blob: 9e3b897621d9f52cb0f7f4235839dc40acc6ff9d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
|
# Code Server via Tailscale
This Docker Compose stack deploys [code-server](https://github.com/coder/code-server) (VS Code in the browser) accessible securely through your [Tailscale](https://tailscale.com/) network.
## What This Does
- Runs code-server (web-based VS Code) on port 80
- Exposes code-server exclusively through Tailscale (not accessible on local network)
- Provides secure remote access to your development environment from anywhere on your Tailnet
## Prerequisites
- Docker and Docker Compose installed
- A Tailscale account
- Tailscale authentication key (get one from [Tailscale Admin Console](https://login.tailscale.com/admin/settings/keys))
## Configuration
### 1. Set Code Server Password
Edit `docker-compose.yaml` and change the default password:
```yaml
environment:
- PASSWORD=CHANGEME # Change this to a secure password
```
### 2. Configure Tailscale
Before starting the stack, you need to provide a Tailscale auth key. You can either:
**Option A: Set environment variable**
```bash
export TS_AUTHKEY="tskey-auth-xxxxx"
```
**Option B: Edit docker-compose.yaml**
Add the auth key to the tailscale service environment variables:
```yaml
environment:
- TS_AUTHKEY=tskey-auth-xxxxx
- TS_AUTH_ONCE="true"
- TS_STATE_DIR=/var/lib/tailscale
```
### 3. (Optional) Customize Hostname
The service will appear as `code-server` in your Tailscale admin console. To change this, edit the `hostname` field in the tailscale service.
## Deployment
1. Start the stack:
```bash
docker compose up -d
```
2. Check that both services are running:
```bash
docker compose ps
```
3. View logs to confirm Tailscale authentication:
```bash
docker compose logs tailscale
```
## Accessing Code Server
1. Find your code-server URL in the [Tailscale Admin Console](https://login.tailscale.com/admin/machines)
2. Navigate to `http://code-server` (or the custom hostname you set) in your browser
3. Enter the password you configured
4. Start coding!
## Directory Structure
After deployment, the following directories will be created:
- `./config` - Code-server configuration and settings
- `./project` - Your project files and workspace
- `./tailscale-data` - Tailscale state data (authentication and network info)
## Important Notes
- **Security**: Code-server is only accessible through your Tailscale network, providing zero-trust security
- **Network Mode**: The code-server container uses the tailscale service's network stack (`network_mode: service:tailscale`)
- **Password**: Make sure to change the default password before deploying to production
- **Persistence**: All data is stored in local volumes, so your work persists across container restarts
- **Resource Access**: The tailscale service needs `NET_ADMIN` and `NET_RAW` capabilities to manage the VPN tunnel
## Stopping the Stack
```bash
docker compose down
```
To remove all data (including your projects):
```bash
docker compose down -v
rm -rf config project tailscale-data
```
## Troubleshooting
### Can't connect to code-server
1. Verify Tailscale is authenticated:
```bash
docker compose logs tailscale
```
2. Check that both containers are running:
```bash
docker compose ps
```
3. Ensure you're connected to Tailscale on your client device
### Authentication issues
- Make sure your Tailscale auth key is valid and not expired
- Auth keys can be reusable or one-time use - check your key settings in the Tailscale admin console
## Version Information
- **code-server**: 4.107.0-39
- **tailscale**: v1.92.4
|
