Skip to content

feat: use custom wireguard reverse proxy for dev tunnel #1975

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 5 commits into from
Jun 10, 2022
Merged

feat: use custom wireguard reverse proxy for dev tunnel #1975

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
7a43a2e
feat: use custom wireguard reverse proxy for dev tunnel
coadler Jun 1, 2022
72ca611
add docs
coadler Jun 2, 2022
942f75d
Merge branch 'main' into colin/wg-dev-tunnel
coadler Jun 9, 2022
c28fc21
kyle fixes
coadler Jun 9, 2022
ee4c647
ignore logs
coadler Jun 10, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
40 changes: 30 additions & 10 deletions cli/server.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ import (
"golang.org/x/mod/semver"
"golang.org/x/oauth2"
xgithub "golang.org/x/oauth2/github"
"golang.org/x/sync/errgroup"
"golang.org/x/xerrors"
"google.golang.org/api/idtoken"
"google.golang.org/api/option"
Expand Down Expand Up @@ -86,7 +87,7 @@ func server() *cobra.Command {
tlsKeyFile string
tlsMinVersion string
turnRelayAddress string
tunnel bool
shouldTunnel bool
stunServers []string
trace bool
secureAuthCookie bool
Expand Down Expand Up @@ -165,18 +166,18 @@ func server() *cobra.Command {
accessURL = localURL.String()
} else {
// If an access URL is specified, always skip tunneling.
tunnel = false
shouldTunnel = false
}

var (
tunnelErrChan <-chan error
ctxTunnel, closeTunnel = context.WithCancel(cmd.Context())
tunnel = &devtunnel.Tunnel{ErrorChan: make(chan error, 1)}
)
defer closeTunnel()

// If we're attempting to tunnel in dev-mode, the access URL
// needs to be changed to use the tunnel.
if dev && tunnel {
if dev && shouldTunnel {
_, _ = fmt.Fprintln(cmd.ErrOrStderr(), cliui.Styles.Wrap.Render(
"Coder requires a URL accessible by workspaces you provision. "+
"A free tunnel can be created for simple setup. This will "+
Expand All @@ -195,10 +196,11 @@ func server() *cobra.Command {
}
}
if err == nil {
accessURL, tunnelErrChan, err = devtunnel.New(ctxTunnel, localURL)
tunnel, err = devtunnel.New(ctxTunnel, logger.Named("devtunnel"))
if err != nil {
return xerrors.Errorf("create tunnel: %w", err)
}
accessURL = tunnel.URL
}
_, _ = fmt.Fprintln(cmd.ErrOrStderr())
}
Expand Down Expand Up @@ -327,7 +329,25 @@ func server() *cobra.Command {
return shutdownConnsCtx
},
}
errCh <- server.Serve(listener)

wg := errgroup.Group{}
wg.Go(func() error {
if dev && shouldTunnel {
defer tunnel.Listener.Close()
}

return server.Serve(listener)
})

if dev && shouldTunnel {
wg.Go(func() error {
defer listener.Close()

return server.Serve(tunnel.Listener)
})
}

errCh <- wg.Wait()
}()

config := createConfig(cmd)
Expand Down Expand Up @@ -393,7 +413,7 @@ func server() *cobra.Command {
case <-cmd.Context().Done():
coderAPI.Close()
return cmd.Context().Err()
case err := <-tunnelErrChan:
case err := <-tunnel.ErrorChan:
if err != nil {
return err
}
Expand Down Expand Up @@ -455,10 +475,10 @@ func server() *cobra.Command {
spin.Stop()
}

if dev && tunnel {
if dev && shouldTunnel {
_, _ = fmt.Fprintf(cmd.OutOrStdout(), cliui.Styles.Prompt.String()+"Waiting for dev tunnel to close...\n")
closeTunnel()
<-tunnelErrChan
<-tunnel.ErrorChan
}

_, _ = fmt.Fprintf(cmd.OutOrStdout(), cliui.Styles.Prompt.String()+"Waiting for WebSocket connections to close...\n")
Expand Down Expand Up @@ -504,7 +524,7 @@ func server() *cobra.Command {
"Specifies the path to the private key for the certificate. It requires a PEM-encoded file")
cliflag.StringVarP(root.Flags(), &tlsMinVersion, "tls-min-version", "", "CODER_TLS_MIN_VERSION", "tls12",
`Specifies the minimum supported version of TLS. Accepted values are "tls10", "tls11", "tls12" or "tls13"`)
cliflag.BoolVarP(root.Flags(), &tunnel, "tunnel", "", "CODER_DEV_TUNNEL", true,
cliflag.BoolVarP(root.Flags(), &shouldTunnel, "tunnel", "", "CODER_DEV_TUNNEL", true,
"Specifies whether the dev tunnel will be enabled or not. If specified, the interactive prompt will not display.")
cliflag.StringArrayVarP(root.Flags(), &stunServers, "stun-server", "", "CODER_STUN_SERVERS", []string{
"stun:stun.l.google.com:19302",
Expand Down
Loading