mirror of https://github.com/coder/coder.git
481 lines
22 KiB
Plaintext
481 lines
22 KiB
Plaintext
networking:
|
|
# The URL that users will use to access the Coder deployment.
|
|
# (default: <unset>, type: url)
|
|
accessURL:
|
|
# Specifies the wildcard hostname to use for workspace applications in the form
|
|
# "*.example.com".
|
|
# (default: <unset>, type: string)
|
|
wildcardAccessURL: ""
|
|
# Specifies the custom docs URL.
|
|
# (default: <unset>, type: url)
|
|
docsURL:
|
|
# Specifies whether to redirect requests that do not match the access URL host.
|
|
# (default: <unset>, type: bool)
|
|
redirectToAccessURL: false
|
|
http:
|
|
# HTTP bind address of the server. Unset to disable the HTTP endpoint.
|
|
# (default: 127.0.0.1:3000, type: string)
|
|
httpAddress: 127.0.0.1:3000
|
|
# The maximum lifetime duration users can specify when creating an API token.
|
|
# (default: 876600h0m0s, type: duration)
|
|
maxTokenLifetime: 876600h0m0s
|
|
# The token expiry duration for browser sessions. Sessions may last longer if they
|
|
# are actively making requests, but this functionality can be disabled via
|
|
# --disable-session-expiry-refresh.
|
|
# (default: 24h0m0s, type: duration)
|
|
sessionDuration: 24h0m0s
|
|
# Disable automatic session expiry bumping due to activity. This forces all
|
|
# sessions to become invalid after the session expiry duration has been reached.
|
|
# (default: <unset>, type: bool)
|
|
disableSessionExpiryRefresh: false
|
|
# Disable password authentication. This is recommended for security purposes in
|
|
# production deployments that rely on an identity provider. Any user with the
|
|
# owner role will be able to sign in with their password regardless of this
|
|
# setting to avoid potential lock out. If you are locked out of your account, you
|
|
# can use the `coder server create-admin` command to create a new admin user
|
|
# directly in the database.
|
|
# (default: <unset>, type: bool)
|
|
disablePasswordAuth: false
|
|
# The interval in which coderd should be checking the status of workspace proxies.
|
|
# (default: 1m0s, type: duration)
|
|
proxyHealthInterval: 1m0s
|
|
# Configure TLS / HTTPS for your Coder deployment. If you're running
|
|
# Coder behind a TLS-terminating reverse proxy or are accessing Coder over a
|
|
# secure link, you can safely ignore these settings.
|
|
tls:
|
|
# HTTPS bind address of the server.
|
|
# (default: 127.0.0.1:3443, type: host:port)
|
|
address: 127.0.0.1:3443
|
|
# Whether TLS will be enabled.
|
|
# (default: <unset>, type: bool)
|
|
enable: false
|
|
# Whether HTTP requests will be redirected to the access URL (if it's a https URL
|
|
# and TLS is enabled). Requests to local IP addresses are never redirected
|
|
# regardless of this setting.
|
|
# (default: true, type: bool)
|
|
redirectHTTP: true
|
|
# Path to each certificate for TLS. It requires a PEM-encoded file. To configure
|
|
# the listener to use a CA certificate, concatenate the primary certificate and
|
|
# the CA certificate together. The primary certificate should appear first in the
|
|
# combined file.
|
|
# (default: <unset>, type: string-array)
|
|
certFiles: []
|
|
# PEM-encoded Certificate Authority file used for checking the authenticity of
|
|
# client.
|
|
# (default: <unset>, type: string)
|
|
clientCAFile: ""
|
|
# Policy the server will follow for TLS Client Authentication. Accepted values are
|
|
# "none", "request", "require-any", "verify-if-given", or "require-and-verify".
|
|
# (default: none, type: string)
|
|
clientAuth: none
|
|
# Paths to the private keys for each of the certificates. It requires a
|
|
# PEM-encoded file.
|
|
# (default: <unset>, type: string-array)
|
|
keyFiles: []
|
|
# Minimum supported version of TLS. Accepted values are "tls10", "tls11", "tls12"
|
|
# or "tls13".
|
|
# (default: tls12, type: string)
|
|
minVersion: tls12
|
|
# Path to certificate for client TLS authentication. It requires a PEM-encoded
|
|
# file.
|
|
# (default: <unset>, type: string)
|
|
clientCertFile: ""
|
|
# Path to key for client TLS authentication. It requires a PEM-encoded file.
|
|
# (default: <unset>, type: string)
|
|
clientKeyFile: ""
|
|
# Specify specific TLS ciphers that allowed to be used. See
|
|
# https://github.com/golang/go/blob/master/src/crypto/tls/cipher_suites.go#L53-L75.
|
|
# (default: <unset>, type: string-array)
|
|
tlsCiphers: []
|
|
# By default, only ciphers marked as 'secure' are allowed to be used. See
|
|
# https://github.com/golang/go/blob/master/src/crypto/tls/cipher_suites.go#L82-L95.
|
|
# (default: false, type: bool)
|
|
tlsAllowInsecureCiphers: false
|
|
# Controls if the 'Strict-Transport-Security' header is set on all static file
|
|
# responses. This header should only be set if the server is accessed via HTTPS.
|
|
# This value is the MaxAge in seconds of the header.
|
|
# (default: 0, type: int)
|
|
strictTransportSecurity: 0
|
|
# Two optional fields can be set in the Strict-Transport-Security header;
|
|
# 'includeSubDomains' and 'preload'. The 'strict-transport-security' flag must be
|
|
# set to a non-zero value for these options to be used.
|
|
# (default: <unset>, type: string-array)
|
|
strictTransportSecurityOptions: []
|
|
# Most Coder deployments never have to think about DERP because all connections
|
|
# between workspaces and users are peer-to-peer. However, when Coder cannot
|
|
# establish
|
|
# a peer to peer connection, Coder uses a distributed relay network backed by
|
|
# Tailscale and WireGuard.
|
|
derp:
|
|
# Whether to enable or disable the embedded DERP relay server.
|
|
# (default: true, type: bool)
|
|
enable: true
|
|
# Region ID to use for the embedded DERP server.
|
|
# (default: 999, type: int)
|
|
regionID: 999
|
|
# Region code to use for the embedded DERP server.
|
|
# (default: coder, type: string)
|
|
regionCode: coder
|
|
# Region name that for the embedded DERP server.
|
|
# (default: Coder Embedded Relay, type: string)
|
|
regionName: Coder Embedded Relay
|
|
# Addresses for STUN servers to establish P2P connections. It's recommended to
|
|
# have at least two STUN servers to give users the best chance of connecting P2P
|
|
# to workspaces. Each STUN server will get it's own DERP region, with region IDs
|
|
# starting at `--derp-server-region-id + 1`. Use special value 'disable' to turn
|
|
# off STUN completely.
|
|
# (default:
|
|
# stun.l.google.com:19302,stun1.l.google.com:19302,stun2.l.google.com:19302,stun3.l.google.com:19302,stun4.l.google.com:19302,
|
|
# type: string-array)
|
|
stunAddresses:
|
|
- stun.l.google.com:19302
|
|
- stun1.l.google.com:19302
|
|
- stun2.l.google.com:19302
|
|
- stun3.l.google.com:19302
|
|
- stun4.l.google.com:19302
|
|
# An HTTP URL that is accessible by other replicas to relay DERP traffic. Required
|
|
# for high availability.
|
|
# (default: <unset>, type: url)
|
|
relayURL:
|
|
# Block peer-to-peer (aka. direct) workspace connections. All workspace
|
|
# connections from the CLI will be proxied through Coder (or custom configured
|
|
# DERP servers) and will never be peer-to-peer when enabled. Workspaces may still
|
|
# reach out to STUN servers to get their address until they are restarted after
|
|
# this change has been made, but new connections will still be proxied regardless.
|
|
# (default: <unset>, type: bool)
|
|
blockDirect: false
|
|
# Force clients and agents to always use WebSocket to connect to DERP relay
|
|
# servers. By default, DERP uses `Upgrade: derp`, which may cause issues with some
|
|
# reverse proxies. Clients may automatically fallback to WebSocket if they detect
|
|
# an issue with `Upgrade: derp`, but this does not work in all situations.
|
|
# (default: <unset>, type: bool)
|
|
forceWebSockets: false
|
|
# URL to fetch a DERP mapping on startup. See:
|
|
# https://tailscale.com/kb/1118/custom-derp-servers/.
|
|
# (default: <unset>, type: string)
|
|
url: ""
|
|
# Path to read a DERP mapping from. See:
|
|
# https://tailscale.com/kb/1118/custom-derp-servers/.
|
|
# (default: <unset>, type: string)
|
|
configPath: ""
|
|
# Headers to trust for forwarding IP addresses. e.g. Cf-Connecting-Ip,
|
|
# True-Client-Ip, X-Forwarded-For.
|
|
# (default: <unset>, type: string-array)
|
|
proxyTrustedHeaders: []
|
|
# Origin addresses to respect "proxy-trusted-headers". e.g. 192.168.1.0/24.
|
|
# (default: <unset>, type: string-array)
|
|
proxyTrustedOrigins: []
|
|
# Controls if the 'Secure' property is set on browser session cookies.
|
|
# (default: <unset>, type: bool)
|
|
secureAuthCookie: false
|
|
# Whether Coder only allows connections to workspaces via the browser.
|
|
# (default: <unset>, type: bool)
|
|
browserOnly: false
|
|
# Interval to poll for scheduled workspace builds.
|
|
# (default: 1m0s, type: duration)
|
|
autobuildPollInterval: 1m0s
|
|
# Interval to poll for hung jobs and automatically terminate them.
|
|
# (default: 1m0s, type: duration)
|
|
jobHangDetectorInterval: 1m0s
|
|
introspection:
|
|
prometheus:
|
|
# Serve prometheus metrics on the address defined by prometheus address.
|
|
# (default: <unset>, type: bool)
|
|
enable: false
|
|
# The bind address to serve prometheus metrics.
|
|
# (default: 127.0.0.1:2112, type: host:port)
|
|
address: 127.0.0.1:2112
|
|
# Collect agent stats (may increase charges for metrics storage).
|
|
# (default: <unset>, type: bool)
|
|
collect_agent_stats: false
|
|
# Collect database metrics (may increase charges for metrics storage).
|
|
# (default: false, type: bool)
|
|
collect_db_metrics: false
|
|
pprof:
|
|
# Serve pprof metrics on the address defined by pprof address.
|
|
# (default: <unset>, type: bool)
|
|
enable: false
|
|
# The bind address to serve pprof.
|
|
# (default: 127.0.0.1:6060, type: host:port)
|
|
address: 127.0.0.1:6060
|
|
tracing:
|
|
# Whether application tracing data is collected. It exports to a backend
|
|
# configured by environment variables. See:
|
|
# https://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/protocol/exporter.md.
|
|
# (default: <unset>, type: bool)
|
|
enable: false
|
|
# Enables capturing of logs as events in traces. This is useful for debugging, but
|
|
# may result in a very large amount of events being sent to the tracing backend
|
|
# which may incur significant costs.
|
|
# (default: <unset>, type: bool)
|
|
captureLogs: false
|
|
# Enables sending Go runtime traces to the local DataDog agent.
|
|
# (default: false, type: bool)
|
|
dataDog: false
|
|
logging:
|
|
# Output debug-level logs.
|
|
# (default: <unset>, type: bool)
|
|
verbose: false
|
|
# Filter debug logs by matching against a given regex. Use .* to match all debug
|
|
# logs.
|
|
# (default: <unset>, type: string-array)
|
|
filter: []
|
|
# Output human-readable logs to a given file.
|
|
# (default: /dev/stderr, type: string)
|
|
humanPath: /dev/stderr
|
|
# Output JSON logs to a given file.
|
|
# (default: <unset>, type: string)
|
|
jsonPath: ""
|
|
# Output Stackdriver compatible logs to a given file.
|
|
# (default: <unset>, type: string)
|
|
stackdriverPath: ""
|
|
# Allow administrators to enable Terraform debug output.
|
|
# (default: false, type: bool)
|
|
enableTerraformDebugMode: false
|
|
healthcheck:
|
|
# Refresh interval for healthchecks.
|
|
# (default: 10m0s, type: duration)
|
|
refresh: 10m0s
|
|
# The threshold for the database health check. If the median latency of the
|
|
# database exceeds this threshold over 5 attempts, the database is considered
|
|
# unhealthy. The default value is 15ms.
|
|
# (default: 15ms, type: duration)
|
|
thresholdDatabase: 15ms
|
|
oauth2:
|
|
github:
|
|
# Client ID for Login with GitHub.
|
|
# (default: <unset>, type: string)
|
|
clientID: ""
|
|
# Organizations the user must be a member of to Login with GitHub.
|
|
# (default: <unset>, type: string-array)
|
|
allowedOrgs: []
|
|
# Teams inside organizations the user must be a member of to Login with GitHub.
|
|
# Structured as: <organization-name>/<team-slug>.
|
|
# (default: <unset>, type: string-array)
|
|
allowedTeams: []
|
|
# Whether new users can sign up with GitHub.
|
|
# (default: <unset>, type: bool)
|
|
allowSignups: false
|
|
# Allow all logins, setting this option means allowed orgs and teams must be
|
|
# empty.
|
|
# (default: <unset>, type: bool)
|
|
allowEveryone: false
|
|
# Base URL of a GitHub Enterprise deployment to use for Login with GitHub.
|
|
# (default: <unset>, type: string)
|
|
enterpriseBaseURL: ""
|
|
oidc:
|
|
# Whether new users can sign up with OIDC.
|
|
# (default: true, type: bool)
|
|
allowSignups: true
|
|
# Client ID to use for Login with OIDC.
|
|
# (default: <unset>, type: string)
|
|
clientID: ""
|
|
# Pem encoded RSA private key to use for oauth2 PKI/JWT authorization. This can be
|
|
# used instead of oidc-client-secret if your IDP supports it.
|
|
# (default: <unset>, type: string)
|
|
oidcClientKeyFile: ""
|
|
# Pem encoded certificate file to use for oauth2 PKI/JWT authorization. The public
|
|
# certificate that accompanies oidc-client-key-file. A standard x509 certificate
|
|
# is expected.
|
|
# (default: <unset>, type: string)
|
|
oidcClientCertFile: ""
|
|
# Email domains that clients logging in with OIDC must match.
|
|
# (default: <unset>, type: string-array)
|
|
emailDomain: []
|
|
# Issuer URL to use for Login with OIDC.
|
|
# (default: <unset>, type: string)
|
|
issuerURL: ""
|
|
# Scopes to grant when authenticating with OIDC.
|
|
# (default: openid,profile,email, type: string-array)
|
|
scopes:
|
|
- openid
|
|
- profile
|
|
- email
|
|
# Ignore the email_verified claim from the upstream provider.
|
|
# (default: <unset>, type: bool)
|
|
ignoreEmailVerified: false
|
|
# OIDC claim field to use as the username.
|
|
# (default: preferred_username, type: string)
|
|
usernameField: preferred_username
|
|
# OIDC claim field to use as the email.
|
|
# (default: email, type: string)
|
|
emailField: email
|
|
# OIDC auth URL parameters to pass to the upstream provider.
|
|
# (default: {"access_type": "offline"}, type: struct[map[string]string])
|
|
authURLParams:
|
|
access_type: offline
|
|
# Ignore the userinfo endpoint and only use the ID token for user information.
|
|
# (default: false, type: bool)
|
|
ignoreUserInfo: false
|
|
# This field must be set if using the group sync feature and the scope name is not
|
|
# 'groups'. Set to the claim to be used for groups.
|
|
# (default: <unset>, type: string)
|
|
groupField: ""
|
|
# A map of OIDC group IDs and the group in Coder it should map to. This is useful
|
|
# for when OIDC providers only return group IDs.
|
|
# (default: {}, type: struct[map[string]string])
|
|
groupMapping: {}
|
|
# Automatically creates missing groups from a user's groups claim.
|
|
# (default: false, type: bool)
|
|
enableGroupAutoCreate: false
|
|
# If provided any group name not matching the regex is ignored. This allows for
|
|
# filtering out groups that are not needed. This filter is applied after the group
|
|
# mapping.
|
|
# (default: .*, type: regexp)
|
|
groupRegexFilter: .*
|
|
# If provided any group name not in the list will not be allowed to authenticate.
|
|
# This allows for restricting access to a specific set of groups. This filter is
|
|
# applied after the group mapping and before the regex filter.
|
|
# (default: <unset>, type: string-array)
|
|
groupAllowed: []
|
|
# This field must be set if using the user roles sync feature. Set this to the
|
|
# name of the claim used to store the user's role. The roles should be sent as an
|
|
# array of strings.
|
|
# (default: <unset>, type: string)
|
|
userRoleField: ""
|
|
# A map of the OIDC passed in user roles and the groups in Coder it should map to.
|
|
# This is useful if the group names do not match. If mapped to the empty string,
|
|
# the role will ignored.
|
|
# (default: {}, type: struct[map[string][]string])
|
|
userRoleMapping: {}
|
|
# If user role sync is enabled, these roles are always included for all
|
|
# authenticated users. The 'member' role is always assigned.
|
|
# (default: <unset>, type: string-array)
|
|
userRoleDefault: []
|
|
# The text to show on the OpenID Connect sign in button.
|
|
# (default: OpenID Connect, type: string)
|
|
signInText: OpenID Connect
|
|
# URL pointing to the icon to use on the OpenID Connect login button.
|
|
# (default: <unset>, type: url)
|
|
iconURL:
|
|
# The custom text to show on the error page informing about disabled OIDC signups.
|
|
# Markdown format is supported.
|
|
# (default: <unset>, type: string)
|
|
signupsDisabledText: ""
|
|
# Telemetry is critical to our ability to improve Coder. We strip all personal
|
|
# information before sending data to our servers. Please only disable telemetry
|
|
# when required by your organization's security policy.
|
|
telemetry:
|
|
# Whether telemetry is enabled or not. Coder collects anonymized usage data to
|
|
# help improve our product.
|
|
# (default: false, type: bool)
|
|
enable: false
|
|
# URL to send telemetry.
|
|
# (default: https://telemetry.coder.com, type: url)
|
|
url: https://telemetry.coder.com
|
|
# Tune the behavior of the provisioner, which is responsible for creating,
|
|
# updating, and deleting workspace resources.
|
|
provisioning:
|
|
# Number of provisioner daemons to create on start. If builds are stuck in queued
|
|
# state for a long time, consider increasing this.
|
|
# (default: 3, type: int)
|
|
daemons: 3
|
|
# Whether to use echo provisioner daemons instead of Terraform. This is for E2E
|
|
# tests.
|
|
# (default: false, type: bool)
|
|
daemonsEcho: false
|
|
# Deprecated and ignored.
|
|
# (default: 1s, type: duration)
|
|
daemonPollInterval: 1s
|
|
# Deprecated and ignored.
|
|
# (default: 100ms, type: duration)
|
|
daemonPollJitter: 100ms
|
|
# Time to force cancel provisioning tasks that are stuck.
|
|
# (default: 10m0s, type: duration)
|
|
forceCancelInterval: 10m0s
|
|
# Pre-shared key to authenticate external provisioner daemons to Coder server.
|
|
# (default: <unset>, type: string)
|
|
daemonPSK: ""
|
|
# Enable one or more experiments. These are not ready for production. Separate
|
|
# multiple experiments with commas, or enter '*' to opt-in to all available
|
|
# experiments.
|
|
# (default: <unset>, type: string-array)
|
|
experiments: []
|
|
# Periodically check for new releases of Coder and inform the owner. The check is
|
|
# performed once per day.
|
|
# (default: false, type: bool)
|
|
updateCheck: false
|
|
# Expose the swagger endpoint via /swagger.
|
|
# (default: <unset>, type: bool)
|
|
enableSwagger: false
|
|
# The directory to cache temporary files. If unspecified and $CACHE_DIRECTORY is
|
|
# set, it will be used for compatibility with systemd.
|
|
# (default: [cache dir], type: string)
|
|
cacheDir: [cache dir]
|
|
# Controls whether data will be stored in an in-memory database.
|
|
# (default: <unset>, type: bool)
|
|
inMemoryDatabase: false
|
|
# The algorithm to use for generating ssh keys. Accepted values are "ed25519",
|
|
# "ecdsa", or "rsa4096".
|
|
# (default: ed25519, type: string)
|
|
sshKeygenAlgorithm: ed25519
|
|
# URL to use for agent troubleshooting when not set in the template.
|
|
# (default:
|
|
# https://coder.com/docs/coder-oss/latest/templates#troubleshooting-templates,
|
|
# type: url)
|
|
agentFallbackTroubleshootingURL: https://coder.com/docs/coder-oss/latest/templates#troubleshooting-templates
|
|
# Disable workspace apps that are not served from subdomains. Path-based apps can
|
|
# make requests to the Coder API and pose a security risk when the workspace
|
|
# serves malicious JavaScript. This is recommended for security purposes if a
|
|
# --wildcard-access-url is configured.
|
|
# (default: <unset>, type: bool)
|
|
disablePathApps: false
|
|
# Remove the permission for the 'owner' role to have workspace execution on all
|
|
# workspaces. This prevents the 'owner' from ssh, apps, and terminal access based
|
|
# on the 'owner' role. They still have their user permissions to access their own
|
|
# workspaces.
|
|
# (default: <unset>, type: bool)
|
|
disableOwnerWorkspaceAccess: false
|
|
# These options change the behavior of how clients interact with the Coder.
|
|
# Clients include the coder cli, vs code extension, and the web UI.
|
|
client:
|
|
# The SSH deployment prefix is used in the Host of the ssh config.
|
|
# (default: coder., type: string)
|
|
sshHostnamePrefix: coder.
|
|
# These SSH config options will override the default SSH config options. Provide
|
|
# options in "key=value" or "key value" format separated by commas.Using this
|
|
# incorrectly can break SSH to your deployment, use cautiously.
|
|
# (default: <unset>, type: string-array)
|
|
sshConfigOptions: []
|
|
# The upgrade message to display to users when a client/server mismatch is
|
|
# detected. By default it instructs users to update using 'curl -L
|
|
# https://coder.com/install.sh | sh'.
|
|
# (default: <unset>, type: string)
|
|
cliUpgradeMessage: ""
|
|
# The renderer to use when opening a web terminal. Valid values are 'canvas',
|
|
# 'webgl', or 'dom'.
|
|
# (default: canvas, type: string)
|
|
webTerminalRenderer: canvas
|
|
# Support links to display in the top right drop down menu.
|
|
# (default: <unset>, type: struct[[]codersdk.LinkConfig])
|
|
supportLinks: []
|
|
# External Authentication providers.
|
|
# (default: <unset>, type: struct[[]codersdk.ExternalAuthConfig])
|
|
externalAuthProviders: []
|
|
# Hostname of HTTPS server that runs https://github.com/coder/wgtunnel. By
|
|
# default, this will pick the best available wgtunnel server hosted by Coder. e.g.
|
|
# "tunnel.example.com".
|
|
# (default: <unset>, type: string)
|
|
wgtunnelHost: ""
|
|
# Allow users to set quiet hours schedules each day for workspaces to avoid
|
|
# workspaces stopping during the day due to template max TTL.
|
|
userQuietHoursSchedule:
|
|
# The default daily cron schedule applied to users that haven't set a custom quiet
|
|
# hours schedule themselves. The quiet hours schedule determines when workspaces
|
|
# will be force stopped due to the template's autostop requirement, and will round
|
|
# the max deadline up to be within the user's quiet hours window (or default). The
|
|
# format is the same as the standard cron format, but the day-of-month, month and
|
|
# day-of-week must be *. Only one hour and minute can be specified (ranges or
|
|
# comma separated values are not supported).
|
|
# (default: CRON_TZ=UTC 0 0 * * *, type: string)
|
|
defaultQuietHoursSchedule: CRON_TZ=UTC 0 0 * * *
|
|
# Allow users to set their own quiet hours schedule for workspaces to stop in
|
|
# (depending on template autostop requirement settings). If false, users can't
|
|
# change their quiet hours schedule and the site default is always used.
|
|
# (default: true, type: bool)
|
|
allowCustomQuietHours: true
|
|
# DEPRECATED: Allow users to rename their workspaces. Use only for temporary
|
|
# compatibility reasons, this will be removed in a future release.
|
|
# (default: false, type: bool)
|
|
allowWorkspaceRenames: false
|