Skip to content

Warn users if their access URL is localhost or 127.0.0.1 #1528

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
Tracked by #1939
bpmct opened this issue May 17, 2022 · 5 comments · Fixed by #2248
Closed
Tracked by #1939

Warn users if their access URL is localhost or 127.0.0.1 #1528

bpmct opened this issue May 17, 2022 · 5 comments · Fixed by #2248
Assignees
@dwahler
Labels
api Area: HTTP API cli Area: CLI
Milestone
Community MVP

Comments

@bpmct
Copy link
Member

bpmct commented May 17, 2022
edited
Loading

Note: somewhat duplicate of #1319

What is your suggestion?

When coder server or coder templates create is run (unsure which is best), I suggest displaying an error:

⚠️ Coder's access URL is set to 127.0.0.1 or localhost. Resources provisioned are unlikely to work with Coder.
Please consider changing your `coder server` access URL, or specifying unique access URLs on
templates.

For more information, see: https://github.com/coder/coder/issues/1528

I was chatting with @kylecarbs about this on Discord:

I think the product should block the creation of workspaces when it wouldn't be accessible externally, yup!

Why do you want this feature?

When workspaces are created, the Coder agent on the workspace needs to dial the Coder access URL. If the access url is a loopback address, then the workspace would end up dialing itself instead of the control plane.

Resources will just start and hang on Waiting for connection from dev.

Related: #1345

Are there any workarounds to get this functionality today?

Each example template we provide could include a warning. Templates only leverage resources on the host (e.g docker) can also override the access URL, as done for the docker template in #1507. However, no public cloud templates would work unless Coder is exposed.

Somewhat related: #1176 would allow users to tunnel within Coder itself without the need to use up ngrok, Caddy, or another service to publish and secure a Coder access URL. However, it's a complex undertaking.
This was referenced May 17, 2022
Closed
Merged
@greyscaled greyscaled added cli Area: CLI good first issue 🥇 api Area: HTTP API labels May 18, 2022
@greyscaled
Copy link
Contributor

This seems like a ticket that should be complete for the CE milestone.

Nice details @bpmct !

This was referenced May 19, 2022
Closed
Merged
@misskniss misskniss added this to the Community MVP milestone May 19, 2022
@misskniss
Copy link

Adding this to community in case Lucy gets free time to work on it. It may need to be brought in later depending on load.

@misskniss misskniss mentioned this issue Jun 3, 2022
Closed
90 tasks
@kylecarbs kylecarbs removed the new-hire label Jun 7, 2022
@kylecarbs kylecarbs changed the title Feat: warn users if their access URL is localhost or 127.0.0.1 Warn users if their access URL is localhost or 127.0.0.1 Jun 7, 2022
@dwahler dwahler self-assigned this Jun 8, 2022
@dwahler dwahler mentioned this issue Jun 10, 2022
Merged
@dwahler
Copy link
Contributor

dwahler commented Jun 10, 2022

I implemented this as a warning, rather than an error, because we don't know with certainty that a localhost access URL is an invalid configuration.

For one thing -- as the message points out -- even if the default access URL uses a loopback address, individual templates could override it. That's what our example Docker template does (replacing localhost with host.docker.internal), and making this an error would break it.

@bpmct
Copy link
Member Author

bpmct commented Jun 10, 2022

Agreed. I think a warning is definitely preferable here.

@bpmct
Copy link
Member Author

bpmct commented Jun 10, 2022

Ah, I just noticed I used the word "error" in the description but "warning" in the title. I'll look out for that.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dwahler dwahler

Labels
api Area: HTTP API cli Area: CLI
Projects
None yet
Milestone
Community MVP
Development

Successfully merging a pull request may close this issue.

feat: Warn on coderd startup if access URL is localhost coder/coder
5 participants
@dwahler @misskniss @kylecarbs @greyscaled @bpmct