Coder in VPN settings, Slack repost
Hi! First of all, I am new to coder and networking is not my strength... How do I configure coder if the access-url is only reachable from within the network? Meaning that users need to connect via a VPN to the network and can then reach the address. Any help would be appreciated! 🙂
10 Replies
<#1209870491909759076>
Category
Help needed
Product
Coder OSS (v2)
Platform
Linux
Logs
Please post any relevant logs/error messages.
Any help here would be super nice! I am a graduate researcher in a university and want my students to use coder for sharing resources 🙂
hey, all you need to do is define the
--access-url
and --http-address
/--tls-address
(depending on whether you're going to use https or not) parameters to match the IP and/or domain they're going to access it fromConfiguration - Coder v2 Docs
Learn how to configure Coder
Thanks for the answer! I tried that but I ran into the issue described in https://coder.com/docs/v2/latest/faqs where the icons do not load…
FAQs - Coder v2 Docs
Frequently asked questions
Do I need to specify the port in the access-url when using an IP address?
You might need to check if you can run
curl $CODER_AGENT_URL
from inside the Docker container.
There's some more logs you can look at as well: https://coder.com/docs/v2/latest/templates/troubleshooting#agent-connection-issuesTroubleshooting templates - Coder v2 Docs
Fix common template problems
I want to put coder behind a VPN gateway, while coder server will have access to the internet, I do not want it to be exposed on public internet, but to be accessed with VPN gateway? how do I do that? I am reading a lot of confusing docs?
You will need to have Coder listening on an address in your private network and ensure that users connecting via VPN will be able to at the very least ping the address that Coder is listening on from their workstations connected via VPN.
What parts of the documentation specifically do you find confusing?
Thanks Cian, I found networking document confusing where it said the coder server must be publicly accessible. Also, I realised that we can’t use letsencrypt if the domain name is not accessible publicly since caddy does http authentication. I will see how we can move to dns auth. Thanks for the information though