fix: add --block-direct-connections to wsproxies

coadler · coadler · commit b4d5f591baac · 2024-02-15T23:49:24.000Z
diff --git a/codersdk/deployment.go b/codersdk/deployment.go
@@ -880,7 +880,8 @@ when required by your organization's security policy.`,
 			Env:   "CODER_BLOCK_DIRECT",
 			Value: &c.DERP.Config.BlockDirect,
 			Group: &deploymentGroupNetworkingDERP,
-			YAML:  "blockDirect",
+			YAML:  "blockDirect", Annotations: clibase.Annotations{}.
+				Mark(annotationExternalProxies, "true"),
 		},
 		{
 			Name:        "DERP Force WebSockets",
diff --git a/enterprise/cli/proxyserver.go b/enterprise/cli/proxyserver.go
@@ -262,6 +262,7 @@ func (r *RootCmd) proxyServer() *clibase.Cmd {
 				AllowAllCors:           cfg.Dangerous.AllowAllCors.Value(),
 				DERPEnabled:            cfg.DERP.Server.Enable.Value(),
 				DERPOnly:               derpOnly.Value(),
+				BlockDirect:            cfg.DERP.Config.BlockDirect.Value(),
 				DERPServerRelayAddress: cfg.DERP.Server.RelayURL.String(),
 			})
 			if err != nil {
diff --git a/enterprise/cli/proxyserver_test.go b/enterprise/cli/proxyserver_test.go
@@ -13,7 +13,7 @@ import (
 	"github.com/coder/coder/v2/pty/ptytest"
 )
 
-func Test_Headers(t *testing.T) {
+func Test_ProxyServer_Headers(t *testing.T) {
 	t.Parallel()
 
 	const (
diff --git a/enterprise/wsproxy/wsproxy.go b/enterprise/wsproxy/wsproxy.go
@@ -75,6 +75,9 @@ type Options struct {
 	// DERPOnly determines whether this proxy only provides DERP and does not
 	// provide access to workspace apps/terminal.
 	DERPOnly bool
+	// BlockDirect controls the servertailnet of the proxy, forcing it from
+	// negotiating direct connections.
+	BlockDirect bool
 
 	ProxySessionToken string
 	// AllowAllCors will set all CORs headers to '*'.
@@ -250,7 +253,7 @@ func New(ctx context.Context, opts *Options) (*Server, error) {
 		},
 		regResp.DERPForceWebSockets,
 		s.DialCoordinator,
-		false, // TODO: this will be covered in a subsequent pr.
+		opts.BlockDirect,
 		s.TracerProvider,
 	)
 	if err != nil {

Original file line number	Diff line number	Diff line change
`@@ -13,7 +13,7 @@ import (`
`13`	`13`	`"github.com/coder/coder/v2/pty/ptytest"`
`14`	`14`	`)`
`15`	`15`
`16`		`-func Test_Headers(t *testing.T) {`
	`16`	`+func Test_ProxyServer_Headers(t *testing.T) {`
`17`	`17`	`t.Parallel()`
`18`	`18`
`19`	`19`	`const (`