coder
diff --git a/‎agent/agent.go
Lines changed: 20 additions & 21 deletions b/‎agent/agent.go
Lines changed: 20 additions & 21 deletions
diff --git a/‎agent/agent_test.go
Lines changed: 3 additions & 5 deletions b/‎agent/agent_test.go
Lines changed: 3 additions & 5 deletions
diff --git a/‎cli/configssh_test.go
Lines changed: 2 additions & 5 deletions b/‎cli/configssh_test.go
Lines changed: 2 additions & 5 deletions
diff --git a/‎cli/gitssh_test.go
Lines changed: 1 addition & 1 deletion b/‎cli/gitssh_test.go
Lines changed: 1 addition & 1 deletion
diff --git a/‎cli/ssh.go
Lines changed: 1 addition & 4 deletions b/‎cli/ssh.go
Lines changed: 1 addition & 4 deletions
diff --git a/‎cli/ssh_test.go
Lines changed: 2 additions & 7 deletions b/‎cli/ssh_test.go
Lines changed: 2 additions & 7 deletions
diff --git a/‎cli/start.go
Lines changed: 1 addition & 0 deletions b/‎cli/start.go
Lines changed: 1 addition & 0 deletions
diff --git a/‎cli/workspaceagent.go
Lines changed: 1 addition & 4 deletions b/‎cli/workspaceagent.go
Lines changed: 1 addition & 4 deletions
diff --git a/‎cli/workspaceagent_test.go
Lines changed: 2 additions & 2 deletions b/‎cli/workspaceagent_test.go
Lines changed: 2 additions & 2 deletions
diff --git a/‎coderd/coderd.go
Lines changed: 17 additions & 10 deletions b/‎coderd/coderd.go
Lines changed: 17 additions & 10 deletions
diff --git a/‎coderd/coderdtest/coderdtest.go
Lines changed: 8 additions & 2 deletions b/‎coderd/coderdtest/coderdtest.go
Lines changed: 8 additions & 2 deletions
diff --git a/‎coderd/httpmw/workspaceagent.go
Lines changed: 1 addition & 1 deletion b/‎coderd/httpmw/workspaceagent.go
Lines changed: 1 addition & 1 deletion
@@ -32,23 +32,23 @@ type Options struct {
 	Logger slog.Logger
 }
 
-type Dialer func(ctx context.Context, options *peer.ConnOptions) (*peerbroker.Listener, error)
+type Dialer func(ctx context.Context, logger slog.Logger) (*peerbroker.Listener, error)
 
-func New(dialer Dialer, options *peer.ConnOptions) io.Closer {
+func New(dialer Dialer, logger slog.Logger) io.Closer {
 	ctx, cancelFunc := context.WithCancel(context.Background())
 	server := &agent{
-		clientDialer: dialer,
-		options:      options,
-		closeCancel:  cancelFunc,
-		closed:       make(chan struct{}),
+		dialer:      dialer,
+		logger:      logger,
+		closeCancel: cancelFunc,
+		closed:      make(chan struct{}),
 	}
 	server.init(ctx)
 	return server
 }
 
 type agent struct {
-	clientDialer Dialer
-	options      *peer.ConnOptions
+	dialer Dialer
+	logger slog.Logger
 
 	connCloseWait sync.WaitGroup
 	closeCancel   context.CancelFunc
@@ -64,18 +64,18 @@ func (a *agent) run(ctx context.Context) {
 	// An exponential back-off occurs when the connection is failing to dial.
 	// This is to prevent server spam in case of a coderd outage.
 	for retrier := retry.New(50*time.Millisecond, 10*time.Second); retrier.Wait(ctx); {
-		peerListener, err = a.clientDialer(ctx, a.options)
+		peerListener, err = a.dialer(ctx, a.logger)
 		if err != nil {
 			if errors.Is(err, context.Canceled) {
 				return
 			}
 			if a.isClosed() {
 				return
 			}
-			a.options.Logger.Warn(context.Background(), "failed to dial", slog.Error(err))
+			a.logger.Warn(context.Background(), "failed to dial", slog.Error(err))
 			continue
 		}
-		a.options.Logger.Info(context.Background(), "connected")
+		a.logger.Info(context.Background(), "connected")
 		break
 	}
 	select {
@@ -90,7 +90,7 @@ func (a *agent) run(ctx context.Context) {
 			if a.isClosed() {
 				return
 			}
-			a.options.Logger.Debug(ctx, "peer listener accept exited; restarting connection", slog.Error(err))
+			a.logger.Debug(ctx, "peer listener accept exited; restarting connection", slog.Error(err))
 			a.run(ctx)
 			return
 		}
@@ -105,10 +105,9 @@ func (a *agent) handlePeerConn(ctx context.Context, conn *peer.Conn) {
 	go func() {
 		select {
 		case <-a.closed:
-			_ = conn.Close()
 		case <-conn.Closed():
 		}
-		<-conn.Closed()
+		_ = conn.Close()
 		a.connCloseWait.Done()
 	}()
 	for {
@@ -117,15 +116,15 @@ func (a *agent) handlePeerConn(ctx context.Context, conn *peer.Conn) {
 			if errors.Is(err, peer.ErrClosed) || a.isClosed() {
 				return
 			}
-			a.options.Logger.Debug(ctx, "accept channel from peer connection", slog.Error(err))
+			a.logger.Debug(ctx, "accept channel from peer connection", slog.Error(err))
 			return
 		}
 
 		switch channel.Protocol() {
 		case "ssh":
 			go a.sshServer.HandleConn(channel.NetConn())
 		default:
-			a.options.Logger.Warn(ctx, "unhandled protocol from channel",
+			a.logger.Warn(ctx, "unhandled protocol from channel",
 				slog.F("protocol", channel.Protocol()),
 				slog.F("label", channel.Label()),
 			)
@@ -145,7 +144,7 @@ func (a *agent) init(ctx context.Context) {
 	if err != nil {
 		panic(err)
 	}
-	sshLogger := a.options.Logger.Named("ssh-server")
+	sshLogger := a.logger.Named("ssh-server")
 	forwardHandler := &ssh.ForwardedTCPHandler{}
 	a.sshServer = &ssh.Server{
 		ChannelHandlers: map[string]ssh.ChannelHandler{
@@ -158,7 +157,7 @@ func (a *agent) init(ctx context.Context) {
 		Handler: func(session ssh.Session) {
 			err := a.handleSSHSession(session)
 			if err != nil {
-				a.options.Logger.Warn(ctx, "ssh session failed", slog.Error(err))
+				a.logger.Warn(ctx, "ssh session failed", slog.Error(err))
 				_ = session.Exit(1)
 				return
 			}
@@ -194,15 +193,15 @@ func (a *agent) init(ctx context.Context) {
 			"sftp": func(session ssh.Session) {
 				server, err := sftp.NewServer(session)
 				if err != nil {
-					a.options.Logger.Debug(session.Context(), "initialize sftp server", slog.Error(err))
+					a.logger.Debug(session.Context(), "initialize sftp server", slog.Error(err))
 					return
 				}
 				defer server.Close()
 				err = server.Serve()
 				if errors.Is(err, io.EOF) {
 					return
 				}
-				a.options.Logger.Debug(session.Context(), "sftp server exited with error", slog.Error(err))
+				a.logger.Debug(session.Context(), "sftp server exited with error", slog.Error(err))
 			},
 		},
 	}
@@ -250,7 +249,7 @@ func (a *agent) handleSSHSession(session ssh.Session) error {
 			for win := range windowSize {
 				err = ptty.Resize(uint16(win.Width), uint16(win.Height))
 				if err != nil {
-					a.options.Logger.Warn(context.Background(), "failed to resize tty", slog.Error(err))
+					a.logger.Warn(context.Background(), "failed to resize tty", slog.Error(err))
 				}
 			}
 		}()
 
@@ -173,11 +173,9 @@ func setupSSHSession(t *testing.T) *ssh.Session {
 
 func setupAgent(t *testing.T) *agent.Conn {
 	client, server := provisionersdk.TransportPipe()
-	closer := agent.New(func(ctx context.Context, opts *peer.ConnOptions) (*peerbroker.Listener, error) {
-		return peerbroker.Listen(server, nil, opts)
-	}, &peer.ConnOptions{
-		Logger: slogtest.Make(t, nil).Leveled(slog.LevelDebug),
-	})
+	closer := agent.New(func(ctx context.Context, logger slog.Logger) (*peerbroker.Listener, error) {
+		return peerbroker.Listen(server, nil)
+	}, slogtest.Make(t, nil).Leveled(slog.LevelDebug))
 	t.Cleanup(func() {
 		_ = client.Close()
 		_ = server.Close()
 
@@ -19,7 +19,6 @@ import (
 	"github.com/coder/coder/cli/clitest"
 	"github.com/coder/coder/coderd/coderdtest"
 	"github.com/coder/coder/codersdk"
-	"github.com/coder/coder/peer"
 	"github.com/coder/coder/provisioner/echo"
 	"github.com/coder/coder/provisionersdk/proto"
 	"github.com/coder/coder/pty/ptytest"
@@ -72,17 +71,15 @@ func TestConfigSSH(t *testing.T) {
 	coderdtest.AwaitWorkspaceBuildJob(t, client, workspace.LatestBuild.ID)
 	agentClient := codersdk.New(client.URL)
 	agentClient.SessionToken = authToken
-	agentCloser := agent.New(agentClient.ListenWorkspaceAgent, &peer.ConnOptions{
-		Logger: slogtest.Make(t, nil),
-	})
+	agentCloser := agent.New(agentClient.ListenWorkspaceAgent, slogtest.Make(t, nil))
 	t.Cleanup(func() {
 		_ = agentCloser.Close()
 	})
 	tempFile, err := os.CreateTemp(t.TempDir(), "")
 	require.NoError(t, err)
 	_ = tempFile.Close()
 	resources := coderdtest.AwaitWorkspaceAgents(t, client, workspace.LatestBuild.ID)
-	agentConn, err := client.DialWorkspaceAgent(context.Background(), resources[0].Agents[0].ID, nil, nil)
+	agentConn, err := client.DialWorkspaceAgent(context.Background(), resources[0].Agents[0].ID, nil)
 	require.NoError(t, err)
 	defer agentConn.Close()
 
 
@@ -81,7 +81,7 @@ func TestGitSSH(t *testing.T) {
 		coderdtest.AwaitWorkspaceAgents(t, client, workspace.LatestBuild.ID)
 		resources, err := client.WorkspaceResourcesByBuild(ctx, workspace.LatestBuild.ID)
 		require.NoError(t, err)
-		dialer, err := client.DialWorkspaceAgent(ctx, resources[0].Agents[0].ID, nil, nil)
+		dialer, err := client.DialWorkspaceAgent(ctx, resources[0].Agents[0].ID, nil)
 		require.NoError(t, err)
 		defer dialer.Close()
 		_, err = dialer.Ping()
 
@@ -10,7 +10,6 @@ import (
 
 	"github.com/google/uuid"
 	"github.com/mattn/go-isatty"
-	"github.com/pion/webrtc/v3"
 	"github.com/spf13/cobra"
 	gossh "golang.org/x/crypto/ssh"
 	"golang.org/x/term"
@@ -99,9 +98,7 @@ func ssh() *cobra.Command {
 				return xerrors.Errorf("await agent: %w", err)
 			}
 
-			conn, err := client.DialWorkspaceAgent(cmd.Context(), agent.ID, []webrtc.ICEServer{{
-				URLs: []string{"stun:stun.l.google.com:19302"},
-			}}, nil)
+			conn, err := client.DialWorkspaceAgent(cmd.Context(), agent.ID, nil)
 			if err != nil {
 				return err
 			}
 
@@ -17,7 +17,6 @@ import (
 	"github.com/coder/coder/cli/clitest"
 	"github.com/coder/coder/coderd/coderdtest"
 	"github.com/coder/coder/codersdk"
-	"github.com/coder/coder/peer"
 	"github.com/coder/coder/provisioner/echo"
 	"github.com/coder/coder/provisionersdk/proto"
 	"github.com/coder/coder/pty/ptytest"
@@ -70,9 +69,7 @@ func TestSSH(t *testing.T) {
 		coderdtest.AwaitWorkspaceBuildJob(t, client, workspace.LatestBuild.ID)
 		agentClient := codersdk.New(client.URL)
 		agentClient.SessionToken = agentToken
-		agentCloser := agent.New(agentClient.ListenWorkspaceAgent, &peer.ConnOptions{
-			Logger: slogtest.Make(t, nil).Leveled(slog.LevelDebug),
-		})
+		agentCloser := agent.New(agentClient.ListenWorkspaceAgent, slogtest.Make(t, nil).Leveled(slog.LevelDebug))
 		t.Cleanup(func() {
 			_ = agentCloser.Close()
 		})
@@ -115,9 +112,7 @@ func TestSSH(t *testing.T) {
 			coderdtest.AwaitWorkspaceBuildJob(t, client, workspace.LatestBuild.ID)
 			agentClient := codersdk.New(client.URL)
 			agentClient.SessionToken = agentToken
-			agentCloser := agent.New(agentClient.ListenWorkspaceAgent, &peer.ConnOptions{
-				Logger: slogtest.Make(t, nil).Leveled(slog.LevelDebug),
-			})
+			agentCloser := agent.New(agentClient.ListenWorkspaceAgent, slogtest.Make(t, nil).Leveled(slog.LevelDebug))
 			t.Cleanup(func() {
 				_ = agentCloser.Close()
 			})
 
@@ -61,6 +61,7 @@ func start() *cobra.Command {
 		secureAuthCookie       bool
 		sshKeygenAlgorithmRaw  string
 	)
+
 	root := &cobra.Command{
 		Use: "start",
 		RunE: func(cmd *cobra.Command, args []string) error {
 
@@ -16,7 +16,6 @@ import (
 	"github.com/coder/coder/agent"
 	"github.com/coder/coder/cli/cliflag"
 	"github.com/coder/coder/codersdk"
-	"github.com/coder/coder/peer"
 	"github.com/coder/retry"
 )
 
@@ -110,9 +109,7 @@ func workspaceAgent() *cobra.Command {
 				return xerrors.Errorf("writing agent session token to config: %w", err)
 			}
 
-			closer := agent.New(client.ListenWorkspaceAgent, &peer.ConnOptions{
-				Logger: logger,
-			})
+			closer := agent.New(client.ListenWorkspaceAgent, logger)
 			<-cmd.Context().Done()
 			return closer.Close()
 		},
 
@@ -61,7 +61,7 @@ func TestWorkspaceAgent(t *testing.T) {
 		coderdtest.AwaitWorkspaceAgents(t, client, workspace.LatestBuild.ID)
 		resources, err := client.WorkspaceResourcesByBuild(ctx, workspace.LatestBuild.ID)
 		require.NoError(t, err)
-		dialer, err := client.DialWorkspaceAgent(ctx, resources[0].Agents[0].ID, nil, nil)
+		dialer, err := client.DialWorkspaceAgent(ctx, resources[0].Agents[0].ID, nil)
 		require.NoError(t, err)
 		defer dialer.Close()
 		_, err = dialer.Ping()
@@ -115,7 +115,7 @@ func TestWorkspaceAgent(t *testing.T) {
 		coderdtest.AwaitWorkspaceAgents(t, client, workspace.LatestBuild.ID)
 		resources, err := client.WorkspaceResourcesByBuild(ctx, workspace.LatestBuild.ID)
 		require.NoError(t, err)
-		dialer, err := client.DialWorkspaceAgent(ctx, resources[0].Agents[0].ID, nil, nil)
+		dialer, err := client.DialWorkspaceAgent(ctx, resources[0].Agents[0].ID, nil)
 		require.NoError(t, err)
 		defer dialer.Close()
 		_, err = dialer.Ping()
 
@@ -9,6 +9,7 @@ import (
 	"time"
 
 	"github.com/go-chi/chi/v5"
+	"github.com/pion/webrtc/v3"
 	"google.golang.org/api/idtoken"
 
 	chitrace "gopkg.in/DataDog/dd-trace-go.v1/contrib/go-chi/chi.v5"
@@ -20,23 +21,25 @@ import (
 	"github.com/coder/coder/coderd/gitsshkey"
 	"github.com/coder/coder/coderd/httpapi"
 	"github.com/coder/coder/coderd/httpmw"
+	"github.com/coder/coder/coderd/turnconn"
 	"github.com/coder/coder/codersdk"
 	"github.com/coder/coder/site"
 )
 
 // Options are requires parameters for Coder to start.
 type Options struct {
-	AgentConnectionUpdateFrequency time.Duration
-	AccessURL                      *url.URL
-	Logger                         slog.Logger
-	Database                       database.Store
-	Pubsub                         database.Pubsub
-
-	AWSCertificates      awsidentity.Certificates
-	GoogleTokenValidator *idtoken.Validator
+	AccessURL *url.URL
+	Logger    slog.Logger
+	Database  database.Store
+	Pubsub    database.Pubsub
 
-	SecureAuthCookie   bool
-	SSHKeygenAlgorithm gitsshkey.Algorithm
+	AgentConnectionUpdateFrequency time.Duration
+	AWSCertificates                awsidentity.Certificates
+	GoogleTokenValidator           *idtoken.Validator
+	ICEServers                     []webrtc.ICEServer
+	SecureAuthCookie               bool
+	SSHKeygenAlgorithm             gitsshkey.Algorithm
+	TURNServer                     *turnconn.Server
 }
 
 // New constructs the Coder API into an HTTP handler.
@@ -174,6 +177,8 @@ func New(options *Options) (http.Handler, func()) {
 				r.Use(httpmw.ExtractWorkspaceAgent(options.Database))
 				r.Get("/", api.workspaceAgentListen)
 				r.Get("/gitsshkey", api.agentGitSSHKey)
+				r.Get("/turn", api.workspaceAgentTurn)
+				r.Get("/iceservers", api.workspaceAgentICEServers)
 			})
 			r.Route("/{workspaceagent}", func(r chi.Router) {
 				r.Use(
@@ -182,6 +187,8 @@ func New(options *Options) (http.Handler, func()) {
 				)
 				r.Get("/", api.workspaceAgent)
 				r.Get("/dial", api.workspaceAgentDial)
+				r.Get("/turn", api.workspaceAgentTurn)
+				r.Get("/iceservers", api.workspaceAgentICEServers)
 			})
 		})
 		r.Route("/workspaceresources/{workspaceresource}", func(r chi.Router) {
 
@@ -39,6 +39,7 @@ import (
 	"github.com/coder/coder/coderd/database/databasefake"
 	"github.com/coder/coder/coderd/database/postgres"
 	"github.com/coder/coder/coderd/gitsshkey"
+	"github.com/coder/coder/coderd/turnconn"
 	"github.com/coder/coder/codersdk"
 	"github.com/coder/coder/cryptorand"
 	"github.com/coder/coder/provisioner/echo"
@@ -91,9 +92,8 @@ func New(t *testing.T, options *Options) *codersdk.Client {
 	}
 
 	srv := httptest.NewUnstartedServer(nil)
+	ctx, cancelFunc := context.WithCancel(context.Background())
 	srv.Config.BaseContext = func(_ net.Listener) context.Context {
-		ctx, cancelFunc := context.WithCancel(context.Background())
-		t.Cleanup(cancelFunc)
 		return ctx
 	}
 	srv.Start()
@@ -106,6 +106,9 @@ func New(t *testing.T, options *Options) *codersdk.Client {
 		options.SSHKeygenAlgorithm = gitsshkey.AlgorithmEd25519
 	}
 
+	turnServer, err := turnconn.New(nil)
+	require.NoError(t, err)
+
 	// We set the handler after server creation for the access URL.
 	srv.Config.Handler, closeWait = coderd.New(&coderd.Options{
 		AgentConnectionUpdateFrequency: 150 * time.Millisecond,
@@ -117,8 +120,11 @@ func New(t *testing.T, options *Options) *codersdk.Client {
 		AWSCertificates:      options.AWSInstanceIdentity,
 		GoogleTokenValidator: options.GoogleInstanceIdentity,
 		SSHKeygenAlgorithm:   options.SSHKeygenAlgorithm,
+		TURNServer:           turnServer,
 	})
 	t.Cleanup(func() {
+		cancelFunc()
+		_ = turnServer.Close()
 		srv.Close()
 		closeWait()
 	})
 
@@ -38,7 +38,7 @@ func ExtractWorkspaceAgent(db database.Store) func(http.Handler) http.Handler {
 			token, err := uuid.Parse(cookie.Value)
 			if err != nil {
 				httpapi.Write(rw, http.StatusBadRequest, httpapi.Response{
-					Message: fmt.Sprintf("parse token: %s", err),
+					Message: fmt.Sprintf("parse token %q: %s", cookie.Value, err),
 				})
 				return
 			}
Original file line number	Diff line number	Diff line change
`@@ -61,6 +61,7 @@ func start() *cobra.Command {`
`61`	`61`	`secureAuthCookie bool`
`62`	`62`	`sshKeygenAlgorithmRaw string`
`63`	`63`	`)`
	`64`	`+`
`64`	`65`	`root := &cobra.Command{`
`65`	`66`	`Use: "start",`
`66`	`67`	`RunE: func(cmd *cobra.Command, args []string) error {`
Original file line number	Diff line number	Diff line change
`@@ -38,7 +38,7 @@ func ExtractWorkspaceAgent(db database.Store) func(http.Handler) http.Handler {`
`38`	`38`	`token, err := uuid.Parse(cookie.Value)`
`39`	`39`	`if err != nil {`
`40`	`40`	`httpapi.Write(rw, http.StatusBadRequest, httpapi.Response{`
`41`		`- Message: fmt.Sprintf("parse token: %s", err),`
	`41`	`+ Message: fmt.Sprintf("parse token %q: %s", cookie.Value, err),`
`42`	`42`	`})`
`43`	`43`	`return`
`44`	`44`	`}`