Skip to content
This repository has been archived by the owner on Jun 1, 2023. It is now read-only.

joxcat/code-server-docker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits

dockerfile

dockerfile

 
 

.env.example

.env.example

 
 

.gitignore

.gitignore

 
 

README.org

README.org

 
 

build-image-bg.sh

build-image-bg.sh

 
 

docker-compose.yml

docker-compose.yml

 
 

setup.sh

setup.sh

 
 

Repository files navigation

Code server Docker config

Please put your UID / GID in .env (you can copy .env.example)

Caddyfile

{
    # Remove after dev
    # debug

    admin off

    email <admin email>

    servers {
        protocol {
            experimental_http3
            strict_sni_host
        }
    }

}

(production) {
    # disable FLoC tracking
    {args.0} Permissions-Policy "interest-cohort=()"

    # enable HSTS
    {args.0} Strict-Transport-Security "max-age=31536000; preload"

    # disable clients from sniffing the media type
    {args.0} X-Content-Type-Options nosniff

    # clickjacking protection
    {args.0} X-Frame-Options DENY

    # keep referrer data off
    {args.0} Referrer-Policy no-referrer

    {args.0} X-Forwarded-Proto https
    {args.0} X-Forwarded-Scheme https

    {args.0} Content-Security-Policy "default-src 'none'; connect-src 'self'; font-src 'self'; style-src 'self'; img-src 'self'; script-src 'self'; manifest-src 'self'"
}

(noindex) {
    respond "/robots.txt" 200 {
        body "User-Agent: *
Disallow: /"
        close
    }
}

<domain name> {
    import noindex
    header -Server

    reverse_proxy http://codeserver:8080 {
        import production header_down

        header_down -X-Content-Type-Options
        header_down -X-Frame-Options
        header_down Content-Security-Policy "default-src 'self'; connect-src 'self' ws: wss: http: https:; font-src 'self'; style-src 'self' 'unsafe-inline' https: data:; img-src 'self' data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https:; frame-src 'self' https://*.<domain name>; worker-src 'self'"
    }
}

https://*.<domain name> {
    import noindex
    header -Server

    @is_code_port {
        host 8080.<domain name>
    }
    redir @is_code_port https://<domain name>

    @port {
        header_regexp port Host ([0-9]+)\.<domain name>
    }
    reverse_proxy @port {
        to codeserver:{re.port.1}
    }

    handle_errors {
        header -Server

        @errors expression `{http.error.status_code} == 502`
        redir @errors https://<domain name>
    }

    tls {
        dns cloudflare <cloudflare api key>
    }
}

http://*.<domain name> {
    @port_websocket {
        header_regexp port Host ([0-9]+)\.<domain name>
        header Upgrade websocket
    }

    @not_websocket {
        not {
            header Upgrade websocket
        }
    }

    reverse_proxy @port_websocket {
        to codeserver:{re.port.1}
    }

    redir @not_websocket https://{host}{uri}
}

About

Coder's code-server personal setup in Docker

github.com/coder/code-server

Topics

nodejs docker rust vscode

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages