coder · coadler · Jan 25, 2023 · Jan 24, 2023 · Jan 25, 2023 · Jan 25, 2023
diff --git a/agent/agent_test.go b/agent/agent_test.go
@@ -1193,7 +1193,7 @@ func (c *client) ListenWorkspaceAgent(_ context.Context) (net.Conn, error) {
 	}
 	c.t.Cleanup(c.lastWorkspaceAgent)
 	go func() {
-		_ = c.coordinator.ServeAgent(serverConn, c.agentID)
+		_ = c.coordinator.ServeAgent(serverConn, c.agentID, "")
 		close(closed)
 	}()
 	return clientConn, nil

diff --git a/coderd/apidoc/docs.go b/coderd/apidoc/docs.go
diff --git a/coderd/apidoc/swagger.json b/coderd/apidoc/swagger.json
diff --git a/coderd/coderd.go b/coderd/coderd.go
@@ -613,6 +613,25 @@ func New(options *Options) *API {
 				r.Get("/", api.workspaceApplicationAuth)
 			})
 		})
+
+		r.Route("/debug", func(r chi.Router) {
+			r.Use(
+				apiKeyMiddleware,
+				// Ensure only owners can access debug endpoints.
+				func(next http.Handler) http.Handler {
+					return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
+						if !api.Authorize(r, rbac.ActionRead, rbac.ResourceDebugInfo) {
+							httpapi.ResourceNotFound(rw)
+							return
+						}
+
+						next.ServeHTTP(rw, r)
+					})
+				},
+			)
+
+			r.Get("/coordinator", api.debugCoordinator)
+		})
 	})
 
 	if options.SwaggerEndpoint {

diff --git a/coderd/coderdtest/authorize.go b/coderd/coderdtest/authorize.go
@@ -272,6 +272,11 @@ func AGPLRoutes(a *AuthTester) (map[string]string, map[string]RouteCheck) {
 			AssertAction: rbac.ActionRead,
 			AssertObject: rbac.ResourceTemplate,
 		},
+
+		"GET:/api/v2/debug/coordinator": {
+			AssertAction: rbac.ActionRead,
+			AssertObject: rbac.ResourceDebugInfo,
+		},
 	}
 
 	// Routes like proxy routes support all HTTP methods. A helper func to expand

diff --git a/coderd/coderdtest/swaggerparser.go b/coderd/coderdtest/swaggerparser.go
@@ -327,7 +327,7 @@ func assertAccept(t *testing.T, comment SwaggerComment) {
 	}
 }
 
-var allowedProduceTypes = []string{"json", "text/event-stream"}
+var allowedProduceTypes = []string{"json", "text/event-stream", "text/html"}
 
 func assertProduce(t *testing.T, comment SwaggerComment) {
 	var hasResponseModel bool
@@ -344,7 +344,8 @@ func assertProduce(t *testing.T, comment SwaggerComment) {
 	} else {
 		if (comment.router == "/workspaceagents/me/app-health" && comment.method == "post") ||
 			(comment.router == "/workspaceagents/me/version" && comment.method == "post") ||
-			(comment.router == "/licenses/{id}" && comment.method == "delete") {
+			(comment.router == "/licenses/{id}" && comment.method == "delete") ||
+			(comment.router == "/debug/coordinator" && comment.method == "get") {
 			return // Exception: HTTP 200 is returned without response entity
 		}
 

diff --git a/coderd/debug.go b/coderd/debug.go
@@ -0,0 +1,14 @@
+package coderd
+
+import "net/http"
+
+// @Summary Debug Info Wireguard Coordinator
+// @ID debug-info-wireguard-coordinator
+// @Security CoderSessionToken
+// @Produce text/html
+// @Tags Debug
+// @Success 200
+// @Router /debug/coordinator [get]
+func (api *API) debugCoordinator(rw http.ResponseWriter, r *http.Request) {
+	(*api.TailnetCoordinator.Load()).ServeHTTPDebug(rw, r)
+}
diff --git a/coderd/rbac/object.go b/coderd/rbac/object.go
@@ -150,6 +150,11 @@ var (
 	ResourceReplicas = Object{
 		Type: "replicas",
 	}
+
+	// ResourceDebugInfo controls access to the debug routes `/api/v2/debug/*`.
+	ResourceDebugInfo = Object{
+		Type: "debug_info",
+	}
 )
 
 // Object is used to create objects for authz checks when you have none in

diff --git a/coderd/workspaceagents.go b/coderd/workspaceagents.go
@@ -521,6 +521,16 @@ func (api *API) workspaceAgentCoordinate(rw http.ResponseWriter, r *http.Request
 		})
 		return
 	}
+
+	workspace, err := api.Database.GetWorkspaceByID(ctx, build.WorkspaceID)
+	if err != nil {
+		httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
+			Message: "Internal error fetching workspace.",
+			Detail:  err.Error(),
+		})
+		return
+	}
+
 	// Ensure the resource is still valid!
 	// We only accept agents for resources on the latest build.
 	ensureLatestBuild := func() error {
@@ -618,7 +628,7 @@ func (api *API) workspaceAgentCoordinate(rw http.ResponseWriter, r *http.Request
 	closeChan := make(chan struct{})
 	go func() {
 		defer close(closeChan)
-		err := (*api.TailnetCoordinator.Load()).ServeAgent(wsNetConn, workspaceAgent.ID)
+		err := (*api.TailnetCoordinator.Load()).ServeAgent(wsNetConn, workspaceAgent.ID, fmt.Sprintf("%s-%s", workspace.Name, workspaceAgent.Name))
 		if err != nil {
 			api.Logger.Warn(ctx, "tailnet coordinator agent error", slog.Error(err))
 			_ = conn.Close(websocket.StatusInternalError, err.Error())

diff --git a/coderd/wsconncache/wsconncache_test.go b/coderd/wsconncache/wsconncache_test.go
@@ -207,7 +207,7 @@ func (c *client) ListenWorkspaceAgent(_ context.Context) (net.Conn, error) {
 		<-closed
 	})
 	go func() {
-		_ = c.coordinator.ServeAgent(serverConn, c.agentID)
+		_ = c.coordinator.ServeAgent(serverConn, c.agentID, "")
 		close(closed)
 	}()
 	return clientConn, nil

diff --git a/docs/api/debug.md b/docs/api/debug.md
@@ -0,0 +1,21 @@
+# Debug
+
+## Debug Info Wireguard Coordinator
+
+### Code samples
+
+```shell
+# Example request using curl
+curl -X GET http://coder-server:8080/api/v2/debug/coordinator \
+  -H 'Coder-Session-Token: API_KEY'
+```
+
+`GET /debug/coordinator`
+
+### Responses
+
+| Status | Meaning                                                 | Description | Schema |
+| ------ | ------------------------------------------------------- | ----------- | ------ |
+| 200    | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | OK          |        |
+
+To perform this operation, you must be authenticated. [Learn more](authentication.md).
diff --git a/docs/manifest.json b/docs/manifest.json
@@ -364,6 +364,10 @@
           "title": "Builds",
           "path": "./api/builds.md"
         },
+        {
+          "title": "Debug",
+          "path": "./api/debug.md"
+        },
         {
           "title": "Enterprise",
           "path": "./api/enterprise.md"

diff --git a/enterprise/tailnet/coordinator.go b/enterprise/tailnet/coordinator.go
@@ -5,8 +5,10 @@ import (
 	"context"
 	"encoding/json"
 	"errors"
+	"fmt"
 	"io"
 	"net"
+	"net/http"
 	"sync"
 	"time"
 
@@ -174,7 +176,7 @@ func (c *haCoordinator) handleNextClientMessage(id, agent uuid.UUID, decoder *js
 
 // ServeAgent accepts a WebSocket connection to an agent that listens to
 // incoming connections and publishes node updates.
-func (c *haCoordinator) ServeAgent(conn net.Conn, id uuid.UUID) error {
+func (c *haCoordinator) ServeAgent(conn net.Conn, id uuid.UUID, _ string) error {
 	// Tell clients on other instances to send a callmemaybe to us.
 	err := c.publishAgentHello(id)
 	if err != nil {
@@ -573,3 +575,9 @@ func (c *haCoordinator) formatAgentUpdate(id uuid.UUID, node *agpl.Node) ([]byte
 
 	return buf.Bytes(), nil
 }
+
+func (*haCoordinator) ServeHTTPDebug(w http.ResponseWriter, _ *http.Request) {
+	w.Header().Set("Content-Type", "text/html; charset=utf-8")
+	fmt.Fprintf(w, "<h1>coordinator</h1>")
+	fmt.Fprintf(w, "<h2>ha debug coming soon</h2>")
+}
diff --git a/enterprise/tailnet/coordinator_test.go b/enterprise/tailnet/coordinator_test.go
@@ -60,7 +60,7 @@ func TestCoordinatorSingle(t *testing.T) {
 		id := uuid.New()
 		closeChan := make(chan struct{})
 		go func() {
-			err := coordinator.ServeAgent(server, id)
+			err := coordinator.ServeAgent(server, id, "")
 			assert.NoError(t, err)
 			close(closeChan)
 		}()
@@ -91,7 +91,7 @@ func TestCoordinatorSingle(t *testing.T) {
 		agentID := uuid.New()
 		closeAgentChan := make(chan struct{})
 		go func() {
-			err := coordinator.ServeAgent(agentServerWS, agentID)
+			err := coordinator.ServeAgent(agentServerWS, agentID, "")
 			assert.NoError(t, err)
 			close(closeAgentChan)
 		}()
@@ -142,7 +142,7 @@ func TestCoordinatorSingle(t *testing.T) {
 		})
 		closeAgentChan = make(chan struct{})
 		go func() {
-			err := coordinator.ServeAgent(agentServerWS, agentID)
+			err := coordinator.ServeAgent(agentServerWS, agentID, "")
 			assert.NoError(t, err)
 			close(closeAgentChan)
 		}()
@@ -184,7 +184,7 @@ func TestCoordinatorHA(t *testing.T) {
 		agentID := uuid.New()
 		closeAgentChan := make(chan struct{})
 		go func() {
-			err := coordinator1.ServeAgent(agentServerWS, agentID)
+			err := coordinator1.ServeAgent(agentServerWS, agentID, "")
 			assert.NoError(t, err)
 			close(closeAgentChan)
 		}()
@@ -240,7 +240,7 @@ func TestCoordinatorHA(t *testing.T) {
 		})
 		closeAgentChan = make(chan struct{})
 		go func() {
-			err := coordinator1.ServeAgent(agentServerWS, agentID)
+			err := coordinator1.ServeAgent(agentServerWS, agentID, "")
 			assert.NoError(t, err)
 			close(closeAgentChan)
 		}()