workspaceProxyRegister is used to register a new workspace proxy. When a proxy comes online, it will announce itself to this endpoint. This updates its values in the database and returns a signed token that can be used to authenticate tokens. This is called periodically by the proxy in the backgrou
(rw http.ResponseWriter, r *http.Request)
| 556 | // @Router /api/v2/workspaceproxies/me/register [post] |
| 557 | // @x-apidocgen {"skip": true} |
| 558 | func (api *API) workspaceProxyRegister(rw http.ResponseWriter, r *http.Request) { |
| 559 | var ( |
| 560 | ctx = r.Context() |
| 561 | proxy = httpmw.WorkspaceProxy(r) |
| 562 | ) |
| 563 | |
| 564 | var req wsproxysdk.RegisterWorkspaceProxyRequest |
| 565 | if !httpapi.Read(ctx, rw, r, &req) { |
| 566 | return |
| 567 | } |
| 568 | |
| 569 | // NOTE: we previously enforced version checks when registering, but this |
| 570 | // will cause proxies to enter crash loop backoff if the server is updated |
| 571 | // and the proxy is not. Most releases do not make backwards-incompatible |
| 572 | // changes to the proxy API, so instead of blocking requests we will show |
| 573 | // healthcheck warnings. |
| 574 | |
| 575 | if err := validateProxyURL(req.AccessURL); err != nil { |
| 576 | httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{ |
| 577 | Message: "URL is invalid.", |
| 578 | Detail: err.Error(), |
| 579 | }) |
| 580 | return |
| 581 | } |
| 582 | |
| 583 | if req.WildcardHostname != "" { |
| 584 | if _, err := appurl.CompileHostnamePattern(req.WildcardHostname); err != nil { |
| 585 | httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{ |
| 586 | Message: "Wildcard URL is invalid.", |
| 587 | Detail: err.Error(), |
| 588 | }) |
| 589 | return |
| 590 | } |
| 591 | } |
| 592 | |
| 593 | if req.ReplicaID == uuid.Nil { |
| 594 | httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{ |
| 595 | Message: "Replica ID is invalid.", |
| 596 | }) |
| 597 | return |
| 598 | } |
| 599 | |
| 600 | if req.DerpOnly && !req.DerpEnabled { |
| 601 | httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{ |
| 602 | Message: "DerpOnly cannot be true when DerpEnabled is false.", |
| 603 | }) |
| 604 | return |
| 605 | } |
| 606 | |
| 607 | // Load the mesh key directly from the database. We don't retrieve the mesh |
| 608 | // key from the built-in DERP server because it may not be enabled. |
| 609 | // |
| 610 | // The mesh key is always generated at startup by an enterprise coderd |
| 611 | // server. |
| 612 | var meshKey string |
| 613 | if req.DerpEnabled { |
| 614 | var err error |
| 615 | meshKey, err = api.Database.GetDERPMeshKey(ctx) |
nothing calls this directly
no test coverage detected