mirror of
https://github.com/cdr/code-server.git
synced 2025-12-07 08:52:16 +01:00
No description
369f459203
This commit adds comprehensive VPN infrastructure to enable secure, certificate-based access to code-server deployments. VPN provides an additional security layer by requiring network-level authentication before accessing internal resources. Features: - AWS Client VPN endpoint with certificate-based authentication - Split tunnel support (route only VPC traffic through VPN) - CloudWatch logging for all VPN connections - Multi-platform client support (Windows, macOS, Linux, iOS, Android) - Automatic certificate generation and ACM upload - Client configuration export scripts - Integration with both EC2 and EKS deployments New Terraform Module: - modules/vpn: Complete AWS Client VPN infrastructure - VPN endpoint with configurable authentication - Network associations for HA across multiple AZs - Authorization rules for VPC access - Security groups for VPN traffic - CloudWatch log groups and streams - Support for SAML/federated authentication Scripts: - scripts/generate-vpn-certificates.sh: Generate and upload VPN certificates - Creates CA, server, and client certificates - Automatically uploads to AWS Certificate Manager - Outputs certificate ARNs for Terraform configuration - scripts/export-vpn-config.sh: Export client VPN configuration - Downloads VPN config from AWS - Embeds client certificates - Creates platform-ready .ovpn files Deployment Updates: - EC2 and EKS deployments now support optional VPN - New variables for VPN configuration - Updated outputs to include VPN endpoint information - Example configurations with VPN settings Documentation: - VPN-SETUP-GUIDE.md: Comprehensive VPN setup guide - Certificate generation process - Terraform configuration - Client setup for all major platforms - Testing and troubleshooting - Advanced configuration options - Cost considerations and optimization Configuration Options: - Certificate-based or SAML/SSO authentication - Split tunnel (recommended) or full tunnel - UDP (faster) or TCP (more reliable) transport - Configurable session timeout (8-24 hours) - Custom DNS servers - Client login banner - Multiple authorization rules Security Features: - X.509 certificate authentication - Private subnet associations - Network-level access control - Session logging and audit trail - Support for multi-factor (VPN cert + OAuth2/SAML) Cost: ~$216/month base + ~$0.40/user/day for active connections |
||
|---|---|---|
| .github | ||
| .tours | ||
| ci | ||
| docs | ||
| lib | ||
| patches | ||
| src | ||
| terraform | ||
| test | ||
| typings | ||
| .dockerignore | ||
| .editorconfig | ||
| .eslintrc.yaml | ||
| .gitattributes | ||
| .gitignore | ||
| .gitmodules | ||
| .node-version | ||
| .nvmrc | ||
| .prettierignore | ||
| .prettierrc.yaml | ||
| CHANGELOG.md | ||
| flake.lock | ||
| flake.nix | ||
| install.sh | ||
| LICENSE | ||
| package.json | ||
| renovate.json | ||
| ThirdPartyNotices.txt | ||
| tsconfig.json | ||
| yarn.lock | ||
code-server
Run VS Code on any machine anywhere and access it in the browser.
Highlights
- Code on any device with a consistent development environment
- Use cloud servers to speed up tests, compilations, downloads, and more
- Preserve battery life when you're on the go; all intensive tasks run on your server
Requirements
See requirements for minimum specs, as well as instructions on how to set up a Google VM on which you can install code-server.
TL;DR: Linux machine with WebSockets enabled, 1 GB RAM, and 2 vCPUs
Getting started
There are four ways to get started:
- Using the install script, which automates most of the process. The script uses the system package manager if possible.
- Manually installing code-server
- Deploy code-server to your team with coder/coder
- Using our one-click buttons and guides to deploy code-server to a cloud provider ⚡
If you use the install script, you can preview what occurs during the install process:
curl -fsSL https://code-server.dev/install.sh | sh -s -- --dry-run
To install, run:
curl -fsSL https://code-server.dev/install.sh | sh
When done, the install script prints out instructions for running and starting code-server.
Note
To manage code-server for a team on your infrastructure, see: coder/coder
We also have an in-depth setup and configuration guide.
Questions?
See answers to frequently asked questions.
Want to help?
See Contributing for details.
Hiring
Interested in working at Coder? Check out our open positions!
For Organizations
Want remote development for your organization or enterprise? Visit our website to learn more about Coder.