Conor
Conor
PostsComments
CCoder.com
Created by Conor on 2/18/2025 in #help
Coder_app not directing to url correctly
I have coder (and coder workspaces) deployed to a k8s cluster. In the workspace pod I have a talos container that deploys a local instance of k8s, to act as a test cluster for devs. On the local cluster inside the coder workspace we deploy istio to direct our ingress traffic. We setup rules (virtual services) to direct requests from vault.127-0-0-1.nip.io to the kubernetes service for a vault instance that is also deployed to the local cluster. This works perfectly and as expected. We test this by simply making a curl request to http://vault.127-0-0-1.nip.io and we get the correct response. I wanted to add a coder_app in the terraform for the template so that the UI could be accessed by the click of a button on the coder workspace page. I set the app as follows 
Resource “coder_app” “vault” {
    Agent_id = coder_agent.main.id
    Slug = “vault”
    Display_name = “vault”
    Url = “http://vault.127-0-0-1.nip.io”
}
Resource “coder_app” “vault” {
    Agent_id = coder_agent.main.id
    Slug = “vault”
    Display_name = “vault”
    Url = “http://vault.127-0-0-1.nip.io”
}
However, when i ensure vault is deployed and accessible from within the workspace, and try to open the coder app I get a 404 http error. Looking at the istio logs it is making its way to the internal cluster but not recognising the request as being from http://vault.127-0-0-1.nip.io which results in istio dropping the connection. It feels a bit of a long shot, but does anyone know if this is possible to do. Or even how the coder_app makes its request? Many thanks, Conor
2 replies
CCoder.com
Created by Conor on 6/19/2024 in #help
Access url is throwing a cert error
I have coder deployed using helm on a k3s cluster. I also have a self signed CA which is needed to authenticate requests to https://coder.lan values.yaml files: 
coder:
  certs:
    secrets:
      - name:  homelab-ca
        value: cert.crt
  service:
    type: ClusterIP
  env:
    - name: CODER_PG_CONNECTION_URL
      valueFrom:
        secretKeyRef:
          name: coder-db-url
          key: url

    - name: CODER_ACCESS_URL
      value: "https://coder.lan"

    - name: CODER_WILDCARD_ACCESS_URL
      value: "*.coder.lan"
  image:
    repo: "ghcr.io/coder/coder"
    tag: "v2.11.2"
coder:
  certs:
    secrets:
      - name:  homelab-ca
        value: cert.crt
  service:
    type: ClusterIP
  env:
    - name: CODER_PG_CONNECTION_URL
      valueFrom:
        secretKeyRef:
          name: coder-db-url
          key: url

    - name: CODER_ACCESS_URL
      value: "https://coder.lan"

    - name: CODER_WILDCARD_ACCESS_URL
      value: "*.coder.lan"
  image:
    repo: "ghcr.io/coder/coder"
    tag: "v2.11.2"
Error: EACS03: get healthz endpoint: Get "https://coder.lan/healthz": tls: failed to verify certificate: x509: certificate signed by unknown authority The cert is being mounted to /etc/ssl/certs successfully. However, it is not being updated for curl (for example) to access the url without getting an x509: certificate signed by unknown authority error Any ideas why this is?
6 replies
CCoder.com
Created by Conor on 4/9/2024 in #help
Accessing an sql server from outside the workspace
Hi, I have coder deployed on a k8s cluster and a workspace using docker in docker. I have deployed an sql server in the workspace using docker compose, exposing 1433 and 1434 (TCP). Our team wants to be able to access that sql server from outside the workspace. Is this possible? If it is what’s the best way of doing it?
5 replies
CCoder.com
Created by Conor on 2/23/2024 in #help
How does the coder_script terraform resource work?
I have a script that I need to run when the workspace has stopped/deleted to delete some resources from another k8s cluster. I add it as a resource to the template and set “run_on_stop” to true and set the agent id to the one of the workspace but when I stop/delete a workspace it doesn’t run. Am I missing something in the setup?
42 replies