├── .gitignore
├── Readme.md
├── aws-eks
    ├── Readme.md
    └── main.tf
├── azure-aks
    ├── Readme.md
    └── main.tf
├── digitalocean-doks
    ├── Readme.md
    └── main.tf
├── docs
    └── vscode.png
├── gcloud-gke
    ├── Readme.md
    └── main.tf
├── ibmcloud-k8s
    ├── Readme.md
    └── main.tf
├── linode-lke
    ├── Readme.md
    └── main.tf
├── ovhcloud-k8s
    ├── Readme.md
    └── main.tf
└── scaleway-kapsule
    ├── Readme.md
    └── main.tf


/.gitignore:
--------------------------------------------------------------------------------
1 | .vscode/
2 | *.DS_Store


--------------------------------------------------------------------------------
/Readme.md:
--------------------------------------------------------------------------------
 1 | # Coder OSS with Terraform
 2 | 
 3 | The purpose of this repo is to demonstrate how remote development environments work using [Coder's OSS product](https://github.com/coder/coder). This repo should not be used for production use cases, but simply a proof-of-concept for what coding-in-a-browser feels like using Coder.
 4 | 
 5 | <img src="docs/vscode.png" width="300">
 6 | 
 7 | ## Currently supported platforms
 8 | 
 9 | Each subfolder in this repo is for a different platform.
10 | 
11 | * Google GKE 
12 | * Azure AKS
13 | * AWS EKS
14 | * Linode LKE
15 | * DigitalOcean DOKS
16 | * IBMCloud K8s
17 | * OVHCloud K8s
18 | * Scaleway K8s Kapsule
19 | 
20 | 
21 | ## Important Caveat
22 | 
23 | In order to make this demo "1 click apply", I am using an anti-pattern where I create the k8s cluster and deploy in the same repo. This is a [known](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs#stacking-with-managed-kubernetes-cluster-resources) anti-pattern. The consequence is that you can get authentication errors while trying to update the namespace or helm charts. For the most part, things have "just worked" for me. You can fix this by file mounting a kubeconfig (ovhcloud-k8s shows how to do this).
24 | 


--------------------------------------------------------------------------------
/aws-eks/Readme.md:
--------------------------------------------------------------------------------
 1 | ## Getting Coder Installed
 2 | 
 3 | 1. Create an [AWS Account](https://portal.aws.amazon.com/billing/signup#/start/email).
 4 | 2. Create an IAM User with the Administrator policy. Generate access keys and grant it console access. See bottom for notes.
 5 | 3. Fork this repo and set it up with [spacelift.io](https://spacelift.io/) or equivalent.
 6 | 4. Set [AWS_ACCESS_KEY_ID](https://registry.terraform.io/providers/hashicorp/aws/latest/docs) and [AWS_SECRET_ACCESS_KEY](https://registry.terraform.io/providers/hashicorp/aws/latest/docs)
 7 | 5. Make sure to set the directory to aws-eks/
 8 | 6. Run and apply the Terraform (takes 20-30 minutes).
 9 | 
10 | Note: EKS is unstable, and I had more problems with EKS than the rest combined. I've seen weird, unreproducible bugs that required deleting and trying again.
11 | 
12 | ## Coder setup Instructions
13 | 
14 | To get Coder set up initially, we need to give it an admin user and create a kubernetes template for our workspace.
15 | 
16 | 1. Navigate to the DNS of the load balancer (AWS / EC2 / Load balancers).
17 | 2. Create the initial username and password.
18 | 3. Go to Templates, click Develop in Kubernetes, and click use template
19 | 4. Click create template (it will refresh and prompt for 3 more template inputs)
20 | 5. Set var.use_kubeconfig to false 
21 | 6. Set var.namespace to coder
22 | 6. Click create template
23 | 
24 | With the admin user created and the template imported, we are ready to launch a workspace based on that template.
25 | 
26 | 1. Click create workspace from the kubernetes template (templates/kubernetes/workspace)
27 | 2. Give it a name and click create
28 | 3. Within three minutes, the workspace should launch.
29 | 
30 | From there, you can click the Terminal button to get an interactive session in the k8s container, or you can click code-server to open up a VSCode window and start coding!
31 | 
32 | ## Why grant the Terraform user Console Access?
33 | Most of the kubernetes resources can only be managed if granted permissions via the kubernetes cluster role binding. The (AWS docs)[https://docs.aws.amazon.com/eks/latest/userguide/add-user-role.html] can step you through how to do this. It cannot be granted via IAM alone, except for the IAM user that originally created the EKS cluster. For this reason, it's easiest to grant the Terraform user console access so you can view the properties of the cluster. In production, you'd want to do this differently.
34 | 
35 | ## Why did I fork coder's helm chart?
36 | Due to a limitation in AWS, I needed to make a [change](https://github.com/coder/coder/pull/5448) to the Helm chart. Until this is fully released, I've forked the helm chart locally.
37 | 
38 | ## The VPC creation failed
39 | There's a rare AWS bug that can cause the VPC to fail to be created, but still create anyway. Sucks. Gotta delete and try again.
40 | 
41 | ## The Postgres pod is failing to get it's Persistent Volume created
42 | If you've tried to apply multiple times, there could be a duplicate volume. There's a wierd bug the way Terraform destroys the Helm chart that can leave the Persistent Volume around. Check to see if the volume already exists and manually delete it.
43 | 
44 | ## Authentication to Kubernetes is failing
45 | I've found AWS to be a bit unstable with it's auth. I had to use different auth techniques depending on if I was using Spacelift vs Terraform Cloud. I've documented both techniques in main.tf in the comments.
46 | 


--------------------------------------------------------------------------------
/aws-eks/main.tf:
--------------------------------------------------------------------------------
  1 | terraform {
  2 |   required_providers {
  3 |     aws = {
  4 |       source  = "hashicorp/aws"
  5 |       version = "~> 4.0"
  6 |     }
  7 |   }
  8 | }
  9 | 
 10 | variable "coder_version" {
 11 |   default = "0.13.6"
 12 | }
 13 | 
 14 | # Change this password away from the default if you are doing
 15 | # anything more than a testing stack.
 16 | variable "db_password" {
 17 |   default = "coder"
 18 | }
 19 | 
 20 | ###############################################################
 21 | # VPC configuration
 22 | ###############################################################
 23 | # Set AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY
 24 | provider "aws" {
 25 |   region = "us-east-1"
 26 | }
 27 | module "vpc" {
 28 |   source = "terraform-aws-modules/vpc/aws"
 29 |   name   = "coder"
 30 | 
 31 |   enable_nat_gateway   = true
 32 |   enable_dns_hostnames = true
 33 | 
 34 |   cidr            = "10.0.0.0/16"
 35 |   azs             = ["us-east-1a", "us-east-1b", "us-east-1c"]
 36 |   private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
 37 |   public_subnets  = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]
 38 | 
 39 |   private_subnet_tags = {
 40 |     "kubernetes.io/cluster/coder" : "shared"
 41 |   }
 42 | 
 43 |   public_subnet_tags = {
 44 |     "kubernetes.io/role/elb" : 1
 45 |   }
 46 | }
 47 | 
 48 | ###############################################################
 49 | # EKS configuration
 50 | ###############################################################
 51 | module "eks" {
 52 |   source  = "terraform-aws-modules/eks/aws"
 53 |   version = "~> 19.0"
 54 | 
 55 |   vpc_id     = module.vpc.vpc_id
 56 |   subnet_ids = module.vpc.private_subnets
 57 | 
 58 |   cluster_name                   = "coder"
 59 |   cluster_version                = "1.24"
 60 |   cluster_endpoint_public_access = true
 61 |   cluster_addons = {
 62 |     coredns = {
 63 |       most_recent = true
 64 |     }
 65 |     kube-proxy = {
 66 |       most_recent = true
 67 |     }
 68 |     vpc-cni = {
 69 |       most_recent = true
 70 |     }
 71 |     aws-ebs-csi-driver = {
 72 |       most_recent = true
 73 |     }
 74 |   }
 75 | 
 76 |   eks_managed_node_groups = {
 77 |     default = {
 78 |       min_size     = 1
 79 |       max_size     = 1
 80 |       desired_size = 1
 81 | 
 82 |       instance_types = ["t3.xlarge"]
 83 |       capacity_type  = "ON_DEMAND"
 84 | 
 85 |       # Needed by the aws-ebs-csi-driver
 86 |       iam_role_additional_policies = {
 87 |         AmazonEBSCSIDriverPolicy = "arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy"
 88 |       }
 89 |     }
 90 |   }
 91 | }
 92 | 
 93 | ###############################################################
 94 | # K8s configuration
 95 | ###############################################################
 96 | # If you are having trouble with the exec command, you can try the token technique.
 97 | # Put token  = data.aws_eks_cluster_auth.cluster_auth.token in place of exec
 98 | # data "aws_eks_cluster_auth" "cluster_auth" {
 99 | #   name = "coder"
100 | # }
101 | 
102 | provider "kubernetes" {
103 |   host                   = module.eks.cluster_endpoint
104 |   cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data)
105 |   #token                  = data.aws_eks_cluster_auth.cluster_auth.token
106 |   exec {
107 |     api_version = "client.authentication.k8s.io/v1beta1"
108 |     args        = ["eks", "get-token", "--cluster-name", module.eks.cluster_name]
109 |     command     = "aws"
110 |   }
111 | }
112 | 
113 | resource "kubernetes_namespace" "coder_namespace" {
114 |   metadata {
115 |     name = "coder"
116 |   }
117 | }
118 | 
119 | ###############################################################
120 | # Helm configuration
121 | ###############################################################
122 | provider "helm" {
123 |   kubernetes {
124 |     host                   = module.eks.cluster_endpoint
125 |     cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data)
126 |     exec {
127 |       api_version = "client.authentication.k8s.io/v1beta1"
128 |       args        = ["eks", "get-token", "--cluster-name", module.eks.cluster_name]
129 |       command     = "aws"
130 |     }
131 |   }
132 | }
133 | 
134 | resource "helm_release" "pg_cluster" {
135 |   name      = "postgresql"
136 |   namespace = kubernetes_namespace.coder_namespace.metadata.0.name
137 | 
138 |   repository = "https://charts.bitnami.com/bitnami"
139 |   chart      = "postgresql"
140 | 
141 |   set {
142 |     name  = "auth.username"
143 |     value = "coder"
144 |   }
145 | 
146 |   set {
147 |     name  = "auth.password"
148 |     value = "${var.db_password}"
149 |   }
150 | 
151 |   set {
152 |     name  = "auth.database"
153 |     value = "coder"
154 |   }
155 | 
156 |   set {
157 |     name  = "persistence.size"
158 |     value = "10Gi"
159 |   }
160 | }
161 | 
162 | resource "helm_release" "coder" {
163 |   name      = "coder"
164 |   namespace = kubernetes_namespace.coder_namespace.metadata.0.name
165 | 
166 |   chart = "https://github.com/coder/coder/releases/download/v${var.coder_version}/coder_helm_${var.coder_version}.tgz"
167 | 
168 |   values = [
169 |     <<EOT
170 | coder:
171 |   env:
172 |     - name: CODER_PG_CONNECTION_URL
173 |       value: "postgres://coder:${var.db_password}@${helm_release.pg_cluster.name}.coder.svc.cluster.local:5432/coder?sslmode=disable"
174 |     - name: CODER_EXPERIMENTAL
175 |       value: "true"
176 |     EOT
177 |   ]
178 | 
179 |   set {
180 |     name  = "coder.service.sessionAffinity"
181 |     value = "None"
182 |   }
183 | 
184 |   depends_on = [
185 |     helm_release.pg_cluster
186 |   ]
187 | }
188 | 


--------------------------------------------------------------------------------
/azure-aks/Readme.md:
--------------------------------------------------------------------------------
 1 | ## Getting Coder Installed
 2 | 
 3 | 1. Create an [Azure Account](https://portal.azure.com/) and [a service principal](https://docs.spacelift.io/integrations/cloud-providers/azure#create-a-service-principal).
 4 | 2. Fork this repo and set it up with [spacelift.io](https://spacelift.io/) or equivalent
 5 | 3. Set ARM_CLIENT_ID, ARM_CLIENT_SECRET, ARM_SUBSCRIPTION_ID, ARM_TENANT_ID using the values when you created the service principal.
 6 | 4. Make sure to set the directory to azure-aks/
 7 | 4. Run and apply the Terraform (took me 5 minutes)
 8 | 
 9 | ## Coder setup Instructions
10 | 
11 | 1. Navigate to the IP address of the load balancer (Kubernetes services / coder-k8s-cluster / Services & Ingresses.
12 | 2. Create the initial username and password.
13 | 3. Go to Templates, click Develop in Kubernetes, and click use template
14 | 4. Click create template (it will refresh and prompt for 3 more template inputs)
15 | 5. Set var.use_kubeconfig to false 
16 | 6. Set var.namespace to coder
17 | 6. Click create template
18 | 
19 | With the admin user created and the template imported, we are ready to launch a workspace based on that template.
20 | 
21 | 1. Click create workspace from the kubernetes template (templates/kubernetes/workspace)
22 | 2. Give it a name and click create
23 | 3. Within three minutes, the workspace should launch.
24 | 
25 | From there, you can click the Terminal button to get an interactive session in the k8s container, or you can click code-server to open up a VSCode window and start coding!
26 | 


--------------------------------------------------------------------------------
/azure-aks/main.tf:
--------------------------------------------------------------------------------
  1 | terraform {
  2 |   required_providers {
  3 |     azurerm = {
  4 |       source  = "hashicorp/azurerm"
  5 |       version = "=3.0.0"
  6 |     }
  7 |   }
  8 | }
  9 | 
 10 | variable "coder_version" {
 11 |   default = "0.13.6"
 12 | }
 13 | 
 14 | # Change this password away from the default if you are doing
 15 | # anything more than a testing stack.
 16 | variable "db_password" {
 17 |   default = "coder"
 18 | }
 19 | 
 20 | ###############################################################
 21 | # K8s configuration
 22 | ###############################################################
 23 | # Set ARM_CLIENT_ID, ARM_CLIENT_SECRET, ARM_SUBSCRIPTION_ID, ARM_TENANT_ID
 24 | provider "azurerm" {
 25 |   features {}
 26 | }
 27 | 
 28 | resource "azurerm_resource_group" "coder" {
 29 |   name     = "coder-resources"
 30 |   location = "Central US"
 31 | }
 32 | 
 33 | resource "azurerm_kubernetes_cluster" "coder" {
 34 |   name                = "coder-k8s-cluster"
 35 |   location            = azurerm_resource_group.coder.location
 36 |   resource_group_name = azurerm_resource_group.coder.name
 37 |   dns_prefix          = "coder-aks"
 38 | 
 39 |   default_node_pool {
 40 |     name       = "default"
 41 |     node_count = 1
 42 |     vm_size    = "standard_d2_v3"
 43 |   }
 44 | 
 45 |   identity {
 46 |     type = "SystemAssigned"
 47 |   }
 48 | }
 49 | 
 50 | provider "kubernetes" {
 51 |   host                   = azurerm_kubernetes_cluster.coder.kube_config.0.host
 52 |   username               = azurerm_kubernetes_cluster.coder.kube_config.0.username
 53 |   password               = azurerm_kubernetes_cluster.coder.kube_config.0.password
 54 |   client_certificate     = base64decode(azurerm_kubernetes_cluster.coder.kube_config.0.client_certificate)
 55 |   client_key             = base64decode(azurerm_kubernetes_cluster.coder.kube_config.0.client_key)
 56 |   cluster_ca_certificate = base64decode(azurerm_kubernetes_cluster.coder.kube_config.0.cluster_ca_certificate)
 57 | }
 58 | 
 59 | resource "kubernetes_namespace" "coder_namespace" {
 60 |   metadata {
 61 |     name = "coder"
 62 |   }
 63 | }
 64 | 
 65 | ###############################################################
 66 | # Coder configuration
 67 | ###############################################################
 68 | provider "helm" {
 69 |   kubernetes {
 70 |     host                   = azurerm_kubernetes_cluster.coder.kube_config.0.host
 71 |     client_certificate     = base64decode(azurerm_kubernetes_cluster.coder.kube_config.0.client_certificate)
 72 |     client_key             = base64decode(azurerm_kubernetes_cluster.coder.kube_config.0.client_key)
 73 |     cluster_ca_certificate = base64decode(azurerm_kubernetes_cluster.coder.kube_config.0.cluster_ca_certificate)
 74 |   }
 75 | }
 76 | 
 77 | resource "helm_release" "pg_cluster" {
 78 |   name      = "postgresql"
 79 |   namespace = kubernetes_namespace.coder_namespace.metadata.0.name
 80 | 
 81 |   repository = "https://charts.bitnami.com/bitnami"
 82 |   chart      = "postgresql"
 83 | 
 84 |   set {
 85 |     name  = "auth.username"
 86 |     value = "coder"
 87 |   }
 88 | 
 89 |   set {
 90 |     name  = "auth.password"
 91 |     value = "${var.db_password}"
 92 |   }
 93 | 
 94 |   set {
 95 |     name  = "auth.database"
 96 |     value = "coder"
 97 |   }
 98 | 
 99 |   set {
100 |     name  = "persistence.size"
101 |     value = "10Gi"
102 |   }
103 | }
104 | 
105 | resource "helm_release" "coder" {
106 |   name      = "coder"
107 |   namespace = kubernetes_namespace.coder_namespace.metadata.0.name
108 | 
109 |   chart = "https://github.com/coder/coder/releases/download/v${var.coder_version}/coder_helm_${var.coder_version}.tgz"
110 | 
111 |   values = [
112 |     <<EOT
113 | coder:
114 |   env:
115 |     - name: CODER_PG_CONNECTION_URL
116 |       value: "postgres://coder:${var.db_password}@${helm_release.pg_cluster.name}.coder.svc.cluster.local:5432/coder?sslmode=disable"
117 |     - name: CODER_EXPERIMENTAL
118 |       value: "true"
119 |     EOT
120 |   ]
121 | 
122 |   depends_on = [
123 |     helm_release.pg_cluster
124 |   ]
125 | }
126 | 


--------------------------------------------------------------------------------
/digitalocean-doks/Readme.md:
--------------------------------------------------------------------------------
 1 | ## Getting Coder Installed
 2 | 
 3 | 1. Fork this repo and set it up with [spacelift.io](https://spacelift.io/) or equivalent
 4 | 2. Create a [Digital Ocean API Key](https://cloud.digitalocean.com/account/api) and set it as DIGITALOCEAN_TOKEN 
 5 | 3. Make sure to set the root directory to digitalocean-k8s/
 6 | 4. Run and apply the Terraform (took me 10 minutes)
 7 | 
 8 | ## Coder setup Instructions
 9 | 
10 | 1. Navigate to the IP address of the load balancer (Networking / Load Balancers).
11 | 2. Create the initial username and password.
12 | 3. Go to Templates, click Develop in Kubernetes, and click use template
13 | 4. Click create template (it will refresh and prompt for 3 more template inputs)
14 | 5. Set var.use_kubeconfig to false 
15 | 6. Set var.namespace to coder
16 | 6. Click create template
17 | 
18 | With the admin user created and the template imported, we are ready to launch a workspace based on that template.
19 | 
20 | 1. Click create workspace from the kubernetes template (templates/kubernetes/workspace)
21 | 2. Give it a name and click create
22 | 3. Within three minutes, the workspace should launch.
23 | 
24 | From there, you can click the Terminal button to get an interactive session in the k8s container, or you can click code-server to open up a VSCode window and start coding!
25 | 


--------------------------------------------------------------------------------
/digitalocean-doks/main.tf:
--------------------------------------------------------------------------------
  1 | terraform {
  2 |   required_providers {
  3 |     digitalocean = {
  4 |       source = "digitalocean/digitalocean"
  5 |       version = "~> 2.0"
  6 |     }
  7 |   }
  8 | }
  9 | 
 10 | variable "coder_version" {
 11 |   default = "0.13.6"
 12 | }
 13 | 
 14 | # Change this password away from the default if you are doing
 15 | # anything more than a testing stack.
 16 | variable "db_password" {
 17 |   default = "coder"
 18 | }
 19 | 
 20 | ###############################################################
 21 | # K8s configuration
 22 | ###############################################################
 23 | # Set DIGITALOCEAN_TOKEN
 24 | provider "digitalocean" {
 25 | }
 26 | 
 27 | resource "digitalocean_kubernetes_cluster" "coder" {
 28 |   name   = "coder"
 29 |   region = "nyc1"
 30 |   version = "1.25.4-do.0"
 31 | 
 32 |   node_pool {
 33 |     name       = "default"
 34 |     size       = "s-2vcpu-4gb"
 35 |     node_count = 1
 36 |   }
 37 | }
 38 | 
 39 | provider "kubernetes" {
 40 |   host                   = digitalocean_kubernetes_cluster.coder.endpoint
 41 |   token                  = digitalocean_kubernetes_cluster.coder.kube_config[0].token
 42 |   cluster_ca_certificate = base64decode(digitalocean_kubernetes_cluster.coder.kube_config[0].cluster_ca_certificate)
 43 | }
 44 | 
 45 | resource "kubernetes_namespace" "coder_namespace" {
 46 |   metadata {
 47 |     name = "coder"
 48 |   }
 49 | }
 50 | 
 51 | ###############################################################
 52 | # Coder configuration
 53 | ###############################################################
 54 | provider "helm" {
 55 |   kubernetes {
 56 |     host                   = digitalocean_kubernetes_cluster.coder.endpoint
 57 |     token                  = digitalocean_kubernetes_cluster.coder.kube_config[0].token
 58 |     cluster_ca_certificate = base64decode(digitalocean_kubernetes_cluster.coder.kube_config[0].cluster_ca_certificate)
 59 |   }
 60 | }
 61 | 
 62 | resource "helm_release" "pg_cluster" {
 63 |   name      = "postgresql"
 64 |   namespace = kubernetes_namespace.coder_namespace.metadata.0.name
 65 | 
 66 |   repository = "https://charts.bitnami.com/bitnami"
 67 |   chart      = "postgresql"
 68 | 
 69 |   set {
 70 |     name  = "auth.username"
 71 |     value = "coder"
 72 |   }
 73 | 
 74 |   set {
 75 |     name  = "auth.password"
 76 |     value = "${var.db_password}"
 77 |   }
 78 | 
 79 |   set {
 80 |     name  = "auth.database"
 81 |     value = "coder"
 82 |   }
 83 | 
 84 |   set {
 85 |     name  = "persistence.size"
 86 |     value = "10Gi"
 87 |   }
 88 | }
 89 | 
 90 | resource "helm_release" "coder" {
 91 |   name      = "coder"
 92 |   namespace = kubernetes_namespace.coder_namespace.metadata.0.name
 93 | 
 94 |   chart = "https://github.com/coder/coder/releases/download/v${var.coder_version}/coder_helm_${var.coder_version}.tgz"
 95 | 
 96 |   values = [
 97 |     <<EOT
 98 | coder:
 99 |   env:
100 |     - name: CODER_PG_CONNECTION_URL
101 |       value: "postgres://coder:${var.db_password}@${helm_release.pg_cluster.name}.coder.svc.cluster.local:5432/coder?sslmode=disable"
102 |     - name: CODER_EXPERIMENTAL
103 |       value: "true"
104 |     EOT
105 |   ]
106 | 
107 |   depends_on = [
108 |     helm_release.pg_cluster
109 |   ]
110 | }


--------------------------------------------------------------------------------
/docs/vscode.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ElliotG/coder-oss-tf/656c5fbcea134e6d573ada152a1b6849ee2a5242/docs/vscode.png


--------------------------------------------------------------------------------
/gcloud-gke/Readme.md:
--------------------------------------------------------------------------------
 1 | ## Getting Coder Installed
 2 | 
 3 | 1. Create a [Google Cloud Account](https://cloud.google.com/), [a project](https://console.cloud.google.com/projectcreate), and [a service account](https://console.cloud.google.com/iam-admin/serviceaccounts/create) in that project with [editor](https://cloud.google.com/iam/docs/understanding-roles#basic) permissions.
 4 | 2. Fork this repo and set it up with [spacelift.io](https://spacelift.io/) or equivalent
 5 | 3. Set [GOOGLE_CREDENTIALS](https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference#using-terraform-cloud) and TF_VAR_project with the project id from above
 6 | 4. Make sure to set the directory to gcloud-gke/
 7 | 4. Run and apply the Terraform (takes 10 minutes).
 8 | 
 9 | ## Coder setup Instructions
10 | 
11 | 1. Navigate to the IP address of the load balancer (Google Cloud / Kubernetes Engine / Services & Ingress.
12 | 2. Create the initial username and password.
13 | 3. Go to Templates, click Develop in Kubernetes, and click use template
14 | 4. Click create template (it will refresh and prompt for 3 more template inputs)
15 | 5. Set var.use_kubeconfig to false 
16 | 6. Set var.namespace to coder
17 | 6. Click create template
18 | 
19 | With the admin user created and the template imported, we are ready to launch a workspace based on that template.
20 | 
21 | 1. Click create workspace from the kubernetes template (templates/kubernetes/workspace)
22 | 2. Give it a name and click create
23 | 3. Within three minutes, the workspace should launch.
24 | 
25 | From there, you can click the Terminal button to get an interactive session in the k8s container, or you can click code-server to open up a VSCode window and start coding!


--------------------------------------------------------------------------------
/gcloud-gke/main.tf:
--------------------------------------------------------------------------------
  1 | terraform {
  2 |   required_providers {
  3 |     google = {
  4 |       source  = "hashicorp/google"
  5 |       version = "4.3.0"
  6 |     }
  7 |   }
  8 | }
  9 | 
 10 | variable "project" {}
 11 | variable "region" {
 12 |   default = "us-central1"
 13 | }
 14 | variable "coder_version" {
 15 |   default = "0.13.6"
 16 | }
 17 | 
 18 | # Change this password away from the default if you are doing
 19 | # anything more than a testing stack.
 20 | variable "db_password" {
 21 |   default = "coder"
 22 | }
 23 | 
 24 | 
 25 | ###############################################################
 26 | # Set up the Networking Components
 27 | ###############################################################
 28 | # Set GOOGLE_CREDENTIALS
 29 | provider "google" {
 30 |   region  = var.region
 31 |   project = var.project
 32 | }
 33 | 
 34 | resource "google_compute_network" "vpc_network" {
 35 |   name                    = "gke-vpc-network"
 36 |   auto_create_subnetworks = false
 37 | }
 38 | 
 39 | resource "google_compute_subnetwork" "vpc_subnet" {
 40 |   name          = "k8s-network"
 41 |   ip_cidr_range = "10.3.0.0/16"
 42 |   region        = var.region
 43 |   network       = google_compute_network.vpc_network.id
 44 | }
 45 | 
 46 | ###############################################################
 47 | # K8s configuration
 48 | ###############################################################
 49 | resource "google_container_cluster" "primary" {
 50 |   name             = "${var.project}-gke"
 51 |   location         = var.region
 52 |   network          = google_compute_network.vpc_network.name
 53 |   subnetwork       = google_compute_subnetwork.vpc_subnet.name
 54 |   enable_autopilot = true
 55 |   vertical_pod_autoscaling {
 56 |     enabled = true
 57 |   }
 58 | }
 59 | 
 60 | data "google_client_config" "default" {
 61 |   depends_on = [google_container_cluster.primary]
 62 | }
 63 | 
 64 | provider "kubernetes" {
 65 |   host  = "https://${google_container_cluster.primary.endpoint}"
 66 |   token = data.google_client_config.default.access_token
 67 |   cluster_ca_certificate = base64decode(
 68 |     google_container_cluster.primary.master_auth[0].cluster_ca_certificate,
 69 |   )
 70 | }
 71 | 
 72 | resource "kubernetes_namespace" "coder_namespace" {
 73 |   metadata {
 74 |     name = "coder"
 75 |   }
 76 | }
 77 | 
 78 | ###############################################################
 79 | # Helm configuration
 80 | ###############################################################
 81 | provider "helm" {
 82 |   kubernetes {
 83 |     host  = "https://${google_container_cluster.primary.endpoint}"
 84 |     token = data.google_client_config.default.access_token
 85 |     cluster_ca_certificate = base64decode(
 86 |       google_container_cluster.primary.master_auth[0].cluster_ca_certificate,
 87 |     )
 88 |   }
 89 | }
 90 | 
 91 | 
 92 | resource "helm_release" "pg_cluster" {
 93 |   name      = "postgresql"
 94 |   namespace = kubernetes_namespace.coder_namespace.metadata.0.name
 95 | 
 96 |   repository = "https://charts.bitnami.com/bitnami"
 97 |   chart      = "postgresql"
 98 | 
 99 |   set {
100 |     name  = "auth.username"
101 |     value = "coder"
102 |   }
103 | 
104 |   set {
105 |     name  = "auth.password"
106 |     value = "${var.db_password}"
107 |   }
108 | 
109 |   set {
110 |     name  = "auth.database"
111 |     value = "coder"
112 |   }
113 | 
114 |   set {
115 |     name  = "persistence.size"
116 |     value = "10Gi"
117 |   }
118 | }
119 | 
120 | resource "helm_release" "coder" {
121 |   name      = "coder"
122 |   namespace = kubernetes_namespace.coder_namespace.metadata.0.name
123 | 
124 |   chart = "https://github.com/coder/coder/releases/download/v${var.coder_version}/coder_helm_${var.coder_version}.tgz"
125 | 
126 |   values = [
127 |     <<EOT
128 | coder:
129 |   env:
130 |     - name: CODER_PG_CONNECTION_URL
131 |       value: "postgres://coder:${var.db_password}@${helm_release.pg_cluster.name}.coder.svc.cluster.local:5432/coder?sslmode=disable"
132 |     - name: CODER_EXPERIMENTAL
133 |       value: "true"
134 |     EOT
135 |   ]
136 | 
137 |   depends_on = [
138 |     helm_release.pg_cluster
139 |   ]
140 | }
141 | 


--------------------------------------------------------------------------------
/ibmcloud-k8s/Readme.md:
--------------------------------------------------------------------------------
 1 | ## Getting Coder Installed
 2 | 
 3 | 1. Fork this repo and set it up with [spacelift.io](https://spacelift.io/) or equivalent
 4 | 2. Create an [API Key](https://cloud.ibm.com/docs/account?topic=account-userapikey&interface=ui) and set it as IC_API_KEY
 5 | 3. Make sure to set the root directory to ibmcloud-k8s/
 6 | 4. Run and apply the Terraform (took me 75 minutes)
 7 | 
 8 | ## Coder setup Instructions
 9 | 
10 | 1. In the IBMCloud Console, go to Kubernetes --> coder --> Kubernetes Dashboard (upper right)
11 | 2. Change the namespace to coder (upper left)
12 | 3. Go to Services and the public IP should be on the right.
13 | 4. Create the initial username and password.
14 | 5. Go to Templates, click Develop in Kubernetes, and click use template
15 | 6. Click create template (it will refresh and prompt for 3 more template inputs)
16 | 7. Set var.use_kubeconfig to false 
17 | 8. Set var.namespace to coder
18 | 9. Click create template
19 | 
20 | With the admin user created and the template imported, we are ready to launch a workspace based on that template.
21 | 
22 | 1. Click create workspace from the kubernetes template (templates/kubernetes/workspace)
23 | 2. Give it a name and click create
24 | 3. Within three minutes, the workspace should launch.
25 | 
26 | From there, you can click the Terminal button to get an interactive session in the k8s container, or you can click code-server to open up a VSCode window and start coding!
27 | 
28 | ## In Terraform: dial tcp 127.0.0.1:80: connect: connection refused
29 | 
30 | This is a Terraform bug that is really obnoxious. The only way to fix it is to manually delete things in the console/state until you get back to a good state. Or you need to fork my repo.
31 | 
32 | Terraform does an "optimization" where it will skip calculating a data resource if it depends on an object that needs to be recreated. For this repo, that data resource is the one that uses your IBMCloud credentials to pull k8s config for deploying the helm charts. If you modify the k8s cluster, Terraform can skip trying to calculate the datasource. When the provider tries to run, it doesn't find the config file, and defaults to 127.0.0.1. 
33 | 
34 | There are many Github issues filed on this topic, and they all come down to the same solution: install ibmcloud's cli and plugin in your CI system, and farming out to the command line to generate kubectl. Unfortunately, IBM Cloud's CLI is not installed by default on most Terraform CI systems, so you'd have to run on a custom docker image and the rabbit hole grows. 
35 | 
36 | ## Workspace launches but code-server/VSCode doesn't work?
37 | 
38 | IBM does weird stuff with it's volumes. Use the terminal to chown ~, and it should work.
39 | 


--------------------------------------------------------------------------------
/ibmcloud-k8s/main.tf:
--------------------------------------------------------------------------------
  1 | terraform {
  2 |   required_providers {
  3 |     ibm = {
  4 |       source = "IBM-Cloud/ibm"
  5 |       version = ">= 1.12.0"
  6 |     }  
  7 |   }
  8 | }
  9 | 
 10 | variable "coder_version" {
 11 |   default = "0.13.6"
 12 | }
 13 | 
 14 | # Change this password away from the default if you are doing
 15 | # anything more than a testing stack.
 16 | variable "db_password" {
 17 |   default = "coder"
 18 | }
 19 | 
 20 | ###############################################################
 21 | # Networking configuration
 22 | ###############################################################
 23 | # Set IC_API_KEY
 24 | provider "ibm" {
 25 | }
 26 | 
 27 | resource "ibm_is_vpc" "coder" {
 28 |   name = "codervpc"
 29 | }
 30 | 
 31 | resource "ibm_is_subnet" "coder" {
 32 |   name                     = "codersubnet"
 33 |   vpc                      = ibm_is_vpc.coder.id
 34 |   zone                     = "us-south-1"
 35 |   total_ipv4_address_count = 256
 36 | }
 37 | 
 38 | resource "ibm_is_public_gateway" "coder" {
 39 |   name = "coder-gateway"
 40 |   vpc  = ibm_is_vpc.coder.id
 41 |   zone = "us-south-1"
 42 | }
 43 | 
 44 | resource "ibm_is_subnet_public_gateway_attachment" "coder" {
 45 |   subnet                = ibm_is_subnet.coder.id
 46 |   public_gateway         = ibm_is_public_gateway.coder.id
 47 | }
 48 | ###############################################################
 49 | # K8s configuration
 50 | ###############################################################
 51 | # If the node gets stuck on waiting for the VPE Gateway, then
 52 | # open the cloud shell and run:
 53 | # ~$ ibmcloud ks cluster master refresh -c coder
 54 | resource "ibm_container_vpc_cluster" "coder" {
 55 |   name              = "coder"
 56 |   vpc_id            = ibm_is_vpc.coder.id
 57 |   flavor            = "bx2.4x16" # ibmcloud ks flavors --zone us-south-1
 58 |   worker_count      = 2
 59 | 
 60 |   zones {
 61 |     subnet_id = ibm_is_subnet.coder.id
 62 |     name      = ibm_is_subnet.coder.zone
 63 |   }
 64 | 
 65 |   depends_on = [
 66 |     ibm_is_subnet_public_gateway_attachment.coder
 67 |   ]
 68 | }
 69 | 
 70 | data "ibm_container_cluster_config" "coder" {
 71 |   cluster_name_id = ibm_container_vpc_cluster.coder.name
 72 |   admin           = true
 73 | }
 74 | 
 75 | # To authenticate with kubectl, use IBM Cloud Shell
 76 | # ~$ ibmcloud ks cluster config --cluster coder
 77 | # ~$ kubectl get pods -n coder
 78 | provider "kubernetes" {
 79 |   host                   = data.ibm_container_cluster_config.coder.host
 80 |   client_certificate     = data.ibm_container_cluster_config.coder.admin_certificate
 81 |   client_key             = data.ibm_container_cluster_config.coder.admin_key
 82 |   cluster_ca_certificate = data.ibm_container_cluster_config.coder.ca_certificate
 83 | }
 84 | 
 85 | resource "kubernetes_namespace" "coder_namespace" {
 86 |   metadata {
 87 |     name = "coder"
 88 |   }
 89 | }
 90 | 
 91 | ###############################################################
 92 | # Coder configuration
 93 | ###############################################################
 94 | provider "helm" {
 95 |   kubernetes {
 96 |     host                   = data.ibm_container_cluster_config.coder.host
 97 |     client_certificate     = data.ibm_container_cluster_config.coder.admin_certificate
 98 |     client_key             = data.ibm_container_cluster_config.coder.admin_key
 99 |     cluster_ca_certificate = data.ibm_container_cluster_config.coder.ca_certificate
100 |   }
101 | }
102 | 
103 | # kubectl logs postgresql-0 -n coder
104 | resource "helm_release" "pg_cluster" {
105 |   name      = "postgresql"
106 |   namespace = kubernetes_namespace.coder_namespace.metadata.0.name
107 | 
108 |   repository = "https://charts.bitnami.com/bitnami"
109 |   chart      = "postgresql"
110 | 
111 |   # The default IBM storage class mounts the directory in as
112 |   # owned by nobody, causes Postgres to fail. Simplest fix is
113 |   # to use a different storage type.
114 |   # https://github.com/bitnami/charts/issues/4737
115 |   set {
116 |     name  = "primary.persistence.storageClass"
117 |     value = "ibmc-vpc-block-custom"
118 |   }    
119 | 
120 |   set {
121 |     name  = "auth.username"
122 |     value = "coder"
123 |   }
124 | 
125 |   set {
126 |     name  = "auth.password"
127 |     value = "${var.db_password}"
128 |   }
129 | 
130 |   set {
131 |     name  = "auth.database"
132 |     value = "coder"
133 |   }
134 | 
135 |   set {
136 |     name  = "persistence.size"
137 |     value = "10Gi"
138 |   }
139 | }
140 | 
141 | resource "helm_release" "coder" {
142 |   name      = "coder"
143 |   namespace = kubernetes_namespace.coder_namespace.metadata.0.name
144 | 
145 |   chart = "https://github.com/coder/coder/releases/download/v${var.coder_version}/coder_helm_${var.coder_version}.tgz"
146 | 
147 |   values = [
148 |     <<EOT
149 | coder:
150 |   env:
151 |     - name: CODER_PG_CONNECTION_URL
152 |       value: "postgres://coder:${var.db_password}@${helm_release.pg_cluster.name}.coder.svc.cluster.local:5432/coder?sslmode=disable"
153 |     - name: CODER_EXPERIMENTAL
154 |       value: "true"
155 |     EOT
156 |   ]
157 | 
158 |   depends_on = [
159 |     helm_release.pg_cluster
160 |   ]
161 | }


--------------------------------------------------------------------------------
/linode-lke/Readme.md:
--------------------------------------------------------------------------------
 1 | ## Getting Coder Installed
 2 | 
 3 | 1. Fork this repo and set it up with [spacelift.io](https://spacelift.io/) or equivalent
 4 | 2. Set LINODE_TOKEN to your [Linode API Key](https://cloud.linode.com/profile/tokens)
 5 | 3. Make sure to set the root directory to linode-lke/
 6 | 4. Run and apply the Terraform (took me 8 minutes)
 7 | 
 8 | ## Coder setup Instructions
 9 | 
10 | 1. Go to [Node Balancers](https://cloud.linode.com/nodebalancers) and copy the public IP address
11 | 2. Go to Services and the public IP should be on the right.
12 | 3. Create the initial username and password.
13 | 4. Go to Templates, click Develop in Kubernetes, and click use template
14 | 5. Click create template (it will refresh and prompt for 3 more template inputs)
15 | 6. Set var.use_kubeconfig to false 
16 | 7. Set var.namespace to coder
17 | 8. Click create template
18 | 
19 | With the admin user created and the template imported, we are ready to launch a workspace based on that template.
20 | 
21 | 1. Click create workspace from the kubernetes template (templates/kubernetes/workspace)
22 | 2. Give it a name and click create
23 | 3. Within three minutes, the workspace should launch.
24 | 
25 | From there, you can click the Terminal button to get an interactive session in the k8s container, or you can click code-server to open up a VSCode window and start coding!
26 | 


--------------------------------------------------------------------------------
/linode-lke/main.tf:
--------------------------------------------------------------------------------
  1 | terraform {
  2 |   required_providers {
  3 |     linode = {
  4 |       source = "linode/linode"
  5 |     }
  6 |   }
  7 | }
  8 | 
  9 | variable "coder_version" {
 10 |   default = "0.13.6"
 11 | }
 12 | 
 13 | # Change this password away from the default if you are doing
 14 | # anything more than a testing stack.
 15 | variable "db_password" {
 16 |   default = "coder"
 17 | }
 18 | 
 19 | ###############################################################
 20 | # K8s configuration
 21 | ###############################################################
 22 | # Set LINODE_TOKEN 
 23 | provider "linode" {}
 24 | 
 25 | resource "linode_lke_cluster" "coder" {
 26 |   label       = "coder"
 27 |   k8s_version = "1.24"
 28 |   region      = "us-central"
 29 |   tags        = ["prod"]
 30 | 
 31 |   pool {
 32 |     type  = "g6-standard-1"
 33 |     count = 1
 34 |   }
 35 | }
 36 | 
 37 | provider "kubernetes" {
 38 |   host                   = yamldecode(base64decode(linode_lke_cluster.coder.kubeconfig)).clusters[0].cluster.server
 39 |   token                  = yamldecode(base64decode(linode_lke_cluster.coder.kubeconfig)).users[0].user.token
 40 |   cluster_ca_certificate = base64decode(yamldecode(base64decode(linode_lke_cluster.coder.kubeconfig)).clusters[0].cluster.certificate-authority-data)
 41 | }
 42 | 
 43 | resource "kubernetes_namespace" "coder_namespace" {
 44 |   metadata {
 45 |     name = "coder"
 46 |   }
 47 | }
 48 | 
 49 | # ###############################################################
 50 | # # Coder configuration
 51 | # ###############################################################
 52 | provider "helm" {
 53 |   kubernetes {
 54 |     host                   = yamldecode(base64decode(linode_lke_cluster.coder.kubeconfig)).clusters[0].cluster.server
 55 |     token                  = yamldecode(base64decode(linode_lke_cluster.coder.kubeconfig)).users[0].user.token
 56 |     cluster_ca_certificate = base64decode(yamldecode(base64decode(linode_lke_cluster.coder.kubeconfig)).clusters[0].cluster.certificate-authority-data)
 57 |   }
 58 | }
 59 | 
 60 | resource "helm_release" "pg_cluster" {
 61 |   name      = "postgresql"
 62 |   namespace = kubernetes_namespace.coder_namespace.metadata.0.name
 63 | 
 64 |   repository = "https://charts.bitnami.com/bitnami"
 65 |   chart      = "postgresql"
 66 | 
 67 |   set {
 68 |     name  = "auth.username"
 69 |     value = "coder"
 70 |   }
 71 | 
 72 |   set {
 73 |     name  = "auth.password"
 74 |     value = var.db_password
 75 |   }
 76 | 
 77 |   set {
 78 |     name  = "auth.database"
 79 |     value = "coder"
 80 |   }
 81 | 
 82 |   set {
 83 |     name  = "persistence.size"
 84 |     value = "10Gi"
 85 |   }
 86 | }
 87 | 
 88 | resource "helm_release" "coder" {
 89 |   name      = "coder"
 90 |   namespace = kubernetes_namespace.coder_namespace.metadata.0.name
 91 | 
 92 |   chart = "https://github.com/coder/coder/releases/download/v${var.coder_version}/coder_helm_${var.coder_version}.tgz"
 93 | 
 94 |   values = [
 95 |     <<EOT
 96 | coder:
 97 |   env:
 98 |     - name: CODER_PG_CONNECTION_URL
 99 |       value: "postgres://coder:${var.db_password}@${helm_release.pg_cluster.name}.coder.svc.cluster.local:5432/coder?sslmode=disable"
100 |     - name: CODER_EXPERIMENTAL
101 |       value: "true"
102 |     EOT
103 |   ]
104 | 
105 |   depends_on = [
106 |     helm_release.pg_cluster
107 |   ]
108 | }


--------------------------------------------------------------------------------
/ovhcloud-k8s/Readme.md:
--------------------------------------------------------------------------------
 1 | ## Getting Coder Installed
 2 | 
 3 | 1. Create an OVH Cloud account, order a public cloud, and then set up a project (copy the ID)
 4 | 2. Fork this repo and set it up with [spacelift.io](https://spacelift.io/) or equivalent
 5 | 3. Set OVH_CLOUD_PROJECT_SERVICE to the project id from (1)
 6 | 4. For US, I went to https://api.us.ovhcloud.com/createToken/?GET=/*&POST=/*&PUT=/*&DELETE=/* to generate API keys
 7 | 5. Set OVH_APPLICATION_KEY, OVH_APPLICATION_SECRET, OVH_CONSUMER_KEY to the values from (4)
 8 | 6. Make sure to set the root directory to ovhcloud-k8s/
 9 | 7. Run and apply the Terraform (took me 10 minutes)
10 | 
11 | If you run into any auth issues, see the end of the Readme.
12 | 
13 | ## Coder setup Instructions
14 | 
15 | 1. In the OVHCloud Console, go to Public Cloud --> Load Balancer and copy the IP address on the far right.
16 | 2. Create the initial username and password.
17 | 3. Go to Templates, click Develop in Kubernetes, and click use template
18 | 4. Click create template (it will refresh and prompt for 3 more template inputs)
19 | 5. Set var.use_kubeconfig to false 
20 | 6. Set var.namespace to coder
21 | 7. Click create template
22 | 
23 | With the admin user created and the template imported, we are ready to launch a workspace based on that template.
24 | 
25 | 1. Click create workspace from the kubernetes template (templates/kubernetes/workspace)
26 | 2. Give it a name and click create
27 | 3. Within three minutes, the workspace should launch.
28 | 
29 | From there, you can click the Terminal button to get an interactive session in the k8s container, or you can click code-server to open up a VSCode window and start coding!


--------------------------------------------------------------------------------
/ovhcloud-k8s/main.tf:
--------------------------------------------------------------------------------
  1 | terraform {
  2 |   required_providers {
  3 |     ovh = {
  4 |       source = "ovh/ovh"
  5 |     }
  6 |   }
  7 | }
  8 | 
  9 | variable "coder_version" {
 10 |   default = "0.13.6"
 11 | }
 12 | 
 13 | # Change this password away from the default if you are doing
 14 | # anything more than a testing stack.
 15 | variable "db_password" {
 16 |   default = "coder"
 17 | }
 18 | 
 19 | ###############################################################
 20 | # K8s configuration
 21 | ###############################################################
 22 | # Set OVH_APPLICATION_KEY, OVH_APPLICATION_SECRET, OVH_CONSUMER_KEY
 23 | # https://api.us.ovhcloud.com/createToken/?GET=/*&POST=/*&PUT=/*&DELETE=/*
 24 | # Set OVH_CLOUD_PROJECT_SERVICE to your Project ID
 25 | provider "ovh" {
 26 |   endpoint = "ovh-us"
 27 | }
 28 | 
 29 | resource "ovh_cloud_project_kube" "coder" {
 30 |   name   = "coder_cluster"
 31 |   region = "US-EAST-VA-1"
 32 | }
 33 | 
 34 | 
 35 | resource "ovh_cloud_project_kube_nodepool" "coder" {
 36 |   kube_id       = ovh_cloud_project_kube.coder.id
 37 |   name          = "coder-pool" //Warning: "_" char is not allowed!
 38 |   flavor_name   = "d2-8"
 39 |   desired_nodes = 2
 40 |   max_nodes     = 2
 41 |   min_nodes     = 2
 42 | }
 43 | 
 44 | provider "kubernetes" {
 45 |   host                   = yamldecode(ovh_cloud_project_kube.coder.kubeconfig).clusters[0].cluster.server
 46 |   token                  = yamldecode(ovh_cloud_project_kube.coder.kubeconfig).users[0].user.token
 47 |   cluster_ca_certificate = base64decode(yamldecode(ovh_cloud_project_kube.coder.kubeconfig).clusters[0].cluster.certificate-authority-data)
 48 | 
 49 | }
 50 | 
 51 | resource "kubernetes_namespace" "coder_namespace" {
 52 |   metadata {
 53 |     name = "coder"
 54 |   }
 55 | 
 56 |   depends_on = [
 57 |     ovh_cloud_project_kube_nodepool.coder
 58 |   ]
 59 | }
 60 | 
 61 | ###############################################################
 62 | # Coder configuration
 63 | ###############################################################
 64 | provider "helm" {
 65 |   kubernetes {
 66 |     host                   = yamldecode(ovh_cloud_project_kube.coder.kubeconfig).clusters[0].cluster.server
 67 |     token                  = yamldecode(ovh_cloud_project_kube.coder.kubeconfig).users[0].user.token
 68 |     cluster_ca_certificate = base64decode(yamldecode(ovh_cloud_project_kube.coder.kubeconfig).clusters[0].cluster.certificate-authority-data)
 69 |   }
 70 | }
 71 | 
 72 | # kubectl logs postgresql-0 -n coder
 73 | resource "helm_release" "pg_cluster" {
 74 |   name      = "postgresql"
 75 |   namespace = kubernetes_namespace.coder_namespace.metadata.0.name
 76 | 
 77 |   repository = "https://charts.bitnami.com/bitnami"
 78 |   chart      = "postgresql"
 79 | 
 80 |   set {
 81 |     name  = "auth.username"
 82 |     value = "coder"
 83 |   }
 84 | 
 85 |   set {
 86 |     name  = "auth.password"
 87 |     value = var.db_password
 88 |   }
 89 | 
 90 |   set {
 91 |     name  = "auth.database"
 92 |     value = "coder"
 93 |   }
 94 | 
 95 |   set {
 96 |     name  = "persistence.size"
 97 |     value = "10Gi"
 98 |   }
 99 | }
100 | 
101 | resource "helm_release" "coder" {
102 |   name      = "coder"
103 |   namespace = kubernetes_namespace.coder_namespace.metadata.0.name
104 | 
105 |   chart = "https://github.com/coder/coder/releases/download/v${var.coder_version}/coder_helm_${var.coder_version}.tgz"
106 | 
107 |   values = [
108 |     <<EOT
109 | coder:
110 |   env:
111 |     - name: CODER_PG_CONNECTION_URL
112 |       value: "postgres://coder:${var.db_password}@${helm_release.pg_cluster.name}.coder.svc.cluster.local:5432/coder?sslmode=disable"
113 |     - name: CODER_EXPERIMENTAL
114 |       value: "true"
115 |     EOT
116 |   ]
117 | 
118 |   depends_on = [
119 |     helm_release.pg_cluster
120 |   ]
121 | }


--------------------------------------------------------------------------------
/scaleway-kapsule/Readme.md:
--------------------------------------------------------------------------------
 1 | ## Getting Coder Installed
 2 | 
 3 | 1. Fork this repo and set it up with [spacelift.io](https://spacelift.io/) or equivalent
 4 | 2. Create a [Scaleway API Key](https://console.scaleway.com/iam/api-keys) and set both SCW_ACCESS_KEY and SCW_SECRET_KEY
 5 | 3. Set SCW_DEFAULT_PROJECT_ID to your [project ID](https://console.scaleway.com/project/settings)
 6 | 3. Make sure to set the root directory to scaleway-kapsule/
 7 | 4. Run and apply the Terraform (took me 8 minutes)
 8 | 
 9 | ## Coder setup Instructions
10 | 
11 | 1. Navigate to your cluster dashboard (Kubernetes / coder / Dashboard)
12 | 2. Change the namespace to coder (upper left)
13 | 3. Go to Services and the public IP should be on the right.
14 | 4. Create the initial username and password.
15 | 5. Go to Templates, click Develop in Kubernetes, and click use template
16 | 6. Click create template (it will refresh and prompt for 3 more template inputs)
17 | 7. Set var.use_kubeconfig to false 
18 | 8. Set var.namespace to coder
19 | 9. Click create template
20 | 
21 | With the admin user created and the template imported, we are ready to launch a workspace based on that template.
22 | 
23 | 1. Click create workspace from the kubernetes template (templates/kubernetes/workspace)
24 | 2. Give it a name and click create
25 | 3. Within three minutes, the workspace should launch.
26 | 
27 | From there, you can click the Terminal button to get an interactive session in the k8s container, or you can click code-server to open up a VSCode window and start coding!
28 | 


--------------------------------------------------------------------------------
/scaleway-kapsule/main.tf:
--------------------------------------------------------------------------------
  1 | terraform {
  2 |   required_providers {
  3 |     scaleway = {
  4 |       source = "scaleway/scaleway"
  5 |     }
  6 |   }
  7 | }
  8 | 
  9 | variable "coder_version" {
 10 |   default = "0.13.6"
 11 | }
 12 | 
 13 | # Change this password away from the default if you are doing
 14 | # anything more than a testing stack.
 15 | variable "db_password" {
 16 |   default = "coder"
 17 | }
 18 | 
 19 | ###############################################################
 20 | # K8s configuration
 21 | ###############################################################
 22 | # See: https://registry.terraform.io/providers/scaleway/scaleway/latest/docs#authentication
 23 | # Set SCW_ACCESS_KEY, SCW_SECRET_KEY, and SCW_DEFAULT_PROJECT_ID
 24 | provider "scaleway" {}
 25 | 
 26 | resource "scaleway_k8s_cluster" "coder" {
 27 |   name    = "coder"
 28 |   version = "1.24.3"
 29 |   cni     = "cilium"
 30 | }
 31 | 
 32 | resource "scaleway_k8s_pool" "coder" {
 33 |   cluster_id = scaleway_k8s_cluster.coder.id
 34 |   name       = "coder"
 35 |   node_type  = "DEV1-M"
 36 |   size       = 1
 37 | }
 38 | 
 39 | # This was copied directly from the Scaleway Terraform docs I don't believe this protects 
 40 | # from the weird provider-depending-on-resources issue. However, since it's directly from
 41 | # their docs, I'll keep it this way. See Digital Ocean for a simpler approach.
 42 | resource "null_resource" "kubeconfig" {
 43 |   depends_on = [scaleway_k8s_pool.coder] # at least one pool here
 44 |   triggers = {
 45 |     host                   = scaleway_k8s_cluster.coder.kubeconfig[0].host
 46 |     token                  = scaleway_k8s_cluster.coder.kubeconfig[0].token
 47 |     cluster_ca_certificate = scaleway_k8s_cluster.coder.kubeconfig[0].cluster_ca_certificate
 48 |   }
 49 | }
 50 | 
 51 | provider "kubernetes" {
 52 |   host                   = null_resource.kubeconfig.triggers.host
 53 |   token                  = null_resource.kubeconfig.triggers.token
 54 |   cluster_ca_certificate = base64decode(null_resource.kubeconfig.triggers.cluster_ca_certificate)
 55 | }
 56 | 
 57 | resource "kubernetes_namespace" "coder_namespace" {
 58 |   metadata {
 59 |     name = "coder"
 60 |   }
 61 | }
 62 | 
 63 | # ###############################################################
 64 | # # Coder configuration
 65 | # ###############################################################
 66 | provider "helm" {
 67 |   kubernetes {
 68 |     host                   = null_resource.kubeconfig.triggers.host
 69 |     token                  = null_resource.kubeconfig.triggers.token
 70 |     cluster_ca_certificate = base64decode(null_resource.kubeconfig.triggers.cluster_ca_certificate)
 71 |   }
 72 | }
 73 | 
 74 | resource "helm_release" "pg_cluster" {
 75 |   name      = "postgresql"
 76 |   namespace = kubernetes_namespace.coder_namespace.metadata.0.name
 77 | 
 78 |   repository = "https://charts.bitnami.com/bitnami"
 79 |   chart      = "postgresql"
 80 | 
 81 |   set {
 82 |     name  = "auth.username"
 83 |     value = "coder"
 84 |   }
 85 | 
 86 |   set {
 87 |     name  = "auth.password"
 88 |     value = var.db_password
 89 |   }
 90 | 
 91 |   set {
 92 |     name  = "auth.database"
 93 |     value = "coder"
 94 |   }
 95 | 
 96 |   set {
 97 |     name  = "persistence.size"
 98 |     value = "10Gi"
 99 |   }
100 | }
101 | 
102 | resource "helm_release" "coder" {
103 |   name      = "coder"
104 |   namespace = kubernetes_namespace.coder_namespace.metadata.0.name
105 | 
106 |   chart = "https://github.com/coder/coder/releases/download/v${var.coder_version}/coder_helm_${var.coder_version}.tgz"
107 | 
108 |   values = [
109 |     <<EOT
110 | coder:
111 |   env:
112 |     - name: CODER_PG_CONNECTION_URL
113 |       value: "postgres://coder:${var.db_password}@${helm_release.pg_cluster.name}.coder.svc.cluster.local:5432/coder?sslmode=disable"
114 |     - name: CODER_EXPERIMENTAL
115 |       value: "true"
116 |     EOT
117 |   ]
118 | 
119 |   depends_on = [
120 |     helm_release.pg_cluster
121 |   ]
122 | }


--------------------------------------------------------------------------------