docs: convert alerts to use GitHub Flavored Markdown (GFM) (#16850)

followup to #16761 

thanks @lucasmelin !

+ thanks: @ethanndickson @Parkreiner @matifali @aqandrew 

- [x] update snippet
- [x] find/replace
- [x] spot-check


[preview](https://coder.com/docs/@16761-gfm-callouts/admin/templates/managing-templates/schedule)
(and others)

---------

Co-authored-by: EdwardAngert <17991901+EdwardAngert@users.noreply.github.com>
Co-authored-by: M Atif Ali <atif@coder.com>
This commit is contained in:
Edward Angert
2025-03-10 15:58:20 -05:00
committed by GitHub
parent e817713dc0
commit 101b62dc3e
86 changed files with 493 additions and 562 deletions

View File

@ -1,14 +1,14 @@
{ {
// For info about snippets, visit https://code.visualstudio.com/docs/editor/userdefinedsnippets // For info about snippets, visit https://code.visualstudio.com/docs/editor/userdefinedsnippets
// https://docs.github.com/en/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax#alerts
"admonition": { "alert": {
"prefix": "#callout", "prefix": "#alert",
"body": [ "body": [
"<blockquote class=\"admonition ${1|caution,important,note,tip,warning|}\">\n", "> [!${1|CAUTION,IMPORTANT,NOTE,TIP,WARNING|}]",
"${TM_SELECTED_TEXT:${2:add info here}}\n", "> ${TM_SELECTED_TEXT:${2:add info here}}\n"
"</blockquote>\n"
], ],
"description": "callout admonition caution info note tip warning" "description": "callout admonition caution important note tip warning"
}, },
"fenced code block": { "fenced code block": {
"prefix": "#codeblock", "prefix": "#codeblock",
@ -23,9 +23,8 @@
"premium-feature": { "premium-feature": {
"prefix": "#premium-feature", "prefix": "#premium-feature",
"body": [ "body": [
"<blockquote class=\"info\">\n", "> [!NOTE]\n",
"${1:feature} ${2|is,are|} an Enterprise and Premium feature. [Learn more](https://coder.com/pricing#compare-plans).\n", "> ${1:feature} ${2|is,are|} an Enterprise and Premium feature. [Learn more](https://coder.com/pricing#compare-plans).\n"
"</blockquote>"
] ]
}, },
"tabs": { "tabs": {

View File

@ -117,9 +117,7 @@ This mode is useful for testing HA or validating more complex setups.
### Deploying a PR ### Deploying a PR
> You need to be a member or collaborator of the of You need to be a member or collaborator of the [coder](https://github.com/coder) GitHub organization to be able to deploy a PR.
> [coder](https://github.com/coder) GitHub organization to be able to deploy a
> PR.
You can test your changes by creating a PR deployment. There are two ways to do You can test your changes by creating a PR deployment. There are two ways to do
this: this:
@ -142,7 +140,8 @@ this:
name and PR number, etc. name and PR number, etc.
- `-y` or `--yes`, will skip the CLI confirmation prompt. - `-y` or `--yes`, will skip the CLI confirmation prompt.
> Note: PR deployment will be re-deployed automatically when the PR is updated. > [!NOTE]
> PR deployment will be re-deployed automatically when the PR is updated.
> It will use the last values automatically for redeployment. > It will use the last values automatically for redeployment.
Once the deployment is finished, a unique link and credentials will be posted in Once the deployment is finished, a unique link and credentials will be posted in
@ -256,8 +255,7 @@ Our frontend guide can be found [here](./contributing/frontend.md).
## Reviews ## Reviews
> The following information has been borrowed from The following information has been borrowed from [Go's review philosophy](https://go.dev/doc/contribute#reviews).
> [Go's review philosophy](https://go.dev/doc/contribute#reviews).
Coder values thorough reviews. For each review comment that you receive, please Coder values thorough reviews. For each review comment that you receive, please
"close" it by implementing the suggestion or providing an explanation on why the "close" it by implementing the suggestion or providing an explanation on why the
@ -345,6 +343,7 @@ Breaking changes can be triggered in two ways:
### Security ### Security
> [!CAUTION]
> If you find a vulnerability, **DO NOT FILE AN ISSUE**. Instead, send an email > If you find a vulnerability, **DO NOT FILE AN ISSUE**. Instead, send an email
> to <security@coder.com>. > to <security@coder.com>.

View File

@ -90,7 +90,8 @@ CODER_EXTERNAL_AUTH_0_CLIENT_SECRET=xxxxxxx
CODER_EXTERNAL_AUTH_0_AUTH_URL="https://login.microsoftonline.com/<TENANT ID>/oauth2/authorize" CODER_EXTERNAL_AUTH_0_AUTH_URL="https://login.microsoftonline.com/<TENANT ID>/oauth2/authorize"
``` ```
> Note: Your app registration in Entra ID requires the `vso.code_write` scope > [!NOTE]
> Your app registration in Entra ID requires the `vso.code_write` scope
### Bitbucket Server ### Bitbucket Server
@ -120,11 +121,8 @@ The Redirect URI for Gitea should be
### GitHub ### GitHub
<blockquote class="admonition tip"> > [!TIP]
> If you don't require fine-grained access control, it's easier to [configure a GitHub OAuth app](#configure-a-github-oauth-app).
If you don't require fine-grained access control, it's easier to [configure a GitHub OAuth app](#configure-a-github-oauth-app).
</blockquote>
```env ```env
CODER_EXTERNAL_AUTH_0_ID="USER_DEFINED_ID" CODER_EXTERNAL_AUTH_0_ID="USER_DEFINED_ID"
@ -179,7 +177,8 @@ CODER_EXTERNAL_AUTH_0_VALIDATE_URL="https://your-domain.com/oauth/token/info"
CODER_EXTERNAL_AUTH_0_REGEX=github\.company\.org CODER_EXTERNAL_AUTH_0_REGEX=github\.company\.org
``` ```
> Note: The `REGEX` variable must be set if using a custom git domain. > [!NOTE]
> The `REGEX` variable must be set if using a custom git domain.
## Custom scopes ## Custom scopes
@ -222,26 +221,16 @@ CODER_EXTERNAL_AUTH_0_SCOPES="repo:read repo:write write:gpg_key"
![Install GitHub App](../images/admin/github-app-install.png) ![Install GitHub App](../images/admin/github-app-install.png)
## Multiple External Providers ## Multiple External Providers (Enterprise)(Premium)
<blockquote class="info">
Multiple providers is an Enterprise and Premium feature.
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
Below is an example configuration with multiple providers: Below is an example configuration with multiple providers:
<blockquote class="admonition warning"> > [!IMPORTANT]
> To support regex matching for paths like `github\.com/org`, add the following `git config` line to the [Coder agent startup script](https://registry.terraform.io/providers/coder/coder/latest/docs/resources/agent#startup_script):
**Note:** To support regex matching for paths like `github\.com/org`, add the following `git config` line to the [Coder agent startup script](https://registry.terraform.io/providers/coder/coder/latest/docs/resources/agent#startup_script): >
> ```shell
```shell > git config --global credential.useHttpPath true
git config --global credential.useHttpPath true > ```
```
</blockquote>
```env ```env
# Provider 1) github.com # Provider 1) github.com

View File

@ -28,7 +28,8 @@ hardware sizing recommendations.
| Kubernetes (GKE) | 4 cores | 16 GB | 2 | db-custom-8-30720 | 2000 | 50 | 2000 simulated | `v2.8.4` | Feb 28, 2024 | | Kubernetes (GKE) | 4 cores | 16 GB | 2 | db-custom-8-30720 | 2000 | 50 | 2000 simulated | `v2.8.4` | Feb 28, 2024 |
| Kubernetes (GKE) | 2 cores | 4 GB | 2 | db-custom-2-7680 | 1000 | 50 | 1000 simulated | `v2.10.2` | Apr 26, 2024 | | Kubernetes (GKE) | 2 cores | 4 GB | 2 | db-custom-2-7680 | 1000 | 50 | 1000 simulated | `v2.10.2` | Apr 26, 2024 |
> Note: A simulated connection reads and writes random data at 40KB/s per connection. > [!NOTE]
> A simulated connection reads and writes random data at 40KB/s per connection.
## Scale testing utility ## Scale testing utility
@ -36,19 +37,16 @@ Since Coder's performance is highly dependent on the templates and workflows you
support, you may wish to use our internal scale testing utility against your own support, you may wish to use our internal scale testing utility against your own
environments. environments.
<blockquote class="admonition important"> > [!IMPORTANT]
> This utility is experimental.
This utility is experimental. >
> It is not subject to any compatibility guarantees and may cause interruptions
It is not subject to any compatibility guarantees and may cause interruptions > for your users.
for your users. > To avoid potential outages and orphaned resources, we recommend that you run
To avoid potential outages and orphaned resources, we recommend that you run > scale tests on a secondary "staging" environment or a dedicated
scale tests on a secondary "staging" environment or a dedicated > [Kubernetes playground cluster](https://github.com/coder/coder/tree/main/scaletest/terraform).
[Kubernetes playground cluster](https://github.com/coder/coder/tree/main/scaletest/terraform). >
> Run it against a production environment at your own risk.
Run it against a production environment at your own risk.
</blockquote>
### Create workspaces ### Create workspaces

View File

@ -36,9 +36,8 @@ cloud/on-premise computing, containerization, and the Coder platform.
| Reference architectures for up to 3,000 users | An approval of your architecture; the CVA solely provides recommendations and guidelines | | Reference architectures for up to 3,000 users | An approval of your architecture; the CVA solely provides recommendations and guidelines |
| Best practices for building a Coder deployment | Recommendations for every possible deployment scenario | | Best practices for building a Coder deployment | Recommendations for every possible deployment scenario |
> For higher level design principles and architectural best practices, see For higher level design principles and architectural best practices, see Coder's
> Coder's [Well-Architected Framework](https://coder.com/blog/coder-well-architected-framework).
> [Well-Architected Framework](https://coder.com/blog/coder-well-architected-framework).
## General concepts ## General concepts

View File

@ -131,11 +131,8 @@ To set this up, follow these steps:
} }
``` ```
<blockquote class="info"> > [!NOTE]
> The admin-level access token is used to provision user tokens and is never exposed to developers or stored in workspaces.
The admin-level access token is used to provision user tokens and is never exposed to developers or stored in workspaces.
</blockquote>
If you don't want to use the official modules, you can read through the [example template](https://github.com/coder/coder/tree/main/examples/jfrog/docker), which uses Docker as the underlying compute. The If you don't want to use the official modules, you can read through the [example template](https://github.com/coder/coder/tree/main/examples/jfrog/docker), which uses Docker as the underlying compute. The
same concepts apply to all compute types. same concepts apply to all compute types.

View File

@ -56,14 +56,11 @@ workspaces using Coder's [JFrog Xray Integration](https://github.com/coder/coder
--set artifactory.secretName="jfrog-token" --set artifactory.secretName="jfrog-token"
``` ```
<blockquote class="admonition warning"> > [!IMPORTANT]
> To authenticate with the Artifactory registry, you may need to
To authenticate with the Artifactory registry, you may need to > create a [Docker config](https://jfrog.com/help/r/jfrog-artifactory-documentation/docker-advanced-topics) and use it in the
create a [Docker config](https://jfrog.com/help/r/jfrog-artifactory-documentation/docker-advanced-topics) and use it in the > `imagePullSecrets` field of the Kubernetes Pod.
`imagePullSecrets` field of the Kubernetes Pod. See the [Defining ImagePullSecrets for Coder workspaces](../../tutorials/image-pull-secret.md) guide for more > See the [Defining ImagePullSecrets for Coder workspaces](../../tutorials/image-pull-secret.md) guide for more information.
information.
</blockquote>
## Validate your installation ## Validate your installation

View File

@ -2,7 +2,8 @@
<!-- Keeping this in as a placeholder for supporting OpenTofu. We should fix support for custom terraform binaries ASAP. --> <!-- Keeping this in as a placeholder for supporting OpenTofu. We should fix support for custom terraform binaries ASAP. -->
> ⚠️ This guide is a work in progress. We do not officially support using custom > [!IMPORTANT]
> This guide is a work in progress. We do not officially support using custom
> Terraform binaries in your Coder deployment. To track progress on the work, > Terraform binaries in your Coder deployment. To track progress on the work,
> see this related [GitHub Issue](https://github.com/coder/coder/issues/12009). > see this related [GitHub Issue](https://github.com/coder/coder/issues/12009).
@ -10,9 +11,8 @@ Coder deployments support any custom Terraform binary, including
[OpenTofu](https://opentofu.org/docs/) - an open source alternative to [OpenTofu](https://opentofu.org/docs/) - an open source alternative to
Terraform. Terraform.
> You can read more about OpenTofu and Hashicorp's licensing in our You can read more about OpenTofu and Hashicorp's licensing in our
> [blog post](https://coder.com/blog/hashicorp-license) on the Terraform [blog post](https://coder.com/blog/hashicorp-license) on the Terraform licensing changes.
> licensing changes.
## Using a custom Terraform binary ## Using a custom Terraform binary

View File

@ -7,8 +7,7 @@ features, you can [request a trial](https://coder.com/trial) or
<!-- markdown-link-check-disable --> <!-- markdown-link-check-disable -->
> If you are an existing customer, you can learn more our new Premium plan in You can learn more about Coder Premium in the [Coder v2.16 blog post](https://coder.com/blog/release-recap-2-16-0)
> the [Coder v2.16 blog post](https://coder.com/blog/release-recap-2-16-0)
<!-- markdown-link-check-enable --> <!-- markdown-link-check-enable -->

View File

@ -40,7 +40,7 @@ If there is an issue, you may see one of the following errors reported:
[`url.Parse`](https://pkg.go.dev/net/url#Parse). Example: [`url.Parse`](https://pkg.go.dev/net/url#Parse). Example:
`https://dev.coder.com/`. `https://dev.coder.com/`.
> **Tip:** You can check this [here](https://go.dev/play/p/CabcJZyTwt9). You can use [the Go playground](https://go.dev/play/p/CabcJZyTwt9) for additional testing.
### EACS03 ### EACS03
@ -117,15 +117,12 @@ Coder's current activity and usage. It may be necessary to increase the
resources allocated to Coder's database. Alternatively, you can raise the resources allocated to Coder's database. Alternatively, you can raise the
configured threshold to a higher value (this will not address the root cause). configured threshold to a higher value (this will not address the root cause).
<blockquote class="admonition tip"> > [!TIP]
> You can enable
You can enable > [detailed database metrics](../../reference/cli/server.md#--prometheus-collect-db-metrics)
[detailed database metrics](../../reference/cli/server.md#--prometheus-collect-db-metrics) > in Coder's Prometheus endpoint. If you have
in Coder's Prometheus endpoint. If you have > [tracing enabled](../../reference/cli/server.md#--trace), these traces may also
[tracing enabled](../../reference/cli/server.md#--trace), these traces may also > contain useful information regarding Coder's database activity.
contain useful information regarding Coder's database activity.
</blockquote>
## DERP ## DERP
@ -150,12 +147,9 @@ This is not necessarily a fatal error, but a possible indication of a
misconfigured reverse HTTP proxy. Additionally, while workspace users should misconfigured reverse HTTP proxy. Additionally, while workspace users should
still be able to reach their workspaces, connection performance may be degraded. still be able to reach their workspaces, connection performance may be degraded.
<blockquote class="admonition note"> > [!NOTE]
> This may also be shown if you have
**Note:** This may also be shown if you have > [forced websocket connections for DERP](../../reference/cli/server.md#--derp-force-websockets).
[forced websocket connections for DERP](../../reference/cli/server.md#--derp-force-websockets).
</blockquote>
**Solution:** ensure that any proxies you use allow connection upgrade with the **Solution:** ensure that any proxies you use allow connection upgrade with the
`Upgrade: derp` header. `Upgrade: derp` header.
@ -305,13 +299,10 @@ that they are able to successfully connect to Coder. Otherwise, ensure
[`--provisioner-daemons`](../../reference/cli/server.md#--provisioner-daemons) [`--provisioner-daemons`](../../reference/cli/server.md#--provisioner-daemons)
is set to a value greater than 0. is set to a value greater than 0.
<blockquote class="admonition note"> > [!NOTE]
> This may be a transient issue if you are currently in the process of
**Note:** This may be a transient issue if you are currently in the process of
updating your deployment. updating your deployment.
</blockquote>
### EPD02 ### EPD02
#### Provisioner Daemon Version Mismatch #### Provisioner Daemon Version Mismatch
@ -324,13 +315,10 @@ of API incompatibility.
**Solution:** Update the provisioner daemon to match the currently running **Solution:** Update the provisioner daemon to match the currently running
version of Coder. version of Coder.
<blockquote class="admonition note"> > [!NOTE]
> This may be a transient issue if you are currently in the process of
**Note:** This may be a transient issue if you are currently in the process of
updating your deployment. updating your deployment.
</blockquote>
### EPD03 ### EPD03
#### Provisioner Daemon API Version Mismatch #### Provisioner Daemon API Version Mismatch
@ -343,13 +331,10 @@ connect to Coder.
**Solution:** Update the provisioner daemon to match the currently running **Solution:** Update the provisioner daemon to match the currently running
version of Coder. version of Coder.
<blockquote class="admonition note"> > [!NOTE]
> This may be a transient issue if you are currently in the process of
**Note:** This may be a transient issue if you are currently in the process of
updating your deployment. updating your deployment.
</blockquote>
### EUNKNOWN ### EUNKNOWN
#### Unknown Error #### Unknown Error

View File

@ -43,7 +43,8 @@ Agent logs are also stored in the workspace filesystem by default:
[azure-windows](https://github.com/coder/coder/blob/2cfadad023cb7f4f85710cff0b21ac46bdb5a845/examples/templates/azure-windows/Initialize.ps1.tftpl#L64)) [azure-windows](https://github.com/coder/coder/blob/2cfadad023cb7f4f85710cff0b21ac46bdb5a845/examples/templates/azure-windows/Initialize.ps1.tftpl#L64))
to see where logs are stored. to see where logs are stored.
> Note: Logs are truncated once they reach 5MB in size. > [!NOTE]
> Logs are truncated once they reach 5MB in size.
Startup script logs are also stored in the temporary directory of macOS and Startup script logs are also stored in the temporary directory of macOS and
Linux workspaces. Linux workspaces.

View File

@ -242,12 +242,9 @@ notification is indicated on the right hand side of this table.
## Delivery Preferences ## Delivery Preferences
<blockquote class="info"> > [!NOTE]
> Delivery preferences is an Enterprise and Premium feature.
Delivery preferences is an Enterprise and Premium feature. > [Learn more](https://coder.com/pricing#compare-plans).
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
Administrators can configure which delivery methods are used for each different Administrators can configure which delivery methods are used for each different
[event type](#event-types). [event type](#event-types).

View File

@ -181,12 +181,11 @@ To build the server to receive webhooks and interact with Slack:
Slack requires the bot to acknowledge when a user clicks on a URL action button. Slack requires the bot to acknowledge when a user clicks on a URL action button.
This is handled by setting up interactivity. This is handled by setting up interactivity.
1. Under "Interactivity & Shortcuts" in your Slack app settings, set the Request Under "Interactivity & Shortcuts" in your Slack app settings, set the Request
URL to match the public URL of your web server's endpoint. URL to match the public URL of your web server's endpoint.
> Notice: You can use any public endpoint that accepts and responds to POST You can use any public endpoint that accepts and responds to POST requests with HTTP 200.
> requests with HTTP 200. For temporary testing, you can set it to For temporary testing, you can set it to `https://httpbin.org/status/200`.
> `https://httpbin.org/status/200`.
Once this is set, Slack will send interaction payloads to your server, which Once this is set, Slack will send interaction payloads to your server, which
must respond appropriately. must respond appropriately.

View File

@ -18,7 +18,8 @@ networking logic.
In order for clients and workspaces to be able to connect: In order for clients and workspaces to be able to connect:
> **Note:** We strongly recommend that clients connect to Coder and their > [!NOTE]
> We strongly recommend that clients connect to Coder and their
> workspaces over a good quality, broadband network connection. The following > workspaces over a good quality, broadband network connection. The following
> are minimum requirements: > are minimum requirements:
> >
@ -33,7 +34,8 @@ In order for clients and workspaces to be able to connect:
In order for clients to be able to establish direct connections: In order for clients to be able to establish direct connections:
> **Note:** Direct connections via the web browser are not supported. To improve > [!NOTE]
> Direct connections via the web browser are not supported. To improve
> latency for browser-based applications running inside Coder workspaces in > latency for browser-based applications running inside Coder workspaces in
> regions far from the Coder control plane, consider deploying one or more > regions far from the Coder control plane, consider deploying one or more
> [workspace proxies](./workspace-proxies.md). > [workspace proxies](./workspace-proxies.md).
@ -172,12 +174,9 @@ more.
## Browser-only connections ## Browser-only connections
<blockquote class="info"> > [!NOTE]
> Browser-only connections is an Enterprise and Premium feature.
Browser-only connections is an Enterprise and Premium feature. > [Learn more](https://coder.com/pricing#compare-plans).
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
Some Coder deployments require that all access is through the browser to comply Some Coder deployments require that all access is through the browser to comply
with security policies. In these cases, pass the `--browser-only` flag to with security policies. In these cases, pass the `--browser-only` flag to
@ -189,12 +188,9 @@ via the web terminal and
### Workspace Proxies ### Workspace Proxies
<blockquote class="info"> > [!NOTE]
> Workspace proxies are an Enterprise and Premium feature.
Workspace proxies are an Enterprise and Premium feature. > [Learn more](https://coder.com/pricing#compare-plans).
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
Workspace proxies are a Coder Enterprise feature that allows you to provide Workspace proxies are a Coder Enterprise feature that allows you to provide
low-latency browser experiences for geo-distributed teams. low-latency browser experiences for geo-distributed teams.

View File

@ -48,17 +48,17 @@ For more examples, see `coder port-forward --help`.
## Dashboard ## Dashboard
> To enable port forwarding via the dashboard, Coder must be configured with a To enable port forwarding via the dashboard, Coder must be configured with a
> [wildcard access URL](../../admin/setup/index.md#wildcard-access-url). If an [wildcard access URL](../../admin/setup/index.md#wildcard-access-url). If an
> access URL is not specified, Coder will create access URL is not specified, Coder will create
> [a publicly accessible URL](../../admin/setup/index.md#tunnel) to reverse [a publicly accessible URL](../../admin/setup/index.md#tunnel) to reverse
> proxy the deployment, and port forwarding will work. proxy the deployment, and port forwarding will work.
>
> There is a There is a
> [DNS limitation](https://datatracker.ietf.org/doc/html/rfc1035#section-2.3.1) [DNS limitation](https://datatracker.ietf.org/doc/html/rfc1035#section-2.3.1)
> where each segment of hostnames must not exceed 63 characters. If your app where each segment of hostnames must not exceed 63 characters. If your app
> name, agent name, workspace name and username exceed 63 characters in the name, agent name, workspace name and username exceed 63 characters in the
> hostname, port forwarding via the dashboard will not work. hostname, port forwarding via the dashboard will not work.
### From an coder_app resource ### From an coder_app resource
@ -131,12 +131,9 @@ to the app.
### Configure maximum port sharing level ### Configure maximum port sharing level
<blockquote class="info"> > [!NOTE]
> Configuring port sharing level is an Enterprise and Premium feature.
Configuring port sharing level is an Enterprise and Premium feature. > [Learn more](https://coder.com/pricing#compare-plans).
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
Premium-licensed template admins can control the maximum port sharing level for Premium-licensed template admins can control the maximum port sharing level for
workspaces under a given template in the template settings. By default, the workspaces under a given template in the template settings. By default, the
@ -179,12 +176,14 @@ must include credentials (set `credentials: "include"` if using `fetch`) or the
requests cannot be authenticated and you will see an error resembling the requests cannot be authenticated and you will see an error resembling the
following: following:
> Access to fetch at ```text
> '<https://coder.example.com/api/v2/applications/auth-redirect>' from origin Access to fetch at
> '<https://8000--dev--user--apps.coder.example.com>' has been blocked by CORS '<https://coder.example.com/api/v2/applications/auth-redirect>' from origin
> policy: No 'Access-Control-Allow-Origin' header is present on the requested '<https://8000--dev--user--apps.coder.example.com>' has been blocked by CORS
> resource. If an opaque response serves your needs, set the request's mode to policy: No 'Access-Control-Allow-Origin' header is present on the requested
> 'no-cors' to fetch the resource with CORS disabled. resource. If an opaque response serves your needs, set the request's mode to
'no-cors' to fetch the resource with CORS disabled.
```
#### Headers #### Headers

View File

@ -1,13 +1,13 @@
# STUN and NAT # STUN and NAT
> [Session Traversal Utilities for NAT (STUN)](https://www.rfc-editor.org/rfc/rfc8489.html) [Session Traversal Utilities for NAT (STUN)](https://www.rfc-editor.org/rfc/rfc8489.html)
> is a protocol used to assist applications in establishing peer-to-peer is a protocol used to assist applications in establishing peer-to-peer
> communications across Network Address Translations (NATs) or firewalls. communications across Network Address Translations (NATs) or firewalls.
>
> [Network Address Translation (NAT)](https://en.wikipedia.org/wiki/Network_address_translation) [Network Address Translation (NAT)](https://en.wikipedia.org/wiki/Network_address_translation)
> is commonly used in private networks to allow multiple devices to share a is commonly used in private networks to allow multiple devices to share a
> single public IP address. The vast majority of home and corporate internet single public IP address. The vast majority of home and corporate internet
> connections use at least one level of NAT. connections use at least one level of NAT.
## Overview ## Overview
@ -33,8 +33,9 @@ counterpart can be reached. Once communication succeeds in one direction, we can
inspect the source address of the received packet to determine the return inspect the source address of the received packet to determine the return
address. address.
> The below glosses over a lot of the complexity of traversing NATs. For a more > [!TIP]
> in-depth technical explanation, see > The below glosses over a lot of the complexity of traversing NATs.
> For a more in-depth technical explanation, see
> [How NAT traversal works (tailscale.com)](https://tailscale.com/blog/how-nat-traversal-works). > [How NAT traversal works (tailscale.com)](https://tailscale.com/blog/how-nat-traversal-works).
At a high level, STUN works like this: At a high level, STUN works like this:

View File

@ -104,10 +104,10 @@ CODER_TLS_KEY_FILE="<key_file_location>"
### Running on Kubernetes ### Running on Kubernetes
Make a `values-wsproxy.yaml` with the workspace proxy configuration: Make a `values-wsproxy.yaml` with the workspace proxy configuration.
> Notice the `workspaceProxy` configuration which is `false` by default in the Notice the `workspaceProxy` configuration which is `false` by default in the
> coder Helm chart. Coder Helm chart:
```yaml ```yaml
coder: coder:

View File

@ -104,10 +104,9 @@ tags.
## Global PSK (Not Recommended) ## Global PSK (Not Recommended)
> Global pre-shared keys (PSK) make it difficult to rotate keys or isolate We do not recommend using global PSK.
> provisioners.
> Global pre-shared keys (PSK) make it difficult to rotate keys or isolate provisioners.
> We do not recommend using global PSK.
A deployment-wide PSK can be used to authenticate any provisioner. To use a A deployment-wide PSK can be used to authenticate any provisioner. To use a
global PSK, set a global PSK, set a
@ -158,7 +157,7 @@ coder templates push on-prem-chicago \
This can also be done in the UI when building a template: This can also be done in the UI when building a template:
> ![template tags](../images/admin/provisioner-tags.png) ![template tags](../images/admin/provisioner-tags.png)
Alternatively, a template can target a provisioner via Alternatively, a template can target a provisioner via
[workspace tags](https://github.com/coder/coder/tree/main/examples/workspace-tags) [workspace tags](https://github.com/coder/coder/tree/main/examples/workspace-tags)
@ -226,7 +225,8 @@ This is illustrated in the below table:
| scope=user owner=aaa environment=on-prem datacenter=chicago | scope=user owner=aaa environment=on-prem datacenter=new_york | ✅ | ❌ | | scope=user owner=aaa environment=on-prem datacenter=chicago | scope=user owner=aaa environment=on-prem datacenter=new_york | ✅ | ❌ |
| scope=organization owner= environment=on-prem | scope=organization owner= environment=on-prem | ❌ | ❌ | | scope=organization owner= environment=on-prem | scope=organization owner= environment=on-prem | ❌ | ❌ |
> **Note to maintainers:** to generate this table, run the following command and > [!TIP]
> To generate this table, run the following command and
> copy the output: > copy the output:
> >
> ```go > ```go

View File

@ -42,7 +42,8 @@ failed to check whether the API key corresponds to a deleted user.
## Indications of Compromise ## Indications of Compromise
> 💡 Automated remediation steps in the upgrade purge all affected API keys. > [!TIP]
> Automated remediation steps in the upgrade purge all affected API keys.
> Either perform the following query before upgrade or run it on a backup of > Either perform the following query before upgrade or run it on a backup of
> your database from before the upgrade. > your database from before the upgrade.
@ -81,7 +82,8 @@ Otherwise, the following information will be reported:
- User API key ID - User API key ID
- Time the affected API key was last used - Time the affected API key was last used
> 💡 If your license includes the > [!TIP]
> If your license includes the
> [Audit Logs](https://coder.com/docs/admin/audit-logs#filtering-logs) feature, > [Audit Logs](https://coder.com/docs/admin/audit-logs#filtering-logs) feature,
> you can then query all actions performed by the above users by using the > you can then query all actions performed by the above users by using the
> filter `email:$USER_EMAIL`. > filter `email:$USER_EMAIL`.

View File

@ -26,24 +26,27 @@ The following database fields are currently encrypted:
Additional database fields may be encrypted in the future. Additional database fields may be encrypted in the future.
> Implementation notes: each encrypted database column `$C` has a corresponding ### Implementation notes
> `$C_key_id` column. This column is used to determine which encryption key was
> used to encrypt the data. This allows Coder to rotate encryption keys without Each encrypted database column `$C` has a corresponding
> invalidating existing tokens, and provides referential integrity for encrypted `$C_key_id` column. This column is used to determine which encryption key was
> data. used to encrypt the data. This allows Coder to rotate encryption keys without
> invalidating existing tokens, and provides referential integrity for encrypted
> The `$C_key_id` column stores the first 7 bytes of the SHA-256 hash of the data.
> encryption key used to encrypt the data.
> The `$C_key_id` column stores the first 7 bytes of the SHA-256 hash of the
> Encryption keys in use are stored in `dbcrypt_keys`. This table stores a encryption key used to encrypt the data.
> record of all encryption keys that have been used to encrypt data. Active keys
> have a null `revoked_key_id` column, and revoked keys have a non-null Encryption keys in use are stored in `dbcrypt_keys`. This table stores a
> `revoked_key_id` column. You cannot revoke a key until you have rotated all record of all encryption keys that have been used to encrypt data. Active keys
> values using that key to a new key. have a null `revoked_key_id` column, and revoked keys have a non-null
`revoked_key_id` column. You cannot revoke a key until you have rotated all
values using that key to a new key.
## Enabling encryption ## Enabling encryption
> NOTE: Enabling encryption does not encrypt all existing data. To encrypt > [!NOTE]
> Enabling encryption does not encrypt all existing data. To encrypt
> existing data, see [rotating keys](#rotating-keys) below. > existing data, see [rotating keys](#rotating-keys) below.
- Ensure you have a valid backup of your database. **Do not skip this step.** If - Ensure you have a valid backup of your database. **Do not skip this step.** If
@ -115,7 +118,8 @@ data:
This command will re-encrypt all tokens with the specified new encryption key. This command will re-encrypt all tokens with the specified new encryption key.
We recommend performing this action during a maintenance window. We recommend performing this action during a maintenance window.
> Note: this command requires direct access to the database. If you are using > [!IMPORTANT]
> This command requires direct access to the database. If you are using
> the built-in PostgreSQL database, you can run > the built-in PostgreSQL database, you can run
> [`coder server postgres-builtin-url`](../../reference/cli/server_postgres-builtin-url.md) > [`coder server postgres-builtin-url`](../../reference/cli/server_postgres-builtin-url.md)
> to get the connection URL. > to get the connection URL.
@ -138,7 +142,8 @@ To disable encryption, perform the following actions:
This command will decrypt all encrypted user tokens and revoke all active This command will decrypt all encrypted user tokens and revoke all active
encryption keys. encryption keys.
> Note: for `decrypt` command, the equivalent environment variable for > [!NOTE]
> for `decrypt` command, the equivalent environment variable for
> `--keys` is `CODER_EXTERNAL_TOKEN_ENCRYPTION_DECRYPT_KEYS` and not > `--keys` is `CODER_EXTERNAL_TOKEN_ENCRYPTION_DECRYPT_KEYS` and not
> `CODER_EXTERNAL_TOKEN_ENCRYPTION_KEYS`. This is explicitly named differently > `CODER_EXTERNAL_TOKEN_ENCRYPTION_KEYS`. This is explicitly named differently
> to help prevent accidentally decrypting data. > to help prevent accidentally decrypting data.
@ -152,7 +157,8 @@ To disable encryption, perform the following actions:
## Deleting Encrypted Data ## Deleting Encrypted Data
> NOTE: This is a destructive operation. > [!CAUTION]
> This is a destructive operation.
To delete all encrypted data from your database, perform the following actions: To delete all encrypted data from your database, perform the following actions:

View File

@ -7,6 +7,7 @@ For other security tips, visit our guide to
## Security Advisories ## Security Advisories
> [!CAUTION]
> If you discover a vulnerability in Coder, please do not hesitate to report it > If you discover a vulnerability in Coder, please do not hesitate to report it
> to us by following the instructions > to us by following the instructions
> [here](https://github.com/coder/coder/blob/main/SECURITY.md). > [here](https://github.com/coder/coder/blob/main/SECURITY.md).

View File

@ -38,7 +38,8 @@ Users can view their public key in their account settings:
![SSH keys in account settings](../../images/ssh-keys.png) ![SSH keys in account settings](../../images/ssh-keys.png)
> Note: SSH keys are never stored in Coder workspaces, and are fetched only when > [!NOTE]
> SSH keys are never stored in Coder workspaces, and are fetched only when
> SSH is invoked. The keys are held in-memory and never written to disk. > SSH is invoked. The keys are held in-memory and never written to disk.
## Dynamic Secrets ## Dynamic Secrets

View File

@ -1,11 +1,8 @@
# Appearance # Appearance
<blockquote class="info"> > [!NOTE]
> Customizing Coder's appearance is an Enterprise and Premium feature.
Customizing Coder's appearance is an Enterprise and Premium feature. > [Learn more](https://coder.com/pricing#compare-plans).
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
Customize the look of your Coder deployment to meet your enterprise Customize the look of your Coder deployment to meet your enterprise
requirements. requirements.

View File

@ -10,8 +10,7 @@ full list of the options, run `coder server --help` or see our
external URL that users and workspaces use to connect to Coder (e.g. external URL that users and workspaces use to connect to Coder (e.g.
<https://coder.example.com>). This should not be localhost. <https://coder.example.com>). This should not be localhost.
> Access URL should be an external IP address or domain with DNS records Access URL should be an external IP address or domain with DNS records pointing to Coder.
> pointing to Coder.
### Tunnel ### Tunnel
@ -44,7 +43,8 @@ coder server
or running [coder_apps](../templates/index.md) on an absolute path. Set this to or running [coder_apps](../templates/index.md) on an absolute path. Set this to
a wildcard subdomain that resolves to Coder (e.g. `*.coder.example.com`). a wildcard subdomain that resolves to Coder (e.g. `*.coder.example.com`).
> Note: We do not recommend using a top-level-domain for Coder wildcard access > [!NOTE]
> We do not recommend using a top-level-domain for Coder wildcard access
> (for example `*.workspaces`), even on private networks with split-DNS. Some > (for example `*.workspaces`), even on private networks with split-DNS. Some
> browsers consider these "public" domains and will refuse Coder's cookies, > browsers consider these "public" domains and will refuse Coder's cookies,
> which are vital to the proper operation of this feature. > which are vital to the proper operation of this feature.
@ -107,6 +107,7 @@ deployment information. Use `CODER_PG_CONNECTION_URL` to set the database that
Coder connects to. If unset, PostgreSQL binaries will be downloaded from Maven Coder connects to. If unset, PostgreSQL binaries will be downloaded from Maven
(<https://repo1.maven.org/maven2>) and store all data in the config root. (<https://repo1.maven.org/maven2>) and store all data in the config root.
> [!NOTE]
> Postgres 13 is the minimum supported version. > Postgres 13 is the minimum supported version.
If you are using the built-in PostgreSQL deployment and need to use `psql` (aka If you are using the built-in PostgreSQL deployment and need to use `psql` (aka

View File

@ -1,8 +1,7 @@
# Telemetry # Telemetry
<blockquote class="info"> > [!NOTE]
TL;DR: disable telemetry by setting <code>CODER_TELEMETRY_ENABLE=false</code>. > TL;DR: disable telemetry by setting <code>CODER_TELEMETRY_ENABLE=false</code>.
</blockquote>
Coder collects telemetry from all installations by default. We believe our users Coder collects telemetry from all installations by default. We believe our users
should have the right to know what we collect, why we collect it, and how we use should have the right to know what we collect, why we collect it, and how we use

View File

@ -25,7 +25,8 @@ Give your template a name, description, and icon and press `Create template`.
![Name and icon](../../images/admin/templates/import-template.png) ![Name and icon](../../images/admin/templates/import-template.png)
> **⚠️ Note**: If template creation fails, Coder is likely not authorized to > [!NOTE]
> If template creation fails, Coder is likely not authorized to
> deploy infrastructure in the given location. Learn how to configure > deploy infrastructure in the given location. Learn how to configure
> [provisioner authentication](./extending-templates/provider-authentication.md). > [provisioner authentication](./extending-templates/provider-authentication.md).
@ -64,7 +65,8 @@ Next, push it to Coder with the
coder templates push coder templates push
``` ```
> ⚠️ Note: If `template push` fails, Coder is likely not authorized to deploy > [!NOTE]
> If `template push` fails, Coder is likely not authorized to deploy
> infrastructure in the given location. Learn how to configure > infrastructure in the given location. Learn how to configure
> [provisioner authentication](../provisioners.md). > [provisioner authentication](../provisioners.md).

View File

@ -273,8 +273,8 @@ A
can be added to your templates to add docker support. This may come in handy if can be added to your templates to add docker support. This may come in handy if
your nodes cannot run Sysbox. your nodes cannot run Sysbox.
> ⚠️ **Warning**: This is insecure. Workspaces will be able to gain root access > [!WARNING]
> to the host machine. > This is insecure. Workspaces will be able to gain root access to the host machine.
### Use a privileged sidecar container in Docker-based templates ### Use a privileged sidecar container in Docker-based templates

View File

@ -31,11 +31,8 @@ you can require users authenticate via git prior to creating a workspace:
### Native git authentication will auto-refresh tokens ### Native git authentication will auto-refresh tokens
<blockquote class="info"> > [!TIP]
<p> > This is the preferred authentication method.
This is the preferred authentication method.
</p>
</blockquote>
By default, the coder agent will configure native `git` authentication via the By default, the coder agent will configure native `git` authentication via the
`GIT_ASKPASS` environment variable. Meaning, with no additional configuration, `GIT_ASKPASS` environment variable. Meaning, with no additional configuration,

View File

@ -49,8 +49,7 @@ Persistent resources stay provisioned when workspaces are stopped, where as
ephemeral resources are destroyed and recreated on restart. All resources are ephemeral resources are destroyed and recreated on restart. All resources are
destroyed when a workspace is deleted. destroyed when a workspace is deleted.
> You can read more about how resource behavior and workspace state in the You can read more about how resource behavior and workspace state in the [workspace lifecycle documentation](../../../user-guides/workspace-lifecycle.md).
> [workspace lifecycle documentation](../../../user-guides/workspace-lifecycle.md).
Template resources follow the Template resources follow the
[behavior of Terraform resources](https://developer.hashicorp.com/terraform/language/resources/behavior#how-terraform-applies-a-configuration) [behavior of Terraform resources](https://developer.hashicorp.com/terraform/language/resources/behavior#how-terraform-applies-a-configuration)
@ -65,6 +64,7 @@ When a workspace is deleted, the Coder server essentially runs a
[terraform destroy](https://www.terraform.io/cli/commands/destroy) to remove all [terraform destroy](https://www.terraform.io/cli/commands/destroy) to remove all
resources associated with the workspace. resources associated with the workspace.
> [!TIP]
> Terraform's > Terraform's
> [prevent-destroy](https://www.terraform.io/language/meta-arguments/lifecycle#prevent_destroy) > [prevent-destroy](https://www.terraform.io/language/meta-arguments/lifecycle#prevent_destroy)
> and > and

View File

@ -93,7 +93,7 @@ to resolve modules via [Artifactory](https://jfrog.com/artifactory/).
} }
``` ```
6. Update module source as, 6. Update module source as:
```tf ```tf
module "module-name" { module "module-name" {
@ -104,7 +104,7 @@ to resolve modules via [Artifactory](https://jfrog.com/artifactory/).
} }
``` ```
> Do not forget to replace example.jfrog.io with your Artifactory URL Replace `example.jfrog.io` with your Artifactory URL
Based on the instructions Based on the instructions
[here](https://jfrog.com/blog/tour-terraform-registries-in-artifactory/). [here](https://jfrog.com/blog/tour-terraform-registries-in-artifactory/).

View File

@ -3,8 +3,12 @@
The workspace process logging feature allows you to log all system-level The workspace process logging feature allows you to log all system-level
processes executing in the workspace. processes executing in the workspace.
> **Note:** This feature is only available on Linux in Kubernetes. There are This feature is only available on Linux in Kubernetes. There are
> additional requirements outlined further in this document. additional requirements outlined further in this document.
> [!NOTE]
> Workspace process logging is an Enterprise and Premium feature.
> [Learn more](https://coder.com/pricing#compare-plans).
Workspace process logging adds a sidecar container to workspace pods that will Workspace process logging adds a sidecar container to workspace pods that will
log all processes started in the workspace container (e.g., commands executed in log all processes started in the workspace container (e.g., commands executed in
@ -16,10 +20,6 @@ monitoring stack, such as CloudWatch, for further analysis or long-term storage.
Please note that these logs are not recorded or captured by the Coder Please note that these logs are not recorded or captured by the Coder
organization in any way, shape, or form. organization in any way, shape, or form.
> This is an [Premium or Enterprise](https://coder.com/pricing) feature. To
> learn more about Coder licensing, please
> [contact sales](https://coder.com/contact).
## How this works ## How this works
Coder uses [eBPF](https://ebpf.io/) (which we chose for its minimal performance Coder uses [eBPF](https://ebpf.io/) (which we chose for its minimal performance
@ -164,7 +164,8 @@ would like to add workspace process logging to, follow these steps:
} }
``` ```
> **Note:** If you are using the `envbox` template, you will need to update > [!NOTE]
> If you are using the `envbox` template, you will need to update
> the third argument to be > the third argument to be
> `"${local.exectrace_init_script}\n\nexec /envbox docker"` instead. > `"${local.exectrace_init_script}\n\nexec /envbox docker"` instead.
@ -212,7 +213,8 @@ would like to add workspace process logging to, follow these steps:
} }
``` ```
> **Note:** `exectrace` requires root privileges and a privileged container > [!NOTE]
> `exectrace` requires root privileges and a privileged container
> to attach probes to the kernel. This is a requirement of eBPF. > to attach probes to the kernel. This is a requirement of eBPF.
1. Add the following environment variable to your workspace pod: 1. Add the following environment variable to your workspace pod:

View File

@ -1,11 +1,7 @@
# Provider Authentication # Provider Authentication
<blockquote class="danger"> > [!CAUTION]
<p> > Do not store secrets in templates. Assume every user has cleartext access to every template.
Do not store secrets in templates. Assume every user has cleartext access
to every template.
</p>
</blockquote>
The Coder server's The Coder server's
[provisioner](https://registry.terraform.io/providers/coder/coder/latest/docs/data-sources/provisioner) [provisioner](https://registry.terraform.io/providers/coder/coder/latest/docs/data-sources/provisioner)

View File

@ -13,9 +13,8 @@ You can use `coder_metadata` to show Terraform resource attributes like these:
![ui](../../../images/admin/templates/coder-metadata-ui.png) ![ui](../../../images/admin/templates/coder-metadata-ui.png)
<blockquote class="info"> > [!NOTE]
Coder automatically generates the <code>type</code> metadata. > Coder automatically generates the <code>type</code> metadata.
</blockquote>
You can also present automatically updating, dynamic values with You can also present automatically updating, dynamic values with
[agent metadata](./agent-metadata.md). [agent metadata](./agent-metadata.md).

View File

@ -71,7 +71,8 @@ added that can handle its combination of tags.
Before releasing the template version with configurable workspace tags, ensure Before releasing the template version with configurable workspace tags, ensure
that every tag set is associated with at least one healthy provisioner. that every tag set is associated with at least one healthy provisioner.
> **Note:** It may be useful to run at least one provisioner with no additional > [!NOTE]
> It may be useful to run at least one provisioner with no additional
> tag restrictions that is able to take on any job. > tag restrictions that is able to take on any job.
### Parameters types ### Parameters types

View File

@ -94,7 +94,8 @@ directory. When you next run
[`coder templates push`](../../../reference/cli/templates_push.md), the lock [`coder templates push`](../../../reference/cli/templates_push.md), the lock
file will be stored alongside with the other template source code. file will be stored alongside with the other template source code.
> Note: Terraform best practices also recommend checking in your > [!NOTE]
> Terraform best practices also recommend checking in your
> `.terraform.lock.hcl` into Git or other VCS. > `.terraform.lock.hcl` into Git or other VCS.
The next time a workspace is built from that template, Coder will make sure to The next time a workspace is built from that template, Coder will make sure to

View File

@ -11,9 +11,9 @@ practices around managing workspaces images for Coder.
3. Allow developers to bring their own images and customizations with Dev 3. Allow developers to bring their own images and customizations with Dev
Containers Containers
> Note: An image is just one of the many properties defined within the template. An image is just one of the many properties defined within the template.
> Templates can pull images from a public image registry (e.g. Docker Hub) or an Templates can pull images from a public image registry (e.g. Docker Hub) or an
> internal one, thanks to Terraform. internal one, thanks to Terraform.
## Create a minimal base image ## Create a minimal base image
@ -31,9 +31,9 @@ to consider:
`docker`, `bash`, `jq`, and/or internal tooling `docker`, `bash`, `jq`, and/or internal tooling
- Consider creating (and starting the container with) a non-root user - Consider creating (and starting the container with) a non-root user
> See Coder's See Coder's
> [example base image](https://github.com/coder/enterprise-images/tree/main/images/minimal) [example base image](https://github.com/coder/enterprise-images/tree/main/images/minimal)
> for reference. for reference.
## Create general-purpose golden image(s) with standard tooling ## Create general-purpose golden image(s) with standard tooling
@ -54,10 +54,10 @@ purpose images are great for:
stacks and types of projects, the golden image can be a good starting point stacks and types of projects, the golden image can be a good starting point
for those projects. for those projects.
> This is often referred to as a "sandbox" or "kitchen sink" image. Since large This is often referred to as a "sandbox" or "kitchen sink" image. Since large
> multi-purpose container images can quickly become difficult to maintain, it's multi-purpose container images can quickly become difficult to maintain, it's
> important to keep the number of general-purpose images to a minimum (2-3 in important to keep the number of general-purpose images to a minimum (2-3 in
> most cases) with a well-defined scope. most cases) with a well-defined scope.
Examples: Examples:

View File

@ -27,8 +27,8 @@ here!
If you prefer to use Coder on the If you prefer to use Coder on the
[command line](../../../reference/cli/index.md), `coder templates init`. [command line](../../../reference/cli/index.md), `coder templates init`.
> Coder starter templates are also available on our Coder starter templates are also available on our
> [GitHub repo](https://github.com/coder/coder/tree/main/examples/templates). [GitHub repo](https://github.com/coder/coder/tree/main/examples/templates).
## Community Templates ## Community Templates
@ -46,6 +46,7 @@ any template's files directly in the Coder dashboard.
If you'd prefer to use the CLI, use `coder templates pull`, edit the template If you'd prefer to use the CLI, use `coder templates pull`, edit the template
files, then `coder templates push`. files, then `coder templates push`.
> [!TIP]
> Even if you are a Terraform expert, we suggest reading our > Even if you are a Terraform expert, we suggest reading our
> [guided tour of a template](../../../tutorials/template-from-scratch.md). > [guided tour of a template](../../../tutorials/template-from-scratch.md).
@ -60,12 +61,9 @@ infrastructure, software, or security patches. Learn more about
### Template update policies ### Template update policies
<blockquote class="info"> > [!NOTE]
> Template update policies are an Enterprise and Premium feature.
Template update policies are an Enterprise and Premium feature. > [Learn more](https://coder.com/pricing#compare-plans).
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
Licensed template admins may want workspaces to always remain on the latest Licensed template admins may want workspaces to always remain on the latest
version of their parent template. To do so, enable **Template Update Policies** version of their parent template. To do so, enable **Template Update Policies**

View File

@ -28,12 +28,9 @@ manage infrastructure costs.
## Failure cleanup ## Failure cleanup
<blockquote class="info"> > [!NOTE]
> Failure cleanup is an Enterprise and Premium feature.
Failure cleanup is an Enterprise and Premium feature. > [Learn more](https://coder.com/pricing#compare-plans).
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
Failure cleanup defines how long a workspace is permitted to remain in the Failure cleanup defines how long a workspace is permitted to remain in the
failed state prior to being automatically stopped. Failure cleanup is only failed state prior to being automatically stopped. Failure cleanup is only
@ -41,12 +38,9 @@ available for licensed customers.
## Dormancy threshold ## Dormancy threshold
<blockquote class="info"> > [!NOTE]
> Dormancy threshold is an Enterprise and Premium feature.
Dormancy threshold is an Enterprise and Premium feature. > [Learn more](https://coder.com/pricing#compare-plans).
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
Dormancy Threshold defines how long Coder allows a workspace to remain inactive Dormancy Threshold defines how long Coder allows a workspace to remain inactive
before being moved into a dormant state. A workspace's inactivity is determined before being moved into a dormant state. A workspace's inactivity is determined
@ -58,12 +52,9 @@ only available for licensed customers.
## Dormancy auto-deletion ## Dormancy auto-deletion
<blockquote class="info"> > [!NOTE]
> Dormancy auto-deletion is an Enterprise and Premium feature.
Dormancy auto-deletion is an Enterprise and Premium feature. > [Learn more](https://coder.com/pricing#compare-plans).
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
Dormancy Auto-Deletion allows a template admin to dictate how long a workspace Dormancy Auto-Deletion allows a template admin to dictate how long a workspace
is permitted to remain dormant before it is automatically deleted. Dormancy is permitted to remain dormant before it is automatically deleted. Dormancy
@ -71,12 +62,9 @@ Auto-Deletion is only available for licensed customers.
## Autostop requirement ## Autostop requirement
<blockquote class="info"> > [!NOTE]
> Autostop requirement is an Enterprise and Premium feature.
Autostop requirement is an Enterprise and Premium feature. > [Learn more](https://coder.com/pricing#compare-plans).
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
Autostop requirement is a template setting that determines how often workspaces Autostop requirement is a template setting that determines how often workspaces
using the template must automatically stop. Autostop requirement ignores any using the template must automatically stop. Autostop requirement ignores any
@ -108,12 +96,9 @@ requirement during the deprecation period, but only one can be used at a time.
## User quiet hours ## User quiet hours
<blockquote class="info"> > [!NOTE]
> User quiet hours are an Enterprise and Premium feature.
User quiet hours are an Enterprise and Premium feature. > [Learn more](https://coder.com/pricing#compare-plans).
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
User quiet hours can be configured in the user's schedule settings page. User quiet hours can be configured in the user's schedule settings page.
Workspaces on templates with an autostop requirement will only be forcibly Workspaces on templates with an autostop requirement will only be forcibly

View File

@ -46,7 +46,8 @@ resource "coder_agent" "dev" {
} }
``` ```
> Note: The `dir` attribute can be set in multiple ways, for example: > [!NOTE]
> The `dir` attribute can be set in multiple ways, for example:
> >
> - `~/coder` > - `~/coder`
> - `/home/coder/coder` > - `/home/coder/coder`

View File

@ -1,11 +1,8 @@
# Permissions # Permissions
<blockquote class="info"> > [!NOTE]
> Template permissions are a Premium feature.
Template permissions are an Enterprise and Premium feature. > [Learn more](https://coder.com/pricing#compare-plans).
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
Licensed Coder administrators can control who can use and modify the template. Licensed Coder administrators can control who can use and modify the template.
@ -24,5 +21,3 @@ user can use the template to create a workspace. To prevent this, disable the
`Allow everyone to use the template` setting when creating a template. `Allow everyone to use the template` setting when creating a template.
![Create Template Permissions](../../images/templates/create-template-permissions.png) ![Create Template Permissions](../../images/templates/create-template-permissions.png)
Permissions is a premium-only feature.

View File

@ -144,7 +144,8 @@ if [ $status -ne 0 ]; then
fi fi
``` ```
> **Note:** We don't use `set -x` here because we're manually echoing the > [!NOTE]
> We don't use `set -x` here because we're manually echoing the
> commands. This protects against sensitive information being shown in the log. > commands. This protects against sensitive information being shown in the log.
This script tells us what command is being run and what the exit status is. If This script tells us what command is being run and what the exit status is. If
@ -152,7 +153,8 @@ the exit status is non-zero, it means the command failed and we exit the script.
Since we are manually checking the exit status here, we don't need `set -e` at Since we are manually checking the exit status here, we don't need `set -e` at
the top of the script to exit on error. the top of the script to exit on error.
> **Note:** If you aren't seeing any logs, check that the `dir` directive points > [!NOTE]
> If you aren't seeing any logs, check that the `dir` directive points
> to a valid directory in the file system. > to a valid directory in the file system.
## Slow workspace startup times ## Slow workspace startup times

View File

@ -47,12 +47,12 @@ GitHub will ask you for the following Coder parameters:
`https://coder.domain.com`) `https://coder.domain.com`)
- **User Authorization Callback URL**: Set to `https://coder.domain.com` - **User Authorization Callback URL**: Set to `https://coder.domain.com`
> Note: If you want to allow multiple coder deployments hosted on subdomains If you want to allow multiple Coder deployments hosted on subdomains, such as
> e.g. coder1.domain.com, coder2.domain.com, to be able to authenticate with the `coder1.domain.com`, `coder2.domain.com`, to authenticate with the
> same GitHub OAuth app, then you can set **User Authorization Callback URL** to same GitHub OAuth app, then you can set **User Authorization Callback URL** to
> the `https://domain.com` the `https://domain.com`
Note the Client ID and Client Secret generated by GitHub. You will use these Take note of the Client ID and Client Secret generated by GitHub. You will use these
values in the next step. values in the next step.
Coder will need permission to access user email addresses. Find the "Account Coder will need permission to access user email addresses. Find the "Account
@ -67,8 +67,8 @@ server:
coder server --oauth2-github-allow-signups=true --oauth2-github-allowed-orgs="your-org" --oauth2-github-client-id="8d1...e05" --oauth2-github-client-secret="57ebc9...02c24c" coder server --oauth2-github-allow-signups=true --oauth2-github-allowed-orgs="your-org" --oauth2-github-client-id="8d1...e05" --oauth2-github-client-secret="57ebc9...02c24c"
``` ```
> For GitHub Enterprise support, specify the > [!NOTE]
> `--oauth2-github-enterprise-base-url` flag. > For GitHub Enterprise support, specify the `--oauth2-github-enterprise-base-url` flag.
Alternatively, if you are running Coder as a system service, you can achieve the Alternatively, if you are running Coder as a system service, you can achieve the
same result as the command above by adding the following environment variables same result as the command above by adding the following environment variables
@ -81,11 +81,12 @@ CODER_OAUTH2_GITHUB_CLIENT_ID="8d1...e05"
CODER_OAUTH2_GITHUB_CLIENT_SECRET="57ebc9...02c24c" CODER_OAUTH2_GITHUB_CLIENT_SECRET="57ebc9...02c24c"
``` ```
**Note:** To allow everyone to signup using GitHub, set: > [!TIP]
> To allow everyone to sign up using GitHub, set:
```env >
CODER_OAUTH2_GITHUB_ALLOW_EVERYONE=true > ```env
``` > CODER_OAUTH2_GITHUB_ALLOW_EVERYONE=true
> ```
Once complete, run `sudo service coder restart` to reboot Coder. Once complete, run `sudo service coder restart` to reboot Coder.
@ -115,9 +116,9 @@ To upgrade Coder, run:
helm upgrade <release-name> coder-v2/coder -n <namespace> -f values.yaml helm upgrade <release-name> coder-v2/coder -n <namespace> -f values.yaml
``` ```
> We recommend requiring and auditing MFA usage for all users in your GitHub We recommend requiring and auditing MFA usage for all users in your GitHub
> organizations. This can be enforced from the organization settings page in the organizations. This can be enforced from the organization settings page in the
> "Authentication security" sidebar tab. "Authentication security" sidebar tab.
## Device Flow ## Device Flow

View File

@ -33,12 +33,9 @@ may use personal workspaces.
## Custom Roles ## Custom Roles
<blockquote class="info"> > [!NOTE]
> Custom roles are a Premium feature.
Custom roles are a Premium feature. > [Learn more](https://coder.com/pricing#compare-plans).
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
Starting in v2.16.0, Premium Coder deployments can configure custom roles on the Starting in v2.16.0, Premium Coder deployments can configure custom roles on the
[Organization](./organizations.md) level. You can create and assign custom roles [Organization](./organizations.md) level. You can create and assign custom roles

View File

@ -4,7 +4,7 @@ Headless user accounts that cannot use the web UI to log in to Coder. This is
useful for creating accounts for automated systems, such as CI/CD pipelines or useful for creating accounts for automated systems, such as CI/CD pipelines or
for users who only consume Coder via another client/API. for users who only consume Coder via another client/API.
> You must have the User Admin role or above to create headless users. You must have the User Admin role or above to create headless users.
## Create a headless user ## Create a headless user

View File

@ -1,12 +1,9 @@
<!-- markdownlint-disable MD024 --> <!-- markdownlint-disable MD024 -->
# IdP Sync # IdP Sync
<blockquote class="info"> > [!NOTE]
> IdP sync is an Enterprise and Premium feature.
IdP sync is an Enterprise and Premium feature. > [Learn more](https://coder.com/pricing#compare-plans).
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
IdP (Identity provider) sync allows you to use OpenID Connect (OIDC) to IdP (Identity provider) sync allows you to use OpenID Connect (OIDC) to
synchronize Coder groups, roles, and organizations based on claims from your IdP. synchronize Coder groups, roles, and organizations based on claims from your IdP.
@ -110,13 +107,10 @@ Below is an example that uses the `groups` claim and maps all groups prefixed by
} }
``` ```
<blockquote class="admonition note"> > [!IMPORTANT]
> You must specify Coder group IDs instead of group names. The fastest way to find
You must specify Coder group IDs instead of group names. The fastest way to find > the ID for a corresponding group is by visiting
the ID for a corresponding group is by visiting > `https://coder.example.com/api/v2/groups`.
`https://coder.example.com/api/v2/groups`.
</blockquote>
Here is another example which maps `coder-admins` from the identity provider to Here is another example which maps `coder-admins` from the identity provider to
two groups in Coder and `coder-users` from the identity provider to another two groups in Coder and `coder-users` from the identity provider to another
@ -151,13 +145,9 @@ Visit the Coder UI to confirm these changes:
### Server Flags ### Server Flags
<blockquote class="admonition note"> > [!NOTE]
> Use server flags only with Coder deployments with a single organization.
Use server flags only with Coder deployments with a single organization. > You can use the dashboard to configure group sync instead.
You can use the dashboard to configure group sync instead.
</blockquote>
1. Configure the Coder server to read groups from the claim name with the 1. Configure the Coder server to read groups from the claim name with the
[OIDC group field](../../reference/cli/server.md#--oidc-group-field) server [OIDC group field](../../reference/cli/server.md#--oidc-group-field) server
@ -284,13 +274,9 @@ role:
} }
``` ```
<blockquote class="admonition note"> > [!NOTE]
> Be sure to use the `name` field for each role, not the display name.
Be sure to use the `name` field for each role, not the display name. Use > Use `coder organization roles show --org=<your-org>` to see roles for your organization.
`coder organization roles show --org=<your-org>` to see roles for your
organization.
</blockquote>
To set these role sync settings, use the following command: To set these role sync settings, use the following command:
@ -306,13 +292,9 @@ Visit the Coder UI to confirm these changes:
### Server Flags ### Server Flags
<blockquote class="admonition note"> > [!NOTE]
> Use server flags only with Coder deployments with a single organization.
Use server flags only with Coder deployments with a single organization. > You can use the dashboard to configure role sync instead.
You can use the dashboard to configure role sync instead.
</blockquote>
1. Configure the Coder server to read groups from the claim name with the 1. Configure the Coder server to read groups from the claim name with the
[OIDC role field](../../reference/cli/server.md#--oidc-user-role-field) [OIDC role field](../../reference/cli/server.md#--oidc-user-role-field)
@ -539,7 +521,8 @@ Below are some details specific to individual OIDC providers.
### Active Directory Federation Services (ADFS) ### Active Directory Federation Services (ADFS)
> **Note:** Tested on ADFS 4.0, Windows Server 2019 > [!NOTE]
> Tested on ADFS 4.0, Windows Server 2019
1. In your Federation Server, create a new application group for Coder. 1. In your Federation Server, create a new application group for Coder.
Follow the steps as described in the [Windows Server documentation] Follow the steps as described in the [Windows Server documentation]

View File

@ -166,6 +166,7 @@ You can also reset a password via the CLI:
coder reset-password <username> coder reset-password <username>
``` ```
> [!NOTE]
> Resetting a user's password, e.g., the initial `owner` role-based user, only > Resetting a user's password, e.g., the initial `owner` role-based user, only
> works when run on the host running the Coder control plane. > works when run on the host running the Coder control plane.

View File

@ -32,7 +32,8 @@ signing in via OIDC as a new user. Coder will log the claim fields returned by
the upstream identity provider in a message containing the string the upstream identity provider in a message containing the string
`got oidc claims`, as well as the user info returned. `got oidc claims`, as well as the user info returned.
> **Note:** If you need to ensure that Coder only uses information from the ID > [!NOTE]
> If you need to ensure that Coder only uses information from the ID
> token and does not hit the UserInfo endpoint, you can set the configuration > token and does not hit the UserInfo endpoint, you can set the configuration
> option `CODER_OIDC_IGNORE_USERINFO=true`. > option `CODER_OIDC_IGNORE_USERINFO=true`.
@ -44,7 +45,8 @@ for the newly created user's email address.
If your upstream identity provider users a different claim, you can set If your upstream identity provider users a different claim, you can set
`CODER_OIDC_EMAIL_FIELD` to the desired claim. `CODER_OIDC_EMAIL_FIELD` to the desired claim.
> **Note** If this field is not present, Coder will attempt to use the claim > [!NOTE]
> If this field is not present, Coder will attempt to use the claim
> field configured for `username` as an email address. If this field is not a > field configured for `username` as an email address. If this field is not a
> valid email address, OIDC logins will fail. > valid email address, OIDC logins will fail.
@ -59,7 +61,8 @@ disable this behavior with the following setting:
CODER_OIDC_IGNORE_EMAIL_VERIFIED=true CODER_OIDC_IGNORE_EMAIL_VERIFIED=true
``` ```
> **Note:** This will cause Coder to implicitly treat all OIDC emails as > [!NOTE]
> This will cause Coder to implicitly treat all OIDC emails as
> "verified", regardless of what the upstream identity provider says. > "verified", regardless of what the upstream identity provider says.
### Usernames ### Usernames
@ -70,7 +73,8 @@ claim field named `preferred_username` as the the username.
If your upstream identity provider uses a different claim, you can set If your upstream identity provider uses a different claim, you can set
`CODER_OIDC_USERNAME_FIELD` to the desired claim. `CODER_OIDC_USERNAME_FIELD` to the desired claim.
> **Note:** If this claim is empty, the email address will be stripped of the > [!NOTE]
> If this claim is empty, the email address will be stripped of the
> domain, and become the username (e.g. `example@coder.com` becomes `example`). > domain, and become the username (e.g. `example@coder.com` becomes `example`).
> To avoid conflicts, Coder may also append a random word to the resulting > To avoid conflicts, Coder may also append a random word to the resulting
> username. > username.
@ -99,12 +103,9 @@ CODER_DISABLE_PASSWORD_AUTH=true
## SCIM ## SCIM
<blockquote class="info"> > [!NOTE]
> SCIM is an Enterprise and Premium feature.
SCIM is an Enterprise and Premium feature. > [Learn more](https://coder.com/pricing#compare-plans).
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
Coder supports user provisioning and deprovisioning via SCIM 2.0 with header Coder supports user provisioning and deprovisioning via SCIM 2.0 with header
authentication. Upon deactivation, users are authentication. Upon deactivation, users are

View File

@ -1,6 +1,7 @@
# Organizations (Premium) # Organizations (Premium)
> Note: Organizations requires a > [!NOTE]
> Organizations requires a
> [Premium license](https://coder.com/pricing#compare-plans). For more details, > [Premium license](https://coder.com/pricing#compare-plans). For more details,
> [contact your account team](https://coder.com/contact). > [contact your account team](https://coder.com/contact).

View File

@ -15,7 +15,8 @@ If you remove the admin user account (or forget the password), you can run the
[`coder server create-admin-user`](../../reference/cli/server_create-admin-user.md)command [`coder server create-admin-user`](../../reference/cli/server_create-admin-user.md)command
on your server. on your server.
> Note: You must run this command on the same machine running the Coder server. > [!IMPORTANT]
> You must run this command on the same machine running the Coder server.
> If you are running Coder on Kubernetes, this means using > If you are running Coder on Kubernetes, this means using
> [kubectl exec](https://kubernetes.io/docs/reference/kubectl/generated/kubectl_exec/) > [kubectl exec](https://kubernetes.io/docs/reference/kubectl/generated/kubectl_exec/)
> to exec into the pod. > to exec into the pod.

View File

@ -1,6 +1,7 @@
## Changelog ## Changelog
> **Warning**: This release has a known issue: #8351. Upgrade directly to > [!WARNING]
> This release has a known issue: #8351. Upgrade directly to
> v0.26.0 which includes a fix > v0.26.0 which includes a fix
### Features ### Features

View File

@ -4,7 +4,8 @@
Agent logs can be pushed after a workspace has started (#8528) Agent logs can be pushed after a workspace has started (#8528)
> ⚠️ **Warning:** You will need to > [!WARNING]
> You will need to
> [update](https://coder.com/docs/install) your local Coder CLI v0.27 > [update](https://coder.com/docs/install) your local Coder CLI v0.27
> to connect via `coder ssh`. > to connect via `coder ssh`.

View File

@ -23,11 +23,8 @@ You can run the UI and access the Coder dashboard in two ways:
In both cases, you can access the dashboard on `http://localhost:8080`. If using In both cases, you can access the dashboard on `http://localhost:8080`. If using
`./scripts/develop.sh` you can log in with the default credentials. `./scripts/develop.sh` you can log in with the default credentials.
<blockquote class="admonition note"> > [!NOTE]
> **Default Credentials:** `admin@coder.com` and `SomeSecurePassword!`.
**Default Credentials:** `admin@coder.com` and `SomeSecurePassword!`.
</blockquote>
## Tech Stack Overview ## Tech Stack Overview
@ -88,8 +85,8 @@ views, tests, and utility functions. The page component fetches necessary data
and passes to the view. We explain this decision a bit better in the next and passes to the view. We explain this decision a bit better in the next
section which talks about where to fetch data. section which talks about where to fetch data.
> If code within a page becomes reusable across other parts of the app, If code within a page becomes reusable across other parts of the app,
> consider moving it to `src/utils`, `hooks`, `components`, or `modules`. consider moving it to `src/utils`, `hooks`, `components`, or `modules`.
### Handling States ### Handling States
@ -272,8 +269,8 @@ template", etc. We use [Playwright](https://playwright.dev/). If you only need
to test if the page is being rendered correctly, you should consider using the to test if the page is being rendered correctly, you should consider using the
**Visual Testing** approach. **Visual Testing** approach.
> For scenarios where you need to be authenticated, you can use For scenarios where you need to be authenticated, you can use
> `test.use({ storageState: getStatePath("authState") })`. `test.use({ storageState: getStatePath("authState") })`.
For ease of debugging, it's possible to run a Playwright test in headful mode For ease of debugging, it's possible to run a Playwright test in headful mode
running a Playwright server on your local machine, and executing the test inside running a Playwright server on your local machine, and executing the test inside
@ -309,8 +306,8 @@ always be your first option since it is way easier to maintain. For this, we use
[Storybook](https://storybook.js.org/) and [Storybook](https://storybook.js.org/) and
[Chromatic](https://www.chromatic.com/). [Chromatic](https://www.chromatic.com/).
> To learn more about testing components that fetch API data, refer to the To learn more about testing components that fetch API data, refer to the
> [**Where to fetch data**](#where-to-fetch-data) section. [**Where to fetch data**](#where-to-fetch-data) section.
### What should I test? ### What should I test?

View File

@ -22,7 +22,8 @@ alternate installation methods (e.g. standalone binaries, system packages).
## Windows ## Windows
> **Important:** If you plan to use the built-in PostgreSQL database, you will > [!IMPORTANT]
> If you plan to use the built-in PostgreSQL database, you will
> need to ensure that the > need to ensure that the
> [Visual C++ Runtime](https://learn.microsoft.com/en-US/cpp/windows/latest-supported-vc-redist#latest-microsoft-visual-c-redistributable-version) > [Visual C++ Runtime](https://learn.microsoft.com/en-US/cpp/windows/latest-supported-vc-redist#latest-microsoft-visual-c-redistributable-version)
> is installed. > is installed.
@ -58,11 +59,8 @@ coder login https://coder.example.com
## Download the CLI from your deployment ## Download the CLI from your deployment
<blockquote class="admonition note"> > [!NOTE]
> Available in Coder 2.19 and newer.
Available in Coder 2.19 and newer.
</blockquote>
Every Coder server hosts CLI binaries for all supported platforms. You can run a Every Coder server hosts CLI binaries for all supported platforms. You can run a
script to download the appropriate CLI for your machine from your Coder script to download the appropriate CLI for your machine from your Coder

View File

@ -79,11 +79,8 @@ Coder's [configuration options](../admin/setup/index.md).
## Install the preview release ## Install the preview release
<blockquote class="tip"> > [!TIP]
> We do not recommend using preview releases in production environments.
We do not recommend using preview releases in production environments.
</blockquote>
You can install and test a You can install and test a
[preview release of Coder](https://github.com/coder/coder/pkgs/container/coder-preview) [preview release of Coder](https://github.com/coder/coder/pkgs/container/coder-preview)

View File

@ -29,7 +29,8 @@ alternate installation methods (e.g. standalone binaries, system packages).
## Windows ## Windows
> **Important:** If you plan to use the built-in PostgreSQL database, you will > [!IMPORTANT]
> If you plan to use the built-in PostgreSQL database, you will
> need to ensure that the > need to ensure that the
> [Visual C++ Runtime](https://learn.microsoft.com/en-US/cpp/windows/latest-supported-vc-redist#latest-microsoft-visual-c-redistributable-version) > [Visual C++ Runtime](https://learn.microsoft.com/en-US/cpp/windows/latest-supported-vc-redist#latest-microsoft-visual-c-redistributable-version)
> is installed. > is installed.

View File

@ -116,11 +116,11 @@ coder:
# - my-tls-secret-name # - my-tls-secret-name
``` ```
> You can view our You can view our
> [Helm README](https://github.com/coder/coder/blob/main/helm#readme) for [Helm README](https://github.com/coder/coder/blob/main/helm#readme) for
> details on the values that are available, or you can view the details on the values that are available, or you can view the
> [values.yaml](https://github.com/coder/coder/blob/main/helm/coder/values.yaml) [values.yaml](https://github.com/coder/coder/blob/main/helm/coder/values.yaml)
> file directly. file directly.
We support two release channels: mainline and stable - read the We support two release channels: mainline and stable - read the
[Releases](./releases.md) page to learn more about which best suits your team. [Releases](./releases.md) page to learn more about which best suits your team.

View File

@ -3,8 +3,8 @@
All Coder features are supported in offline / behind firewalls / in air-gapped All Coder features are supported in offline / behind firewalls / in air-gapped
environments. However, some changes to your configuration are necessary. environments. However, some changes to your configuration are necessary.
> This is a general comparison. Keep reading for a full tutorial running Coder This is a general comparison. Keep reading for a full tutorial running Coder
> offline with Kubernetes or Docker. offline with Kubernetes or Docker.
| | Public deployments | Offline deployments | | | Public deployments | Offline deployments |
|--------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| |--------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
@ -31,7 +31,8 @@ following:
[network mirror](https://www.terraform.io/internals/provider-network-mirror-protocol). [network mirror](https://www.terraform.io/internals/provider-network-mirror-protocol).
See below for details. See below for details.
> Note: Coder includes the latest > [!NOTE]
> Coder includes the latest
> [supported version](https://github.com/coder/coder/blob/main/provisioner/terraform/install.go#L23-L24) > [supported version](https://github.com/coder/coder/blob/main/provisioner/terraform/install.go#L23-L24)
> of Terraform in the official Docker images. If you need to bundle a different > of Terraform in the official Docker images. If you need to bundle a different
> version of terraform, you can do so by customizing the image. > version of terraform, you can do so by customizing the image.
@ -112,6 +113,7 @@ USER coder
ENV TF_CLI_CONFIG_FILE=/home/coder/.terraformrc ENV TF_CLI_CONFIG_FILE=/home/coder/.terraformrc
``` ```
> [!NOTE]
> If you are bundling Terraform providers into your Coder image, be sure the > If you are bundling Terraform providers into your Coder image, be sure the
> provider version matches any templates or > provider version matches any templates or
> [example templates](https://github.com/coder/coder/tree/main/examples/templates) > [example templates](https://github.com/coder/coder/tree/main/examples/templates)
@ -174,10 +176,10 @@ services:
# ... # ...
``` ```
> The The
> [terraform providers mirror](https://www.terraform.io/cli/commands/providers/mirror) [terraform providers mirror](https://www.terraform.io/cli/commands/providers/mirror)
> command can be used to download the required plugins for a Coder template. command can be used to download the required plugins for a Coder template.
> This can be uploaded into the `plugins` directory on your offline server. This can be uploaded into the `plugins` directory on your offline server.
### Kubernetes ### Kubernetes

View File

@ -32,7 +32,8 @@ values:
The below values are modified from Coder defaults and allow the Coder deployment The below values are modified from Coder defaults and allow the Coder deployment
to run under the SCC `restricted-v2`. to run under the SCC `restricted-v2`.
> Note: `readOnlyRootFilesystem: true` is not technically required under > [!NOTE]
> `readOnlyRootFilesystem: true` is not technically required under
> `restricted-v2`, but is often mandated in OpenShift environments. > `restricted-v2`, but is often mandated in OpenShift environments.
```yaml ```yaml
@ -92,7 +93,8 @@ To fix this, you can mount a temporary volume in the pod and set the
example, we mount this under `/tmp` and set the cache location to `/tmp/coder`. example, we mount this under `/tmp` and set the cache location to `/tmp/coder`.
This enables Coder to run with `readOnlyRootFilesystem: true`. This enables Coder to run with `readOnlyRootFilesystem: true`.
> Note: Depending on the number of templates and provisioners you use, you may > [!NOTE]
> Depending on the number of templates and provisioners you use, you may
> need to increase the size of the volume, as the `coder` pod will be > need to increase the size of the volume, as the `coder` pod will be
> automatically restarted when this volume fills up. > automatically restarted when this volume fills up.
@ -128,7 +130,8 @@ coder:
readOnly: false readOnly: false
``` ```
> Note: OpenShift provides a Developer Catalog offering you can use to install > [!NOTE]
> OpenShift provides a Developer Catalog offering you can use to install
> PostgreSQL into your cluster. > PostgreSQL into your cluster.
### 4. Create the OpenShift route ### 4. Create the OpenShift route
@ -176,7 +179,8 @@ helm install coder coder-v2/coder \
--values values.yaml --values values.yaml
``` ```
> Note: If the Helm installation fails with a Kubernetes RBAC error, check the > [!NOTE]
> If the Helm installation fails with a Kubernetes RBAC error, check the
> permissions of your OpenShift user using the `oc auth can-i` command. > permissions of your OpenShift user using the `oc auth can-i` command.
> >
> The below permissions are the minimum required: > The below permissions are the minimum required:

View File

@ -34,8 +34,8 @@ only for security issues or CVEs.
- In-product security vulnerabilities and CVEs are supported - In-product security vulnerabilities and CVEs are supported
> For more information on feature rollout, see our For more information on feature rollout, see our
> [feature stages documentation](../about/feature-stages.md). [feature stages documentation](../about/feature-stages.md).
## Installing stable ## Installing stable
@ -66,7 +66,8 @@ pages.
| 2.19.x | February 04, 2024 | Stable | | 2.19.x | February 04, 2024 | Stable |
| 2.20.x | March 05, 2024 | Mainline | | 2.20.x | March 05, 2024 | Mainline |
> **Tip**: We publish a > [!TIP]
> We publish a
> [`preview`](https://github.com/coder/coder/pkgs/container/coder-preview) image > [`preview`](https://github.com/coder/coder/pkgs/container/coder-preview) image
> `ghcr.io/coder/coder-preview` on each commit to the `main` branch. This can be > `ghcr.io/coder/coder-preview` on each commit to the `main` branch. This can be
> used to test under-development features and bug fixes that have not yet been > used to test under-development features and bug fixes that have not yet been

View File

@ -68,9 +68,9 @@ sudo rm /etc/coder.d/coder.env
## Coder settings, cache, and the optional built-in PostgreSQL database ## Coder settings, cache, and the optional built-in PostgreSQL database
> There is a `postgres` directory within the `coderv2` directory that has the There is a `postgres` directory within the `coderv2` directory that has the
> database engine and database. If you want to reuse the database, consider not database engine and database. If you want to reuse the database, consider not
> performing the following step or copying the directory to another location. performing the following step or copying the directory to another location.
<div class="tabs"> <div class="tabs">

View File

@ -2,12 +2,9 @@
This article walks you through how to upgrade your Coder server. This article walks you through how to upgrade your Coder server.
<blockquote class="danger"> > [!CAUTION]
<p> > Prior to upgrading a production Coder deployment, take a database snapshot since
Prior to upgrading a production Coder deployment, take a database snapshot since > Coder does not support rollbacks.
Coder does not support rollbacks.
</p>
</blockquote>
To upgrade your Coder server, simply reinstall Coder using your original method To upgrade your Coder server, simply reinstall Coder using your original method
of [install](../install). of [install](../install).

View File

@ -28,8 +28,8 @@ Containers** template by pressing **Use Template**.
![Starter Templates UI](../images/start/starter-templates.png) ![Starter Templates UI](../images/start/starter-templates.png)
> You can also a find a comprehensive list of starter templates in **Templates** You can also a find a comprehensive list of starter templates in **Templates**
> -> **Create Template** -> **Starter Templates**. s -> **Create Template** -> **Starter Templates**. s
## 3. Create your template ## 3. Create your template
@ -75,7 +75,8 @@ This starter template lets you connect to your workspace in a few ways:
haven't already, you'll have to install Coder on your local machine to haven't already, you'll have to install Coder on your local machine to
configure your SSH client. configure your SSH client.
> **Tip**: You can edit the template to let developers connect to a workspace in > [!TIP]
> You can edit the template to let developers connect to a workspace in
> [a few more ways](../ides.md). > [a few more ways](../ides.md).
When you're done, you can stop the workspace. --> When you're done, you can stop the workspace. -->

View File

@ -50,7 +50,8 @@ The Docker starter template lets you connect to your workspace in a few ways:
haven't already, you'll have to install Coder on your local machine to haven't already, you'll have to install Coder on your local machine to
configure your SSH client. configure your SSH client.
> **Tip**: You can edit the template to let developers connect to a workspace in > [!TIP]
> You can edit the template to let developers connect to a workspace in
> [a few more ways](../admin/templates/extending-templates/web-ides.md). > [a few more ways](../admin/templates/extending-templates/web-ides.md).
## 3. Modify your workspace settings ## 3. Modify your workspace settings

View File

@ -15,8 +15,7 @@ simplicity.
First, install [Docker](https://docs.docker.com/engine/install/) locally. First, install [Docker](https://docs.docker.com/engine/install/) locally.
> If you already have the Coder binary installed, restart it after installing If you already have the Coder binary installed, restart it after installing Docker.
> Docker.
<div class="tabs"> <div class="tabs">
@ -30,7 +29,8 @@ curl -L https://coder.com/install.sh | sh
## Windows ## Windows
> **Important:** If you plan to use the built-in PostgreSQL database, you will > [!IMPORTANT]
> If you plan to use the built-in PostgreSQL database, you will
> need to ensure that the > need to ensure that the
> [Visual C++ Runtime](https://learn.microsoft.com/en-US/cpp/windows/latest-supported-vc-redist#latest-microsoft-visual-c-redistributable-version) > [Visual C++ Runtime](https://learn.microsoft.com/en-US/cpp/windows/latest-supported-vc-redist#latest-microsoft-visual-c-redistributable-version)
> is installed. > is installed.

View File

@ -39,9 +39,9 @@ module "git-clone" {
} }
``` ```
> You can edit the template using an IDE or terminal of your preference, or by You can edit the template using an IDE or terminal of your preference, or by
> going into the going into the
> [template editor UI](../admin/templates/creating-templates.md#web-ui). [template editor UI](../admin/templates/creating-templates.md#web-ui).
You can also use You can also use
[template parameters](../admin/templates/extending-templates/parameters.md) to [template parameters](../admin/templates/extending-templates/parameters.md) to
@ -63,9 +63,9 @@ module "git-clone" {
} }
``` ```
> If you need more customization, you can read the If you need more customization, you can read the
> [Git Clone module](https://registry.coder.com/modules/git-clone) documentation [Git Clone module](https://registry.coder.com/modules/git-clone) documentation
> to learn more about the module. to learn more about the module.
Don't forget to build and publish the template changes before creating a new Don't forget to build and publish the template changes before creating a new
workspace. You can check if the repository is cloned by accessing the workspace workspace. You can check if the repository is cloned by accessing the workspace

View File

@ -11,12 +11,12 @@ December 13, 2023
--- ---
> Okta is an identity provider that can be used for OpenID Connect (OIDC) Single Okta is an identity provider that can be used for OpenID Connect (OIDC) Single
> Sign On (SSO) on Coder. Sign On (SSO) on Coder.
To configure custom claims in Okta to support syncing roles and groups with To configure custom claims in Okta to support syncing roles and groups with
Coder, you must first have setup an Okta application with Coder, you must first have setup an Okta application with
[OIDC working with Coder](https://coder.com/docs/admin/auth#openid-connect). [OIDC working with Coder](../admin/users/oidc-auth.md).
From here, we will add additional claims for Coder to use for syncing groups and From here, we will add additional claims for Coder to use for syncing groups and
roles. roles.
@ -37,10 +37,10 @@ In the “OpenID Connect ID Token” section, turn on “Groups Claim Type” an
the “Claim name” to `groups`. Optionally configure a filter for which groups to the “Claim name” to `groups`. Optionally configure a filter for which groups to
be sent. be sent.
> !! If the user does not belong to any groups, the claim will not be sent. Make > [!IMPORTANT]
> sure the user authenticating for testing is in at least 1 group. Defer to > If the user does not belong to any groups, the claim will not be sent. Make
> [troubleshooting](https://coder.com/docs/admin/auth#troubleshooting) with > sure the user authenticating for testing is in at least one group. Defer to
> issues > [troubleshooting](../admin/users/index.md) with issues.
![Okta OpenID Connect ID Token](../images/guides/okta/oidc_id_token.png) ![Okta OpenID Connect ID Token](../images/guides/okta/oidc_id_token.png)

View File

@ -123,10 +123,10 @@ icons except the web terminal.
## I want to allow code-server to be accessible by other users in my deployment ## I want to allow code-server to be accessible by other users in my deployment
> It is **not** recommended to share a web IDE, but if required, the following We don't recommend that you share a web IDE, but if you need to, the following
> deployment environment variable settings are required. deployment environment variable settings are required.
Set deployment (Kubernetes) to allow path app sharing Set deployment (Kubernetes) to allow path app sharing:
```yaml ```yaml
# allow authenticated users to access path-based workspace apps # allow authenticated users to access path-based workspace apps
@ -160,8 +160,8 @@ If the [`CODER_ACCESS_URL`](../admin/setup/index.md#access-url) is not
accessible from a workspace, the workspace may build, but the agent cannot reach accessible from a workspace, the workspace may build, but the agent cannot reach
Coder, and thus the missing icons. e.g., Terminal, IDEs, Apps. Coder, and thus the missing icons. e.g., Terminal, IDEs, Apps.
> By default, `coder server` automatically creates an Internet-accessible By default, `coder server` automatically creates an Internet-accessible
> reverse proxy so that workspaces you create can reach the server. reverse proxy so that workspaces you create can reach the server.
If you are doing a standalone install, e.g., on a MacBook and want to build If you are doing a standalone install, e.g., on a MacBook and want to build
workspaces in Docker Desktop, everything is self-contained and workspaces workspaces in Docker Desktop, everything is self-contained and workspaces
@ -171,8 +171,8 @@ workspaces in Docker Desktop, everything is self-contained and workspaces
coder server --access-url http://localhost:3000 --address 0.0.0.0:3000 coder server --access-url http://localhost:3000 --address 0.0.0.0:3000
``` ```
> Even `coder server` which creates a reverse proxy, will let you use Even `coder server` which creates a reverse proxy, will let you use
> <http://localhost> to access Coder from a browser. <http://localhost> to access Coder from a browser.
## I updated a template, and an existing workspace based on that template fails to start ## I updated a template, and an existing workspace based on that template fails to start

View File

@ -15,8 +15,8 @@ authenticate the Coder control plane to AWS and create an EC2 workspace. The
below steps assume your Coder control plane is running in Google Cloud and has below steps assume your Coder control plane is running in Google Cloud and has
the relevant service account assigned. the relevant service account assigned.
> For steps on assigning a service account to a resource like Coder, For steps on assigning a service account to a resource like Coder, visit the
> [see the Google documentation here](https://cloud.google.com/iam/docs/attach-service-accounts#attaching-new-resource) [Google documentation](https://cloud.google.com/iam/docs/attach-service-accounts#attaching-new-resource).
## 1. Get your Google service account OAuth Client ID ## 1. Get your Google service account OAuth Client ID
@ -24,8 +24,8 @@ Navigate to the Google Cloud console, and select **IAM & Admin** > **Service
Accounts**. View the service account you want to use, and copy the **OAuth 2 Accounts**. View the service account you want to use, and copy the **OAuth 2
Client ID** value shown on the right-hand side of the row. Client ID** value shown on the right-hand side of the row.
> (Optional): If you do not yet have a service account, Optionally: If you do not yet have a service account, use the
> [here is the Google IAM documentation on creating a service account](https://cloud.google.com/iam/docs/service-accounts-create). [Google IAM documentation on creating a service account](https://cloud.google.com/iam/docs/service-accounts-create) to create one.
## 2. Create AWS role ## 2. Create AWS role
@ -122,7 +122,8 @@ gcloud auth print-identity-token --audiences=https://aws.amazon.com --impersonat
veloper.gserviceaccount.com --include-email veloper.gserviceaccount.com --include-email
``` ```
> Note: Your `gcloud` client may needed elevated permissions to run this > [!NOTE]
> Your `gcloud` client may needed elevated permissions to run this
> command. > command.
## 5. Set identity token in Coder control plane ## 5. Set identity token in Coder control plane

View File

@ -72,6 +72,5 @@ coder:
postgres://<user>:<password>@databasehost:<port>/<db-name>?sslmode=verify-full&sslrootcert="/home/coder/.postgresql/postgres-root.crt" postgres://<user>:<password>@databasehost:<port>/<db-name>?sslmode=verify-full&sslrootcert="/home/coder/.postgresql/postgres-root.crt"
``` ```
> More information on connecting to PostgreSQL databases using certificates can More information on connecting to PostgreSQL databases using certificates can
> be found be found in the [PostgreSQL documentation](https://www.postgresql.org/docs/current/libpq-ssl.html#LIBPQ-SSL-CLIENTCERT).
> [here](https://www.postgresql.org/docs/current/libpq-ssl.html#LIBPQ-SSL-CLIENTCERT).

View File

@ -57,8 +57,8 @@ persistent environment from your main device, a tablet, or your phone.
## Windows ## Windows
> **Important:** If you plan to use the built-in PostgreSQL database, ensure > [!IMPORTANT]
> that the > If you plan to use the built-in PostgreSQL database, ensure that the
> [Visual C++ Runtime](https://learn.microsoft.com/en-US/cpp/windows/latest-supported-vc-redist#latest-microsoft-visual-c-redistributable-version) > [Visual C++ Runtime](https://learn.microsoft.com/en-US/cpp/windows/latest-supported-vc-redist#latest-microsoft-visual-c-redistributable-version)
> is installed. > is installed.

View File

@ -53,9 +53,9 @@
## Create DNS provider credentials ## Create DNS provider credentials
> This example assumes you're using CloudFlare as your DNS provider. For other This example assumes you're using CloudFlare as your DNS provider. For other
> providers, refer to the providers, refer to the
> [CertBot documentation](https://eff-certbot.readthedocs.io/en/stable/using.html#dns-plugins). [CertBot documentation](https://eff-certbot.readthedocs.io/en/stable/using.html#dns-plugins).
1. Create an API token for the DNS provider you're using: e.g. 1. Create an API token for the DNS provider you're using: e.g.
[CloudFlare](https://developers.cloudflare.com/fundamentals/api/get-started/create-token) [CloudFlare](https://developers.cloudflare.com/fundamentals/api/get-started/create-token)
@ -92,8 +92,8 @@
## Configure Apache ## Configure Apache
> This example assumes Coder is running locally on `127.0.0.1:3000` and that This example assumes Coder is running locally on `127.0.0.1:3000` and that
> you're using `coder.example.com` as your subdomain. you're using `coder.example.com` as your subdomain.
1. Create Apache configuration for Coder: 1. Create Apache configuration for Coder:

View File

@ -36,8 +36,8 @@
## Adding Coder deployment subdomain ## Adding Coder deployment subdomain
> This example assumes Coder is running locally on `127.0.0.1:3000` and that This example assumes Coder is running locally on `127.0.0.1:3000` and that
> you're using `coder.example.com` as your subdomain. you're using `coder.example.com` as your subdomain.
1. Create NGINX configuration for this app: 1. Create NGINX configuration for this app:
@ -60,9 +60,9 @@
## Create DNS provider credentials ## Create DNS provider credentials
> This example assumes you're using CloudFlare as your DNS provider. For other This example assumes you're using CloudFlare as your DNS provider. For other
> providers, refer to the providers, refer to the
> [CertBot documentation](https://eff-certbot.readthedocs.io/en/stable/using.html#dns-plugins). [CertBot documentation](https://eff-certbot.readthedocs.io/en/stable/using.html#dns-plugins).
1. Create an API token for the DNS provider you're using: e.g. 1. Create an API token for the DNS provider you're using: e.g.
[CloudFlare](https://developers.cloudflare.com/fundamentals/api/get-started/create-token) [CloudFlare](https://developers.cloudflare.com/fundamentals/api/get-started/create-token)

View File

@ -23,7 +23,8 @@ treated as such.**
A brief overview of all files contained in the bundle is provided below: A brief overview of all files contained in the bundle is provided below:
> Note: detailed descriptions of all the information available in the bundle is > [!NOTE]
> Detailed descriptions of all the information available in the bundle is
> out of scope, as support bundles are primarily intended for internal use. > out of scope, as support bundles are primarily intended for internal use.
| Filename | Description | | Filename | Description |
@ -61,7 +62,8 @@ A brief overview of all files contained in the bundle is provided below:
2. Ensure you have the Coder CLI installed on a local machine. See 2. Ensure you have the Coder CLI installed on a local machine. See
[installation](../install/index.md) for steps on how to do this. [installation](../install/index.md) for steps on how to do this.
> Note: It is recommended to generate a support bundle from a location > [!NOTE]
> It is recommended to generate a support bundle from a location
> experiencing workspace connectivity issues. > experiencing workspace connectivity issues.
3. Ensure you are [logged in](../reference/cli/login.md#login) to your Coder 3. Ensure you are [logged in](../reference/cli/login.md#login) to your Coder
@ -80,7 +82,8 @@ A brief overview of all files contained in the bundle is provided below:
6. Coder staff will provide you a link where you can upload the bundle along 6. Coder staff will provide you a link where you can upload the bundle along
with any other necessary supporting files. with any other necessary supporting files.
> Note: It is helpful to leave an informative message regarding the nature of > [!NOTE]
> It is helpful to leave an informative message regarding the nature of
> supporting files. > supporting files.
Coder support will then review the information you provided and respond to you Coder support will then review the information you provided and respond to you

View File

@ -21,6 +21,7 @@ Coder can provision all Terraform modules, resources, and properties. The Coder
server essentially runs a `terraform apply` every time a workspace is created, server essentially runs a `terraform apply` every time a workspace is created,
started, or stopped. started, or stopped.
> [!TIP]
> Haven't written Terraform before? Check out Hashicorp's > Haven't written Terraform before? Check out Hashicorp's
> [Getting Started Guides](https://developer.hashicorp.com/terraform/tutorials). > [Getting Started Guides](https://developer.hashicorp.com/terraform/tutorials).

View File

@ -3,7 +3,8 @@
Use Coder Desktop to work on your workspaces as though they're on your LAN, no Use Coder Desktop to work on your workspaces as though they're on your LAN, no
port-forwarding required. port-forwarding required.
> ⚠️ Note: Coder Desktop requires a Coder deployment running [v2.20.0](https://github.com/coder/coder/releases/tag/v2.20.0) or later. > [!NOTE]
> Coder Desktop requires a Coder deployment running [v2.20.0](https://github.com/coder/coder/releases/tag/v2.20.0) or later.
## Install Coder Desktop ## Install Coder Desktop
@ -132,7 +133,8 @@ You can also connect to the SSH server in your workspace using any SSH client, s
ssh your-workspace.coder ssh your-workspace.coder
``` ```
> ⚠️ Note: Currently, the Coder IDE extensions for VSCode and JetBrains create their own tunnel and do not utilize the CoderVPN tunnel to connect to workspaces. > [!NOTE]
> Currently, the Coder IDE extensions for VSCode and JetBrains create their own tunnel and do not utilize the CoderVPN tunnel to connect to workspaces.
## Accessing web apps in a secure browser context ## Accessing web apps in a secure browser context
@ -141,7 +143,8 @@ A browser typically considers an origin secure if the connection is to `localhos
As CoderVPN uses its own hostnames and does not provide TLS to the browser, Google Chrome and Firefox will not allow any web APIs that require a secure context. As CoderVPN uses its own hostnames and does not provide TLS to the browser, Google Chrome and Firefox will not allow any web APIs that require a secure context.
> Note: Despite the browser showing an insecure connection without `HTTPS`, the underlying tunnel is encrypted with WireGuard in the same fashion as other Coder workspace connections (e.g. `coder port-forward`). > [!NOTE]
> Despite the browser showing an insecure connection without `HTTPS`, the underlying tunnel is encrypted with WireGuard in the same fashion as other Coder workspace connections (e.g. `coder port-forward`).
If you require secure context web APIs, you will need to mark the workspace hostnames as secure in your browser settings. If you require secure context web APIs, you will need to mark the workspace hostnames as secure in your browser settings.

View File

@ -3,9 +3,9 @@
There are many ways to connect to your workspace, the options are only limited There are many ways to connect to your workspace, the options are only limited
by the template configuration. by the template configuration.
> Deployment operators can learn more about different types of workspace Deployment operators can learn more about different types of workspace
> connections and performance in our connections and performance in our
> [networking docs](../../admin/infrastructure/index.md). [networking docs](../../admin/infrastructure/index.md).
You can see the primary methods of connecting to your workspace in the workspace You can see the primary methods of connecting to your workspace in the workspace
dashboard. dashboard.
@ -38,30 +38,37 @@ Or, you can configure plain SSH on your client below.
Coder generates [SSH key pairs](../../admin/security/secrets.md#ssh-keys) for Coder generates [SSH key pairs](../../admin/security/secrets.md#ssh-keys) for
each user to simplify the setup process. each user to simplify the setup process.
> Before proceeding, run `coder login <accessURL>` if you haven't already to 1. Use your terminal to authenticate the CLI with Coder web UI and your workspaces:
> authenticate the CLI with the web UI and your workspaces.
To access Coder via SSH, run the following in the terminal: ```bash
coder login <accessURL>
```
```console 1. Access Coder via SSH:
coder config-ssh
```
> Run `coder config-ssh --dry-run` if you'd like to see the changes that will be ```shell
> made before proceeding. coder config-ssh
```
Confirm that you want to continue by typing **yes** and pressing enter. If 1. Run `coder config-ssh --dry-run` if you'd like to see the changes that will be
before you proceed:
```shell
coder config-ssh --dry-run
```
1. Confirm that you want to continue by typing **yes** and pressing enter. If
successful, you'll see the following message: successful, you'll see the following message:
```console ```console
You should now be able to ssh into your workspace. You should now be able to ssh into your workspace.
For example, try running: For example, try running:
$ ssh coder.<workspaceName>
```
$ ssh coder.<workspaceName> Your workspace is now accessible via `ssh coder.<workspace_name>`
``` (for example, `ssh coder.myEnv` if your workspace is named `myEnv`).
Your workspace is now accessible via `ssh coder.<workspace_name>` (e.g.,
`ssh coder.myEnv` if your workspace is named `myEnv`).
## Visual Studio Code ## Visual Studio Code

View File

@ -27,10 +27,6 @@ manually setting up an SSH connection.
### How to use the plugin ### How to use the plugin
> If you experience problems, please
> [create a GitHub issue](https://github.com/coder/coder/issues) or share in
> [our Discord channel](https://discord.gg/coder).
1. [Install Gateway](https://www.jetbrains.com/help/idea/jetbrains-gateway.html) 1. [Install Gateway](https://www.jetbrains.com/help/idea/jetbrains-gateway.html)
and open the application. and open the application.
1. Under **Install More Providers**, find the Coder icon and click **Install** 1. Under **Install More Providers**, find the Coder icon and click **Install**
@ -72,8 +68,11 @@ manually setting up an SSH connection.
![Gateway IDE Opened](../../images/gateway/gateway-intellij-opened.png) ![Gateway IDE Opened](../../images/gateway/gateway-intellij-opened.png)
> Note the JetBrains IDE is remotely installed into The JetBrains IDE is remotely installed into `~/.cache/JetBrains/RemoteDev/dist`
> `~/.cache/JetBrains/RemoteDev/dist`
If you experience any issues, please
[create a GitHub issue](https://github.com/coder/coder/issues) or share in
[our Discord channel](https://discord.gg/coder).
### Update a Coder plugin version ### Update a Coder plugin version
@ -136,8 +135,7 @@ keytool -import -alias coder -file cacert.pem -keystore /Applications/JetBrains\
## Manually Configuring A JetBrains Gateway Connection ## Manually Configuring A JetBrains Gateway Connection
> This is in lieu of using Coder's Gateway plugin which automatically performs This is in lieu of using Coder's Gateway plugin which automatically performs these steps.
> these steps.
1. [Install Gateway](https://www.jetbrains.com/help/idea/jetbrains-gateway.html). 1. [Install Gateway](https://www.jetbrains.com/help/idea/jetbrains-gateway.html).
@ -187,8 +185,7 @@ keytool -import -alias coder -file cacert.pem -keystore /Applications/JetBrains\
![Gateway Choose IDE](../../images/gateway/gateway-choose-ide.png) ![Gateway Choose IDE](../../images/gateway/gateway-choose-ide.png)
> Note the JetBrains IDE is remotely installed into The JetBrains IDE is remotely installed into `~/. cache/JetBrains/RemoteDev/dist`
> `~/. cache/JetBrains/RemoteDev/dist`
1. Click **Download and Start IDE** to connect. 1. Click **Download and Start IDE** to connect.
@ -206,6 +203,7 @@ cd /opt/idea/bin
./remote-dev-server.sh registerBackendLocationForGateway ./remote-dev-server.sh registerBackendLocationForGateway
``` ```
> [!NOTE]
> Gateway only works with paid versions of JetBrains IDEs so the script will not > Gateway only works with paid versions of JetBrains IDEs so the script will not
> be located in the `bin` directory of JetBrains Community editions. > be located in the `bin` directory of JetBrains Community editions.
@ -395,6 +393,6 @@ Fleet can connect to a Coder workspace by following these steps.
4. Connect via SSH with the Host set to `coder.workspace-name` 4. Connect via SSH with the Host set to `coder.workspace-name`
![Fleet Connect to Coder](../../images/fleet/ssh-connect-to-coder.png) ![Fleet Connect to Coder](../../images/fleet/ssh-connect-to-coder.png)
> If you experience problems, please If you experience any issues, please
> [create a GitHub issue](https://github.com/coder/coder/issues) or share in [create a GitHub issue](https://github.com/coder/coder/issues) or share in
> [our Discord channel](https://discord.gg/coder). [our Discord channel](https://discord.gg/coder).

View File

@ -50,17 +50,17 @@ For more examples, see `coder port-forward --help`.
## Dashboard ## Dashboard
> To enable port forwarding via the dashboard, Coder must be configured with a To enable port forwarding via the dashboard, Coder must be configured with a
> [wildcard access URL](../../admin/setup/index.md#wildcard-access-url). If an [wildcard access URL](../../admin/setup/index.md#wildcard-access-url). If an
> access URL is not specified, Coder will create access URL is not specified, Coder will create
> [a publicly accessible URL](../../admin/setup/index.md#tunnel) to reverse [a publicly accessible URL](../../admin/setup/index.md#tunnel) to reverse
> proxy the deployment, and port forwarding will work. proxy the deployment, and port forwarding will work.
>
> There is a There is a
> [DNS limitation](https://datatracker.ietf.org/doc/html/rfc1035#section-2.3.1) [DNS limitation](https://datatracker.ietf.org/doc/html/rfc1035#section-2.3.1)
> where each segment of hostnames must not exceed 63 characters. If your app where each segment of hostnames must not exceed 63 characters. If your app
> name, agent name, workspace name and username exceed 63 characters in the name, agent name, workspace name and username exceed 63 characters in the
> hostname, port forwarding via the dashboard will not work. hostname, port forwarding via the dashboard will not work.
### From an coder_app resource ### From an coder_app resource
@ -122,6 +122,7 @@ it is still accessible.
![Annotated port controls in the UI](../../images/networking/annotatedports.png) ![Annotated port controls in the UI](../../images/networking/annotatedports.png)
> [!NOTE]
> The sharing level is limited by the maximum level enforced in the template > The sharing level is limited by the maximum level enforced in the template
> settings in licensed deployments, and not restricted in OSS deployments. > settings in licensed deployments, and not restricted in OSS deployments.

View File

@ -1,7 +1,7 @@
# Remote Desktops # Remote Desktops
> Built-in remote desktop is on the roadmap Built-in remote desktop is on the roadmap
> ([#2106](https://github.com/coder/coder/issues/2106)). ([#2106](https://github.com/coder/coder/issues/2106)).
## VNC Desktop ## VNC Desktop
@ -45,10 +45,10 @@ Then, connect to your workspace via RDP:
mstsc /v localhost:3399 mstsc /v localhost:3399
``` ```
or use your favorite RDP client to connect to `localhost:3399`. Or use your favorite RDP client to connect to `localhost:3399`.
![windows-rdp](../../images/ides/windows_rdp_client.png) ![windows-rdp](../../images/ides/windows_rdp_client.png)
> Note: Default username is `Administrator` and password is `coderRDP!`. The default username is `Administrator` and password is `coderRDP!`.
## RDP Web ## RDP Web

View File

@ -15,6 +15,7 @@ extension, authenticates with Coder, and connects to the workspace.
![Demo](https://github.com/coder/vscode-coder/raw/main/demo.gif?raw=true) ![Demo](https://github.com/coder/vscode-coder/raw/main/demo.gif?raw=true)
> [!NOTE]
> The `VS Code Desktop` button can be hidden by enabling > The `VS Code Desktop` button can be hidden by enabling
> [Browser-only connections](../../admin/networking/index.md#browser-only-connections). > [Browser-only connections](../../admin/networking/index.md#browser-only-connections).
@ -52,7 +53,8 @@ marketplace, or the Eclipse Open VSX _local_ marketplace.
![Code Web Extensions](../../images/ides/code-web-extensions.png) ![Code Web Extensions](../../images/ides/code-web-extensions.png)
> Note: Microsoft does not allow any unofficial VS Code IDE to connect to the > [!NOTE]
> Microsoft does not allow any unofficial VS Code IDE to connect to the
> extension marketplace. > extension marketplace.
### Adding extensions to custom images ### Adding extensions to custom images

View File

@ -15,8 +15,8 @@ In Coder, web IDEs are defined as
resources in the template. With our generic model, any web application can be resources in the template. With our generic model, any web application can be
used as a Coder application. For example: used as a Coder application. For example:
> To learn more about configuring IDEs in templates, see our docs on To learn more about configuring IDEs in templates, see our docs on
> [template administration](../../admin/templates/index.md). [template administration](../../admin/templates/index.md).
![External URLs](../../images/external-apps.png) ![External URLs](../../images/external-apps.png)

View File

@ -66,10 +66,7 @@ Use the Coder CLI to log in and configure SSH, then connect to your workspace wi
![Zed open remote project](../../images/zed/zed-ssh-open-remote.png) ![Zed open remote project](../../images/zed/zed-ssh-open-remote.png)
<blockquote class="admonition note"> > [!NOTE]
> If you have any suggestions or experience any issues, please
If you have any suggestions or experience any issues, please > [create a GitHub issue](https://github.com/coder/coder/issues) or share in
[create a GitHub issue](https://github.com/coder/coder/issues) or share in > [our Discord channel](https://discord.gg/coder).
[our Discord channel](https://discord.gg/coder).
</blockquote>

View File

@ -18,6 +18,7 @@ your workspace automatically.
![Dotfiles in workspace creation](../images/user-guides/dotfiles-module.png) ![Dotfiles in workspace creation](../images/user-guides/dotfiles-module.png)
> [!NOTE]
> Template admins: this can be enabled quite easily with a our > Template admins: this can be enabled quite easily with a our
> [dotfiles module](https://registry.coder.com/modules/dotfiles) using just a > [dotfiles module](https://registry.coder.com/modules/dotfiles) using just a
> few lines in the template. > few lines in the template.
@ -37,6 +38,7 @@ sudo apt update
sudo apt install -y neovim fish cargo sudo apt install -y neovim fish cargo
``` ```
> [!NOTE]
> Template admins: refer to > Template admins: refer to
> [this module](https://registry.coder.com/modules/personalize) to enable the > [this module](https://registry.coder.com/modules/personalize) to enable the
> `~/personalize` script on templates. > `~/personalize` script on templates.

View File

@ -15,8 +15,8 @@ Persistent resources stay provisioned when the workspace is stopped, where as
ephemeral resources are destroyed and recreated on restart. All resources are ephemeral resources are destroyed and recreated on restart. All resources are
destroyed when a workspace is deleted. destroyed when a workspace is deleted.
> Template administrators can learn more about resource configuration in the Template administrators can learn more about resource configuration in the
> [extending templates docs](../admin/templates/extending-templates/resource-persistence.md). [extending templates docs](../admin/templates/extending-templates/resource-persistence.md).
## Workspace States ## Workspace States

View File

@ -90,12 +90,9 @@ manually updated the workspace.
## Bulk operations ## Bulk operations
<blockquote class="info"> > [!NOTE]
> Bulk operations are an Enterprise and Premium feature.
Bulk operations are an Enterprise and Premium feature. > [Learn more](https://coder.com/pricing#compare-plans).
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
Licensed admins may apply bulk operations (update, delete, start, stop) in the Licensed admins may apply bulk operations (update, delete, start, stop) in the
**Workspaces** tab. Select the workspaces you'd like to modify with the **Workspaces** tab. Select the workspaces you'd like to modify with the
@ -182,4 +179,5 @@ Coder stores macOS and Linux logs at the following locations:
| `shutdown_script` | `/tmp/coder-shutdown-script.log` | | `shutdown_script` | `/tmp/coder-shutdown-script.log` |
| Agent | `/tmp/coder-agent.log` | | Agent | `/tmp/coder-agent.log` |
> Note: Logs are truncated once they reach 5MB in size. > [!NOTE]
> Logs are truncated once they reach 5MB in size.

View File

@ -24,7 +24,7 @@ Then open the **Schedule** tab to see your workspace scheduling options.
## Autostart ## Autostart
> Autostart must be enabled in the template settings by your administrator. Autostart must be enabled in the template settings by your administrator.
Use autostart to start a workspace at a specified time and which days of the Use autostart to start a workspace at a specified time and which days of the
week. Also, you can choose your preferred timezone. Admins may restrict which week. Also, you can choose your preferred timezone. Admins may restrict which
@ -51,12 +51,9 @@ for your workspace.
## Autostop requirement ## Autostop requirement
<blockquote class="info"> > [!NOTE]
> Autostop requirement is an Enterprise and Premium feature.
Autostop requirement is an Enterprise and Premium feature. > [Learn more](https://coder.com/pricing#compare-plans).
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
Licensed template admins may enforce a required stop for workspaces to apply Licensed template admins may enforce a required stop for workspaces to apply
updates or undergo maintenance. These stops ignore any active connections or updates or undergo maintenance. These stops ignore any active connections or
@ -65,17 +62,14 @@ frequency for updates, either in **days** or **weeks**. Workspaces will apply
the template autostop requirement on the given day **in the user's timezone** the template autostop requirement on the given day **in the user's timezone**
and specified quiet hours (see below). and specified quiet hours (see below).
> Admins: See the template schedule settings for more information on configuring Admins: See the template schedule settings for more information on configuring
> Autostop Requirement. Autostop Requirement.
### User quiet hours ### User quiet hours
<blockquote class="info"> > [!NOTE]
> User quiet hours are an Enterprise and Premium feature.
User quiet hours are an Enterprise and Premium feature. > [Learn more](https://coder.com/pricing#compare-plans).
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
User quiet hours can be configured in the user's schedule settings page. User quiet hours can be configured in the user's schedule settings page.
Workspaces on templates with an autostop requirement will only be forcibly Workspaces on templates with an autostop requirement will only be forcibly
@ -90,7 +84,8 @@ powerful system for scheduling your workspace. However, synchronizing all of
them simultaneously can be somewhat challenging, here are a few example them simultaneously can be somewhat challenging, here are a few example
configurations to better understand how they interact. configurations to better understand how they interact.
> Note that the inactivity timer must be configured by your template admin. > [!NOTE]
> The inactivity timer must be configured by your template admin.
### Working hours ### Working hours
@ -115,12 +110,9 @@ hours of inactivity.
## Dormancy ## Dormancy
<blockquote class="info"> > [!NOTE]
> Dormancy is an Enterprise and Premium feature.
Dormancy is an Enterprise and Premium feature. > [Learn more](https://coder.com/pricing#compare-plans).
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
Dormancy automatically deletes workspaces which remain unused for long Dormancy automatically deletes workspaces which remain unused for long
durations. Template admins configure an inactivity period after which your durations. Template admins configure an inactivity period after which your