JanL
JanL
PostsComments
CCoder.com
Created by JanL on 1/16/2023 in #help
OIDC with Gitlab
Even with https://github.com/coder/coder/pull/5507 merged have no success with gitlab as OIDC provider. If I put a debug print of the claims data here: https://github.com/coder/coder/blob/main/coderd/userauth.go#L253 I something like this: 
{"request_id": "b4bdb687-ebc3-4417-859a-30a801a14900", "Username": {"aud": "d5d9aadca67c0f49b2b7184c1904f2b602ed658f7902183f42fc36b94f945847", "auth_time": 1673612004, "email": "yyy@xxx.com", "email_verified": true, "exp": 1673882335, "groups_direct": ["aaa", "bbb", "ccc"], "iat": 1673882215, "iss": "https://gitlab.xxx.de", "sub": "7", "sub_legacy": "46e97dbbd9e7fd062ff2b6413072f0f634652eef58735409ea59638889c4e804"}}
{"request_id": "b4bdb687-ebc3-4417-859a-30a801a14900", "Username": {"aud": "d5d9aadca67c0f49b2b7184c1904f2b602ed658f7902183f42fc36b94f945847", "auth_time": 1673612004, "email": "yyy@xxx.com", "email_verified": true, "exp": 1673882335, "groups_direct": ["aaa", "bbb", "ccc"], "iat": 1673882215, "iss": "https://gitlab.xxx.de", "sub": "7", "sub_legacy": "46e97dbbd9e7fd062ff2b6413072f0f634652eef58735409ea59638889c4e804"}}
The nickname is completely missing. Has anyone an idea what I do wrong?
45 replies
CCoder.com
Created by JanL on 1/5/2023 in #help
Make GIT_SSH_COMMAND envvar optional
Is it possible to make the setting of GIT_SSH_COMMAND optional? We have a product setup with a lot of repositories that need to be checked out if someone starts developing. As an optimization, we use the following ssh-command in git: 
core.sshcommand=ssh -o ControlMaster=auto -o ControlPath="/build/.ssh/ssh-%r@%h:%p" -o ControlPersist=60 -o BatchMode=yes
core.sshcommand=ssh -o ControlMaster=auto -o ControlPath="/build/.ssh/ssh-%r@%h:%p" -o ControlPersist=60 -o BatchMode=yes
This saves us from creating too many ssh connections to our gitlab instance and having to process a handshake for everyone. Coder breaks this by using the coder gitssh as ssh command via envvar. Sadly, this does not only eliminate the performance optimization, it also runs into a coder rate limit: 
You've been rate limited for sending more than 512 requests in 1m0s.
Run 'coder gitssh --help' for usage.
fatal: Could not read from remote repository.
You've been rate limited for sending more than 512 requests in 1m0s.
Run 'coder gitssh --help' for usage.
fatal: Could not read from remote repository.
As a workaround, we would like to use an ssh-agent instance (maybe forwarded into the WS via ssh) and the multiplexed socket - but for this to work we need to get rid of this envvar.
7 replies
CCoder.com
Created by JanL on 12/16/2022 in #help
Coder offline issues
Hello, I'm evaluating coder in our air-gapped dev environment and run into the problem that despite following https://coder.com/docs/coder-oss/latest/install/offline coder tries to install terraform on startup from the internet (which fails of course): 
coder_1  | ==> Logs will stream in below (press ctrl+c to gracefully exit):
coder_1  | Unexpected error, shutting down server: install terraform: install: Get "https://releases.hashicorp.com/terraform/1.3.4/index.json": dial tcp: lookup releases.hashicorp.com on 127.0.0.11:53: no such host
coder_1  | Shutting down API server...
coder_1  | Gracefully shut down API server
coder_1  | Waiting for WebSocket connections to close...
coder_1  | Done waiting for WebSocket connections
coder_1  | install terraform: install: Get "https://releases.hashicorp.com/terraform/1.3.4/index.json": dial tcp: lookup releases.hashicorp.com on 127.0.0.11:53: no such host
coder_1  | Run 'coder server --help' for usage.                                                                                                                               
coder_coder_1 exited with code 1
coder_1  | ==> Logs will stream in below (press ctrl+c to gracefully exit):
coder_1  | Unexpected error, shutting down server: install terraform: install: Get "https://releases.hashicorp.com/terraform/1.3.4/index.json": dial tcp: lookup releases.hashicorp.com on 127.0.0.11:53: no such host
coder_1  | Shutting down API server...
coder_1  | Gracefully shut down API server
coder_1  | Waiting for WebSocket connections to close...
coder_1  | Done waiting for WebSocket connections
coder_1  | install terraform: install: Get "https://releases.hashicorp.com/terraform/1.3.4/index.json": dial tcp: lookup releases.hashicorp.com on 127.0.0.11:53: no such host
coder_1  | Run 'coder server --help' for usage.                                                                                                                               
coder_coder_1 exited with code 1
How can I tell coder that terraform is already present? Another issue is that it complains that the update check fails (of course). Is it possible to deactivate this?
3 replies