-
Notifications
You must be signed in to change notification settings - Fork 582
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Add TLS support #556
Conversation
This adds numerous flags with inspiration taken from Vault for configuring TLS inside Coder. This enables secure deployments without a proxy, like Cloudflare.
Codecov Report
@@ Coverage Diff @@
## main #556 +/- ##
==========================================
+ Coverage 62.65% 63.10% +0.44%
==========================================
Files 194 191 -3
Lines 10977 10923 -54
Branches 85 85
==========================================
+ Hits 6878 6893 +15
+ Misses 3360 3292 -68
+ Partials 739 738 -1
Continue to review full report at Codecov.
|
server := http.Server{ | ||
Handler: handler, | ||
BaseContext: func(_ net.Listener) context.Context { | ||
return shutdownConnsCtx |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is cool! When cancelling this context, is it a hard cutoff to websockets (ie just severs the connection), or does it send a close frame?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hard cutoff right now, but we technically could send a shutdown signal. Maybe I'll do that...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i don't necessarily think either is right or wrong, just asking for my own curiosity mostly!
coder.env
Outdated
@@ -1,3 +1,6 @@ | |||
# Runtime variables for "coder start". | |||
# Run "coder start --help" to vie. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
seems incomplete
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good catch!
Co-authored-by: Colin Adler <colin@coder.com>
This adds numerous flags with inspiration taken from Vault
for configuring TLS inside Coder.
This enables secure deployments without a proxy, like Cloudflare.