Skip to content

Commit 3b73c32

Browse files
author
Mike Terhar
authored
Update tls guides for cert-manager 1.4.0 and coder 1.20 (coder#472)
1 parent ddfbfb7 commit 3b73c32

File tree

14 files changed

+314
-283
lines changed

14 files changed

+314
-283
lines changed

admin/access-url.md

+19-19
Original file line numberDiff line numberDiff line change
@@ -11,40 +11,40 @@ domain name that you can use to access your Coder deployment.
1111
The steps to do this vary based on the DNS provider you're using, but the
1212
general steps required are as follows:
1313

14-
1. Check the contents of your namespace to obtain your ingress controller's
15-
IP address:
14+
1. Check the contents of your namespace to obtain your ingress controller's IP
15+
address:
1616

17-
```console
18-
kubectl get all -n <your_namespace> -o wide
19-
```
17+
```console
18+
kubectl get all -n <your_namespace> -o wide
19+
```
2020

21-
Find the **service/ingress-nginx** line and copy the **external IP** value
22-
shown.
21+
Find the **service/ingress-nginx** line and copy the **external IP** value
22+
shown.
2323

24-
1. Get the ingress IP address and point your DNS records from your custom
25-
domain to the external IP address you obtained in the previous step.
24+
1. Get the ingress IP address and point your DNS records from your custom domain
25+
to the external IP address you obtained in the previous step.
2626

27-
> If your custom domain uses the HTTPS protocol, make sure that you have [SSL
28-
certificates](../guides/ssl-certificates/index.md) for use with your Coder
29-
deployment. Otherwise, you can skip this step.
27+
> If your custom domain uses the HTTPS protocol, make sure that you have
28+
> [SSL certificates](../guides/ssl-certificates/index.md) for use with your
29+
> Coder deployment. Otherwise, you can skip this step.
3030
3131
## Step 2: Update the Helm chart and redeploy Coder
3232

33-
When changing your access URL, you'll need to [update your Helm
34-
chart](../guides/admin/helm-charts.md) and [redeploy
35-
Coder](../setup/updating.md):
33+
When changing your access URL, you'll need to
34+
[update your Helm chart](../guides/admin/helm-charts.md) and
35+
[redeploy Coder](../setup/updating.md):
3636

3737
helm upgrade coder coder/coder \
38-
--set devurls.host="*.example.com" \
39-
--set ingress.host="coder.example.com" \
38+
--set devurls.host="\*.example.com" \
39+
--set ingress.host="coder.example.com" \
4040

4141
> See the [enterprise-helm repo](https://github.com/cdr/enterprise-helm) for
4242
> more information on Coder's Helm charts.
4343
4444
## Step 3: Provide the access URL in the Coder UI
4545

46-
1. Log into Coder as a site admin/site manager and go to
47-
**Manage** > **Admin** > **Infrastructure**.
46+
1. Log into Coder as a site admin/site manager and go to **Manage** >
47+
**Admin** > **Infrastructure**.
4848

4949
1. Provide your custom domain in the **Access URL** field. The URL you provide
5050
must match the value you provided as `ingress.host` in the previous step.

admin/devurls.md

+5-4
Original file line numberDiff line numberDiff line change
@@ -87,9 +87,9 @@ scroll down to **Dev URL Access Permissions**.
8787
You can set the maximum access level, but developers may choose to restrict
8888
access further.
8989

90-
For example, if you set the maximum access level as
91-
**Authenticated**, then any dev URLs created for workspaces in your Coder
92-
deployment will be accessible to any authenticated Coder user.
90+
For example, if you set the maximum access level as **Authenticated**, then any
91+
dev URLs created for workspaces in your Coder deployment will be accessible to
92+
any authenticated Coder user.
9393

9494
The developer, however, can choose to set a stricter permission level (e.g.,
9595
allowing only those in their organization to use the dev URL). Developers cannot
@@ -107,4 +107,5 @@ To do so, you can either:
107107
- Use SSH tunneling to tunnel the web app to individual developers' `localhost`
108108
instead of dev URLs (this is also an out-of-the-box feature included with VS
109109
Code Remote)
110-
- Use this workaround for [multiple callback sub-URLs](https://stackoverflow.com/questions/35942009/github-oauth-multiple-authorization-callback-url/38194107#38194107)
110+
- Use this workaround for
111+
[multiple callback sub-URLs](https://stackoverflow.com/questions/35942009/github-oauth-multiple-authorization-callback-url/38194107#38194107)

admin/workspace-management/cvms.md

+10-9
Original file line numberDiff line numberDiff line change
@@ -3,23 +3,24 @@ title: Docker in workspaces
33
description: Learn how to enable support for secure Docker inside workspaces.
44
---
55

6-
If you're a site admin or a site manager, you can enable [container-based
7-
virtual machines (CVMs)](../../workspaces/cvms.md) as a workspace deployment
8-
option. CVMs allow users to run system-level programs, such as Docker and
9-
systemd, in their workspaces.
6+
If you're a site admin or a site manager, you can enable
7+
[container-based virtual machines (CVMs)](../../workspaces/cvms.md) as a
8+
workspace deployment option. CVMs allow users to run system-level programs, such
9+
as Docker and systemd, in their workspaces.
1010

1111
## Infrastructure requirements
1212

13-
- CVMs leverage the [Sysbox container
14-
runtime](https://github.com/nestybox/sysbox), so the Kubernetes Node must run
15-
a supported Linux distro with the minimum kernel version (see [Sysbox distro
16-
compatibility](https://github.com/nestybox/sysbox/blob/master/docs/distro-compat.md)
13+
- CVMs leverage the
14+
[Sysbox container runtime](https://github.com/nestybox/sysbox), so the
15+
Kubernetes Node must run a supported Linux distro with the minimum kernel
16+
version (see
17+
[Sysbox distro compatibility](https://github.com/nestybox/sysbox/blob/master/docs/distro-compat.md)
1718
for more information)
1819
- The cluster must allow privileged containers and `hostPath` mounts. Read more
1920
about why this is still secure [here](#security).
2021

2122
> Coder doesn't support legacy versions of cluster-wide proxy services such as
22-
Istio, and CVMs do not currently support NFS as a file system.
23+
> Istio, and CVMs do not currently support NFS as a file system.
2324
2425
### GPUs
2526

admin/workspace-management/extensions.md

+2-2
Original file line numberDiff line numberDiff line change
@@ -28,8 +28,8 @@ environment:
2828
1. Set the **Extension Marketplace Type** to **Custom**
2929
1. Set the **Extension Marketplace API URL** to
3030
`https://open-vsx.org/vscode/gallery` (this value comes from the `serviceUrl`
31-
path described in [open-vsx's
32-
documentation](https://github.com/eclipse/openvsx/wiki/Using-Open-VSX-in-VS-Code)).
31+
path described in
32+
[open-vsx's documentation](https://github.com/eclipse/openvsx/wiki/Using-Open-VSX-in-VS-Code)).
3333

3434
## Air-gapped marketplaces
3535

0 commit comments

Comments
 (0)