diff --git a/.github/workflows/mlc_config.json b/.github/workflows/mlc_config.json index 3eccca05e5..a1d735be94 100644 --- a/.github/workflows/mlc_config.json +++ b/.github/workflows/mlc_config.json @@ -18,5 +18,6 @@ { "pattern": "tailscale.com" } - ] + ], + "aliveStatusCodes": [200, 0] } diff --git a/docs/README.md b/docs/README.md index f0ea557474..6fa84f5140 100644 --- a/docs/README.md +++ b/docs/README.md @@ -28,7 +28,7 @@ product. Coder workspaces don't stop at compute. You can add storage buckets, secrets, sidecars and whatever else Terraform lets you dream up. -[Learn more about managing infrastructure.](./templates.md) +[Learn more about managing infrastructure.](./templates/README.md) ## IDE Support diff --git a/docs/about/architecture.md b/docs/about/architecture.md index 791cb6ec76..57f18965e7 100644 --- a/docs/about/architecture.md +++ b/docs/about/architecture.md @@ -40,7 +40,7 @@ It offers the following services along with much more: - Liveness checks - `startup_script` automation -Templates are responsible for [creating and running agents](../templates.md#coder-agent) within workspaces. +Templates are responsible for [creating and running agents](../templates/README.md#coder-agent) within workspaces. ## Service Bundling diff --git a/docs/admin/configure.md b/docs/admin/configure.md index 10232e23ef..ba94371adb 100644 --- a/docs/admin/configure.md +++ b/docs/admin/configure.md @@ -35,7 +35,7 @@ coder server ## Wildcard access URL `CODER_WILDCARD_ACCESS_URL` is necessary for [port forwarding](../networking/port-forwarding.md#dashboard) -via the dashboard or running [coder_apps](../templates.md#coder-apps) on an absolute path. Set this to a wildcard +via the dashboard or running [coder_apps](../templates/README.md#coder-apps) on an absolute path. Set this to a wildcard subdomain that resolves to Coder (e.g. `*.coder.example.com`). > If you are providing TLS certificates directly to the Coder server, you must use a single certificate for the diff --git a/docs/admin/high-availability.md b/docs/admin/high-availability.md index b617b6e10a..037a758298 100644 --- a/docs/admin/high-availability.md +++ b/docs/admin/high-availability.md @@ -21,7 +21,7 @@ to the same Postgres endpoint. HA brings one configuration variable to set in each Coder node: `CODER_DERP_SERVER_RELAY_URL`. The HA nodes use these URLs to communicate with each other. Inter-node communication is only required while using the -embedded relay (default). If you're using [custom relays](../networking.md#custom-relays), Coder ignores `CODER_DERP_SERVER_RELAY_URL` since Postgres is the sole rendezvous for the Coder nodes. +embedded relay (default). If you're using [custom relays](../networking/README.md#custom-relays), Coder ignores `CODER_DERP_SERVER_RELAY_URL` since Postgres is the sole rendezvous for the Coder nodes. `CODER_DERP_SERVER_RELAY_URL` will never be `CODER_ACCESS_URL` because `CODER_ACCESS_URL` is a load balancer to all Coder nodes. @@ -57,6 +57,6 @@ Then, increase the number of pods. ## Up next -- [Networking](../networking.md) +- [Networking](../networking/README.md) - [Kubernetes](../install/kubernetes.md) - [Enterprise](../enterprise.md) diff --git a/docs/admin/provisioners.md b/docs/admin/provisioners.md index 18ce4d7683..bda26a8f05 100644 --- a/docs/admin/provisioners.md +++ b/docs/admin/provisioners.md @@ -83,7 +83,7 @@ docker run --rm -it \ ## Disable built-in provisioners -As mentioned above, the Coder server will run built-in provisioners by default. This can be disabled with a server-wide [flag or environment variable](../cli/coder_server.md#provisioner-daemons). +As mentioned above, the Coder server will run built-in provisioners by default. This can be disabled with a server-wide [flag or environment variable](../cli/server.md#provisioner-daemons). ```sh coder server --provisioner-daemons=0 diff --git a/docs/enterprise.md b/docs/enterprise.md index f1c3269711..e990fd15a0 100644 --- a/docs/enterprise.md +++ b/docs/enterprise.md @@ -4,18 +4,18 @@ Coder is free to use and includes some features that are only accessible with a [Contact Sales](https://coder.com/contact) for pricing or [get a free trial](https://coder.com/trial). -| Category | Feature | Open Source | Enterprise | -| --------------- | ------------------------------------------------------------------------- | :---------: | :--------: | -| User Management | [Groups](./admin/groups.md) | ❌ | ✅ | -| User Management | [SCIM](./admin/auth.md#scim) | ❌ | ✅ | -| Governance | [Audit Logging](./admin/audit-logs.md) | ❌ | ✅ | -| Governance | [Browser Only Connections](./networking.md#browser-only-connections) | ❌ | ✅ | -| Governance | [Template Access Control](./admin/rbac.md) | ❌ | ✅ | -| Cost Control | [Quotas](./admin/quotas.md) | ❌ | ✅ | -| Cost Control | [Max Workspace Autostop](./templates.md#configure-max-workspace-autostop) | ❌ | ✅ | -| Deployment | [High Availability](./admin/high-availability.md) | ❌ | ✅ | -| Deployment | [Service Banners](./admin/service-banners.md) | ❌ | ✅ | -| Deployment | Isolated Terraform Runners | ❌ | ✅ | +| Category | Feature | Open Source | Enterprise | +| --------------- | -------------------------------------------------------------------------------- | :---------: | :--------: | +| User Management | [Groups](./admin/groups.md) | ❌ | ✅ | +| User Management | [SCIM](./admin/auth.md#scim) | ❌ | ✅ | +| Governance | [Audit Logging](./admin/audit-logs.md) | ❌ | ✅ | +| Governance | [Browser Only Connections](./networking/README.md#browser-only-connections) | ❌ | ✅ | +| Governance | [Template Access Control](./admin/rbac.md) | ❌ | ✅ | +| Cost Control | [Quotas](./admin/quotas.md) | ❌ | ✅ | +| Cost Control | [Max Workspace Autostop](./templates/README.md#configure-max-workspace-autostop) | ❌ | ✅ | +| Deployment | [High Availability](./admin/high-availability.md) | ❌ | ✅ | +| Deployment | [Service Banners](./admin/service-banners.md) | ❌ | ✅ | +| Deployment | Isolated Terraform Runners | ❌ | ✅ | > Previous plans to restrict OIDC and Git Auth features in OSS have been removed > as of 2023-01-11 diff --git a/docs/ides.md b/docs/ides.md index f2a847f4c2..05d7065c13 100644 --- a/docs/ides.md +++ b/docs/ides.md @@ -22,7 +22,7 @@ Click `VS Code Desktop` in the dashboard to one-click enter a workspace. This au ![Demo](https://github.com/coder/vscode-coder/raw/main/demo.gif?raw=true) -> The `VS Code Desktop` button can be hidden by enabling [Browser-only connections](./networking.md#browser-only-connections-enterprise). +> The `VS Code Desktop` button can be hidden by enabling [Browser-only connections](./networking/README.md#Browser-only). ### Manual Installation diff --git a/docs/install/binary.md b/docs/install/binary.md index 1125ed947f..a77b7eb4a1 100644 --- a/docs/install/binary.md +++ b/docs/install/binary.md @@ -30,4 +30,4 @@ Coder publishes self-contained .zip and .tar.gz archives in [GitHub releases](ht ## Next steps - [Configuring Coder](../admin/configure.md) -- [Templates](../templates.md) +- [Templates](../templates/README.md) diff --git a/docs/install/database.md b/docs/install/database.md index d5698565e0..4c3b1ef45e 100644 --- a/docs/install/database.md +++ b/docs/install/database.md @@ -84,4 +84,4 @@ psql -U coder -c '\dn' ## Next steps - [Configuring Coder](../admin/configure.md) -- [Templates](../templates.md) +- [Templates](../templates/README.md) diff --git a/docs/install/docker.md b/docs/install/docker.md index 2afa2b1ff6..dacfabb66b 100644 --- a/docs/install/docker.md +++ b/docs/install/docker.md @@ -97,4 +97,4 @@ See Docker's official documentation to [Manage Docker as a non-root user](https: ## Next steps - [Configuring Coder](../admin/configure.md) -- [Templates](../templates.md) +- [Templates](../templates/README.md) diff --git a/docs/install/install.sh.md b/docs/install/install.sh.md index 87e5b3f7d6..0a1129f6b2 100644 --- a/docs/install/install.sh.md +++ b/docs/install/install.sh.md @@ -25,4 +25,4 @@ By default, the Coder server runs on `http://127.0.0.1:3000` and uses a [public ## Next steps - [Configuring Coder](../admin/configure.md) -- [Templates](../templates.md) +- [Templates](../templates/README.md) diff --git a/docs/install/kubernetes.md b/docs/install/kubernetes.md index 61c595a6a7..d65542d6c0 100644 --- a/docs/install/kubernetes.md +++ b/docs/install/kubernetes.md @@ -164,9 +164,9 @@ Cloud's log management system if you are using managed Kubernetes. Ensure you have an externally-reachable `CODER_ACCESS_URL` set in your helm chart. If you do not have a domain set up, this should be the IP address of Coder's LoadBalancer (`kubectl get svc -n coder`). -See [troubleshooting templates](../templates.md#creating-and-troubleshooting-templates) for more steps. +See [troubleshooting templates](../templates/README.md#troubleshooting-templates) for more steps. ## Next steps - [Configuring Coder](../admin/configure.md) -- [Templates](../templates.md) +- [Templates](../templates/README.md) diff --git a/docs/install/offline.md b/docs/install/offline.md index f56933e22d..fb7cf6a06d 100644 --- a/docs/install/offline.md +++ b/docs/install/offline.md @@ -4,15 +4,15 @@ All Coder features are supported in offline / behind firewalls / in air-gapped e > This is a general comparison. Keep reading for a full tutorial running Coder offline with Kubernetes or Docker. -| | Public deployments | Offline deployments | -| ------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| Terraform binary | By default, Coder downloads Terraform binary from [releases.hashicorp.com](https://releases.hashicorp.com) | Terraform binary must be included in `PATH` for the VM or container image. [Supported versions](https://github.com/coder/coder/blob/main/provisioner/terraform/install.go#L23-L24) | -| Terraform registry | Coder templates will attempt to download providers from [registry.terraform.io](https://registry.terraform.io) or [custom source addresses](https://developer.hashicorp.com/terraform/language/providers/requirements#source-addresses) specified in each template | [Custom source addresses](https://developer.hashicorp.com/terraform/language/providers/requirements#source-addresses) can be specified in each Coder template, or a custom registry/mirror can be used. More details below | -| STUN | By default, Coder uses Google's public STUN server for direct workspace connections | STUN can be safely [disabled](../cli/server.md#--derp-server-stun-addresses), users can still connect via [relayed connections](../networking.md#-geo-distribution). Alternatively, you can set a [custom DERP server](../cli/server.md#--derp-server-stun-addresses) | -| DERP | By default, Coder's built-in DERP relay can be used, or [Tailscale's public relays](../networking.md#relayed-connections). | By default, Coder's built-in DERP relay can be used, or [custom relays](../networking.md#custom-relays). | -| PostgreSQL | If no [PostgreSQL connection URL](../cli/server.md#--postgres-url) is specified, Coder will download Postgres from [repo1.maven.org](https://repo1.maven.org) | An external database is required, you must specify a [PostgreSQL connection URL](../cli/server.md#--postgres-url) | -| Telemetry | Telemetry is on by default, and [can be disabled](../cli/server.md#--telemetry) | Telemetry [can be disabled](../cli/server.md#--telemetry) | -| Update check | By default, Coder checks for updates from [GitHub releases](https:/github.com/coder/coder/releases) | Update checks [can be disabled](../cli/server.md#--update-check) | +| | Public deployments | Offline deployments | +| ------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Terraform binary | By default, Coder downloads Terraform binary from [releases.hashicorp.com](https://releases.hashicorp.com) | Terraform binary must be included in `PATH` for the VM or container image. [Supported versions](https://github.com/coder/coder/blob/main/provisioner/terraform/install.go#L23-L24) | +| Terraform registry | Coder templates will attempt to download providers from [registry.terraform.io](https://registry.terraform.io) or [custom source addresses](https://developer.hashicorp.com/terraform/language/providers/requirements#source-addresses) specified in each template | [Custom source addresses](https://developer.hashicorp.com/terraform/language/providers/requirements#source-addresses) can be specified in each Coder template, or a custom registry/mirror can be used. More details below | +| STUN | By default, Coder uses Google's public STUN server for direct workspace connections | STUN can be safely [disabled](../cli/server.md#--derp-server-stun-addresses), users can still connect via [relayed connections](../networking/README.md#-geo-distribution). Alternatively, you can set a [custom DERP server](../cli/server.md#--derp-server-stun-addresses) | +| DERP | By default, Coder's built-in DERP relay can be used, or [Tailscale's public relays](../networking/README.md#relayed-connections). | By default, Coder's built-in DERP relay can be used, or [custom relays](../networking/README.md#custom-relays). | +| PostgreSQL | If no [PostgreSQL connection URL](../cli/server.md#--postgres-url) is specified, Coder will download Postgres from [repo1.maven.org](https://repo1.maven.org) | An external database is required, you must specify a [PostgreSQL connection URL](../cli/server.md#--postgres-url) | +| Telemetry | Telemetry is on by default, and [can be disabled](../cli/server.md#--telemetry) | Telemetry [can be disabled](../cli/server.md#--telemetry) | +| Update check | By default, Coder checks for updates from [GitHub releases](https:/github.com/coder/coder/releases) | Update checks [can be disabled](../cli/server.md#--update-check) | ## Offline container images diff --git a/docs/install/packages.md b/docs/install/packages.md index 30baefa836..3f9479eaf9 100644 --- a/docs/install/packages.md +++ b/docs/install/packages.md @@ -38,4 +38,4 @@ sudo systemctl restart coder ## Next steps - [Configuring Coder](../admin/configure.md) -- [Templates](../templates.md) +- [Templates](../templates/README.md) diff --git a/docs/install/windows.md b/docs/install/windows.md index e04d21b9a4..09dec83093 100644 --- a/docs/install/windows.md +++ b/docs/install/windows.md @@ -31,4 +31,4 @@ Use the Windows installer to download the CLI and add Coder to `PATH`. Alternati ## Next steps - [Configuring Coder](../admin/configure.md) -- [Templates](../templates.md) +- [Templates](../templates/README.md) diff --git a/docs/networking/README.md b/docs/networking/README.md index 63bb972640..42690651f3 100644 --- a/docs/networking/README.md +++ b/docs/networking/README.md @@ -16,7 +16,7 @@ All user <-> workspace connections are end-to-end encrypted. ## coder server Workspaces connect to the coder server via the server's external address, -set via [`ACCESS_URL`](./admin/configure.md#access-url). There must not be a +set via [`ACCESS_URL`](../admin/configure.md#access-url). There must not be a NAT between workspaces and coder server. Users connect to the coder server's dashboard and API through its `ACCESS_URL` @@ -39,7 +39,7 @@ the Coder server. The coder servers relays dashboard-initiated connections between the user and the workspace. Web terminal <-> workspace connections are an exception and may be direct. -In general, [port forwarded](./networking/port-forwarding.md) web apps are +In general, [port forwarded](./port-forwarding.md) web apps are faster than dashboard-accessed web apps. ## 🌎 Geo-distribution @@ -51,7 +51,7 @@ is no special geo-distribution configuration. To speed up direct connections, move the user and workspace closer together. If a direct connection is not available (e.g. client or server is behind NAT), Coder -will use a relayed connection. By default, [Coder uses Google's public STUN server](../cli/server#--derp-server-stun-addresses), but +will use a relayed connection. By default, [Coder uses Google's public STUN server](../cli/server.md#--derp-server-stun-addresses), but this can be disabled or changed for [offline deployments](../install/offline.md). ### Relayed connections diff --git a/docs/platforms/aws.md b/docs/platforms/aws.md index 7a7301d9f9..58585936d9 100644 --- a/docs/platforms/aws.md +++ b/docs/platforms/aws.md @@ -58,6 +58,6 @@ From there, you can import the AWS starter template in the dashboard and begin c ## Next steps - [IDEs with Coder](../ides.md) -- [Writing custom templates for Coder](../templates.md) +- [Writing custom templates for Coder](../templates/README.md) - [Configure the Coder server](../admin/configure.md) - [Use your own domain + TLS](../admin/configure.md#tls--reverse-proxy) diff --git a/docs/platforms/azure.md b/docs/platforms/azure.md index f30654ae02..061d070452 100644 --- a/docs/platforms/azure.md +++ b/docs/platforms/azure.md @@ -105,5 +105,5 @@ Congrats! You can now navigate to your Coder dashboard and use this Linux on Azu ## Next Steps - [Port-forward](../networking/port-forwarding.md) -- [Learn more about template configuration](../templates.md) +- [Learn more about template configuration](../templates/README.md) - [Configure more IDEs](../ides/web-ides.md) diff --git a/docs/platforms/docker.md b/docs/platforms/docker.md index fcdebebf52..7f97fbca4a 100644 --- a/docs/platforms/docker.md +++ b/docs/platforms/docker.md @@ -74,7 +74,7 @@ Coder with Docker has the following advantages: ### Docker-based workspace is stuck in "Connecting..." -Ensure you have an externally-reachable `CODER_ACCESS_URL` set. See [troubleshooting templates](../templates.md#creating-and-troubleshooting-templates) for more steps. +Ensure you have an externally-reachable `CODER_ACCESS_URL` set. See [troubleshooting templates](../templates/README.md#Troubleshooting) for more steps. ### Permission denied while trying to connect to the Docker daemon socket @@ -83,5 +83,5 @@ See Docker's official documentation to [Manage Docker as a non-root user](https: ## Next Steps - [Port-forward](../networking/port-forwarding.md) -- [Learn more about template configuration](../templates.md) +- [Learn more about template configuration](../templates/README.md) - [Configure more IDEs](../ides/web-ides.md) diff --git a/docs/platforms/google-cloud-platform.md b/docs/platforms/google-cloud-platform.md index a5dbc8bb50..f13935f683 100644 --- a/docs/platforms/google-cloud-platform.md +++ b/docs/platforms/google-cloud-platform.md @@ -110,5 +110,5 @@ Congrats! You can now create new Linux-based workspaces that use Google Cloud Pl ## Next Steps -- [Learn more about template configuration](../templates.md) +- [Learn more about template configuration](../templates/README.md) - [Configure more IDEs](../ides/web-ides.md) diff --git a/docs/platforms/other.md b/docs/platforms/other.md index 76ca4c8ebe..0422384bd4 100644 --- a/docs/platforms/other.md +++ b/docs/platforms/other.md @@ -8,4 +8,4 @@ The following resources may help as you're deploying Coder. - [Run Coder as a system service](../install/packages.md) - [Deploy Coder offline](../install/offline.md) - [Supported resources (Terraform registry)](https://registry.terraform.io) -- [Writing custom templates](../templates.md) +- [Writing custom templates](../templates/README.md) diff --git a/docs/secrets.md b/docs/secrets.md index 4e6a7b8b15..77409f3650 100644 --- a/docs/secrets.md +++ b/docs/secrets.md @@ -20,7 +20,7 @@ Often, this workflow is simply: 1. Your users write them to a persistent file after they've built their workspace -[Template parameters](./templates.md#parameters) are a dangerous way to accept secrets. +[Template parameters](./templates/parameters.md) are a dangerous way to accept secrets. We show parameters in cleartext around the product. Assume anyone with view access to a workspace can also see its parameters. diff --git a/docs/templates/README.md b/docs/templates/README.md index 6830f6df3f..83219093af 100644 --- a/docs/templates/README.md +++ b/docs/templates/README.md @@ -4,8 +4,7 @@ Templates are written in [Terraform](https://www.terraform.io/) and describe the infrastructure for workspaces (e.g., docker_container, aws_instance, kubernetes_pod). -In most cases, a small group of users (team leads or Coder administrators) [have -permissions](./admin/users.md#roles) to create and manage templates. Then, other +In most cases, a small group of users (team leads or Coder administrators) [have permissions](../admin/users.md#roles) to create and manage templates. Then, other users provision their [workspaces](../workspaces.md) from templates using the UI or CLI. @@ -403,7 +402,7 @@ resource "coder_agent" "main" { ## Template permissions (enterprise) Template permissions can be used to give users and groups access to specific -templates. [Learn more about RBAC](./admin/rbac.md). +templates. [Learn more about RBAC](../admin/rbac.md) to learn how to manage ## Community Templates @@ -415,4 +414,4 @@ You can see a list of community templates by our users - Learn about [Authentication & Secrets](./authentication.md) - Learn about [Change Management](./change-management.md) - Learn about [Resource Metadata](./resource-metadata.md) -- Learn about [Workspaces](./workspaces.md) +- Learn about [Workspaces](../workspaces.md) diff --git a/docs/templates/resource-persistence.md b/docs/templates/resource-persistence.md index 0bb37fde43..0ac9765702 100644 --- a/docs/templates/resource-persistence.md +++ b/docs/templates/resource-persistence.md @@ -87,4 +87,4 @@ resource "docker_volume" "home_volume" { ## Up next -- [Templates](../templates.md) +- [Templates](../templates/README.md) diff --git a/docs/workspaces.md b/docs/workspaces.md index 7d6eb34808..fa4ec3a765 100644 --- a/docs/workspaces.md +++ b/docs/workspaces.md @@ -5,8 +5,7 @@ for software development. ## Create workspaces -Each Coder user has their own workspaces created from [shared -templates](./templates.md): +Each Coder user has their own workspaces created from [shared templates](./templates/README.md): ```console # create a workspace from the template; specify any variables @@ -18,13 +17,12 @@ coder show ## IDEs -Coder [supports multiple IDEs](ides.md) for use with your workspaces. +Coder [supports multiple IDEs](./ides.md) for use with your workspaces. ## Workspace lifecycle Workspaces in Coder are started and stopped, often based on whether there was -any activity or if there was a [template -update](./templates.md#start/stop) available. +any activity or if there was a [template update](./templates/README.md#Start/stop) available. Resources are often destroyed and re-created when a workspace is restarted, though the exact behavior depends on the template. For more