions for VSCode and JetBrains create their own tunnel and do not utilize the CoderVPN tunnel to connect to workspaces.
|
||||||
|
|
||||||
## Accessing web apps in a secure browser context
|
## Accessing web apps in a secure browser context
|
||||||
|
|
||||||
@ -141,7 +143,8 @@ A browser typically considers an origin secure if the connection is to `localhos
|
|||||||
|
|
||||||
As CoderVPN uses its own hostnames and does not provide TLS to the browser, Google Chrome and Firefox will not allow any web APIs that require a secure context.
|
As CoderVPN uses its own hostnames and does not provide TLS to the browser, Google Chrome and Firefox will not allow any web APIs that require a secure context.
|
||||||
|
|
||||||
> Note: Despite the browser showing an insecure connection without `HTTPS`, the underlying tunnel is encrypted with WireGuard in the same fashion as other Coder workspace connections (e.g. `coder port-forward`).
|
> [!NOTE]
|
||||||
|
> Despite the browser showing an insecure connection without `HTTPS`, the underlying tunnel is encrypted with WireGuard in the same fashion as other Coder workspace connections (e.g. `coder port-forward`).
|
||||||
|
|
||||||
If you require secure context web APIs, you will need to mark the workspace hostnames as secure in your browser settings.
|
If you require secure context web APIs, you will need to mark the workspace hostnames as secure in your browser settings.
|
||||||
|
|
||||||
|
@ -3,9 +3,9 @@
|
|||||||
There are many ways to connect to your workspace, the options are only limited
|
There are many ways to connect to your workspace, the options are only limited
|
||||||
by the template configuration.
|
by the template configuration.
|
||||||
|
|
||||||
> Deployment operators can learn more about different types of workspace
|
Deployment operators can learn more about different types of workspace
|
||||||
> connections and performance in our
|
connections and performance in our
|
||||||
> [networking docs](../../admin/infrastructure/index.md).
|
[networking docs](../../admin/infrastructure/index.md).
|
||||||
|
|
||||||
You can see the primary methods of connecting to your workspace in the workspace
|
You can see the primary methods of connecting to your workspace in the workspace
|
||||||
dashboard.
|
dashboard.
|
||||||
@ -38,30 +38,37 @@ Or, you can configure plain SSH on your client below.
|
|||||||
Coder generates [SSH key pairs](../../admin/security/secrets.md#ssh-keys) for
|
Coder generates [SSH key pairs](../../admin/security/secrets.md#ssh-keys) for
|
||||||
each user to simplify the setup process.
|
each user to simplify the setup process.
|
||||||
|
|
||||||
> Before proceeding, run `coder login <accessURL>` if you haven't already to
|
1. Use your terminal to authenticate the CLI with Coder web UI and your workspaces:
|
||||||
> authenticate the CLI with the web UI and your workspaces.
|
|
||||||
|
|
||||||
To access Coder via SSH, run the following in the terminal:
|
```bash
|
||||||
|
coder login <accessURL>
|
||||||
|
```
|
||||||
|
|
||||||
```console
|
1. Access Coder via SSH:
|
||||||
coder config-ssh
|
|
||||||
```
|
|
||||||
|
|
||||||
> Run `coder config-ssh --dry-run` if you'd like to see the changes that will be
|
```shell
|
||||||
> made before proceeding.
|
coder config-ssh
|
||||||
|
```
|
||||||
|
|
||||||
Confirm that you want to continue by typing **yes** and pressing enter. If
|
1. Run `coder config-ssh --dry-run` if you'd like to see the changes that will be
|
||||||
|
before you proceed:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
coder config-ssh --dry-run
|
||||||
|
```
|
||||||
|
|
||||||
|
1. Confirm that you want to continue by typing **yes** and pressing enter. If
|
||||||
successful, you'll see the following message:
|
successful, you'll see the following message:
|
||||||
|
|
||||||
```console
|
```console
|
||||||
You should now be able to ssh into your workspace.
|
You should now be able to ssh into your workspace.
|
||||||
For example, try running:
|
For example, try running:
|
||||||
|
|
||||||
|
$ ssh coder.<workspaceName>
|
||||||
|
```
|
||||||
|
|
||||||
$ ssh coder.<workspaceName>
|
Your workspace is now accessible via `ssh coder.<workspace_name>`
|
||||||
```
|
(for example, `ssh coder.myEnv` if your workspace is named `myEnv`).
|
||||||
|
|
||||||
Your workspace is now accessible via `ssh coder.<workspace_name>` (e.g.,
|
|
||||||
`ssh coder.myEnv` if your workspace is named `myEnv`).
|
|
||||||
|
|
||||||
## Visual Studio Code
|
## Visual Studio Code
|
||||||
|
|
||||||
|
@ -27,10 +27,6 @@ manually setting up an SSH connection.
|
|||||||
|
|
||||||
### How to use the plugin
|
### How to use the plugin
|
||||||
|
|
||||||
> If you experience problems, please
|
|
||||||
> [create a GitHub issue](https://github.com/coder/coder/issues) or share in
|
|
||||||
> [our Discord channel](https://discord.gg/coder).
|
|
||||||
|
|
||||||
1. [Install Gateway](https://www.jetbrains.com/help/idea/jetbrains-gateway.html)
|
1. [Install Gateway](https://www.jetbrains.com/help/idea/jetbrains-gateway.html)
|
||||||
and open the application.
|
and open the application.
|
||||||
1. Under **Install More Providers**, find the Coder icon and click **Install**
|
1. Under **Install More Providers**, find the Coder icon and click **Install**
|
||||||
@ -72,8 +68,11 @@ manually setting up an SSH connection.
|
|||||||
|
|
||||||

|

|
||||||
|
|
||||||
> Note the JetBrains IDE is remotely installed into
|
The JetBrains IDE is remotely installed into `~/.cache/JetBrains/RemoteDev/dist`
|
||||||
> `~/.cache/JetBrains/RemoteDev/dist`
|
|
||||||
|
If you experience any issues, please
|
||||||
|
[create a GitHub issue](https://github.com/coder/coder/issues) or share in
|
||||||
|
[our Discord channel](https://discord.gg/coder).
|
||||||
|
|
||||||
### Update a Coder plugin version
|
### Update a Coder plugin version
|
||||||
|
|
||||||
@ -136,8 +135,7 @@ keytool -import -alias coder -file cacert.pem -keystore /Applications/JetBrains\
|
|||||||
|
|
||||||
## Manually Configuring A JetBrains Gateway Connection
|
## Manually Configuring A JetBrains Gateway Connection
|
||||||
|
|
||||||
> This is in lieu of using Coder's Gateway plugin which automatically performs
|
This is in lieu of using Coder's Gateway plugin which automatically performs these steps.
|
||||||
> these steps.
|
|
||||||
|
|
||||||
1. [Install Gateway](https://www.jetbrains.com/help/idea/jetbrains-gateway.html).
|
1. [Install Gateway](https://www.jetbrains.com/help/idea/jetbrains-gateway.html).
|
||||||
|
|
||||||
@ -187,8 +185,7 @@ keytool -import -alias coder -file cacert.pem -keystore /Applications/JetBrains\
|
|||||||
|
|
||||||

|

|
||||||
|
|
||||||
> Note the JetBrains IDE is remotely installed into
|
The JetBrains IDE is remotely installed into `~/. cache/JetBrains/RemoteDev/dist`
|
||||||
> `~/. cache/JetBrains/RemoteDev/dist`
|
|
||||||
|
|
||||||
1. Click **Download and Start IDE** to connect.
|
1. Click **Download and Start IDE** to connect.
|
||||||
|
|
||||||
@ -206,6 +203,7 @@ cd /opt/idea/bin
|
|||||||
./remote-dev-server.sh registerBackendLocationForGateway
|
./remote-dev-server.sh registerBackendLocationForGateway
|
||||||
```
|
```
|
||||||
|
|
||||||
|
> [!NOTE]
|
||||||
> Gateway only works with paid versions of JetBrains IDEs so the script will not
|
> Gateway only works with paid versions of JetBrains IDEs so the script will not
|
||||||
> be located in the `bin` directory of JetBrains Community editions.
|
> be located in the `bin` directory of JetBrains Community editions.
|
||||||
|
|
||||||
@ -395,6 +393,6 @@ Fleet can connect to a Coder workspace by following these steps.
|
|||||||
4. Connect via SSH with the Host set to `coder.workspace-name`
|
4. Connect via SSH with the Host set to `coder.workspace-name`
|
||||||

|

|
||||||
|
|
||||||
> If you experience problems, please
|
If you experience any issues, please
|
||||||
> [create a GitHub issue](https://github.com/coder/coder/issues) or share in
|
[create a GitHub issue](https://github.com/coder/coder/issues) or share in
|
||||||
> [our Discord channel](https://discord.gg/coder).
|
[our Discord channel](https://discord.gg/coder).
|
||||||
|
@ -50,17 +50,17 @@ For more examples, see `coder port-forward --help`.
|
|||||||
|
|
||||||
## Dashboard
|
## Dashboard
|
||||||
|
|
||||||
> To enable port forwarding via the dashboard, Coder must be configured with a
|
To enable port forwarding via the dashboard, Coder must be configured with a
|
||||||
> [wildcard access URL](../../admin/setup/index.md#wildcard-access-url). If an
|
[wildcard access URL](../../admin/setup/index.md#wildcard-access-url). If an
|
||||||
> access URL is not specified, Coder will create
|
access URL is not specified, Coder will create
|
||||||
> [a publicly accessible URL](../../admin/setup/index.md#tunnel) to reverse
|
[a publicly accessible URL](../../admin/setup/index.md#tunnel) to reverse
|
||||||
> proxy the deployment, and port forwarding will work.
|
proxy the deployment, and port forwarding will work.
|
||||||
>
|
|
||||||
> There is a
|
There is a
|
||||||
> [DNS limitation](https://datatracker.ietf.org/doc/html/rfc1035#section-2.3.1)
|
[DNS limitation](https://datatracker.ietf.org/doc/html/rfc1035#section-2.3.1)
|
||||||
> where each segment of hostnames must not exceed 63 characters. If your app
|
where each segment of hostnames must not exceed 63 characters. If your app
|
||||||
> name, agent name, workspace name and username exceed 63 characters in the
|
name, agent name, workspace name and username exceed 63 characters in the
|
||||||
> hostname, port forwarding via the dashboard will not work.
|
hostname, port forwarding via the dashboard will not work.
|
||||||
|
|
||||||
### From an coder_app resource
|
### From an coder_app resource
|
||||||
|
|
||||||
@ -122,6 +122,7 @@ it is still accessible.
|
|||||||
|
|
||||||

|

|
||||||
|
|
||||||
|
> [!NOTE]
|
||||||
> The sharing level is limited by the maximum level enforced in the template
|
> The sharing level is limited by the maximum level enforced in the template
|
||||||
> settings in licensed deployments, and not restricted in OSS deployments.
|
> settings in licensed deployments, and not restricted in OSS deployments.
|
||||||
|
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
# Remote Desktops
|
# Remote Desktops
|
||||||
|
|
||||||
> Built-in remote desktop is on the roadmap
|
Built-in remote desktop is on the roadmap
|
||||||
> ([#2106](https://github.com/coder/coder/issues/2106)).
|
([#2106](https://github.com/coder/coder/issues/2106)).
|
||||||
|
|
||||||
## VNC Desktop
|
## VNC Desktop
|
||||||
|
|
||||||
@ -45,10 +45,10 @@ Then, connect to your workspace via RDP:
|
|||||||
mstsc /v localhost:3399
|
mstsc /v localhost:3399
|
||||||
```
|
```
|
||||||
|
|
||||||
or use your favorite RDP client to connect to `localhost:3399`.
|
Or use your favorite RDP client to connect to `localhost:3399`.
|
||||||

|

|
||||||
|
|
||||||
> Note: Default username is `Administrator` and password is `coderRDP!`.
|
The default username is `Administrator` and password is `coderRDP!`.
|
||||||
|
|
||||||
## RDP Web
|
## RDP Web
|
||||||
|
|
||||||
|
@ -15,6 +15,7 @@ extension, authenticates with Coder, and connects to the workspace.
|
|||||||
|
|
||||||

|

|
||||||
|
|
||||||
|
> [!NOTE]
|
||||||
> The `VS Code Desktop` button can be hidden by enabling
|
> The `VS Code Desktop` button can be hidden by enabling
|
||||||
> [Browser-only connections](../../admin/networking/index.md#browser-only-connections).
|
> [Browser-only connections](../../admin/networking/index.md#browser-only-connections).
|
||||||
|
|
||||||
@ -52,7 +53,8 @@ marketplace, or the Eclipse Open VSX _local_ marketplace.
|
|||||||
|
|
||||||

|

|
||||||
|
|
||||||
> Note: Microsoft does not allow any unofficial VS Code IDE to connect to the
|
> [!NOTE]
|
||||||
|
> Microsoft does not allow any unofficial VS Code IDE to connect to the
|
||||||
> extension marketplace.
|
> extension marketplace.
|
||||||
|
|
||||||
### Adding extensions to custom images
|
### Adding extensions to custom images
|
||||||
|
@ -15,8 +15,8 @@ In Coder, web IDEs are defined as
|
|||||||
resources in the template. With our generic model, any web application can be
|
resources in the template. With our generic model, any web application can be
|
||||||
used as a Coder application. For example:
|
used as a Coder application. For example:
|
||||||
|
|
||||||
> To learn more about configuring IDEs in templates, see our docs on
|
To learn more about configuring IDEs in templates, see our docs on
|
||||||
> [template administration](../../admin/templates/index.md).
|
[template administration](../../admin/templates/index.md).
|
||||||
|
|
||||||

|

|
||||||
|
|
||||||
|
@ -66,10 +66,7 @@ Use the Coder CLI to log in and configure SSH, then connect to your workspace wi
|
|||||||
|
|
||||||

|

|
||||||
|
|
||||||
<blockquote class="admonition note">
|
> [!NOTE]
|
||||||
|
> If you have any suggestions or experience any issues, please
|
||||||
If you have any suggestions or experience any issues, please
|
> [create a GitHub issue](https://github.com/coder/coder/issues) or share in
|
||||||
[create a GitHub issue](https://github.com/coder/coder/issues) or share in
|
> [our Discord channel](https://discord.gg/coder).
|
||||||
[our Discord channel](https://discord.gg/coder).
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
@ -18,6 +18,7 @@ your workspace automatically.
|
|||||||
|
|
||||||

|

|
||||||
|
|
||||||
|
> [!NOTE]
|
||||||
> Template admins: this can be enabled quite easily with a our
|
> Template admins: this can be enabled quite easily with a our
|
||||||
> [dotfiles module](https://registry.coder.com/modules/dotfiles) using just a
|
> [dotfiles module](https://registry.coder.com/modules/dotfiles) using just a
|
||||||
> few lines in the template.
|
> few lines in the template.
|
||||||
@ -37,6 +38,7 @@ sudo apt update
|
|||||||
sudo apt install -y neovim fish cargo
|
sudo apt install -y neovim fish cargo
|
||||||
```
|
```
|
||||||
|
|
||||||
|
> [!NOTE]
|
||||||
> Template admins: refer to
|
> Template admins: refer to
|
||||||
> [this module](https://registry.coder.com/modules/personalize) to enable the
|
> [this module](https://registry.coder.com/modules/personalize) to enable the
|
||||||
> `~/personalize` script on templates.
|
> `~/personalize` script on templates.
|
||||||
|
@ -15,8 +15,8 @@ Persistent resources stay provisioned when the workspace is stopped, where as
|
|||||||
ephemeral resources are destroyed and recreated on restart. All resources are
|
ephemeral resources are destroyed and recreated on restart. All resources are
|
||||||
destroyed when a workspace is deleted.
|
destroyed when a workspace is deleted.
|
||||||
|
|
||||||
> Template administrators can learn more about resource configuration in the
|
Template administrators can learn more about resource configuration in the
|
||||||
> [extending templates docs](../admin/templates/extending-templates/resource-persistence.md).
|
[extending templates docs](../admin/templates/extending-templates/resource-persistence.md).
|
||||||
|
|
||||||
## Workspace States
|
## Workspace States
|
||||||
|
|
||||||
|
@ -90,12 +90,9 @@ manually updated the workspace.
|
|||||||
|
|
||||||
## Bulk operations
|
## Bulk operations
|
||||||
|
|
||||||
<blockquote class="info">
|
> [!NOTE]
|
||||||
|
> Bulk operations are an Enterprise and Premium feature.
|
||||||
Bulk operations are an Enterprise and Premium feature.
|
> [Learn more](https://coder.com/pricing#compare-plans).
|
||||||
[Learn more](https://coder.com/pricing#compare-plans).
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
Licensed admins may apply bulk operations (update, delete, start, stop) in the
|
Licensed admins may apply bulk operations (update, delete, start, stop) in the
|
||||||
**Workspaces** tab. Select the workspaces you'd like to modify with the
|
**Workspaces** tab. Select the workspaces you'd like to modify with the
|
||||||
@ -182,4 +179,5 @@ Coder stores macOS and Linux logs at the following locations:
|
|||||||
| `shutdown_script` | `/tmp/coder-shutdown-script.log` |
|
| `shutdown_script` | `/tmp/coder-shutdown-script.log` |
|
||||||
| Agent | `/tmp/coder-agent.log` |
|
| Agent | `/tmp/coder-agent.log` |
|
||||||
|
|
||||||
> Note: Logs are truncated once they reach 5MB in size.
|
> [!NOTE]
|
||||||
|
> Logs are truncated once they reach 5MB in size.
|
||||||
|
@ -24,7 +24,7 @@ Then open the **Schedule** tab to see your workspace scheduling options.
|
|||||||
|
|
||||||
## Autostart
|
## Autostart
|
||||||
|
|
||||||
> Autostart must be enabled in the template settings by your administrator.
|
Autostart must be enabled in the template settings by your administrator.
|
||||||
|
|
||||||
Use autostart to start a workspace at a specified time and which days of the
|
Use autostart to start a workspace at a specified time and which days of the
|
||||||
week. Also, you can choose your preferred timezone. Admins may restrict which
|
week. Also, you can choose your preferred timezone. Admins may restrict which
|
||||||
@ -51,12 +51,9 @@ for your workspace.
|
|||||||
|
|
||||||
## Autostop requirement
|
## Autostop requirement
|
||||||
|
|
||||||
<blockquote class="info">
|
> [!NOTE]
|
||||||
|
> Autostop requirement is an Enterprise and Premium feature.
|
||||||
Autostop requirement is an Enterprise and Premium feature.
|
> [Learn more](https://coder.com/pricing#compare-plans).
|
||||||
[Learn more](https://coder.com/pricing#compare-plans).
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
Licensed template admins may enforce a required stop for workspaces to apply
|
Licensed template admins may enforce a required stop for workspaces to apply
|
||||||
updates or undergo maintenance. These stops ignore any active connections or
|
updates or undergo maintenance. These stops ignore any active connections or
|
||||||
@ -65,17 +62,14 @@ frequency for updates, either in **days** or **weeks**. Workspaces will apply
|
|||||||
the template autostop requirement on the given day **in the user's timezone**
|
the template autostop requirement on the given day **in the user's timezone**
|
||||||
and specified quiet hours (see below).
|
and specified quiet hours (see below).
|
||||||
|
|
||||||
> Admins: See the template schedule settings for more information on configuring
|
Admins: See the template schedule settings for more information on configuring
|
||||||
> Autostop Requirement.
|
Autostop Requirement.
|
||||||
|
|
||||||
### User quiet hours
|
### User quiet hours
|
||||||
|
|
||||||
<blockquote class="info">
|
> [!NOTE]
|
||||||
|
> User quiet hours are an Enterprise and Premium feature.
|
||||||
User quiet hours are an Enterprise and Premium feature.
|
> [Learn more](https://coder.com/pricing#compare-plans).
|
||||||
[Learn more](https://coder.com/pricing#compare-plans).
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
User quiet hours can be configured in the user's schedule settings page.
|
User quiet hours can be configured in the user's schedule settings page.
|
||||||
Workspaces on templates with an autostop requirement will only be forcibly
|
Workspaces on templates with an autostop requirement will only be forcibly
|
||||||
@ -90,7 +84,8 @@ powerful system for scheduling your workspace. However, synchronizing all of
|
|||||||
them simultaneously can be somewhat challenging, here are a few example
|
them simultaneously can be somewhat challenging, here are a few example
|
||||||
configurations to better understand how they interact.
|
configurations to better understand how they interact.
|
||||||
|
|
||||||
> Note that the inactivity timer must be configured by your template admin.
|
> [!NOTE]
|
||||||
|
> The inactivity timer must be configured by your template admin.
|
||||||
|
|
||||||
### Working hours
|
### Working hours
|
||||||
|
|
||||||
@ -115,12 +110,9 @@ hours of inactivity.
|
|||||||
|
|
||||||
## Dormancy
|
## Dormancy
|
||||||
|
|
||||||
<blockquote class="info">
|
> [!NOTE]
|
||||||
|
> Dormancy is an Enterprise and Premium feature.
|
||||||
Dormancy is an Enterprise and Premium feature.
|
> [Learn more](https://coder.com/pricing#compare-plans).
|
||||||
[Learn more](https://coder.com/pricing#compare-plans).
|
|
||||||
|
|
||||||
</blockquote>
|
|
||||||
|
|
||||||
Dormancy automatically deletes workspaces which remain unused for long
|
Dormancy automatically deletes workspaces which remain unused for long
|
||||||
durations. Template admins configure an inactivity period after which your
|
durations. Template admins configure an inactivity period after which your
|
||||||
|
Reference in New Issue
Block a user