-
|
Hello all, I have a question regarding the integration of code-server in a restrictive cloud environment. I work as a solution architect for a worldwide company. We would like to deploy a code-server into an AWS account, but the security team requires the use of the API gateway (another way to provide an "internet-facing" solution). Unfortunately, we have been confronted with a major issue with WebSockets. During our tests, we found that the code-server was opening its WebSockets in the same path as for HTTP requests. The REST API Gateway does not support WebSockets. In order to bypass this problem, we have studied a solution with 2 API Gateway, 1 REST, and 1 Websocket. However, we did not find a way to dissociate these calls. My question is: is it possible to configure the code-server by adding a discriminant in the path? This way, we could redirect the traffic based on the path (e.g. '/rest/' for HTTP and '/ws/' for WebSockets). Many thanks in advance. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 4 replies
-
|
My guess is you'd have to use something like NGINX/Caddy to redirect traffic based on the path, but @code-asher might have a better idea. (We'd also be happy to chat with you about Coder, which might be a better solution for your use case) |
Beta Was this translation helpful? Give feedback.
-
|
Thanks for your feedback. For the NGINX part, we already have a CDN (content delivery network) that could handle the redirection of traffic based on the path. Not sure if Coder could solve our WebSocket problems. We cannot open the SSH flow either. We’ve already designed our solution based on AWS infrastructure, VMs, Kubernetes, Docker, etc. We will deal with the security team on our end directly. Thanks for your time. |
Beta Was this translation helpful? Give feedback.
-
|
Possibly we could add a configuration option to code-server to customize the web socket endpoint since as you mentioned they just open against the root path currently. I would also be open to changing the default path to There are unique query variables that maybe could be used to differentiate the paths. |
Beta Was this translation helpful? Give feedback.
-
@Alex31840 if that would help your use case, feel free to open a feature request issue and link this discussion |
Beta Was this translation helpful? Give feedback.
-
|
Sounds great. However, from what I understand, this feature does not exist at this time. On our end, we are not sure if the WebSocket API Gateway can handle those used by code-server. If this update represents a significant workload on your end, I would prefer not to ask you to implement it. Otherwise, it might be a good idea (even if I’m not sure that many people have this need). In any case, thank you very much for your feedback and for your time. I will discuss this point tomorrow morning with the rest of the team. |
Beta Was this translation helpful? Give feedback.
My guess is you'd have to use something like NGINX/Caddy to redirect traffic based on the path, but @code-asher might have a better idea.
(We'd also be happy to chat with you about Coder, which might be a better solution for your use case)