From 462efc80011fc63347f9a02979294b05164f89ec Mon Sep 17 00:00:00 2001 From: Thatunknownguy2 <78375824+Thatunknownguy2@users.noreply.github.com> Date: Wed, 8 Mar 2023 20:16:39 -0600 Subject: [PATCH 1/2] Development adjustments --- Dockerfile | 10 ++++++++++ coderd/apikey.go | 2 +- coderd/httpmw/csrf.go | 2 +- coderd/httpmw/oauth2.go | 4 ++-- coderd/workspaceapps.go | 2 +- site/site.go | 1 - 6 files changed, 15 insertions(+), 6 deletions(-) create mode 100644 Dockerfile diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000000000..5a99cd2d0c8d7 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,10 @@ +FROM alpine:latest +RUN adduser -D -h /home/coder -s /bin/bash coder +RUN apk update; apk add vim bash +USER coder +COPY build/coder_0.17.4-devel+????????_linux_arm64 /home/coder/coder +WORKDIR /home/coder/ +ENTRYPOINT ["./coder", "server"] + +# An example +# docker run --rm -it -p 4000:4000 -e CODER_ACCESS_URL="http://localhost:4000" coder_custom diff --git a/coderd/apikey.go b/coderd/apikey.go index ef0921d037e0c..890f44aef802c 100644 --- a/coderd/apikey.go +++ b/coderd/apikey.go @@ -369,7 +369,7 @@ func (api *API) createAPIKey(ctx context.Context, params createAPIKeyParams) (*h Value: sessionToken, Path: "/", HttpOnly: true, - SameSite: http.SameSiteLaxMode, + SameSite: http.SameSiteNoneMode, Secure: api.SecureAuthCookie, }, &key, nil } diff --git a/coderd/httpmw/csrf.go b/coderd/httpmw/csrf.go index ce25c600940b5..0b9504cdc3d23 100644 --- a/coderd/httpmw/csrf.go +++ b/coderd/httpmw/csrf.go @@ -15,7 +15,7 @@ import ( func CSRF(secureCookie bool) func(next http.Handler) http.Handler { return func(next http.Handler) http.Handler { mw := nosurf.New(next) - mw.SetBaseCookie(http.Cookie{Path: "/", HttpOnly: true, SameSite: http.SameSiteLaxMode, Secure: secureCookie}) + mw.SetBaseCookie(http.Cookie{Path: "/", HttpOnly: true, SameSite: http.SameSiteNoneMode, Secure: secureCookie}) mw.SetFailureHandler(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { http.Error(w, "Something is wrong with your CSRF token. Please refresh the page. If this error persists, try clearing your cookies.", http.StatusBadRequest) })) diff --git a/coderd/httpmw/oauth2.go b/coderd/httpmw/oauth2.go index 820523b6befcb..ad6f264a1fda7 100644 --- a/coderd/httpmw/oauth2.go +++ b/coderd/httpmw/oauth2.go @@ -75,7 +75,7 @@ func ExtractOAuth2(config OAuth2Config, client *http.Client) func(http.Handler) Value: state, Path: "/", HttpOnly: true, - SameSite: http.SameSiteLaxMode, + SameSite: http.SameSiteNoneMode, }) // Redirect must always be specified, otherwise // an old redirect could apply! @@ -84,7 +84,7 @@ func ExtractOAuth2(config OAuth2Config, client *http.Client) func(http.Handler) Value: r.URL.Query().Get("redirect"), Path: "/", HttpOnly: true, - SameSite: http.SameSiteLaxMode, + SameSite: http.SameSiteNoneMode, }) http.Redirect(rw, r, config.AuthCodeURL(state, oauth2.AccessTypeOffline), http.StatusTemporaryRedirect) diff --git a/coderd/workspaceapps.go b/coderd/workspaceapps.go index 5ec965db68df1..704110e430449 100644 --- a/coderd/workspaceapps.go +++ b/coderd/workspaceapps.go @@ -664,7 +664,7 @@ func (api *API) setWorkspaceAppCookie(rw http.ResponseWriter, r *http.Request, t Path: "/", MaxAge: maxAge, HttpOnly: true, - SameSite: http.SameSiteLaxMode, + SameSite: http.SameSiteNoneMode, Secure: api.SecureAuthCookie, }) diff --git a/site/site.go b/site/site.go index 194c60b46635a..7a683af9695a7 100644 --- a/site/site.go +++ b/site/site.go @@ -352,7 +352,6 @@ func cspHeaders(next http.Handler) http.Handler { _, _ = fmt.Fprintf(&csp, "%s %s; ", src, strings.Join(vals, " ")) } - w.Header().Set("Content-Security-Policy", csp.String()) next.ServeHTTP(w, r) }) } From ad0125b544e34dce448d6b2c3cfaf39518a88541 Mon Sep 17 00:00:00 2001 From: Thatunknownguy2 <78375824+Thatunknownguy2@users.noreply.github.com> Date: Wed, 8 Mar 2023 20:30:51 -0600 Subject: [PATCH 2/2] Changed docker to use x86_64 binary instead of arm --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 5a99cd2d0c8d7..a2fee0a0a97cf 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,7 +2,7 @@ FROM alpine:latest RUN adduser -D -h /home/coder -s /bin/bash coder RUN apk update; apk add vim bash USER coder -COPY build/coder_0.17.4-devel+????????_linux_arm64 /home/coder/coder +COPY build/coder_0.17.4-devel+????????_linux_amd64 /home/coder/coder WORKDIR /home/coder/ ENTRYPOINT ["./coder", "server"]