C
Coder.com2mo ago
Ryan

Github Oauth Config Issue

I've installed coder-server today. I'm trying to configure Github Oauth with no success. I've been trying for hours and I'm at a dead end, becoming increasingly frustrated. I've tried to follow the instructions, even asked AI for help and still not getting anywhere. I've done what I thought was right in the config.yaml file and systemd I think it was but no matter what I try, I just get a 502 gateway error. I'm using Nginx for the proxy. Anyone able to help me finally get this working and fix the 502 error?
19 Replies
Codercord
Codercord2mo ago
<#1350152273132519494>
Category
Help needed
Product
code-server
Platform
Linux
Logs
Please post any relevant logs/error messages.
Ryan
RyanOP2mo ago
Here is what my config.yaml looks like currently: 
bind-addr: 127.0.0.1:8080
auth: password
password: [redacted]

oauth:
  - id: primary-github
    client-id: $CODER_EXTERNAL_AUTH_0_CLIENT_ID
    client-secret: $CODER_EXTERNAL_AUTH_0_CLIENT_SECRET
    provider: github
    redirect-uri: https://ukvsc.ryandavies.uk/external-auth/primary-github/callback

external-auth:
  - id: primary-github
    type: oauth2
    client-id: $CODER_EXTERNAL_AUTH_0_CLIENT_ID
    client-secret: $CODER_EXTERNAL_AUTH_0_CLIENT_SECRET
    provider: github
bind-addr: 127.0.0.1:8080
auth: password
password: [redacted]

oauth:
  - id: primary-github
    client-id: $CODER_EXTERNAL_AUTH_0_CLIENT_ID
    client-secret: $CODER_EXTERNAL_AUTH_0_CLIENT_SECRET
    provider: github
    redirect-uri: https://ukvsc.ryandavies.uk/external-auth/primary-github/callback

external-auth:
  - id: primary-github
    type: oauth2
    client-id: $CODER_EXTERNAL_AUTH_0_CLIENT_ID
    client-secret: $CODER_EXTERNAL_AUTH_0_CLIENT_SECRET
    provider: github
My environment file: 
# GitHub OAuth Configuration for code-server
export CODER_EXTERNAL_AUTH_0_ID="primary-github"
export CODER_EXTERNAL_AUTH_0_TYPE="github"
export CODER_EXTERNAL_AUTH_0_CLIENT_ID="[redacted]"
export CODER_EXTERNAL_AUTH_0_CLIENT_SECRET="[redacted]"

# Optional display name and icon
export CODER_EXTERNAL_AUTH_0_DISPLAY_NAME="GitHub OAuth"
export CODER_EXTERNAL_AUTH_0_DISPLAY_ICON="https://github.com/favicon.ico"
# GitHub OAuth Configuration for code-server
export CODER_EXTERNAL_AUTH_0_ID="primary-github"
export CODER_EXTERNAL_AUTH_0_TYPE="github"
export CODER_EXTERNAL_AUTH_0_CLIENT_ID="[redacted]"
export CODER_EXTERNAL_AUTH_0_CLIENT_SECRET="[redacted]"

# Optional display name and icon
export CODER_EXTERNAL_AUTH_0_DISPLAY_NAME="GitHub OAuth"
export CODER_EXTERNAL_AUTH_0_DISPLAY_ICON="https://github.com/favicon.ico"
My /etc/systemd/system/code-server.service 
Description=code-server
After=network.target

[Service]
Type=simple
User=root
ExecStart=/usr/bin/code-server --bind-addr 127.0.0.1:8080 --auth password
Environment=CODER_EXTERNAL_AUTH_0_ID="primary-github"
Environment=CODER_EXTERNAL_AUTH_0_TYPE="github"
Environment=CODER_EXTERNAL_AUTH_0_CLIENT_ID="[redacted]"
Environment=CODER_EXTERNAL_AUTH_0_CLIENT_SECRET="[redacted]"
Restart=always

[Install]
WantedBy=multi-user.target
Description=code-server
After=network.target

[Service]
Type=simple
User=root
ExecStart=/usr/bin/code-server --bind-addr 127.0.0.1:8080 --auth password
Environment=CODER_EXTERNAL_AUTH_0_ID="primary-github"
Environment=CODER_EXTERNAL_AUTH_0_TYPE="github"
Environment=CODER_EXTERNAL_AUTH_0_CLIENT_ID="[redacted]"
Environment=CODER_EXTERNAL_AUTH_0_CLIENT_SECRET="[redacted]"
Restart=always

[Install]
WantedBy=multi-user.target
My Nginx (/etc/nginx/sites-available/code-server) 
server {
    server_name ukvsc.ryandavies.uk;

    location / {
        proxy_pass http://127.0.0.1:8080;
        proxy_set_header Host $host;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection upgrade;
        proxy_set_header Accept-Encoding gzip;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/ukvsc.ryandavies.uk/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/ukvsc.ryandavies.uk/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
    if ($host = ukvsc.ryandavies.uk) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80;
    server_name ukvsc.ryandavies.uk;
    return 404; # managed by Certbot


}
server {
    server_name ukvsc.ryandavies.uk;

    location / {
        proxy_pass http://127.0.0.1:8080;
        proxy_set_header Host $host;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection upgrade;
        proxy_set_header Accept-Encoding gzip;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/ukvsc.ryandavies.uk/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/ukvsc.ryandavies.uk/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
    if ($host = ukvsc.ryandavies.uk) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80;
    server_name ukvsc.ryandavies.uk;
    return 404; # managed by Certbot


}
Phorcys
Phorcys2mo ago
when do you get the 502 error? also, you are setting CODER_ values with code-server, they are not the same thing, what are you willing to achieve?
Ryan
RyanOP2mo ago
When visiting the coder instance, can't even get to the login the 502 stops me. I just need Github integration, so I can see, pull and push to my Github repo's including private ones and without having to manually add each repo git URL each time etc., similar to how you do in the main Visual Studio Code.
Phorcys
Phorcys2mo ago
alright, so, this is not possible within code-server code-server uses the Open-Source version of VSCode, which does not have any of the proprietary microsoft functionality such as GitHub login I am not sure whether the 502 is caused by your config, I don't think so. These CODER_EXTERNAL_AUTH_* values cannot work with code-server because they're for Coder, which is a separate product if you want the GitHub login on the web, you should use Microsoft's official VSCode Web solution
Ryan
RyanOP2mo ago
I'm not overly bothered about a Github login, I just need to the option configured to be able to at least push and pull Github repo's, I'm honestly not bothered how it's done as long as I don't manually have to do the git URL each and every time. I set it up because I'm on a college course as an adult, and we're covering web development as part of the course but the computers outside of the class in the rest of the college doesn't have Visual Studio Code installed which is frustrating when we're trying to keep on top of our assignments
Phorcys
Phorcys2mo ago
sounds good, you can log in normally either via the gh CLI, or you can set up SSH keys on your GitHub account so you don't have to login every time
Ryan
RyanOP2mo ago
Which would you recommend? 'cause obviously, in college, I won't be able to access the terminal due to the college's network security policies and all that
Phorcys
Phorcys2mo ago
what do you mean? if you're accessing the code-server instance, you have access to its terminal too
Ryan
RyanOP2mo ago
You mean the SSH terminal right? I won't be able to access that in college, only at home. I'll only be able to access code-server instance via the browser
Phorcys
Phorcys2mo ago
i don't let me pull this up
Phorcys
Phorcys2mo ago
No description
Phorcys
Phorcys2mo ago
this is what I mean @Ryan you should set up your GitHub auth using code-server's terminal
Ryan
RyanOP2mo ago
Ohh ok, nice. I honestly didn't even know that was a thing. Where in the docs can I find the instructions on how to do this? Also (slightly off topic kinda) but I keep trying to set my keyboard layout to UK but it's not acknowledging and saving it. It's persisting on using US. Does it matter?
Phorcys
Phorcys2mo ago
you'll have to look online as it's not a code-server specific thing, but you can search for either GitHub's CLI or just something like "github ssh key authentication" and you should be able to figure it out does it work properly? (e.g, do you have to switch to type properly, or is it just an UI thing) if it works, then i'd say not to worry about it
Ryan
RyanOP2mo ago
Ahh ok fair enough, thank you
Ryan
RyanOP2mo ago
I can still type of stuff it's just annoying lol
Phorcys
Phorcys2mo ago
are you using a different browser/computer or incognito mode every time? the settings are stored on a per-browser basis, so if you change then you'll have to redo this every time sadly
Ryan
RyanOP2mo ago
Tried it on three different browsers. Neither attempt was incognito mate. Yeah I get that but as you can see in the screen recording, it's not setting it in the first place, even in that session in the same browser

Did you find this page helpful?