sffej
diff --git a/‎admin/appearance.md
Lines changed: 17 additions & 2 deletions b/‎admin/appearance.md
Lines changed: 17 additions & 2 deletions
diff --git a/‎admin/security.md
Lines changed: 31 additions & 0 deletions b/‎admin/security.md
Lines changed: 31 additions & 0 deletions
diff --git a/‎admin/templates.md
Lines changed: 58 additions & 1 deletion b/‎admin/templates.md
Lines changed: 58 additions & 1 deletion
diff --git a/‎assets/enable-ws-templates.png
65.7 KB b/‎assets/enable-ws-templates.png
65.7 KB
diff --git a/‎assets/http-strict-transport-security.png
102 KB b/‎assets/http-strict-transport-security.png
102 KB
diff --git a/‎assets/secure-cookie.png
101 KB b/‎assets/secure-cookie.png
101 KB
diff --git a/‎assets/service-banners.png
62.9 KB b/‎assets/service-banners.png
62.9 KB
diff --git a/‎assets/wac-intellisense-demo.gif
830 KB b/‎assets/wac-intellisense-demo.gif
830 KB
diff --git a/‎changelog/1.20.0.md
Lines changed: 53 additions & 0 deletions b/‎changelog/1.20.0.md
Lines changed: 53 additions & 0 deletions
diff --git a/‎guides/troubleshooting/docker-problems.md
Lines changed: 2 additions & 2 deletions b/‎guides/troubleshooting/docker-problems.md
Lines changed: 2 additions & 2 deletions
@@ -6,20 +6,35 @@ description: Learn how to augment the dashboard appearance.
 Coder offers you appearance customization options for the following:
 
 - System banner messages
+- Service banner messages
 - The terms of service display
 
-## System banner messages
+## System banners
 
 To customize your system banner messages:
 
 1. Go to **Manage** > **Admin** > **Appearance** in the Coder UI.
-1. Toggle the switch to **On**.
+1. Toggle the **System Banner** switch to **On**.
 1. Set your **Background Color**, and provide the text you want to be displayed
    in your **Header** and **Footer**.
 1. Click **Save Preferences** to save your changes.
 
 ![System appearance](../assets/system-banners.png)
 
+## Service banners
+
+The service banner allows you to display a message to all users of your Coder
+system. The user can dismiss the message at any time and Coder will not display
+a banner until you change the message (or disable and re-enable the current
+message).
+
+1. Go to **Manage** > **Admin** > **Appearance** in the Coder UI.
+1. Toggle the **Service Banner** switch to **On**.
+1. Set the **Message**.
+1. Click **Save Preferences**.
+
+![Service banner](../assets/service-banners.png)
+
 ## Terms of service
 
 To enable the display of terms of service and to edit the text displayed:
 
@@ -0,0 +1,31 @@
+---
+title: Browser Security
+description: Learn about Coder's browser security options.
+---
+
+Coder offers two browser security features that you can choose to enable. These
+are available under **Manage** > **Admin** > **Infrastructure**.
+
+## HTTP Strict Transport Security
+
+If you are serving Coder over HTTPS, we recommend enabling the
+**Strict-Transport-Security Header** option, which adds the [HTTP Strict
+Transport Security] header to responses. This browser feature requires future
+requests to occur over HTTPS.
+
+[http strict transport security]:
+  https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
+
+![HTTP Strict Transport Security](../assets/http-strict-transport-security.png)
+
+## Secure Cookie
+
+The **Secure Cookie** option controls the [`secure` property of cookies] that
+Coder issues. This prevents browsers from sending sensitive cookies, such as
+those containing credentials, over unencrypted (HTTP) connections. We recommend
+enabling this setting if you are serving Coder over HTTPS.
+
+[`secure` property of cookies]:
+  https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+
+![Secure Cookie](../assets/secure-cookie.png)
@@ -5,7 +5,64 @@ description:
   As Code Template
 ---
 
-The **Templates** tab features a form you can use for generating an embeddable
+The **Templates** tab features options that control the behavior of workspace
+templates.
+
+The **Enable using Workspace Templates** toggle allows you to enable or disable
+the creation of [workspaces](../workspaces/index.md) using predefined templates
+located in Git repositories.
+
+![Enable workspace templates](../assets/enable-ws-templates.png)
+
+## Template policy (alpha)
+
+If you enable the use of workspace templates, a **template policy** allows you
+to control which fields users can set and which values can be used when they
+define their workspaces.
+
+The default template policy is as follows:
+
+```yaml
+version: "0.2"
+workspace:
+    configure:
+        start:
+            policy: write
+    dev-urls:
+        policy: write
+    specs:
+        kubernetes:
+            container-based-vm:
+                policy: write
+            cpu:
+                policy: write
+            disk:
+                policy: write
+            env:
+                policy: write
+            gpu-count:
+                policy: write
+            image:
+                policy: write
+            labels:
+                policy: read
+            memory:
+                policy: write
+            node-selector:
+                policy: read
+            tolerations:
+                policy: read
+```
+
+Underneath the policy template preview, you can either upload your policy or you
+can drag-and-drop the file onto the UI. Click **Save** to persist your changes.
+
+If, at any time, you want to remove your policy and use Coder's default policy,
+click **Reset to default**.
+
+## Embeddable Button
+
+The Embeddable Button section features a form you can use for generating an embeddable
 button. This button makes it easy for developers to use your
 [workspace template](../workspaces/workspaces-as-code/index.md).
 
 
@@ -0,0 +1,53 @@
+---
+title: "1.20.0"
+description: "Released on 06/16/2021"
+---
+
+### Breaking changes ❗
+
+There are no breaking changes in 1.20.0.
+
+### Features ✨
+
+- web: **Alpha**. Added the ability to set a site-wide workspace template policy
+  at **Manage > Admin > Templates > Template Policy**. If not set, Coder uses
+  the provided default.
+- web: Added the `node-selector`, `tolerations`, and `annotations` fields to
+  workspace templates.
+- other: Added a new JSON schema for writing Coder workspace as code templates
+  with code completion and syntax checking.
+- web: Added a service banner that's displayed to all users of the system. The
+  message can be used with existing messages. It can be dismissed by each user
+  at any point and will not be shown again until there is a new message.
+- web: Added text wrapping to system banners.
+- infra: Added a `CODER_RUNTIME` environment variable that indicates whether a
+  workspace is CVM-enabled or not.
+- web: Updated UI to display decommissioned workspaces that are awaiting
+  deletion.
+- web: Added ability to filter the audit log by the _auto-off_ action.
+
+### Bug fixes 🐛
+
+- web: Fixed bug causing duplicate fetch requests on page load.
+- web: Fixed issue causing private dev URLs to load as blank pages for
+  unauthorized users (users will now see an error page).
+
+### Security updates 🔐
+
+- web: Require administrative permissions to view workspaces belonging to other
+  users; previously, users could view others' workspace metadata
+- web: Added content security policy (CSP) to help protect against cross-site
+  scripting attacks.
+- web: Added opt-in for HTTP Strict Transport Security. This setting can be
+  managed at **Manage > Admin > Infrastructure > HTTP Strict Transport
+  Security**.
+- web: Added opt-in for secure cookies. This setting can be managed at
+  **Manage > Admin > Infrastructure > Secure Cookie**.
+- web: Use strong cryptographic APIs to generate client-side tokens.
+- infra: Upgraded control plane containers from Red Hat UBI 8.3 to 8.4, and
+  switch from ubi to ubi-minimal to reduce image contents.
+- infra: Enable read-only root filesystem for control plane containers, by
+  default. You can override this with the Helm `coderd.securityContext` setting.
+- web: Resolved CVE-2021-23364 in browserslist.
+- web: Resolved CVE-2021-23358 in underscore.
+- web: Resolved CVE-2020-7753 in trim.
@@ -1,6 +1,6 @@
 ---
-title: Docker key storage issues
-description: Learn how to solve Docker key storage issues inside Coder workspaces.
+title: Docker troubleshooting
+description: Learn how to solve Docker issues inside Coder workspaces.
 ---
 
 When using Coder, you may encounter the following error: