synced/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2025-07-13 21:36:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

docs: convert alerts to use GitHub Flavored Markdown (GFM) (#16850)

Browse Source 
followup to #16761 

thanks @lucasmelin !

+ thanks: @ethanndickson @Parkreiner @matifali @aqandrew 

- [x] update snippet
- [x] find/replace
- [x] spot-check


[preview](https://coder.com/docs/@16761-gfm-callouts/admin/templates/managing-templates/schedule)
(and others)

---------

Co-authored-by: EdwardAngert <17991901+EdwardAngert@users.noreply.github.com>
Co-authored-by: M Atif Ali <atif@coder.com>
This commit is contained in:
Edward Angert
2025-03-10 15:58:20 -05:00
committed by GitHub
parent e817713dc0
commit 101b62dc3e
86 changed files with 493 additions and 562 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
.vscode/markdown.code-snippets vendored
View File

@ -1,14 +1,14 @@
{
// For info about snippets, visit https://code.visualstudio.com/docs/editor/userdefinedsnippets
// https://docs.github.com/en/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax#alerts
"admonition": {
"prefix": "#callout",
"alert": {
"prefix": "#alert",
"body": [
"<blockquote class=\"admonition ${1|caution,important,note,tip,warning|}\">\n",
"${TM_SELECTED_TEXT:${2:add info here}}\n",
"</blockquote>\n"
"> [!${1|CAUTION,IMPORTANT,NOTE,TIP,WARNING|}]",
"> ${TM_SELECTED_TEXT:${2:add info here}}\n"
],
"description": "callout admonition caution info note tip warning"
"description": "callout admonition caution important note tip warning"
},
"fenced code block": {
"prefix": "#codeblock",
@ -23,9 +23,8 @@
"premium-feature": {
"prefix": "#premium-feature",
"body": [
"<blockquote class=\"info\">\n",
"${1:feature} ${2|is,are|} an Enterprise and Premium feature. [Learn more](https://coder.com/pricing#compare-plans).\n",
"</blockquote>"
"> [!NOTE]\n",
"> ${1:feature} ${2|is,are|} an Enterprise and Premium feature. [Learn more](https://coder.com/pricing#compare-plans).\n"
]
},
"tabs": {

11
docs/CONTRIBUTING.md
View File

@ -117,9 +117,7 @@ This mode is useful for testing HA or validating more complex setups.
### Deploying a PR
> You need to be a member or collaborator of the of
> [coder](https://github.com/coder) GitHub organization to be able to deploy a
> PR.
You need to be a member or collaborator of the [coder](https://github.com/coder) GitHub organization to be able to deploy a PR.
You can test your changes by creating a PR deployment. There are two ways to do
this:
@ -142,7 +140,8 @@ this:
name and PR number, etc.
- `-y` or `--yes`, will skip the CLI confirmation prompt.
> Note: PR deployment will be re-deployed automatically when the PR is updated.
> [!NOTE]
> PR deployment will be re-deployed automatically when the PR is updated.
> It will use the last values automatically for redeployment.
Once the deployment is finished, a unique link and credentials will be posted in
@ -256,8 +255,7 @@ Our frontend guide can be found [here](./contributing/frontend.md).
## Reviews
> The following information has been borrowed from
> [Go's review philosophy](https://go.dev/doc/contribute#reviews).
The following information has been borrowed from [Go's review philosophy](https://go.dev/doc/contribute#reviews).
Coder values thorough reviews. For each review comment that you receive, please
"close" it by implementing the suggestion or providing an explanation on why the
@ -345,6 +343,7 @@ Breaking changes can be triggered in two ways:
### Security
> [!CAUTION]
> If you find a vulnerability, **DO NOT FILE AN ISSUE**. Instead, send an email
> to <security@coder.com>.

37
docs/admin/external-auth.md
View File

@ -90,7 +90,8 @@ CODER_EXTERNAL_AUTH_0_CLIENT_SECRET=xxxxxxx
CODER_EXTERNAL_AUTH_0_AUTH_URL="https://login.microsoftonline.com/<TENANT ID>/oauth2/authorize"
```
> Note: Your app registration in Entra ID requires the `vso.code_write` scope
> [!NOTE]
> Your app registration in Entra ID requires the `vso.code_write` scope
### Bitbucket Server
@ -120,11 +121,8 @@ The Redirect URI for Gitea should be
### GitHub
<blockquote class="admonition tip">
If you don't require fine-grained access control, it's easier to [configure a GitHub OAuth app](#configure-a-github-oauth-app).
</blockquote>
> [!TIP]
> If you don't require fine-grained access control, it's easier to [configure a GitHub OAuth app](#configure-a-github-oauth-app).
```env
CODER_EXTERNAL_AUTH_0_ID="USER_DEFINED_ID"
@ -179,7 +177,8 @@ CODER_EXTERNAL_AUTH_0_VALIDATE_URL="https://your-domain.com/oauth/token/info"
CODER_EXTERNAL_AUTH_0_REGEX=github\.company\.org
```
> Note: The `REGEX` variable must be set if using a custom git domain.
> [!NOTE]
> The `REGEX` variable must be set if using a custom git domain.
## Custom scopes
@ -222,26 +221,16 @@ CODER_EXTERNAL_AUTH_0_SCOPES="repo:read repo:write write:gpg_key"
![Install GitHub App](../images/admin/github-app-install.png)
## Multiple External Providers
<blockquote class="info">
Multiple providers is an Enterprise and Premium feature.
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
## Multiple External Providers (Enterprise)(Premium)
Below is an example configuration with multiple providers:
<blockquote class="admonition warning">
**Note:** To support regex matching for paths like `github\.com/org`, add the following `git config` line to the [Coder agent startup script](https://registry.terraform.io/providers/coder/coder/latest/docs/resources/agent#startup_script):
```shell
git config --global credential.useHttpPath true
```
</blockquote>
> [!IMPORTANT]
> To support regex matching for paths like `github\.com/org`, add the following `git config` line to the [Coder agent startup script](https://registry.terraform.io/providers/coder/coder/latest/docs/resources/agent#startup_script):
>
> ```shell
> git config --global credential.useHttpPath true
> ```
```env
# Provider 1) github.com

26
docs/admin/infrastructure/scale-utility.md
View File

@ -28,7 +28,8 @@ hardware sizing recommendations.
| Kubernetes (GKE) | 4 cores | 16 GB | 2 | db-custom-8-30720 | 2000 | 50 | 2000 simulated | `v2.8.4` | Feb 28, 2024 |
| Kubernetes (GKE) | 2 cores | 4 GB | 2 | db-custom-2-7680 | 1000 | 50 | 1000 simulated | `v2.10.2` | Apr 26, 2024 |
> Note: A simulated connection reads and writes random data at 40KB/s per connection.
> [!NOTE]
> A simulated connection reads and writes random data at 40KB/s per connection.
## Scale testing utility
@ -36,19 +37,16 @@ Since Coder's performance is highly dependent on the templates and workflows you
support, you may wish to use our internal scale testing utility against your own
environments.
<blockquote class="admonition important">
This utility is experimental.
It is not subject to any compatibility guarantees and may cause interruptions
for your users.
To avoid potential outages and orphaned resources, we recommend that you run
scale tests on a secondary "staging" environment or a dedicated
[Kubernetes playground cluster](https://github.com/coder/coder/tree/main/scaletest/terraform).
Run it against a production environment at your own risk.
</blockquote>
> [!IMPORTANT]
> This utility is experimental.
>
> It is not subject to any compatibility guarantees and may cause interruptions
> for your users.
> To avoid potential outages and orphaned resources, we recommend that you run
> scale tests on a secondary "staging" environment or a dedicated
> [Kubernetes playground cluster](https://github.com/coder/coder/tree/main/scaletest/terraform).
>
> Run it against a production environment at your own risk.
### Create workspaces

5
docs/admin/infrastructure/validated-architectures/index.md
View File

@ -36,9 +36,8 @@ cloud/on-premise computing, containerization, and the Coder platform.
| Reference architectures for up to 3,000 users | An approval of your architecture; the CVA solely provides recommendations and guidelines |
| Best practices for building a Coder deployment | Recommendations for every possible deployment scenario |
> For higher level design principles and architectural best practices, see
> Coder's
> [Well-Architected Framework](https://coder.com/blog/coder-well-architected-framework).
For higher level design principles and architectural best practices, see Coder's
[Well-Architected Framework](https://coder.com/blog/coder-well-architected-framework).
## General concepts

7
docs/admin/integrations/jfrog-artifactory.md
View File

@ -131,11 +131,8 @@ To set this up, follow these steps:
}
```
<blockquote class="info">
The admin-level access token is used to provision user tokens and is never exposed to developers or stored in workspaces.
</blockquote>
> [!NOTE]
> The admin-level access token is used to provision user tokens and is never exposed to developers or stored in workspaces.
If you don't want to use the official modules, you can read through the [example template](https://github.com/coder/coder/tree/main/examples/jfrog/docker), which uses Docker as the underlying compute. The
same concepts apply to all compute types.

13
docs/admin/integrations/jfrog-xray.md
View File

@ -56,14 +56,11 @@ workspaces using Coder's [JFrog Xray Integration](https://github.com/coder/coder
--set artifactory.secretName="jfrog-token"
```
<blockquote class="admonition warning">
To authenticate with the Artifactory registry, you may need to
create a [Docker config](https://jfrog.com/help/r/jfrog-artifactory-documentation/docker-advanced-topics) and use it in the
`imagePullSecrets` field of the Kubernetes Pod. See the [Defining ImagePullSecrets for Coder workspaces](../../tutorials/image-pull-secret.md) guide for more
information.
</blockquote>
> [!IMPORTANT]
> To authenticate with the Artifactory registry, you may need to
> create a [Docker config](https://jfrog.com/help/r/jfrog-artifactory-documentation/docker-advanced-topics) and use it in the
> `imagePullSecrets` field of the Kubernetes Pod.
> See the [Defining ImagePullSecrets for Coder workspaces](../../tutorials/image-pull-secret.md) guide for more information.
## Validate your installation

8
docs/admin/integrations/opentofu.md
View File

@ -2,7 +2,8 @@
<!-- Keeping this in as a placeholder for supporting OpenTofu. We should fix support for custom terraform binaries ASAP. -->
> ⚠️ This guide is a work in progress. We do not officially support using custom
> [!IMPORTANT]
> This guide is a work in progress. We do not officially support using custom
> Terraform binaries in your Coder deployment. To track progress on the work,
> see this related [GitHub Issue](https://github.com/coder/coder/issues/12009).
@ -10,9 +11,8 @@ Coder deployments support any custom Terraform binary, including
[OpenTofu](https://opentofu.org/docs/) - an open source alternative to
Terraform.
> You can read more about OpenTofu and Hashicorp's licensing in our
> [blog post](https://coder.com/blog/hashicorp-license) on the Terraform
> licensing changes.
You can read more about OpenTofu and Hashicorp's licensing in our
[blog post](https://coder.com/blog/hashicorp-license) on the Terraform licensing changes.
## Using a custom Terraform binary

3
docs/admin/licensing/index.md
View File

@ -7,8 +7,7 @@ features, you can [request a trial](https://coder.com/trial) or
<!-- markdown-link-check-disable -->
> If you are an existing customer, you can learn more our new Premium plan in
> the [Coder v2.16 blog post](https://coder.com/blog/release-recap-2-16-0)
You can learn more about Coder Premium in the [Coder v2.16 blog post](https://coder.com/blog/release-recap-2-16-0)
<!-- markdown-link-check-enable -->

47
docs/admin/monitoring/health-check.md
View File

@ -40,7 +40,7 @@ If there is an issue, you may see one of the following errors reported:
[`url.Parse`](https://pkg.go.dev/net/url#Parse). Example:
`https://dev.coder.com/`.
> **Tip:** You can check this [here](https://go.dev/play/p/CabcJZyTwt9).
You can use [the Go playground](https://go.dev/play/p/CabcJZyTwt9) for additional testing.
### EACS03
@ -117,15 +117,12 @@ Coder's current activity and usage. It may be necessary to increase the
resources allocated to Coder's database. Alternatively, you can raise the
configured threshold to a higher value (this will not address the root cause).
<blockquote class="admonition tip">
You can enable
[detailed database metrics](../../reference/cli/server.md#--prometheus-collect-db-metrics)
in Coder's Prometheus endpoint. If you have
[tracing enabled](../../reference/cli/server.md#--trace), these traces may also
contain useful information regarding Coder's database activity.
</blockquote>
> [!TIP]
> You can enable
> [detailed database metrics](../../reference/cli/server.md#--prometheus-collect-db-metrics)
> in Coder's Prometheus endpoint. If you have
> [tracing enabled](../../reference/cli/server.md#--trace), these traces may also
> contain useful information regarding Coder's database activity.
## DERP
@ -150,12 +147,9 @@ This is not necessarily a fatal error, but a possible indication of a
misconfigured reverse HTTP proxy. Additionally, while workspace users should
still be able to reach their workspaces, connection performance may be degraded.
<blockquote class="admonition note">
**Note:** This may also be shown if you have
[forced websocket connections for DERP](../../reference/cli/server.md#--derp-force-websockets).
</blockquote>
> [!NOTE]
> This may also be shown if you have
> [forced websocket connections for DERP](../../reference/cli/server.md#--derp-force-websockets).
**Solution:** ensure that any proxies you use allow connection upgrade with the
`Upgrade: derp` header.
@ -305,13 +299,10 @@ that they are able to successfully connect to Coder. Otherwise, ensure
[`--provisioner-daemons`](../../reference/cli/server.md#--provisioner-daemons)
is set to a value greater than 0.
<blockquote class="admonition note">
**Note:** This may be a transient issue if you are currently in the process of
> [!NOTE]
> This may be a transient issue if you are currently in the process of
updating your deployment.
</blockquote>
### EPD02
#### Provisioner Daemon Version Mismatch
@ -324,13 +315,10 @@ of API incompatibility.
**Solution:** Update the provisioner daemon to match the currently running
version of Coder.
<blockquote class="admonition note">
**Note:** This may be a transient issue if you are currently in the process of
> [!NOTE]
> This may be a transient issue if you are currently in the process of
updating your deployment.
</blockquote>
### EPD03
#### Provisioner Daemon API Version Mismatch
@ -343,13 +331,10 @@ connect to Coder.
**Solution:** Update the provisioner daemon to match the currently running
version of Coder.
<blockquote class="admonition note">
**Note:** This may be a transient issue if you are currently in the process of
> [!NOTE]
> This may be a transient issue if you are currently in the process of
updating your deployment.
</blockquote>
### EUNKNOWN
#### Unknown Error

3
docs/admin/monitoring/logs.md
View File

@ -43,7 +43,8 @@ Agent logs are also stored in the workspace filesystem by default:
[azure-windows](https://github.com/coder/coder/blob/2cfadad023cb7f4f85710cff0b21ac46bdb5a845/examples/templates/azure-windows/Initialize.ps1.tftpl#L64))
to see where logs are stored.
> Note: Logs are truncated once they reach 5MB in size.
> [!NOTE]
> Logs are truncated once they reach 5MB in size.
Startup script logs are also stored in the temporary directory of macOS and
Linux workspaces.

9
docs/admin/monitoring/notifications/index.md
View File

@ -242,12 +242,9 @@ notification is indicated on the right hand side of this table.
## Delivery Preferences
<blockquote class="info">
Delivery preferences is an Enterprise and Premium feature.
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
> [!NOTE]
> Delivery preferences is an Enterprise and Premium feature.
> [Learn more](https://coder.com/pricing#compare-plans).
Administrators can configure which delivery methods are used for each different
[event type](#event-types).

7
docs/admin/monitoring/notifications/slack.md
View File

@ -181,12 +181,11 @@ To build the server to receive webhooks and interact with Slack:
Slack requires the bot to acknowledge when a user clicks on a URL action button.
This is handled by setting up interactivity.
1. Under "Interactivity & Shortcuts" in your Slack app settings, set the Request
Under "Interactivity & Shortcuts" in your Slack app settings, set the Request
URL to match the public URL of your web server's endpoint.
> Notice: You can use any public endpoint that accepts and responds to POST
> requests with HTTP 200. For temporary testing, you can set it to
> `https://httpbin.org/status/200`.
You can use any public endpoint that accepts and responds to POST requests with HTTP 200.
For temporary testing, you can set it to `https://httpbin.org/status/200`.
Once this is set, Slack will send interaction payloads to your server, which
must respond appropriately.

24
docs/admin/networking/index.md
View File

@ -18,7 +18,8 @@ networking logic.
In order for clients and workspaces to be able to connect:
> **Note:** We strongly recommend that clients connect to Coder and their
> [!NOTE]
> We strongly recommend that clients connect to Coder and their
> workspaces over a good quality, broadband network connection. The following
> are minimum requirements:
>
@ -33,7 +34,8 @@ In order for clients and workspaces to be able to connect:
In order for clients to be able to establish direct connections:
> **Note:** Direct connections via the web browser are not supported. To improve
> [!NOTE]
> Direct connections via the web browser are not supported. To improve
> latency for browser-based applications running inside Coder workspaces in
> regions far from the Coder control plane, consider deploying one or more
> [workspace proxies](./workspace-proxies.md).
@ -172,12 +174,9 @@ more.
## Browser-only connections
<blockquote class="info">
Browser-only connections is an Enterprise and Premium feature.
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
> [!NOTE]
> Browser-only connections is an Enterprise and Premium feature.
> [Learn more](https://coder.com/pricing#compare-plans).
Some Coder deployments require that all access is through the browser to comply
with security policies. In these cases, pass the `--browser-only` flag to
@ -189,12 +188,9 @@ via the web terminal and
### Workspace Proxies
<blockquote class="info">
Workspace proxies are an Enterprise and Premium feature.
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
> [!NOTE]
> Workspace proxies are an Enterprise and Premium feature.
> [Learn more](https://coder.com/pricing#compare-plans).
Workspace proxies are a Coder Enterprise feature that allows you to provide
low-latency browser experiences for geo-distributed teams.

45
docs/admin/networking/port-forwarding.md
View File

@ -48,17 +48,17 @@ For more examples, see `coder port-forward --help`.
## Dashboard
> To enable port forwarding via the dashboard, Coder must be configured with a
> [wildcard access URL](../../admin/setup/index.md#wildcard-access-url). If an
> access URL is not specified, Coder will create
> [a publicly accessible URL](../../admin/setup/index.md#tunnel) to reverse
> proxy the deployment, and port forwarding will work.
>
> There is a
> [DNS limitation](https://datatracker.ietf.org/doc/html/rfc1035#section-2.3.1)
> where each segment of hostnames must not exceed 63 characters. If your app
> name, agent name, workspace name and username exceed 63 characters in the
> hostname, port forwarding via the dashboard will not work.
To enable port forwarding via the dashboard, Coder must be configured with a
[wildcard access URL](../../admin/setup/index.md#wildcard-access-url). If an
access URL is not specified, Coder will create
[a publicly accessible URL](../../admin/setup/index.md#tunnel) to reverse
proxy the deployment, and port forwarding will work.
There is a
[DNS limitation](https://datatracker.ietf.org/doc/html/rfc1035#section-2.3.1)
where each segment of hostnames must not exceed 63 characters. If your app
name, agent name, workspace name and username exceed 63 characters in the
hostname, port forwarding via the dashboard will not work.
### From an coder_app resource
@ -131,12 +131,9 @@ to the app.
### Configure maximum port sharing level
<blockquote class="info">
Configuring port sharing level is an Enterprise and Premium feature.
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
> [!NOTE]
> Configuring port sharing level is an Enterprise and Premium feature.
> [Learn more](https://coder.com/pricing#compare-plans).
Premium-licensed template admins can control the maximum port sharing level for
workspaces under a given template in the template settings. By default, the
@ -179,12 +176,14 @@ must include credentials (set `credentials: "include"` if using `fetch`) or the
requests cannot be authenticated and you will see an error resembling the
following:
> Access to fetch at
> '<https://coder.example.com/api/v2/applications/auth-redirect>' from origin
> '<https://8000--dev--user--apps.coder.example.com>' has been blocked by CORS
> policy: No 'Access-Control-Allow-Origin' header is present on the requested
> resource. If an opaque response serves your needs, set the request's mode to
> 'no-cors' to fetch the resource with CORS disabled.
```text
Access to fetch at
'<https://coder.example.com/api/v2/applications/auth-redirect>' from origin
'<https://8000--dev--user--apps.coder.example.com>' has been blocked by CORS
policy: No 'Access-Control-Allow-Origin' header is present on the requested
resource. If an opaque response serves your needs, set the request's mode to
'no-cors' to fetch the resource with CORS disabled.
```
#### Headers

21
docs/admin/networking/stun.md
View File

@ -1,13 +1,13 @@
# STUN and NAT
> [Session Traversal Utilities for NAT (STUN)](https://www.rfc-editor.org/rfc/rfc8489.html)
> is a protocol used to assist applications in establishing peer-to-peer
> communications across Network Address Translations (NATs) or firewalls.
>
> [Network Address Translation (NAT)](https://en.wikipedia.org/wiki/Network_address_translation)
> is commonly used in private networks to allow multiple devices to share a
> single public IP address. The vast majority of home and corporate internet
> connections use at least one level of NAT.
[Session Traversal Utilities for NAT (STUN)](https://www.rfc-editor.org/rfc/rfc8489.html)
is a protocol used to assist applications in establishing peer-to-peer
communications across Network Address Translations (NATs) or firewalls.
[Network Address Translation (NAT)](https://en.wikipedia.org/wiki/Network_address_translation)
is commonly used in private networks to allow multiple devices to share a
single public IP address. The vast majority of home and corporate internet
connections use at least one level of NAT.
## Overview
@ -33,8 +33,9 @@ counterpart can be reached. Once communication succeeds in one direction, we can
inspect the source address of the received packet to determine the return
address.
> The below glosses over a lot of the complexity of traversing NATs. For a more
> in-depth technical explanation, see
> [!TIP]
> The below glosses over a lot of the complexity of traversing NATs.
> For a more in-depth technical explanation, see
> [How NAT traversal works (tailscale.com)](https://tailscale.com/blog/how-nat-traversal-works).
At a high level, STUN works like this:

6
docs/admin/networking/workspace-proxies.md
View File

@ -104,10 +104,10 @@ CODER_TLS_KEY_FILE="<key_file_location>"
### Running on Kubernetes
Make a `values-wsproxy.yaml` with the workspace proxy configuration:
Make a `values-wsproxy.yaml` with the workspace proxy configuration.
> Notice the `workspaceProxy` configuration which is `false` by default in the
> coder Helm chart.
Notice the `workspaceProxy` configuration which is `false` by default in the
Coder Helm chart:
```yaml
coder:

12
docs/admin/provisioners.md
View File

@ -104,10 +104,9 @@ tags.
## Global PSK (Not Recommended)
> Global pre-shared keys (PSK) make it difficult to rotate keys or isolate
> provisioners.
>
> We do not recommend using global PSK.
We do not recommend using global PSK.
Global pre-shared keys (PSK) make it difficult to rotate keys or isolate provisioners.
A deployment-wide PSK can be used to authenticate any provisioner. To use a
global PSK, set a
@ -158,7 +157,7 @@ coder templates push on-prem-chicago \
This can also be done in the UI when building a template:
> ![template tags](../images/admin/provisioner-tags.png)
![template tags](../images/admin/provisioner-tags.png)
Alternatively, a template can target a provisioner via
[workspace tags](https://github.com/coder/coder/tree/main/examples/workspace-tags)
@ -226,7 +225,8 @@ This is illustrated in the below table:
| scope=user owner=aaa environment=on-prem datacenter=chicago | scope=user owner=aaa environment=on-prem datacenter=new_york | ✅ | ❌ |
| scope=organization owner= environment=on-prem | scope=organization owner= environment=on-prem | ❌ | ❌ |
> **Note to maintainers:** to generate this table, run the following command and
> [!TIP]
> To generate this table, run the following command and
> copy the output:
>
> ```go

6
docs/admin/security/0001_user_apikeys_invalidation.md
View File

@ -42,7 +42,8 @@ failed to check whether the API key corresponds to a deleted user.
## Indications of Compromise
> 💡 Automated remediation steps in the upgrade purge all affected API keys.
> [!TIP]
> Automated remediation steps in the upgrade purge all affected API keys.
> Either perform the following query before upgrade or run it on a backup of
> your database from before the upgrade.
@ -81,7 +82,8 @@ Otherwise, the following information will be reported:
- User API key ID
- Time the affected API key was last used
> 💡 If your license includes the
> [!TIP]
> If your license includes the
> [Audit Logs](https://coder.com/docs/admin/audit-logs#filtering-logs) feature,
> you can then query all actions performed by the above users by using the
> filter `email:$USER_EMAIL`.

42
docs/admin/security/database-encryption.md
View File

@ -26,24 +26,27 @@ The following database fields are currently encrypted:
Additional database fields may be encrypted in the future.
> Implementation notes: each encrypted database column `$C` has a corresponding
> `$C_key_id` column. This column is used to determine which encryption key was
> used to encrypt the data. This allows Coder to rotate encryption keys without
> invalidating existing tokens, and provides referential integrity for encrypted
> data.
>
> The `$C_key_id` column stores the first 7 bytes of the SHA-256 hash of the
> encryption key used to encrypt the data.
>
> Encryption keys in use are stored in `dbcrypt_keys`. This table stores a
> record of all encryption keys that have been used to encrypt data. Active keys
> have a null `revoked_key_id` column, and revoked keys have a non-null
> `revoked_key_id` column. You cannot revoke a key until you have rotated all
> values using that key to a new key.
### Implementation notes
Each encrypted database column `$C` has a corresponding
`$C_key_id` column. This column is used to determine which encryption key was
used to encrypt the data. This allows Coder to rotate encryption keys without
invalidating existing tokens, and provides referential integrity for encrypted
data.
The `$C_key_id` column stores the first 7 bytes of the SHA-256 hash of the
encryption key used to encrypt the data.
Encryption keys in use are stored in `dbcrypt_keys`. This table stores a
record of all encryption keys that have been used to encrypt data. Active keys
have a null `revoked_key_id` column, and revoked keys have a non-null
`revoked_key_id` column. You cannot revoke a key until you have rotated all
values using that key to a new key.
## Enabling encryption
> NOTE: Enabling encryption does not encrypt all existing data. To encrypt
> [!NOTE]
> Enabling encryption does not encrypt all existing data. To encrypt
> existing data, see [rotating keys](#rotating-keys) below.
- Ensure you have a valid backup of your database. **Do not skip this step.** If
@ -115,7 +118,8 @@ data:
This command will re-encrypt all tokens with the specified new encryption key.
We recommend performing this action during a maintenance window.
> Note: this command requires direct access to the database. If you are using
> [!IMPORTANT]
> This command requires direct access to the database. If you are using
> the built-in PostgreSQL database, you can run
> [`coder server postgres-builtin-url`](../../reference/cli/server_postgres-builtin-url.md)
> to get the connection URL.
@ -138,7 +142,8 @@ To disable encryption, perform the following actions:
This command will decrypt all encrypted user tokens and revoke all active
encryption keys.
> Note: for `decrypt` command, the equivalent environment variable for
> [!NOTE]
> for `decrypt` command, the equivalent environment variable for
> `--keys` is `CODER_EXTERNAL_TOKEN_ENCRYPTION_DECRYPT_KEYS` and not
> `CODER_EXTERNAL_TOKEN_ENCRYPTION_KEYS`. This is explicitly named differently
> to help prevent accidentally decrypting data.
@ -152,7 +157,8 @@ To disable encryption, perform the following actions:
## Deleting Encrypted Data
> NOTE: This is a destructive operation.
> [!CAUTION]
> This is a destructive operation.
To delete all encrypted data from your database, perform the following actions:

1
docs/admin/security/index.md
View File

@ -7,6 +7,7 @@ For other security tips, visit our guide to
## Security Advisories
> [!CAUTION]
> If you discover a vulnerability in Coder, please do not hesitate to report it
> to us by following the instructions
> [here](https://github.com/coder/coder/blob/main/SECURITY.md).

3
docs/admin/security/secrets.md
View File

@ -38,7 +38,8 @@ Users can view their public key in their account settings:
![SSH keys in account settings](../../images/ssh-keys.png)
> Note: SSH keys are never stored in Coder workspaces, and are fetched only when
> [!NOTE]
> SSH keys are never stored in Coder workspaces, and are fetched only when
> SSH is invoked. The keys are held in-memory and never written to disk.
## Dynamic Secrets

9
docs/admin/setup/appearance.md
View File

@ -1,11 +1,8 @@
# Appearance
<blockquote class="info">
Customizing Coder's appearance is an Enterprise and Premium feature.
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
> [!NOTE]
> Customizing Coder's appearance is an Enterprise and Premium feature.
> [Learn more](https://coder.com/pricing#compare-plans).
Customize the look of your Coder deployment to meet your enterprise
requirements.

7
docs/admin/setup/index.md
View File

@ -10,8 +10,7 @@ full list of the options, run `coder server --help` or see our
external URL that users and workspaces use to connect to Coder (e.g.
<https://coder.example.com>). This should not be localhost.
> Access URL should be an external IP address or domain with DNS records
> pointing to Coder.
Access URL should be an external IP address or domain with DNS records pointing to Coder.
### Tunnel
@ -44,7 +43,8 @@ coder server
or running [coder_apps](../templates/index.md) on an absolute path. Set this to
a wildcard subdomain that resolves to Coder (e.g. `*.coder.example.com`).
> Note: We do not recommend using a top-level-domain for Coder wildcard access
> [!NOTE]
> We do not recommend using a top-level-domain for Coder wildcard access
> (for example `*.workspaces`), even on private networks with split-DNS. Some
> browsers consider these "public" domains and will refuse Coder's cookies,
> which are vital to the proper operation of this feature.
@ -107,6 +107,7 @@ deployment information. Use `CODER_PG_CONNECTION_URL` to set the database that
Coder connects to. If unset, PostgreSQL binaries will be downloaded from Maven
(<https://repo1.maven.org/maven2>) and store all data in the config root.
> [!NOTE]
> Postgres 13 is the minimum supported version.
If you are using the built-in PostgreSQL deployment and need to use `psql` (aka

5
docs/admin/setup/telemetry.md
View File

@ -1,8 +1,7 @@
# Telemetry
<blockquote class="info">
TL;DR: disable telemetry by setting <code>CODER_TELEMETRY_ENABLE=false</code>.
</blockquote>
> [!NOTE]
> TL;DR: disable telemetry by setting <code>CODER_TELEMETRY_ENABLE=false</code>.
Coder collects telemetry from all installations by default. We believe our users
should have the right to know what we collect, why we collect it, and how we use

6
docs/admin/templates/creating-templates.md
View File

@ -25,7 +25,8 @@ Give your template a name, description, and icon and press `Create template`.
![Name and icon](../../images/admin/templates/import-template.png)
> **⚠️ Note**: If template creation fails, Coder is likely not authorized to
> [!NOTE]
> If template creation fails, Coder is likely not authorized to
> deploy infrastructure in the given location. Learn how to configure
> [provisioner authentication](./extending-templates/provider-authentication.md).
@ -64,7 +65,8 @@ Next, push it to Coder with the
coder templates push
```
> ⚠️ Note: If `template push` fails, Coder is likely not authorized to deploy
> [!NOTE]
> If `template push` fails, Coder is likely not authorized to deploy
> infrastructure in the given location. Learn how to configure
> [provisioner authentication](../provisioners.md).

4
docs/admin/templates/extending-templates/docker-in-workspaces.md
View File

@ -273,8 +273,8 @@ A
can be added to your templates to add docker support. This may come in handy if
your nodes cannot run Sysbox.
> ⚠️ **Warning**: This is insecure. Workspaces will be able to gain root access
> to the host machine.
> [!WARNING]
> This is insecure. Workspaces will be able to gain root access to the host machine.
### Use a privileged sidecar container in Docker-based templates

7
docs/admin/templates/extending-templates/external-auth.md
View File

@ -31,11 +31,8 @@ you can require users authenticate via git prior to creating a workspace:
### Native git authentication will auto-refresh tokens
<blockquote class="info">
<p>
This is the preferred authentication method.
</p>
</blockquote>
> [!TIP]
> This is the preferred authentication method.
By default, the coder agent will configure native `git` authentication via the
`GIT_ASKPASS` environment variable. Meaning, with no additional configuration,

4
docs/admin/templates/extending-templates/index.md
View File

@ -49,8 +49,7 @@ Persistent resources stay provisioned when workspaces are stopped, where as
ephemeral resources are destroyed and recreated on restart. All resources are
destroyed when a workspace is deleted.
> You can read more about how resource behavior and workspace state in the
> [workspace lifecycle documentation](../../../user-guides/workspace-lifecycle.md).
You can read more about how resource behavior and workspace state in the [workspace lifecycle documentation](../../../user-guides/workspace-lifecycle.md).
Template resources follow the
[behavior of Terraform resources](https://developer.hashicorp.com/terraform/language/resources/behavior#how-terraform-applies-a-configuration)
@ -65,6 +64,7 @@ When a workspace is deleted, the Coder server essentially runs a
[terraform destroy](https://www.terraform.io/cli/commands/destroy) to remove all
resources associated with the workspace.
> [!TIP]
> Terraform's
> [prevent-destroy](https://www.terraform.io/language/meta-arguments/lifecycle#prevent_destroy)
> and

4
docs/admin/templates/extending-templates/modules.md
View File

@ -93,7 +93,7 @@ to resolve modules via [Artifactory](https://jfrog.com/artifactory/).
}
```
6. Update module source as,
6. Update module source as:
```tf
module "module-name" {
@ -104,7 +104,7 @@ to resolve modules via [Artifactory](https://jfrog.com/artifactory/).
}
```
> Do not forget to replace example.jfrog.io with your Artifactory URL
Replace `example.jfrog.io` with your Artifactory URL
Based on the instructions
[here](https://jfrog.com/blog/tour-terraform-registries-in-artifactory/).

18
docs/admin/templates/extending-templates/process-logging.md
View File

@ -3,8 +3,12 @@
The workspace process logging feature allows you to log all system-level
processes executing in the workspace.
> **Note:** This feature is only available on Linux in Kubernetes. There are
> additional requirements outlined further in this document.
This feature is only available on Linux in Kubernetes. There are
additional requirements outlined further in this document.
> [!NOTE]
> Workspace process logging is an Enterprise and Premium feature.
> [Learn more](https://coder.com/pricing#compare-plans).
Workspace process logging adds a sidecar container to workspace pods that will
log all processes started in the workspace container (e.g., commands executed in
@ -16,10 +20,6 @@ monitoring stack, such as CloudWatch, for further analysis or long-term storage.
Please note that these logs are not recorded or captured by the Coder
organization in any way, shape, or form.
> This is an [Premium or Enterprise](https://coder.com/pricing) feature. To
> learn more about Coder licensing, please
> [contact sales](https://coder.com/contact).
## How this works
Coder uses [eBPF](https://ebpf.io/) (which we chose for its minimal performance
@ -164,7 +164,8 @@ would like to add workspace process logging to, follow these steps:
}
```
> **Note:** If you are using the `envbox` template, you will need to update
> [!NOTE]
> If you are using the `envbox` template, you will need to update
> the third argument to be
> `"${local.exectrace_init_script}\n\nexec /envbox docker"` instead.
@ -212,7 +213,8 @@ would like to add workspace process logging to, follow these steps:
}
```
> **Note:** `exectrace` requires root privileges and a privileged container
> [!NOTE]
> `exectrace` requires root privileges and a privileged container
> to attach probes to the kernel. This is a requirement of eBPF.
1. Add the following environment variable to your workspace pod:

8
docs/admin/templates/extending-templates/provider-authentication.md
View File

@ -1,11 +1,7 @@
# Provider Authentication
<blockquote class="danger">
<p>
Do not store secrets in templates. Assume every user has cleartext access
to every template.
</p>
</blockquote>
> [!CAUTION]
> Do not store secrets in templates. Assume every user has cleartext access to every template.
The Coder server's
[provisioner](https://registry.terraform.io/providers/coder/coder/latest/docs/data-sources/provisioner)

5
docs/admin/templates/extending-templates/resource-metadata.md
View File

@ -13,9 +13,8 @@ You can use `coder_metadata` to show Terraform resource attributes like these:
![ui](../../../images/admin/templates/coder-metadata-ui.png)
<blockquote class="info">
Coder automatically generates the <code>type</code> metadata.
</blockquote>
> [!NOTE]
> Coder automatically generates the <code>type</code> metadata.
You can also present automatically updating, dynamic values with
[agent metadata](./agent-metadata.md).

3
docs/admin/templates/extending-templates/workspace-tags.md
View File

@ -71,7 +71,8 @@ added that can handle its combination of tags.
Before releasing the template version with configurable workspace tags, ensure
that every tag set is associated with at least one healthy provisioner.
> **Note:** It may be useful to run at least one provisioner with no additional
> [!NOTE]
> It may be useful to run at least one provisioner with no additional
> tag restrictions that is able to take on any job.
### Parameters types

3
docs/admin/templates/managing-templates/dependencies.md
View File

@ -94,7 +94,8 @@ directory. When you next run
[`coder templates push`](../../../reference/cli/templates_push.md), the lock
file will be stored alongside with the other template source code.
> Note: Terraform best practices also recommend checking in your
> [!NOTE]
> Terraform best practices also recommend checking in your
> `.terraform.lock.hcl` into Git or other VCS.
The next time a workspace is built from that template, Coder will make sure to

20
docs/admin/templates/managing-templates/image-management.md
View File

@ -11,9 +11,9 @@ practices around managing workspaces images for Coder.
3. Allow developers to bring their own images and customizations with Dev
Containers
> Note: An image is just one of the many properties defined within the template.
> Templates can pull images from a public image registry (e.g. Docker Hub) or an
> internal one, thanks to Terraform.
An image is just one of the many properties defined within the template.
Templates can pull images from a public image registry (e.g. Docker Hub) or an
internal one, thanks to Terraform.
## Create a minimal base image
@ -31,9 +31,9 @@ to consider:
`docker`, `bash`, `jq`, and/or internal tooling
- Consider creating (and starting the container with) a non-root user
> See Coder's
> [example base image](https://github.com/coder/enterprise-images/tree/main/images/minimal)
> for reference.
See Coder's
[example base image](https://github.com/coder/enterprise-images/tree/main/images/minimal)
for reference.
## Create general-purpose golden image(s) with standard tooling
@ -54,10 +54,10 @@ purpose images are great for:
stacks and types of projects, the golden image can be a good starting point
for those projects.
> This is often referred to as a "sandbox" or "kitchen sink" image. Since large
> multi-purpose container images can quickly become difficult to maintain, it's
> important to keep the number of general-purpose images to a minimum (2-3 in
> most cases) with a well-defined scope.
This is often referred to as a "sandbox" or "kitchen sink" image. Since large
multi-purpose container images can quickly become difficult to maintain, it's
important to keep the number of general-purpose images to a minimum (2-3 in
most cases) with a well-defined scope.
Examples:

14
docs/admin/templates/managing-templates/index.md
View File

@ -27,8 +27,8 @@ here!
If you prefer to use Coder on the
[command line](../../../reference/cli/index.md), `coder templates init`.
> Coder starter templates are also available on our
> [GitHub repo](https://github.com/coder/coder/tree/main/examples/templates).
Coder starter templates are also available on our
[GitHub repo](https://github.com/coder/coder/tree/main/examples/templates).
## Community Templates
@ -46,6 +46,7 @@ any template's files directly in the Coder dashboard.
If you'd prefer to use the CLI, use `coder templates pull`, edit the template
files, then `coder templates push`.
> [!TIP]
> Even if you are a Terraform expert, we suggest reading our
> [guided tour of a template](../../../tutorials/template-from-scratch.md).
@ -60,12 +61,9 @@ infrastructure, software, or security patches. Learn more about
### Template update policies
<blockquote class="info">
Template update policies are an Enterprise and Premium feature.
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
> [!NOTE]
> Template update policies are an Enterprise and Premium feature.
> [Learn more](https://coder.com/pricing#compare-plans).
Licensed template admins may want workspaces to always remain on the latest
version of their parent template. To do so, enable **Template Update Policies**

45
docs/admin/templates/managing-templates/schedule.md
View File

@ -28,12 +28,9 @@ manage infrastructure costs.
## Failure cleanup
<blockquote class="info">
Failure cleanup is an Enterprise and Premium feature.
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
> [!NOTE]
> Failure cleanup is an Enterprise and Premium feature.
> [Learn more](https://coder.com/pricing#compare-plans).
Failure cleanup defines how long a workspace is permitted to remain in the
failed state prior to being automatically stopped. Failure cleanup is only
@ -41,12 +38,9 @@ available for licensed customers.
## Dormancy threshold
<blockquote class="info">
Dormancy threshold is an Enterprise and Premium feature.
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
> [!NOTE]
> Dormancy threshold is an Enterprise and Premium feature.
> [Learn more](https://coder.com/pricing#compare-plans).
Dormancy Threshold defines how long Coder allows a workspace to remain inactive
before being moved into a dormant state. A workspace's inactivity is determined
@ -58,12 +52,9 @@ only available for licensed customers.
## Dormancy auto-deletion
<blockquote class="info">
Dormancy auto-deletion is an Enterprise and Premium feature.
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
> [!NOTE]
> Dormancy auto-deletion is an Enterprise and Premium feature.
> [Learn more](https://coder.com/pricing#compare-plans).
Dormancy Auto-Deletion allows a template admin to dictate how long a workspace
is permitted to remain dormant before it is automatically deleted. Dormancy
@ -71,12 +62,9 @@ Auto-Deletion is only available for licensed customers.
## Autostop requirement
<blockquote class="info">
Autostop requirement is an Enterprise and Premium feature.
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
> [!NOTE]
> Autostop requirement is an Enterprise and Premium feature.
> [Learn more](https://coder.com/pricing#compare-plans).
Autostop requirement is a template setting that determines how often workspaces
using the template must automatically stop. Autostop requirement ignores any
@ -108,12 +96,9 @@ requirement during the deprecation period, but only one can be used at a time.
## User quiet hours
<blockquote class="info">
User quiet hours are an Enterprise and Premium feature.
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
> [!NOTE]
> User quiet hours are an Enterprise and Premium feature.
> [Learn more](https://coder.com/pricing#compare-plans).
User quiet hours can be configured in the user's schedule settings page.
Workspaces on templates with an autostop requirement will only be forcibly

3
docs/admin/templates/open-in-coder.md
View File

@ -46,7 +46,8 @@ resource "coder_agent" "dev" {
}
```
> Note: The `dir` attribute can be set in multiple ways, for example:
> [!NOTE]
> The `dir` attribute can be set in multiple ways, for example:
>
> - `~/coder`
> - `/home/coder/coder`

11
docs/admin/templates/template-permissions.md
View File

@ -1,11 +1,8 @@
# Permissions
<blockquote class="info">
Template permissions are an Enterprise and Premium feature.
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
> [!NOTE]
> Template permissions are a Premium feature.
> [Learn more](https://coder.com/pricing#compare-plans).
Licensed Coder administrators can control who can use and modify the template.
@ -24,5 +21,3 @@ user can use the template to create a workspace. To prevent this, disable the
`Allow everyone to use the template` setting when creating a template.
![Create Template Permissions](../../images/templates/create-template-permissions.png)
Permissions is a premium-only feature.

6
docs/admin/templates/troubleshooting.md
View File

@ -144,7 +144,8 @@ if [ $status -ne 0 ]; then
fi
```
> **Note:** We don't use `set -x` here because we're manually echoing the
> [!NOTE]
> We don't use `set -x` here because we're manually echoing the
> commands. This protects against sensitive information being shown in the log.
This script tells us what command is being run and what the exit status is. If
@ -152,7 +153,8 @@ the exit status is non-zero, it means the command failed and we exit the script.
Since we are manually checking the exit status here, we don't need `set -e` at
the top of the script to exit on error.
> **Note:** If you aren't seeing any logs, check that the `dir` directive points
> [!NOTE]
> If you aren't seeing any logs, check that the `dir` directive points
> to a valid directory in the file system.
## Slow workspace startup times

31
docs/admin/users/github-auth.md
View File

@ -47,12 +47,12 @@ GitHub will ask you for the following Coder parameters:
`https://coder.domain.com`)
- **User Authorization Callback URL**: Set to `https://coder.domain.com`
> Note: If you want to allow multiple coder deployments hosted on subdomains
> e.g. coder1.domain.com, coder2.domain.com, to be able to authenticate with the
> same GitHub OAuth app, then you can set **User Authorization Callback URL** to
> the `https://domain.com`
If you want to allow multiple Coder deployments hosted on subdomains, such as
`coder1.domain.com`, `coder2.domain.com`, to authenticate with the
same GitHub OAuth app, then you can set **User Authorization Callback URL** to
the `https://domain.com`
Note the Client ID and Client Secret generated by GitHub. You will use these
Take note of the Client ID and Client Secret generated by GitHub. You will use these
values in the next step.
Coder will need permission to access user email addresses. Find the "Account
@ -67,8 +67,8 @@ server:
coder server --oauth2-github-allow-signups=true --oauth2-github-allowed-orgs="your-org" --oauth2-github-client-id="8d1...e05" --oauth2-github-client-secret="57ebc9...02c24c"
```
> For GitHub Enterprise support, specify the
> `--oauth2-github-enterprise-base-url` flag.
> [!NOTE]
> For GitHub Enterprise support, specify the `--oauth2-github-enterprise-base-url` flag.
Alternatively, if you are running Coder as a system service, you can achieve the
same result as the command above by adding the following environment variables
@ -81,11 +81,12 @@ CODER_OAUTH2_GITHUB_CLIENT_ID="8d1...e05"
CODER_OAUTH2_GITHUB_CLIENT_SECRET="57ebc9...02c24c"
```
**Note:** To allow everyone to signup using GitHub, set:
```env
CODER_OAUTH2_GITHUB_ALLOW_EVERYONE=true
```
> [!TIP]
> To allow everyone to sign up using GitHub, set:
>
> ```env
> CODER_OAUTH2_GITHUB_ALLOW_EVERYONE=true
> ```
Once complete, run `sudo service coder restart` to reboot Coder.
@ -115,9 +116,9 @@ To upgrade Coder, run:
helm upgrade <release-name> coder-v2/coder -n <namespace> -f values.yaml
```
> We recommend requiring and auditing MFA usage for all users in your GitHub
> organizations. This can be enforced from the organization settings page in the
> "Authentication security" sidebar tab.
We recommend requiring and auditing MFA usage for all users in your GitHub
organizations. This can be enforced from the organization settings page in the
"Authentication security" sidebar tab.
## Device Flow

9
docs/admin/users/groups-roles.md
View File

@ -33,12 +33,9 @@ may use personal workspaces.
## Custom Roles
<blockquote class="info">
Custom roles are a Premium feature.
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
> [!NOTE]
> Custom roles are a Premium feature.
> [Learn more](https://coder.com/pricing#compare-plans).
Starting in v2.16.0, Premium Coder deployments can configure custom roles on the
[Organization](./organizations.md) level. You can create and assign custom roles

2
docs/admin/users/headless-auth.md
View File

@ -4,7 +4,7 @@ Headless user accounts that cannot use the web UI to log in to Coder. This is
useful for creating accounts for automated systems, such as CI/CD pipelines or
for users who only consume Coder via another client/API.
> You must have the User Admin role or above to create headless users.
You must have the User Admin role or above to create headless users.
## Create a headless user

53
docs/admin/users/idp-sync.md
View File

@ -1,12 +1,9 @@
<!-- markdownlint-disable MD024 -->
# IdP Sync
<blockquote class="info">
IdP sync is an Enterprise and Premium feature.
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
> [!NOTE]
> IdP sync is an Enterprise and Premium feature.
> [Learn more](https://coder.com/pricing#compare-plans).
IdP (Identity provider) sync allows you to use OpenID Connect (OIDC) to
synchronize Coder groups, roles, and organizations based on claims from your IdP.
@ -110,13 +107,10 @@ Below is an example that uses the `groups` claim and maps all groups prefixed by
}
```
<blockquote class="admonition note">
You must specify Coder group IDs instead of group names. The fastest way to find
the ID for a corresponding group is by visiting
`https://coder.example.com/api/v2/groups`.
</blockquote>
> [!IMPORTANT]
> You must specify Coder group IDs instead of group names. The fastest way to find
> the ID for a corresponding group is by visiting
> `https://coder.example.com/api/v2/groups`.
Here is another example which maps `coder-admins` from the identity provider to
two groups in Coder and `coder-users` from the identity provider to another
@ -151,13 +145,9 @@ Visit the Coder UI to confirm these changes:
### Server Flags
<blockquote class="admonition note">
Use server flags only with Coder deployments with a single organization.
You can use the dashboard to configure group sync instead.
</blockquote>
> [!NOTE]
> Use server flags only with Coder deployments with a single organization.
> You can use the dashboard to configure group sync instead.
1. Configure the Coder server to read groups from the claim name with the
[OIDC group field](../../reference/cli/server.md#--oidc-group-field) server
@ -284,13 +274,9 @@ role:
}
```
<blockquote class="admonition note">
Be sure to use the `name` field for each role, not the display name. Use
`coder organization roles show --org=<your-org>` to see roles for your
organization.
</blockquote>
> [!NOTE]
> Be sure to use the `name` field for each role, not the display name.
> Use `coder organization roles show --org=<your-org>` to see roles for your organization.
To set these role sync settings, use the following command:
@ -306,13 +292,9 @@ Visit the Coder UI to confirm these changes:
### Server Flags
<blockquote class="admonition note">
Use server flags only with Coder deployments with a single organization.
You can use the dashboard to configure role sync instead.
</blockquote>
> [!NOTE]
> Use server flags only with Coder deployments with a single organization.
> You can use the dashboard to configure role sync instead.
1. Configure the Coder server to read groups from the claim name with the
[OIDC role field](../../reference/cli/server.md#--oidc-user-role-field)
@ -539,7 +521,8 @@ Below are some details specific to individual OIDC providers.
### Active Directory Federation Services (ADFS)
> **Note:** Tested on ADFS 4.0, Windows Server 2019
> [!NOTE]
> Tested on ADFS 4.0, Windows Server 2019
1. In your Federation Server, create a new application group for Coder.
Follow the steps as described in the [Windows Server documentation]

1
docs/admin/users/index.md
View File

@ -166,6 +166,7 @@ You can also reset a password via the CLI:
coder reset-password <username>
```
> [!NOTE]
> Resetting a user's password, e.g., the initial `owner` role-based user, only
> works when run on the host running the Coder control plane.

21
docs/admin/users/oidc-auth.md
View File

@ -32,7 +32,8 @@ signing in via OIDC as a new user. Coder will log the claim fields returned by
the upstream identity provider in a message containing the string
`got oidc claims`, as well as the user info returned.
> **Note:** If you need to ensure that Coder only uses information from the ID
> [!NOTE]
> If you need to ensure that Coder only uses information from the ID
> token and does not hit the UserInfo endpoint, you can set the configuration
> option `CODER_OIDC_IGNORE_USERINFO=true`.
@ -44,7 +45,8 @@ for the newly created user's email address.
If your upstream identity provider users a different claim, you can set
`CODER_OIDC_EMAIL_FIELD` to the desired claim.
> **Note** If this field is not present, Coder will attempt to use the claim
> [!NOTE]
> If this field is not present, Coder will attempt to use the claim
> field configured for `username` as an email address. If this field is not a
> valid email address, OIDC logins will fail.
@ -59,7 +61,8 @@ disable this behavior with the following setting:
CODER_OIDC_IGNORE_EMAIL_VERIFIED=true
```
> **Note:** This will cause Coder to implicitly treat all OIDC emails as
> [!NOTE]
> This will cause Coder to implicitly treat all OIDC emails as
> "verified", regardless of what the upstream identity provider says.
### Usernames
@ -70,7 +73,8 @@ claim field named `preferred_username` as the the username.
If your upstream identity provider uses a different claim, you can set
`CODER_OIDC_USERNAME_FIELD` to the desired claim.
> **Note:** If this claim is empty, the email address will be stripped of the
> [!NOTE]
> If this claim is empty, the email address will be stripped of the
> domain, and become the username (e.g. `example@coder.com` becomes `example`).
> To avoid conflicts, Coder may also append a random word to the resulting
> username.
@ -99,12 +103,9 @@ CODER_DISABLE_PASSWORD_AUTH=true
## SCIM
<blockquote class="info">
SCIM is an Enterprise and Premium feature.
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
> [!NOTE]
> SCIM is an Enterprise and Premium feature.
> [Learn more](https://coder.com/pricing#compare-plans).
Coder supports user provisioning and deprovisioning via SCIM 2.0 with header
authentication. Upon deactivation, users are

3
docs/admin/users/organizations.md
View File

@ -1,6 +1,7 @@
# Organizations (Premium)
> Note: Organizations requires a
> [!NOTE]
> Organizations requires a
> [Premium license](https://coder.com/pricing#compare-plans). For more details,
> [contact your account team](https://coder.com/contact).

3
docs/admin/users/password-auth.md
View File

@ -15,7 +15,8 @@ If you remove the admin user account (or forget the password), you can run the
[`coder server create-admin-user`](../../reference/cli/server_create-admin-user.md)command
on your server.
> Note: You must run this command on the same machine running the Coder server.
> [!IMPORTANT]
> You must run this command on the same machine running the Coder server.
> If you are running Coder on Kubernetes, this means using
> [kubectl exec](https://kubernetes.io/docs/reference/kubectl/generated/kubectl_exec/)
> to exec into the pod.

3
docs/changelogs/v0.25.0.md
View File

@ -1,6 +1,7 @@
## Changelog
> **Warning**: This release has a known issue: #8351. Upgrade directly to
> [!WARNING]
> This release has a known issue: #8351. Upgrade directly to
> v0.26.0 which includes a fix
### Features

3
docs/changelogs/v0.27.0.md
View File

@ -4,7 +4,8 @@
Agent logs can be pushed after a workspace has started (#8528)
> ⚠️ **Warning:** You will need to
> [!WARNING]
> You will need to
> [update](https://coder.com/docs/install) your local Coder CLI v0.27
> to connect via `coder ssh`.

19
docs/contributing/frontend.md
View File

@ -23,11 +23,8 @@ You can run the UI and access the Coder dashboard in two ways:
In both cases, you can access the dashboard on `http://localhost:8080`. If using
`./scripts/develop.sh` you can log in with the default credentials.
<blockquote class="admonition note">
**Default Credentials:** `admin@coder.com` and `SomeSecurePassword!`.
</blockquote>
> [!NOTE]
> **Default Credentials:** `admin@coder.com` and `SomeSecurePassword!`.
## Tech Stack Overview
@ -88,8 +85,8 @@ views, tests, and utility functions. The page component fetches necessary data
and passes to the view. We explain this decision a bit better in the next
section which talks about where to fetch data.
> If code within a page becomes reusable across other parts of the app,
> consider moving it to `src/utils`, `hooks`, `components`, or `modules`.
If code within a page becomes reusable across other parts of the app,
consider moving it to `src/utils`, `hooks`, `components`, or `modules`.
### Handling States
@ -272,8 +269,8 @@ template", etc. We use [Playwright](https://playwright.dev/). If you only need
to test if the page is being rendered correctly, you should consider using the
**Visual Testing** approach.
> For scenarios where you need to be authenticated, you can use
> `test.use({ storageState: getStatePath("authState") })`.
For scenarios where you need to be authenticated, you can use
`test.use({ storageState: getStatePath("authState") })`.
For ease of debugging, it's possible to run a Playwright test in headful mode
running a Playwright server on your local machine, and executing the test inside
@ -309,8 +306,8 @@ always be your first option since it is way easier to maintain. For this, we use
[Storybook](https://storybook.js.org/) and
[Chromatic](https://www.chromatic.com/).
> To learn more about testing components that fetch API data, refer to the
> [**Where to fetch data**](#where-to-fetch-data) section.
To learn more about testing components that fetch API data, refer to the
[**Where to fetch data**](#where-to-fetch-data) section.
### What should I test?

10
docs/install/cli.md
View File

@ -22,7 +22,8 @@ alternate installation methods (e.g. standalone binaries, system packages).
## Windows
> **Important:** If you plan to use the built-in PostgreSQL database, you will
> [!IMPORTANT]
> If you plan to use the built-in PostgreSQL database, you will
> need to ensure that the
> [Visual C++ Runtime](https://learn.microsoft.com/en-US/cpp/windows/latest-supported-vc-redist#latest-microsoft-visual-c-redistributable-version)
> is installed.
@ -58,11 +59,8 @@ coder login https://coder.example.com
## Download the CLI from your deployment
<blockquote class="admonition note">
Available in Coder 2.19 and newer.
</blockquote>
> [!NOTE]
> Available in Coder 2.19 and newer.
Every Coder server hosts CLI binaries for all supported platforms. You can run a
script to download the appropriate CLI for your machine from your Coder

7
docs/install/docker.md
View File

@ -79,11 +79,8 @@ Coder's [configuration options](../admin/setup/index.md).
## Install the preview release
<blockquote class="tip">
We do not recommend using preview releases in production environments.
</blockquote>
> [!TIP]
> We do not recommend using preview releases in production environments.
You can install and test a
[preview release of Coder](https://github.com/coder/coder/pkgs/container/coder-preview)

3
docs/install/index.md
View File

@ -29,7 +29,8 @@ alternate installation methods (e.g. standalone binaries, system packages).
## Windows
> **Important:** If you plan to use the built-in PostgreSQL database, you will
> [!IMPORTANT]
> If you plan to use the built-in PostgreSQL database, you will
> need to ensure that the
> [Visual C++ Runtime](https://learn.microsoft.com/en-US/cpp/windows/latest-supported-vc-redist#latest-microsoft-visual-c-redistributable-version)
> is installed.

10
docs/install/kubernetes.md
View File

@ -116,11 +116,11 @@ coder:
# - my-tls-secret-name
```
> You can view our
> [Helm README](https://github.com/coder/coder/blob/main/helm#readme) for
> details on the values that are available, or you can view the
> [values.yaml](https://github.com/coder/coder/blob/main/helm/coder/values.yaml)
> file directly.
You can view our
[Helm README](https://github.com/coder/coder/blob/main/helm#readme) for
details on the values that are available, or you can view the
[values.yaml](https://github.com/coder/coder/blob/main/helm/coder/values.yaml)
file directly.
We support two release channels: mainline and stable - read the
[Releases](./releases.md) page to learn more about which best suits your team.

16
docs/install/offline.md
View File

@ -3,8 +3,8 @@
All Coder features are supported in offline / behind firewalls / in air-gapped
environments. However, some changes to your configuration are necessary.
> This is a general comparison. Keep reading for a full tutorial running Coder
> offline with Kubernetes or Docker.
This is a general comparison. Keep reading for a full tutorial running Coder
offline with Kubernetes or Docker.
| | Public deployments | Offline deployments |
|--------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
@ -31,7 +31,8 @@ following:
[network mirror](https://www.terraform.io/internals/provider-network-mirror-protocol).
See below for details.
> Note: Coder includes the latest
> [!NOTE]
> Coder includes the latest
> [supported version](https://github.com/coder/coder/blob/main/provisioner/terraform/install.go#L23-L24)
> of Terraform in the official Docker images. If you need to bundle a different
> version of terraform, you can do so by customizing the image.
@ -112,6 +113,7 @@ USER coder
ENV TF_CLI_CONFIG_FILE=/home/coder/.terraformrc
```
> [!NOTE]
> If you are bundling Terraform providers into your Coder image, be sure the
> provider version matches any templates or
> [example templates](https://github.com/coder/coder/tree/main/examples/templates)
@ -174,10 +176,10 @@ services:
# ...
```
> The
> [terraform providers mirror](https://www.terraform.io/cli/commands/providers/mirror)
> command can be used to download the required plugins for a Coder template.
> This can be uploaded into the `plugins` directory on your offline server.
The
[terraform providers mirror](https://www.terraform.io/cli/commands/providers/mirror)
command can be used to download the required plugins for a Coder template.
This can be uploaded into the `plugins` directory on your offline server.
### Kubernetes

12
docs/install/openshift.md
View File

@ -32,7 +32,8 @@ values:
The below values are modified from Coder defaults and allow the Coder deployment
to run under the SCC `restricted-v2`.
> Note: `readOnlyRootFilesystem: true` is not technically required under
> [!NOTE]
> `readOnlyRootFilesystem: true` is not technically required under
> `restricted-v2`, but is often mandated in OpenShift environments.
```yaml
@ -92,7 +93,8 @@ To fix this, you can mount a temporary volume in the pod and set the
example, we mount this under `/tmp` and set the cache location to `/tmp/coder`.
This enables Coder to run with `readOnlyRootFilesystem: true`.
> Note: Depending on the number of templates and provisioners you use, you may
> [!NOTE]
> Depending on the number of templates and provisioners you use, you may
> need to increase the size of the volume, as the `coder` pod will be
> automatically restarted when this volume fills up.
@ -128,7 +130,8 @@ coder:
readOnly: false
```
> Note: OpenShift provides a Developer Catalog offering you can use to install
> [!NOTE]
> OpenShift provides a Developer Catalog offering you can use to install
> PostgreSQL into your cluster.
### 4. Create the OpenShift route
@ -176,7 +179,8 @@ helm install coder coder-v2/coder \
--values values.yaml
```
> Note: If the Helm installation fails with a Kubernetes RBAC error, check the
> [!NOTE]
> If the Helm installation fails with a Kubernetes RBAC error, check the
> permissions of your OpenShift user using the `oc auth can-i` command.
>
> The below permissions are the minimum required:

7
docs/install/releases.md
View File

@ -34,8 +34,8 @@ only for security issues or CVEs.
- In-product security vulnerabilities and CVEs are supported
> For more information on feature rollout, see our
> [feature stages documentation](../about/feature-stages.md).
For more information on feature rollout, see our
[feature stages documentation](../about/feature-stages.md).
## Installing stable
@ -66,7 +66,8 @@ pages.
| 2.19.x | February 04, 2024 | Stable |
| 2.20.x | March 05, 2024 | Mainline |
> **Tip**: We publish a
> [!TIP]
> We publish a
> [`preview`](https://github.com/coder/coder/pkgs/container/coder-preview) image
> `ghcr.io/coder/coder-preview` on each commit to the `main` branch. This can be
> used to test under-development features and bug fixes that have not yet been

6
docs/install/uninstall.md
View File

@ -68,9 +68,9 @@ sudo rm /etc/coder.d/coder.env
## Coder settings, cache, and the optional built-in PostgreSQL database
> There is a `postgres` directory within the `coderv2` directory that has the
> database engine and database. If you want to reuse the database, consider not
> performing the following step or copying the directory to another location.
There is a `postgres` directory within the `coderv2` directory that has the
database engine and database. If you want to reuse the database, consider not
performing the following step or copying the directory to another location.
<div class="tabs">

9
docs/install/upgrade.md
View File

@ -2,12 +2,9 @@
This article walks you through how to upgrade your Coder server.
<blockquote class="danger">
<p>
Prior to upgrading a production Coder deployment, take a database snapshot since
Coder does not support rollbacks.
</p>
</blockquote>
> [!CAUTION]
> Prior to upgrading a production Coder deployment, take a database snapshot since
> Coder does not support rollbacks.
To upgrade your Coder server, simply reinstall Coder using your original method
of [install](../install).

7
docs/start/first-template.md
View File

@ -28,8 +28,8 @@ Containers** template by pressing **Use Template**.
![Starter Templates UI](../images/start/starter-templates.png)
> You can also a find a comprehensive list of starter templates in **Templates**
> -> **Create Template** -> **Starter Templates**. s
You can also a find a comprehensive list of starter templates in **Templates**
-> **Create Template** -> **Starter Templates**. s
## 3. Create your template
@ -75,7 +75,8 @@ This starter template lets you connect to your workspace in a few ways:
haven't already, you'll have to install Coder on your local machine to
configure your SSH client.
> **Tip**: You can edit the template to let developers connect to a workspace in
> [!TIP]
> You can edit the template to let developers connect to a workspace in
> [a few more ways](../ides.md).
When you're done, you can stop the workspace. -->

3
docs/start/first-workspace.md
View File

@ -50,7 +50,8 @@ The Docker starter template lets you connect to your workspace in a few ways:
haven't already, you'll have to install Coder on your local machine to
configure your SSH client.
> **Tip**: You can edit the template to let developers connect to a workspace in
> [!TIP]
> You can edit the template to let developers connect to a workspace in
> [a few more ways](../admin/templates/extending-templates/web-ides.md).
## 3. Modify your workspace settings

6
docs/start/local-deploy.md
View File

@ -15,8 +15,7 @@ simplicity.
First, install [Docker](https://docs.docker.com/engine/install/) locally.
> If you already have the Coder binary installed, restart it after installing
> Docker.
If you already have the Coder binary installed, restart it after installing Docker.
<div class="tabs">
@ -30,7 +29,8 @@ curl -L https://coder.com/install.sh | sh
## Windows
> **Important:** If you plan to use the built-in PostgreSQL database, you will
> [!IMPORTANT]
> If you plan to use the built-in PostgreSQL database, you will
> need to ensure that the
> [Visual C++ Runtime](https://learn.microsoft.com/en-US/cpp/windows/latest-supported-vc-redist#latest-microsoft-visual-c-redistributable-version)
> is installed.

12
docs/tutorials/cloning-git-repositories.md
View File

@ -39,9 +39,9 @@ module "git-clone" {
}
```
> You can edit the template using an IDE or terminal of your preference, or by
> going into the
> [template editor UI](../admin/templates/creating-templates.md#web-ui).
You can edit the template using an IDE or terminal of your preference, or by
going into the
[template editor UI](../admin/templates/creating-templates.md#web-ui).
You can also use
[template parameters](../admin/templates/extending-templates/parameters.md) to
@ -63,9 +63,9 @@ module "git-clone" {
}
```
> If you need more customization, you can read the
> [Git Clone module](https://registry.coder.com/modules/git-clone) documentation
> to learn more about the module.
If you need more customization, you can read the
[Git Clone module](https://registry.coder.com/modules/git-clone) documentation
to learn more about the module.
Don't forget to build and publish the template changes before creating a new
workspace. You can check if the repository is cloned by accessing the workspace

14
docs/tutorials/configuring-okta.md
View File

@ -11,12 +11,12 @@ December 13, 2023
---
> Okta is an identity provider that can be used for OpenID Connect (OIDC) Single
> Sign On (SSO) on Coder.
Okta is an identity provider that can be used for OpenID Connect (OIDC) Single
Sign On (SSO) on Coder.
To configure custom claims in Okta to support syncing roles and groups with
Coder, you must first have setup an Okta application with
[OIDC working with Coder](https://coder.com/docs/admin/auth#openid-connect).
[OIDC working with Coder](../admin/users/oidc-auth.md).
From here, we will add additional claims for Coder to use for syncing groups and
roles.
@ -37,10 +37,10 @@ In the “OpenID Connect ID Token” section, turn on “Groups Claim Type” an
the “Claim name” to `groups`. Optionally configure a filter for which groups to
be sent.
> !! If the user does not belong to any groups, the claim will not be sent. Make
> sure the user authenticating for testing is in at least 1 group. Defer to
> [troubleshooting](https://coder.com/docs/admin/auth#troubleshooting) with
> issues
> [!IMPORTANT]
> If the user does not belong to any groups, the claim will not be sent. Make
> sure the user authenticating for testing is in at least one group. Defer to
> [troubleshooting](../admin/users/index.md) with issues.
![Okta OpenID Connect ID Token](../images/guides/okta/oidc_id_token.png)

14
docs/tutorials/faqs.md
View File

@ -123,10 +123,10 @@ icons except the web terminal.
## I want to allow code-server to be accessible by other users in my deployment
> It is **not** recommended to share a web IDE, but if required, the following
> deployment environment variable settings are required.
We don't recommend that you share a web IDE, but if you need to, the following
deployment environment variable settings are required.
Set deployment (Kubernetes) to allow path app sharing
Set deployment (Kubernetes) to allow path app sharing:
```yaml
# allow authenticated users to access path-based workspace apps
@ -160,8 +160,8 @@ If the [`CODER_ACCESS_URL`](../admin/setup/index.md#access-url) is not
accessible from a workspace, the workspace may build, but the agent cannot reach
Coder, and thus the missing icons. e.g., Terminal, IDEs, Apps.
> By default, `coder server` automatically creates an Internet-accessible
> reverse proxy so that workspaces you create can reach the server.
By default, `coder server` automatically creates an Internet-accessible
reverse proxy so that workspaces you create can reach the server.
If you are doing a standalone install, e.g., on a MacBook and want to build
workspaces in Docker Desktop, everything is self-contained and workspaces
@ -171,8 +171,8 @@ workspaces in Docker Desktop, everything is self-contained and workspaces
coder server --access-url http://localhost:3000 --address 0.0.0.0:3000
```
> Even `coder server` which creates a reverse proxy, will let you use
> <http://localhost> to access Coder from a browser.
Even `coder server` which creates a reverse proxy, will let you use
<http://localhost> to access Coder from a browser.
## I updated a template, and an existing workspace based on that template fails to start

11
docs/tutorials/gcp-to-aws.md
View File

@ -15,8 +15,8 @@ authenticate the Coder control plane to AWS and create an EC2 workspace. The
below steps assume your Coder control plane is running in Google Cloud and has
the relevant service account assigned.
> For steps on assigning a service account to a resource like Coder,
> [see the Google documentation here](https://cloud.google.com/iam/docs/attach-service-accounts#attaching-new-resource)
For steps on assigning a service account to a resource like Coder, visit the
[Google documentation](https://cloud.google.com/iam/docs/attach-service-accounts#attaching-new-resource).
## 1. Get your Google service account OAuth Client ID
@ -24,8 +24,8 @@ Navigate to the Google Cloud console, and select **IAM & Admin** > **Service
Accounts**. View the service account you want to use, and copy the **OAuth 2
Client ID** value shown on the right-hand side of the row.
> (Optional): If you do not yet have a service account,
> [here is the Google IAM documentation on creating a service account](https://cloud.google.com/iam/docs/service-accounts-create).
Optionally: If you do not yet have a service account, use the
[Google IAM documentation on creating a service account](https://cloud.google.com/iam/docs/service-accounts-create) to create one.
## 2. Create AWS role
@ -122,7 +122,8 @@ gcloud auth print-identity-token --audiences=https://aws.amazon.com --impersonat
veloper.gserviceaccount.com --include-email
```
> Note: Your `gcloud` client may needed elevated permissions to run this
> [!NOTE]
> Your `gcloud` client may needed elevated permissions to run this
> command.
## 5. Set identity token in Coder control plane

5
docs/tutorials/postgres-ssl.md
View File

@ -72,6 +72,5 @@ coder:
postgres://<user>:<password>@databasehost:<port>/<db-name>?sslmode=verify-full&sslrootcert="/home/coder/.postgresql/postgres-root.crt"
```
> More information on connecting to PostgreSQL databases using certificates can
> be found
> [here](https://www.postgresql.org/docs/current/libpq-ssl.html#LIBPQ-SSL-CLIENTCERT).
More information on connecting to PostgreSQL databases using certificates can
be found in the [PostgreSQL documentation](https://www.postgresql.org/docs/current/libpq-ssl.html#LIBPQ-SSL-CLIENTCERT).

4
docs/tutorials/quickstart.md
View File

@ -57,8 +57,8 @@ persistent environment from your main device, a tablet, or your phone.
## Windows
> **Important:** If you plan to use the built-in PostgreSQL database, ensure
> that the
> [!IMPORTANT]
> If you plan to use the built-in PostgreSQL database, ensure that the
> [Visual C++ Runtime](https://learn.microsoft.com/en-US/cpp/windows/latest-supported-vc-redist#latest-microsoft-visual-c-redistributable-version)
> is installed.

10
docs/tutorials/reverse-proxy-apache.md
View File

@ -53,9 +53,9 @@
## Create DNS provider credentials
> This example assumes you're using CloudFlare as your DNS provider. For other
> providers, refer to the
> [CertBot documentation](https://eff-certbot.readthedocs.io/en/stable/using.html#dns-plugins).
This example assumes you're using CloudFlare as your DNS provider. For other
providers, refer to the
[CertBot documentation](https://eff-certbot.readthedocs.io/en/stable/using.html#dns-plugins).
1. Create an API token for the DNS provider you're using: e.g.
[CloudFlare](https://developers.cloudflare.com/fundamentals/api/get-started/create-token)
@ -92,8 +92,8 @@
## Configure Apache
> This example assumes Coder is running locally on `127.0.0.1:3000` and that
> you're using `coder.example.com` as your subdomain.
This example assumes Coder is running locally on `127.0.0.1:3000` and that
you're using `coder.example.com` as your subdomain.
1. Create Apache configuration for Coder:

10
docs/tutorials/reverse-proxy-nginx.md
View File

@ -36,8 +36,8 @@
## Adding Coder deployment subdomain
> This example assumes Coder is running locally on `127.0.0.1:3000` and that
> you're using `coder.example.com` as your subdomain.
This example assumes Coder is running locally on `127.0.0.1:3000` and that
you're using `coder.example.com` as your subdomain.
1. Create NGINX configuration for this app:
@ -60,9 +60,9 @@
## Create DNS provider credentials
> This example assumes you're using CloudFlare as your DNS provider. For other
> providers, refer to the
> [CertBot documentation](https://eff-certbot.readthedocs.io/en/stable/using.html#dns-plugins).
This example assumes you're using CloudFlare as your DNS provider. For other
providers, refer to the
[CertBot documentation](https://eff-certbot.readthedocs.io/en/stable/using.html#dns-plugins).
1. Create an API token for the DNS provider you're using: e.g.
[CloudFlare](https://developers.cloudflare.com/fundamentals/api/get-started/create-token)

9
docs/tutorials/support-bundle.md
View File

@ -23,7 +23,8 @@ treated as such.**
A brief overview of all files contained in the bundle is provided below:
> Note: detailed descriptions of all the information available in the bundle is
> [!NOTE]
> Detailed descriptions of all the information available in the bundle is
> out of scope, as support bundles are primarily intended for internal use.
| Filename | Description |
@ -61,7 +62,8 @@ A brief overview of all files contained in the bundle is provided below:
2. Ensure you have the Coder CLI installed on a local machine. See
[installation](../install/index.md) for steps on how to do this.
> Note: It is recommended to generate a support bundle from a location
> [!NOTE]
> It is recommended to generate a support bundle from a location
> experiencing workspace connectivity issues.
3. Ensure you are [logged in](../reference/cli/login.md#login) to your Coder
@ -80,7 +82,8 @@ A brief overview of all files contained in the bundle is provided below:
6. Coder staff will provide you a link where you can upload the bundle along
with any other necessary supporting files.
> Note: It is helpful to leave an informative message regarding the nature of
> [!NOTE]
> It is helpful to leave an informative message regarding the nature of
> supporting files.
Coder support will then review the information you provided and respond to you

1
docs/tutorials/template-from-scratch.md
View File

@ -21,6 +21,7 @@ Coder can provision all Terraform modules, resources, and properties. The Coder
server essentially runs a `terraform apply` every time a workspace is created,
started, or stopped.
> [!TIP]
> Haven't written Terraform before? Check out Hashicorp's
> [Getting Started Guides](https://developer.hashicorp.com/terraform/tutorials).

9
docs/user-guides/desktop/index.md
View File

@ -3,7 +3,8 @@
Use Coder Desktop to work on your workspaces as though they're on your LAN, no
port-forwarding required.
> ⚠️ Note: Coder Desktop requires a Coder deployment running [v2.20.0](https://github.com/coder/coder/releases/tag/v2.20.0) or later.
> [!NOTE]
> Coder Desktop requires a Coder deployment running [v2.20.0](https://github.com/coder/coder/releases/tag/v2.20.0) or later.
## Install Coder Desktop
@ -132,7 +133,8 @@ You can also connect to the SSH server in your workspace using any SSH client, s
ssh your-workspace.coder
```
> ⚠️ Note: Currently, the Coder IDE extensions for VSCode and JetBrains create their own tunnel and do not utilize the CoderVPN tunnel to connect to workspaces.
> [!NOTE]
> Currently, the Coder IDE extensions for VSCode and JetBrains create their own tunnel and do not utilize the CoderVPN tunnel to connect to workspaces.
## Accessing web apps in a secure browser context
@ -141,7 +143,8 @@ A browser typically considers an origin secure if the connection is to `localhos
As CoderVPN uses its own hostnames and does not provide TLS to the browser, Google Chrome and Firefox will not allow any web APIs that require a secure context.
> Note: Despite the browser showing an insecure connection without `HTTPS`, the underlying tunnel is encrypted with WireGuard in the same fashion as other Coder workspace connections (e.g. `coder port-forward`).
> [!NOTE]
> Despite the browser showing an insecure connection without `HTTPS`, the underlying tunnel is encrypted with WireGuard in the same fashion as other Coder workspace connections (e.g. `coder port-forward`).
If you require secure context web APIs, you will need to mark the workspace hostnames as secure in your browser settings.

31
docs/user-guides/workspace-access/index.md
View File

@ -3,9 +3,9 @@
There are many ways to connect to your workspace, the options are only limited
by the template configuration.
> Deployment operators can learn more about different types of workspace
> connections and performance in our
> [networking docs](../../admin/infrastructure/index.md).
Deployment operators can learn more about different types of workspace
connections and performance in our
[networking docs](../../admin/infrastructure/index.md).
You can see the primary methods of connecting to your workspace in the workspace
dashboard.
@ -38,19 +38,26 @@ Or, you can configure plain SSH on your client below.
Coder generates [SSH key pairs](../../admin/security/secrets.md#ssh-keys) for
each user to simplify the setup process.
> Before proceeding, run `coder login <accessURL>` if you haven't already to
> authenticate the CLI with the web UI and your workspaces.
1. Use your terminal to authenticate the CLI with Coder web UI and your workspaces:
To access Coder via SSH, run the following in the terminal:
```bash
coder login <accessURL>
```
```console
1. Access Coder via SSH:
```shell
coder config-ssh
```
> Run `coder config-ssh --dry-run` if you'd like to see the changes that will be
> made before proceeding.
1. Run `coder config-ssh --dry-run` if you'd like to see the changes that will be
before you proceed:
Confirm that you want to continue by typing **yes** and pressing enter. If
```shell
coder config-ssh --dry-run
```
1. Confirm that you want to continue by typing **yes** and pressing enter. If
successful, you'll see the following message:
```console
@ -60,8 +67,8 @@ For example, try running:
$ ssh coder.<workspaceName>
```
Your workspace is now accessible via `ssh coder.<workspace_name>` (e.g.,
`ssh coder.myEnv` if your workspace is named `myEnv`).
Your workspace is now accessible via `ssh coder.<workspace_name>`
(for example, `ssh coder.myEnv` if your workspace is named `myEnv`).
## Visual Studio Code

24
docs/user-guides/workspace-access/jetbrains.md
View File

@ -27,10 +27,6 @@ manually setting up an SSH connection.
### How to use the plugin
> If you experience problems, please
> [create a GitHub issue](https://github.com/coder/coder/issues) or share in
> [our Discord channel](https://discord.gg/coder).
1. [Install Gateway](https://www.jetbrains.com/help/idea/jetbrains-gateway.html)
and open the application.
1. Under **Install More Providers**, find the Coder icon and click **Install**
@ -72,8 +68,11 @@ manually setting up an SSH connection.
![Gateway IDE Opened](../../images/gateway/gateway-intellij-opened.png)
> Note the JetBrains IDE is remotely installed into
> `~/.cache/JetBrains/RemoteDev/dist`
The JetBrains IDE is remotely installed into `~/.cache/JetBrains/RemoteDev/dist`
If you experience any issues, please
[create a GitHub issue](https://github.com/coder/coder/issues) or share in
[our Discord channel](https://discord.gg/coder).
### Update a Coder plugin version
@ -136,8 +135,7 @@ keytool -import -alias coder -file cacert.pem -keystore /Applications/JetBrains\
## Manually Configuring A JetBrains Gateway Connection
> This is in lieu of using Coder's Gateway plugin which automatically performs
> these steps.
This is in lieu of using Coder's Gateway plugin which automatically performs these steps.
1. [Install Gateway](https://www.jetbrains.com/help/idea/jetbrains-gateway.html).
@ -187,8 +185,7 @@ keytool -import -alias coder -file cacert.pem -keystore /Applications/JetBrains\
![Gateway Choose IDE](../../images/gateway/gateway-choose-ide.png)
> Note the JetBrains IDE is remotely installed into
> `~/. cache/JetBrains/RemoteDev/dist`
The JetBrains IDE is remotely installed into `~/. cache/JetBrains/RemoteDev/dist`
1. Click **Download and Start IDE** to connect.
@ -206,6 +203,7 @@ cd /opt/idea/bin
./remote-dev-server.sh registerBackendLocationForGateway
```
> [!NOTE]
> Gateway only works with paid versions of JetBrains IDEs so the script will not
> be located in the `bin` directory of JetBrains Community editions.
@ -395,6 +393,6 @@ Fleet can connect to a Coder workspace by following these steps.
4. Connect via SSH with the Host set to `coder.workspace-name`
![Fleet Connect to Coder](../../images/fleet/ssh-connect-to-coder.png)
> If you experience problems, please
> [create a GitHub issue](https://github.com/coder/coder/issues) or share in
> [our Discord channel](https://discord.gg/coder).
If you experience any issues, please
[create a GitHub issue](https://github.com/coder/coder/issues) or share in
[our Discord channel](https://discord.gg/coder).

23
docs/user-guides/workspace-access/port-forwarding.md
View File

@ -50,17 +50,17 @@ For more examples, see `coder port-forward --help`.
## Dashboard
> To enable port forwarding via the dashboard, Coder must be configured with a
> [wildcard access URL](../../admin/setup/index.md#wildcard-access-url). If an
> access URL is not specified, Coder will create
> [a publicly accessible URL](../../admin/setup/index.md#tunnel) to reverse
> proxy the deployment, and port forwarding will work.
>
> There is a
> [DNS limitation](https://datatracker.ietf.org/doc/html/rfc1035#section-2.3.1)
> where each segment of hostnames must not exceed 63 characters. If your app
> name, agent name, workspace name and username exceed 63 characters in the
> hostname, port forwarding via the dashboard will not work.
To enable port forwarding via the dashboard, Coder must be configured with a
[wildcard access URL](../../admin/setup/index.md#wildcard-access-url). If an
access URL is not specified, Coder will create
[a publicly accessible URL](../../admin/setup/index.md#tunnel) to reverse
proxy the deployment, and port forwarding will work.
There is a
[DNS limitation](https://datatracker.ietf.org/doc/html/rfc1035#section-2.3.1)
where each segment of hostnames must not exceed 63 characters. If your app
name, agent name, workspace name and username exceed 63 characters in the
hostname, port forwarding via the dashboard will not work.
### From an coder_app resource
@ -122,6 +122,7 @@ it is still accessible.
![Annotated port controls in the UI](../../images/networking/annotatedports.png)
> [!NOTE]
> The sharing level is limited by the maximum level enforced in the template
> settings in licensed deployments, and not restricted in OSS deployments.

8
docs/user-guides/workspace-access/remote-desktops.md
View File

@ -1,7 +1,7 @@
# Remote Desktops
> Built-in remote desktop is on the roadmap
> ([#2106](https://github.com/coder/coder/issues/2106)).
Built-in remote desktop is on the roadmap
([#2106](https://github.com/coder/coder/issues/2106)).
## VNC Desktop
@ -45,10 +45,10 @@ Then, connect to your workspace via RDP:
mstsc /v localhost:3399
```
or use your favorite RDP client to connect to `localhost:3399`.
Or use your favorite RDP client to connect to `localhost:3399`.
![windows-rdp](../../images/ides/windows_rdp_client.png)
> Note: Default username is `Administrator` and password is `coderRDP!`.
The default username is `Administrator` and password is `coderRDP!`.
## RDP Web

4
docs/user-guides/workspace-access/vscode.md
View File

@ -15,6 +15,7 @@ extension, authenticates with Coder, and connects to the workspace.
![Demo](https://github.com/coder/vscode-coder/raw/main/demo.gif?raw=true)
> [!NOTE]
> The `VS Code Desktop` button can be hidden by enabling
> [Browser-only connections](../../admin/networking/index.md#browser-only-connections).
@ -52,7 +53,8 @@ marketplace, or the Eclipse Open VSX _local_ marketplace.
![Code Web Extensions](../../images/ides/code-web-extensions.png)
> Note: Microsoft does not allow any unofficial VS Code IDE to connect to the
> [!NOTE]
> Microsoft does not allow any unofficial VS Code IDE to connect to the
> extension marketplace.
### Adding extensions to custom images

4
docs/user-guides/workspace-access/web-ides.md
View File

@ -15,8 +15,8 @@ In Coder, web IDEs are defined as
resources in the template. With our generic model, any web application can be
used as a Coder application. For example:
> To learn more about configuring IDEs in templates, see our docs on
> [template administration](../../admin/templates/index.md).
To learn more about configuring IDEs in templates, see our docs on
[template administration](../../admin/templates/index.md).
![External URLs](../../images/external-apps.png)

11
docs/user-guides/workspace-access/zed.md
View File

@ -66,10 +66,7 @@ Use the Coder CLI to log in and configure SSH, then connect to your workspace wi
![Zed open remote project](../../images/zed/zed-ssh-open-remote.png)
<blockquote class="admonition note">
If you have any suggestions or experience any issues, please
[create a GitHub issue](https://github.com/coder/coder/issues) or share in
[our Discord channel](https://discord.gg/coder).
</blockquote>
> [!NOTE]
> If you have any suggestions or experience any issues, please
> [create a GitHub issue](https://github.com/coder/coder/issues) or share in
> [our Discord channel](https://discord.gg/coder).

2
docs/user-guides/workspace-dotfiles.md
View File

@ -18,6 +18,7 @@ your workspace automatically.
![Dotfiles in workspace creation](../images/user-guides/dotfiles-module.png)
> [!NOTE]
> Template admins: this can be enabled quite easily with a our
> [dotfiles module](https://registry.coder.com/modules/dotfiles) using just a
> few lines in the template.
@ -37,6 +38,7 @@ sudo apt update
sudo apt install -y neovim fish cargo
```
> [!NOTE]
> Template admins: refer to
> [this module](https://registry.coder.com/modules/personalize) to enable the
> `~/personalize` script on templates.

4
docs/user-guides/workspace-lifecycle.md
View File

@ -15,8 +15,8 @@ Persistent resources stay provisioned when the workspace is stopped, where as
ephemeral resources are destroyed and recreated on restart. All resources are
destroyed when a workspace is deleted.
> Template administrators can learn more about resource configuration in the
> [extending templates docs](../admin/templates/extending-templates/resource-persistence.md).
Template administrators can learn more about resource configuration in the
[extending templates docs](../admin/templates/extending-templates/resource-persistence.md).
## Workspace States

12
docs/user-guides/workspace-management.md
View File

@ -90,12 +90,9 @@ manually updated the workspace.
## Bulk operations
<blockquote class="info">
Bulk operations are an Enterprise and Premium feature.
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
> [!NOTE]
> Bulk operations are an Enterprise and Premium feature.
> [Learn more](https://coder.com/pricing#compare-plans).
Licensed admins may apply bulk operations (update, delete, start, stop) in the
**Workspaces** tab. Select the workspaces you'd like to modify with the
@ -182,4 +179,5 @@ Coder stores macOS and Linux logs at the following locations:
| `shutdown_script` | `/tmp/coder-shutdown-script.log` |
| Agent | `/tmp/coder-agent.log` |
> Note: Logs are truncated once they reach 5MB in size.
> [!NOTE]
> Logs are truncated once they reach 5MB in size.

36
docs/user-guides/workspace-scheduling.md
View File

@ -24,7 +24,7 @@ Then open the **Schedule** tab to see your workspace scheduling options.
## Autostart
> Autostart must be enabled in the template settings by your administrator.
Autostart must be enabled in the template settings by your administrator.
Use autostart to start a workspace at a specified time and which days of the
week. Also, you can choose your preferred timezone. Admins may restrict which
@ -51,12 +51,9 @@ for your workspace.
## Autostop requirement
<blockquote class="info">
Autostop requirement is an Enterprise and Premium feature.
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
> [!NOTE]
> Autostop requirement is an Enterprise and Premium feature.
> [Learn more](https://coder.com/pricing#compare-plans).
Licensed template admins may enforce a required stop for workspaces to apply
updates or undergo maintenance. These stops ignore any active connections or
@ -65,17 +62,14 @@ frequency for updates, either in **days** or **weeks**. Workspaces will apply
the template autostop requirement on the given day **in the user's timezone**
and specified quiet hours (see below).
> Admins: See the template schedule settings for more information on configuring
> Autostop Requirement.
Admins: See the template schedule settings for more information on configuring
Autostop Requirement.
### User quiet hours
<blockquote class="info">
User quiet hours are an Enterprise and Premium feature.
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
> [!NOTE]
> User quiet hours are an Enterprise and Premium feature.
> [Learn more](https://coder.com/pricing#compare-plans).
User quiet hours can be configured in the user's schedule settings page.
Workspaces on templates with an autostop requirement will only be forcibly
@ -90,7 +84,8 @@ powerful system for scheduling your workspace. However, synchronizing all of
them simultaneously can be somewhat challenging, here are a few example
configurations to better understand how they interact.
> Note that the inactivity timer must be configured by your template admin.
> [!NOTE]
> The inactivity timer must be configured by your template admin.
### Working hours
@ -115,12 +110,9 @@ hours of inactivity.
## Dormancy
<blockquote class="info">
Dormancy is an Enterprise and Premium feature.
[Learn more](https://coder.com/pricing#compare-plans).
</blockquote>
> [!NOTE]
> Dormancy is an Enterprise and Premium feature.
> [Learn more](https://coder.com/pricing#compare-plans).
Dormancy automatically deletes workspaces which remain unused for long
durations. Template admins configure an inactivity period after which your