Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Options ¶
type Options struct {
Logger slog.Logger
Experiments codersdk.Experiments
HTTPClient *http.Client
// DashboardURL is the URL of the primary coderd instance.
DashboardURL *url.URL
// AccessURL is the URL of the WorkspaceProxy.
AccessURL *url.URL
// TODO: @emyrk We use these two fields in many places with this comment.
// Maybe we should make some shared options struct?
// AppHostname should be the wildcard hostname to use for workspace
// applications INCLUDING the asterisk, (optional) suffix and leading dot.
// It will use the same scheme and port number as the access URL.
// E.g. "*.apps.coder.com" or "*-apps.coder.com".
AppHostname string
// AppHostnameRegex contains the regex version of options.AppHostname as
// generated by appurl.CompileHostnamePattern(). It MUST be set if
// options.AppHostname is set.
AppHostnameRegex *regexp.Regexp
RealIPConfig *httpmw.RealIPConfig
Tracing trace.TracerProvider
PrometheusRegistry *prometheus.Registry
TLSCertificates []tls.Certificate
APIRateLimit int
CookieConfig codersdk.HTTPCookieConfig
DisablePathApps bool
DERPEnabled bool
DERPServerRelayAddress string
// DERPOnly determines whether this proxy only provides DERP and does not
// provide access to workspace apps/terminal.
DERPOnly bool
// BlockDirect controls the servertailnet of the proxy, forcing it from
// negotiating direct connections.
BlockDirect bool
// ReplicaErrCallback is called when the proxy replica successfully or
// unsuccessfully pings its peers in the mesh.
ReplicaErrCallback func(replicas []codersdk.Replica, err string)
ProxySessionToken string
// AllowAllCors will set all CORs headers to '*'.
// By default, CORs is set to accept external requests
// from the dashboardURL. This should only be used in development.
AllowAllCors bool
StatsCollectorOptions workspaceapps.StatsCollectorOptions
}
type ProxyFetcher ¶ added in v2.17.0
type ProxyFetcher struct {
Client *wsproxysdk.Client
}
func (*ProxyFetcher) Fetch ¶ added in v2.17.0
func (p *ProxyFetcher) Fetch(ctx context.Context, feature codersdk.CryptoKeyFeature) ([]codersdk.CryptoKey, error)
type Server ¶
type Server struct {
Options *Options
Handler chi.Router
DashboardURL *url.URL
AppServer *workspaceapps.Server
// Logging/Metrics
Logger slog.Logger
TracerProvider trace.TracerProvider
PrometheusRegistry *prometheus.Registry
// SDKClient is a client to the primary coderd instance authenticated with
// the moon's token.
SDKClient *wsproxysdk.Client
// contains filtered or unexported fields
}
Server is an external workspace proxy server. This server can communicate directly with a workspace. It requires a primary coderd to establish a said connection.
func New ¶
New creates a new workspace proxy server. This requires a primary coderd instance to be reachable and the correct authorization access token to be provided. If the proxy cannot authenticate with the primary, this will fail.
func (*Server) RegisterNow ¶ added in v2.8.5
type TokenProvider ¶
type TokenProvider struct {
DashboardURL *url.URL
AccessURL *url.URL
AppHostname string
Client *wsproxysdk.Client
TokenSigningKeycache cryptokeys.SigningKeycache
APIKeyEncryptionKeycache cryptokeys.EncryptionKeycache
Logger slog.Logger
}
func (*TokenProvider) FromRequest ¶
func (p *TokenProvider) FromRequest(r *http.Request) (*workspaceapps.SignedToken, bool)
func (*TokenProvider) Issue ¶
func (p *TokenProvider) Issue(ctx context.Context, rw http.ResponseWriter, r *http.Request, issueReq workspaceapps.IssueTokenRequest) (*workspaceapps.SignedToken, string, bool)
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.