Skip to content

docs: add nginx reverse-proxy example #6185

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 33 commits into from
Feb 15, 2023
Merged

docs: add nginx reverse-proxy example #6185

merged 33 commits into from
Feb 15, 2023

Conversation

matifali
Copy link
Member

@matifali matifali commented Feb 13, 2023
edited
Loading

This PR adds an Nginx reverse-proxy example to deploy Coder with a wildcard tls certificate using LetsEncrypt Certbot.

This will resolve #6086, along with #6213.

cc: @bpmct

Tested with a wildcard subdomain.

@matifali
docs: Add nginx reverse-proxy example
2c7f0cf 
This PR adds nginx reverse-proxy example to provision coder with tls certificate using letsencrypt certbot.

This will partially resolve #6086.
@matifali
change nginx example to to absolute path
d29da64
@matifali
Merge branch 'coder:main' into rev-proxy-auto-tls
247a060
bpmct
bpmct requested changes Feb 13, 2023
View reviewed changes
Copy link
Member

@bpmct bpmct left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the contribution! I haven't tested it yet, but have some grammar/formatting feedback. We don't have a documented style guide yet, but just some change requests to make the doc read more like the rest of ours.

I can test the wildcard stuff later.

matifali and others added 13 commits February 13, 2023 19:39
@matifali @bpmct
Update examples/web-server/nginx/README.md
3c247a5 
Co-authored-by: Ben Potter <me@bpmct.net>
@matifali @bpmct
Update examples/web-server/nginx/README.md
8a96176 
Co-authored-by: Ben Potter <me@bpmct.net>
@matifali @bpmct
Update examples/web-server/nginx/README.md
4f25817 
Co-authored-by: Ben Potter <me@bpmct.net>
@matifali @bpmct
Update examples/web-server/nginx/README.md
099428a 
Co-authored-by: Ben Potter <me@bpmct.net>
@matifali @bpmct
Update examples/web-server/nginx/README.md
d3913b3 
Co-authored-by: Ben Potter <me@bpmct.net>
@matifali @bpmct
Update examples/web-server/nginx/README.md
7f8d795 
Co-authored-by: Ben Potter <me@bpmct.net>
@matifali @bpmct
Update examples/web-server/nginx/README.md
3d306a4 
Co-authored-by: Ben Potter <me@bpmct.net>
@matifali @bpmct
Update examples/web-server/nginx/README.md
69eb387 
Co-authored-by: Ben Potter <me@bpmct.net>
@matifali @bpmct
Update examples/web-server/nginx/README.md
c1111b3 
Co-authored-by: Ben Potter <me@bpmct.net>
@matifali @bpmct
Update examples/web-server/nginx/README.md
af32c58 
Co-authored-by: Ben Potter <me@bpmct.net>
@matifali @bpmct
Update examples/web-server/nginx/README.md
b672a1f 
Co-authored-by: Ben Potter <me@bpmct.net>
@matifali @bpmct
Update examples/web-server/nginx/README.md
f080259 
Co-authored-by: Ben Potter <me@bpmct.net>
@matifali @bpmct
Update examples/web-server/nginx/README.md
838e008 
Co-authored-by: Ben Potter <me@bpmct.net>
bpmct
bpmct reviewed Feb 13, 2023
View reviewed changes
Copy link
Member

@bpmct bpmct left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Another cycle of reviews. I'll probably look one more time while I test it out (beware: I may have even more formatting suggestions lol)

@matifali
Copy link
Member Author

updated with most of your suggestions.

@0t4u
Copy link

0t4u commented Feb 13, 2023

Hello, can I suggest using the $host variable when setting the Host header instead of $server_name as $server_name always passes the base domain and not the actual domain you are connecting from when wildcard subdomains are configured.

@matifali
Copy link
Member Author

Hello, can I suggest using the $host variable when setting the Host header instead of $server_name as $server_name always passes the base domain and not the actual domain you are connecting from when wildcard subdomains are configured.

Thank you for your suggestion. This is a WIP, and I still need to test this with a wildcard domain.

I will update.

@matifali matifali requested a review from bpmct February 13, 2023 22:11
@matifali matifali marked this pull request as ready for review February 13, 2023 22:11
@matifali
Copy link
Member Author

@bpmct I have tested this, and it works. You may review it and merge it after testing.

@matifali matifali changed the title docs: Add nginx reverse-proxy example docs: add nginx reverse-proxy example Feb 14, 2023
bpmct
bpmct requested changes Feb 15, 2023
View reviewed changes
Copy link
Member

@bpmct bpmct left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tried it and it worked great. 🎉 This is my final round of feedback, then I'm pretty sure we are good to publish.

Screenshot 2023-02-15 at 6 43 29 AM

Some of this feedback may be relevant to the Apache docs too, so could you change in both places?

examples/web-server/nginx/README.md Outdated

## Requirements

1. Start a Coder deployment with a wildcard subdomain. See [this guide](https://coder.com/docs/v2/latest/admin/configure#wildcard-access-url) for more information.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I noticed it was important to have HTTP_ADDRESS as 3000. Plus the access URL is also important to set.

Suggested change
1. Start a Coder deployment with a wildcard subdomain. See [this guide](https://coder.com/docs/v2/latest/admin/configure#wildcard-access-url) for more information.
1. Start a Coder deployment and be sure to set the following [configuration values](https://coder.com/docs/v2/latest/admin/configure):
```console
CODER_HTTP_ADDRESS=127.0.0.1:3000
CODER_ACCESS_URL=https://coder.example.com
CODER_WILDCARD_ACCESS_URL=*coder.example.com
```
Throughout the guide, be sure to replace `coder.example.com` with the domain you intend to use with Coder.

What do you think about replacing all cases with CODER_SUBDOMAIN with coder.example.com? We tend to do this in other places in our docs, such as in the Caddy docs.

Copy link
Member Author

@matifali matifali Feb 15, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, that is a better option. I will replace all YOUR_SUBDOMAIN with CODER_SUBDOMAIN

matifali and others added 5 commits February 15, 2023 15:54
@matifali matifali requested a review from bpmct February 15, 2023 15:19
@bpmct bpmct merged commit 786ad8d into coder:main Feb 15, 2023
@github-actions github-actions bot locked and limited conversation to collaborators Feb 15, 2023
@matifali matifali deleted the rev-proxy-auto-tls branch February 15, 2023 20:50
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@bpmct bpmct bpmct approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

docs: Apache/NGINX reverse proxy configs
3 participants
@matifali @0t4u @bpmct