Closed
Description
Hello,
following the instruction I have set up gitea as External Authentication for coder. I am able to log in, and the test show it is valid.
Terraform is cloning the repo. After cloning I am able to commit in code-server. But after some time it doesnt work anymore and it tells me of the failed Authentication in code-server.
My Setup:
My Docker compose file looks like this:
version: "3.9"
services:
# coder - 7081
coder:
container_name: coder
# This MUST be stable for our documentation and
# other automations.
image: ghcr.io/coder/coder:latest
environment:
TZ: 'Europe/Berlin'
CODER_PG_CONNECTION_URL: "postgresql://coder-user:<postgres-password>@coder_postgresql/coder?sslmode=disable"
CODER_HTTP_ADDRESS: "0.0.0.0:7081"
# You'll need to set CODER_ACCESS_URL to an IP or domain
# that workspaces can reach. This cannot be localhost
# or 127.0.0.1 for non-Docker templates!
CODER_ACCESS_URL: "https://code.<domain>.de"
CODER_WILDCARD_ACCESS_URL: "*.code.<domain>.de"
# Settings for Gitea
# First create Application in Gitea -> Administration -> Integration -> Application
CODER_EXTERNAL_AUTH_0_ID: "primary-gitea"
CODER_EXTERNAL_AUTH_0_TYPE: "gitea"
CODER_EXTERNAL_AUTH_0_CLIENT_ID: "<Gitea Client ID>"
CODER_EXTERNAL_AUTH_0_CLIENT_SECRET: "<Gitea Client Secret>"
CODER_EXTERNAL_AUTH_0_AUTH_URL: "https://git.<domain>.de/login/oauth/authorize"
CODER_EXTERNAL_AUTH_0_TOKEN_URL: "https://git.<domain>.de/login/oauth/access_token"
CODER_EXTERNAL_AUTH_0_VALIDATE_URL: "https://git.<domain>.de/login/oauth/userinfo"
CODER_EXTERNAL_AUTH_0_REGEX: git.<domain>.de
# Optionally, configure a custom display name and icon
CODER_EXTERNAL_AUTH_0_DISPLAY_NAME: "Gitea"
CODER_EXTERNAL_AUTH_0_DISPLAY_ICON: "https://git.<domain>.de/assets/img/logo.svg"
GIT_DISCOVERY_ACROSS_FILESYSTEM: 1
group_add:
- "991"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
networks:
- npm_code
- coder_postgres
depends_on:
coder_postgresql:
condition: service_healthy
# Postgresql - Port 5432
coder_postgresql:
container_name: coder_postgresql
image: "postgres:14.2"
ports:
- "5432:5432"
environment:
POSTGRES_USER: coder-user
POSTGRES_PASSWORD: '<postgres-password>'
POSTGRES_DB: coder
volumes:
- coder_data:/var/lib/postgresql/data # Use "docker volume rm coder_coder_data" to reset Coder
networks:
- coder_postgres
healthcheck:
test:
[
"CMD-SHELL",
"pg_isready -U coder -d coder",
]
interval: 5s
timeout: 5s
retries: 5
volumes:
coder_data:
networks:
npm_code:
external: true
coder_postgres:
The interesting Part in the Terraform file is this:
data "coder_external_auth" "primary-gitea" {
# Matches the ID of the external auth provider in Coder.
id = "primary-gitea"
}
resource "coder_agent" "main" {
arch = data.coder_provisioner.me.arch
os = "linux"
startup_script = <<-EOT
set -e
# install and start code-server
curl -fsSL https://code-server.dev/install.sh | sh -s -- --method=standalone --prefix=/tmp/code-server --version 4.21.1
/tmp/code-server/bin/code-server --auth none --port 13337 >/tmp/code-server.log 2>&1 &
# ########### #
# Extensions: #
# ########### #
mkdir -p "/home/${local.username}/.vstemp"
cd "/home/${local.username}/.vstemp"
# 1. Open Source of Shoppage and search for "AssetUri"
# 2. Use the Uri and prefix with "/Microsoft.VisualStudio.Services.VSIXPackage" or "/vspackage"
#Vue Language Features (Volar)
# /tmp/code-server/bin/code-server --install-extension Vue.volar
wget --no-verbose https://vue.gallerycdn.vsassets.io/extensions/vue/volar/1.8.27/1703585936868/Microsoft.VisualStudio.Services.VSIXPackage -O volar1.8.27.vsix
# Material Icon Theme
# /tmp/code-server/bin/code-server --install-extension PKief.material-icon-theme
wget --no-verbose https://pkief.gallerycdn.vsassets.io/extensions/pkief/material-icon-theme/4.33.0/1704798483764/Microsoft.VisualStudio.Services.VSIXPackage -O material-icon-theme4.33.0.vsix
for f in *.vsix ; do /tmp/code-server/bin/code-server --install-extension "$f" ; done
cd "/home/${local.username}/app"
rm -r "/home/${local.username}/.vstemp"
# Set default Settings
if [ ! -f /home/${local.username}/.local/share/code-server/User/settings.json ]; then echo '{ "workbench.colorTheme": "Default Dark Modern", "workbench.iconTheme": "material-icon-theme" }' > /home/${local.username}/.local/share/code-server/User/settings.json; fi
# ###################### #
# clone repo and prepare #
# ###################### #
find "/home/${local.username}/app" -maxdepth 0 -empty -exec git clone "https://${local.username}:${data.coder_external_auth.primary-gitea.access_token}@git.<domain>.de/<repo username>/<repo>.git" "/home/${local.username}/app" \;
cd "/home/${local.username}/app"
pnpm install
pnpm nuxt prepare
EOT
# These environment variables allow you to make Git commits right away after creating a
# workspace. Note that they take precedence over configuration defined in ~/.gitconfig!
# You can remove this block if you'd prefer to configure Git manually or using
# dotfiles. (see docs/dotfiles.md)
env = {
GIT_AUTHOR_NAME = "${data.coder_workspace.me.owner}"
GIT_COMMITTER_NAME = "${data.coder_workspace.me.owner}"
GIT_AUTHOR_EMAIL = "${data.coder_workspace.me.owner_email}"
GIT_COMMITTER_EMAIL = "${data.coder_workspace.me.owner_email}"
GITEA_TOKEN = "${data.coder_external_auth.primary-gitea.access_token}"
GITHUB_TOKEN = "${data.coder_external_auth.primary-gitea.access_token}"
}
The Error looks like this in code-server:
Any correction and help is appreciated!