You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I had to make the following changes after completing the setup guide:
edit the code-server config file to add trusted-origins and proxy-domain:
bind-addr: 0.0.0.0:8080 # this defaulted to 127.0.0.1auth: nonecert: falsetrusted-origins:
- <route hostname>proxy-domain:
- <route hostname>/proxy/{{port}}
turned off 'preserve host header' in pomerium route config
Before making these changes, the code-server websockets would not connect, failing with a 403 error. Additionally, subdomain port forwarding is the default, but the zero-provisioned certs don't support this.
I think the trusted-origins setting is required to allow wss connections after we do tls termination.
Page: https://www.pomerium.com/docs/guides/code-server
What's incorrect or missing
I had to make the following changes after completing the setup guide:
Before making these changes, the code-server websockets would not connect, failing with a 403 error. Additionally, subdomain port forwarding is the default, but the zero-provisioned certs don't support this.
I think the trusted-origins setting is required to allow wss connections after we do tls termination.
The proxy-domain setting is not clearly documented, but it seems to both tell code-server the public URL it will be accessed from, as well as enable subpath port forwarding (based on the presence of
{{port}}in the string). https://github.com/coder/code-server/blob/fc97e248c354be27a054c182669a6984dd73cd41/src/node/cli.ts#L604-L617The text was updated successfully, but these errors were encountered: