coder
diff --git a/‎admin/access-control/manage.md
Lines changed: 17 additions & 1 deletion b/‎admin/access-control/manage.md
Lines changed: 17 additions & 1 deletion
diff --git a/‎admin/git.md
Lines changed: 21 additions & 6 deletions b/‎admin/git.md
Lines changed: 21 additions & 6 deletions
diff --git a/‎admin/workspace-management/cvms/management.md
Lines changed: 16 additions & 2 deletions b/‎admin/workspace-management/cvms/management.md
Lines changed: 16 additions & 2 deletions
diff --git a/‎admin/workspace-management/limits.md
Lines changed: 16 additions & 0 deletions b/‎admin/workspace-management/limits.md
Lines changed: 16 additions & 0 deletions
diff --git a/‎admin/workspace-management/self-contained-builds.md
Lines changed: 20 additions & 12 deletions b/‎admin/workspace-management/self-contained-builds.md
Lines changed: 20 additions & 12 deletions
diff --git a/‎assets/guides/admin/file-download.png
113 KB b/‎assets/guides/admin/file-download.png
113 KB
diff --git a/‎changelog/1.28.5.md
Lines changed: 23 additions & 0 deletions b/‎changelog/1.28.5.md
Lines changed: 23 additions & 0 deletions
diff --git a/‎changelog/1.28.6.md
Lines changed: 22 additions & 0 deletions b/‎changelog/1.28.6.md
Lines changed: 22 additions & 0 deletions
diff --git a/‎changelog/1.29.3.md
Lines changed: 21 additions & 0 deletions b/‎changelog/1.29.3.md
Lines changed: 21 additions & 0 deletions
diff --git a/‎changelog/1.29.4.md
Lines changed: 22 additions & 0 deletions b/‎changelog/1.29.4.md
Lines changed: 22 additions & 0 deletions
@@ -16,7 +16,8 @@ article.
 
 ## Coder's OIDC claims
 
-Coder expects the following [OIDC claims](https://developer.okta.com/blog/2017/07/25/oidc-primer-part-1#whats-a-claim)
+Coder expects the following
+[OIDC claims](https://developer.okta.com/blog/2017/07/25/oidc-primer-part-1#whats-a-claim)
 from your OIDC provider:
 
 - `email` (required)
@@ -65,6 +66,21 @@ you:
   to log in with an email/password option when you've enabled OIDC
   authentication
 
+### Logging
+
+If you're having issues with your OIDC configuration, you can enable additional
+logging of OIDC tokens to aid in troubleshooting.
+
+To do so, [update your Helm chart](../../guides/admin/helm-charts.md) and set
+the `OIDC_DEBUG` environment variable to `true`:
+
+```yaml
+coderd:
+  extraEnvs:
+    - name: "OIDC_DEBUG"
+      value: "true"
+```
+
 ### Disable built-in authentication
 
 You can disable built-in authentication as an option for accessing Coder if you
 
@@ -26,8 +26,8 @@ Coder integrates with the following service providers for authentication and
 
 Linking your Coder account with a git service provider is _not_ required.
 Instead, you can use Visual Studio Code with git, the command-line tool, and we
-expect that this combination will work with most hosting software or services.
-However, Coder doesn't test these and cannot provide recommendations or support.
+expect this combination to work with most hosting software or services. However,
+Coder doesn't test these and cannot provide recommendations or support.
 
 > Ensure that your Git provider supports the keygen algorithm that Coder uses;
 > you can choose the algorithm in **Manage** > **Admin** > **Security** >
@@ -38,8 +38,16 @@ However, Coder doesn't test these and cannot provide recommendations or support.
 ## Configuring OAuth
 
 Before developers can link their accounts, you (or another site manager) must
-create an OAuth application with the appropriate providers. When registering,
-you'll be asked for the following details related to your Coder deployment.
+create an OAuth application with the appropriate providers. You can create as
+many OAuth applications as necessary.
+
+1. Log into Coder as a site manager, and go to **Manage** > **Admin** > **Git
+   OAuth**.
+1. Click **Add provider**.
+1. Select your **Provider** (e.g., GitHub, GitLab, or Bitbucket Server).
+1. Create an OAuth application with your Git provider and provide Coder with the
+   requested details (the parameters required vary based on your Git provider).
+   See the following sections for additional guidance.
 
 ### GitHub
 
@@ -54,7 +62,9 @@ ask you for the following Coder parameters:
   `[your-coder-domain]/oauth/callback` (e.g.
   `https://coder.domain.com/oauth/callback`)
 
-Then, provide your **Client ID** and **Client Secret** to Coder.
+Then, in Coder, provide a **Name** for your app, your **URL**, **Client ID**,
+and **Client Secret** to Coder. You can also provide an optional
+**Description**.
 
 When done, click **Save**.
 
@@ -73,7 +83,9 @@ enabled the following:
 - **Confidential**: Check this option
 - **API** (scope): Check this option
 
-Then, provide your **Client ID** and **Client Secret** to Coder.
+Then, in Coder, provide a **Name** for your app, your **URL**, **Application
+ID**, and **Client Secret** to Coder. You can also provide an optional
+**Description**.
 
 When done, click **Save**.
 
@@ -93,4 +105,7 @@ For your newly created Application Link, provide the following values as your
 - **Public Key**: Your public key (available from the Coder Admin Configuration
   page)
 
+Then, in Coder, provide a **Name** for your app, your **URL**, and, optionally,
+a **Description**.
+
 When done, click **Save**.
@@ -9,13 +9,27 @@ a site manager must enable CVMs. To do so:
 1. Go to **Manage > Admin > Infrastructure**.
 1. Toggle the **Enable Container-Based Virtual Machines** option to **Enable**.
 
-This section also describes the customization features that Coder offers for
-CVMs:
+## Customization
+
+Once you've enabled CVMs, you can customize the behavior of your deployment and
+workspaces.
 
 ![CVM Settings](../../../assets/admin/cvm-settings.png)
 
 These settings will apply to workspaces **after** they have been rebuilt.
 
+## Default workspaces to CVMs
+
+Once you've enabled CVMs, you can control whether all new workspaces should be
+built as a CVM or not.
+
+If you would like all newly created workspaces to be CVMs, toggle **Default to
+container-based virtual machines** to **On**.
+
+> While this toggle changes the default workspace creation setting, users can still
+> override this setting. For example, if you enable CVMS and set them as the
+> default, a user can still create non-CVM workspaces (and vice versa).
+
 ## Caching
 
 > Cached CVMs are currently an **alpha** feature.
 
@@ -0,0 +1,16 @@
+---
+title: "Workspace limits"
+description: Learn how to limit the number of workspaces users can create.
+---
+
+You can set the maximum number of workspaces that each user can create. To do
+so, [update your Helm chart](../../guides/admin/helm-charts.md) and set the
+`CODER_MAX_WORKSPACES_PER_USER` parameter to the maximum allowable number:
+
+```yaml
+# Allow each user to create no more than 100 workspaces
+coderd:
+  extraEnvs:
+    - name: CODER_MAX_WORKSPACES_PER_USER
+      value: 100
+```
@@ -1,27 +1,35 @@
 ---
 title: "Self-contained workspace builds"
-description: Learn how to enable self-contained workspace builds.
-state: alpha
+description: Learn how to toggle self-contained workspace builds.
 ---
 
-By default the Coder workspace boot sequence occurs remotely -- Coder uploads
-assets (including the Coder agent, code-server, and JetBrains Projector) from
-`coderd` to a workspace.
+Currently, there are two ways in which the workspace boot sequence can occur:
 
-However, Coder offers the option of using **self-contained workspace builds**.
-Enabling this option changes the Coder deployment so that workspaces control the
-boot sequence internally, with the workspace downloading assets from `coderd`.
+1. Remotely: Coder uploads assets (including the Coder agent, code-server, and
+   JetBrains Projector) from `coderd` to a workspace.
+1. Self-contained: workspaces control the boot sequence internally; the
+   workspace downloads assets from `coderd`. This requires `curl` to be
+   available in the image.
 
-> At this time, Coder does not support certificate injection with
-> self-contained workspace builds.
+Beginning with v1.30.0, the default is **self-contained workspace builds**,
+though site managers can toggle this feature off and opt for remote builds
+instead.
 
-To enable self-contained workspace builds:
+> Coder plans to deprecate remote workspace builds in the future.
+
+To toggle self-contained workspace builds:
 
 1. Log into Coder.
 1. Go to Manage > Admin.
 1. On the Infrastructure page, scroll down to **Workspace container runtime**.
-1. Under **Enable self-contained workspace builds**, flip the toggle to **On**.
+1. Under **Enable self-contained workspace builds**, flip the toggle to **On**
+   or **Off** as required.
 1. Click **Save workspaces**.
 
 > Build errors are typically more verbose for remote builds than with
 > self-contained builds.
+
+## Known issues
+
+At this time, Coder does not support certificate injection with self-contained
+workspace builds.
@@ -0,0 +1,23 @@
+---
+title: "1.28.5"
+description: "Released on 4/28/2022"
+---
+
+### Breaking changes ❗
+
+There are no breaking changes in 1.28.5.
+
+### Features ✨
+
+There are no new features in 1.28.5.
+
+### Bug fixes 🐛
+
+- infra: fixed issue where the Coder front-end attempts to reconnect to a
+  workspace even when it is offline.
+- web: fixed issue where the error message does not show when a user exceeds
+  their resource quota when attempting to create a workspace.
+
+### Security updates 🔐
+
+There are no security updates in 1.28.5.
@@ -0,0 +1,22 @@
+---
+title: "1.28.6"
+description: "Released on 04/29/2022"
+---
+
+### Breaking changes ❗
+
+There are no breaking changes in 1.28.6.
+
+### Features ✨
+
+- infra: Coder tunnel no longer exits after a single connection.
+
+### Bug fixes 🐛
+
+- infra: fixed issue where a lower MTU caused connections to break.
+- infra: fixed issue where the default Helm `networkingress` policy did not
+  allow inbound UDP connections.
+
+### Security updates 🔐
+
+There are no security updates in 1.28.6.
@@ -0,0 +1,21 @@
+---
+title: "1.29.3"
+description: "Released on 4/28/2022"
+---
+
+### Breaking changes ❗
+
+There are no breaking changes in 1.29.3.
+
+### Features ✨
+
+There are no new features in 1.29.3.
+
+### Bug fixes 🐛
+
+- infra: fixed issue where the Coder front-end attempts to reconnect to a
+  workspace even when it is offline.
+
+### Security updates 🔐
+
+There are no security updates in 1.29.3.
@@ -0,0 +1,22 @@
+---
+title: "1.29.4"
+description: "Released on 04/29/2022"
+---
+
+### Breaking changes ❗
+
+There are no breaking changes in 1.29.4.
+
+### Features ✨
+
+- infra: Coder tunnel no longer exits after a single connection.
+
+### Bug fixes 🐛
+
+- infra: fixed issue where a lower MTU caused connections to break.
+- infra: fixed issue where the default Helm `networkingress` policy did not
+  allow inbound UDP connections.
+
+### Security updates 🔐
+
+There are no security updates in 1.29.4.