Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/bpmct/c4d-packer
VM images with Coder + Caddy for automatic TLS.
https://github.com/bpmct/c4d-packer
Last synced: 9 days ago
JSON representation
VM images with Coder + Caddy for automatic TLS.
- Host: GitHub
- URL: https://github.com/bpmct/c4d-packer
- Owner: bpmct
- Created: 2022-02-19T20:18:27.000Z (almost 3 years ago)
- Default Branch: master
- Last Pushed: 2022-04-28T12:37:52.000Z (over 2 years ago)
- Last Synced: 2024-10-27T03:46:26.097Z (about 2 months ago)
- Language: HCL
- Homepage: https://coder.com/docs
- Size: 72.3 KB
- Stars: 3
- Watchers: 1
- Forks: 3
- Open Issues: 5
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Coder VM images
[![Deploy to DO](https://www.deploytodo.com/do-btn-blue.svg)](https://marketplace.digitalocean.com/apps/coder)
VM images with [Coder](https://coder.com/docs) + Caddy for automatic TLS.
![Coder workspaces](https://www.datocms-assets.com/19109/1643078657-group-2.png)
By default, Coder will run on your public IPv4 address with a self-signed certificate: [https://your_droplet_public_ipv4/login](https://your_droplet_public_ipv4/login).
Use the credentials below to login to your Coder workspace. Upon logging in, you will be prompted to change your password.
```text
Username: admin
Password: coder12345
```## Add a domain (optional)
1. Point your DNS records (`coder.yourdomain.com` `*.coder.yourdomain.com`) to the Droplet's public IPv4 address.
2. Navigate to the domain, Caddy should automatically provision a TLS certificate. (we recommend using an incognito window in the beginning to initial caching issues)## Enable [dev URLs](https://coder.com/docs/coder/latest/workspaces/devurls) (optional)
1. SSH into your VM: `ssh root@your_droplet_public_ipv4`
2. Follow instructions to modify `coder/docker-compose.yaml` and set
```yaml
- DEVURL_HOST=*.coder.yourdomain.com
```3. Modify `coder/Caddyfile` to specify your email address for LetsEncrypt.
4. Restart Coder and Caddy:
```bash
cd $HOME/coder && docker-compose restart
```## Harden your configuration (recommended)
1. SSH into your Droplet: `ssh root@your_droplet_public_ipv4`
2. Follow instructions to modify `coder/Caddyfile` to disable "internal" (self-signed) certificates and add your email for LetsEncrypt.
3. Replace `https:// {` with `coder.yourdomain.com, *.coder.yourdomain.com {` to limit the proxy to your domain(s).
4. Restart Coder and Caddy:
```bash
cd $HOME/coder && docker-compose restart
```## Use a wildcard certificate
By default, Caddy's [On-Demand TLS](https://caddyserver.com/docs/automatic-https#on-demand-tls) will be used to generate certificates for dev URLs. This zero-configuration options works well, but introduces \~10 second delays or [rate limiting](https://letsencrypt.org/docs/rate-limits/) when a developer visits a newly-created dev URL.
For best results, consider configuring [ZeroSSL with Caddy](https://caddy.community/t/using-zerossls-acme-endpoint/9406) or [build a Caddy image](https://github.com/docker-library/docs/tree/master/caddy#adding-custom-caddy-modules) with the module for your DNS provider.
Stay tuned for a [future release](https://github.com/bpmct/c4d-packer/releases) with improved steps for wildcard/custom certificates.
## Use a managed Postgres database (optional)
1. SSH into your Droplet: `ssh root@your_droplet_public_ipv4`
2. Modify `coder/docker-compose.yaml` and [follow our docs](https://coder.com/docs/coder/latest/setup/docker#use-an-external-postgresql-database) to configure your managed database with Coder for Docker.
3. Restart Coder and Caddy:
```bash
cd $HOME/coder && docker-compose restart
```Stay tuned for a [future release](https://github.com/bpmct/c4d-packer/releases) more support for service-provided Postgres databases.