Coder¶
Cloud development environments at
coder.448.global. Web-based VS Code / IDE workspaces — engineers code on company-managed remote machines instead of their laptops.
| Field | Value |
|---|---|
| Public URL | https://coder.448.global |
| Audience | engineers |
| Criticality | medium — productivity tool, not a customer-facing system |
| Maturity | [INFO NEEDED] |
| Owner | [INFO NEEDED] |
| Last reviewed | 2026-05-05 |
1. At a glance¶
Coder lets engineers spin up a development environment in the browser. Code, dependencies, and secrets live on a company server, not on personal laptops. Lower bus-factor, less "works on my machine" pain. If Coder is down, engineers can usually still work locally — but onboarding a new developer becomes harder.
2. Business purpose¶
- Consistent dev environments across the team.
- Faster onboarding (no per-laptop setup).
- Code and secrets stay on company infrastructure (laptop loss = no data loss).
3. Audience¶
Engineering team.
4. Hosting & cloud infrastructure¶
Infrastructure map¶
| Item | Value | Notes |
|---|---|---|
| Public hostname | coder.448.global | |
| Public IP(s) | [INFO NEEDED] |
|
| Open ports | 443 [CONFIRM] |
|
| TLS cert | [INFO NEEDED] |
wildcard recommended (workspaces use subdomain routing) |
| Reverse proxy | [INFO NEEDED] |
|
| Container image / version | ghcr.io/coder/coder:[INFO NEEDED] |
|
| Host server name | [INFO NEEDED] |
|
| Workspace provisioner | [INFO NEEDED] (Docker / Kubernetes) |
|
| Active workspaces | [INFO NEEDED] |
|
| Database | PostgreSQL [CONFIRM] |
Credentials in Vault¶
| Secret type | Vault path / link | Last rotated |
|---|---|---|
| Coder admin login | [INFO NEEDED] |
|
| Database password | [INFO NEEDED] |
|
| Workspace template Git tokens | [INFO NEEDED] |
|
| Per-user GitLab/GitHub PATs (in workspaces) | [INFO NEEDED] |
should be ephemeral |
5. Technology behind it¶
- Type: off-the-shelf
- Product: Coder (open-source v2, coder.com)
- Stack: Go + PostgreSQL
6. Data it handles¶
- Source code (potentially every repo a developer pulls into a workspace)
- Workspace memory / secrets
- Authentication tokens to upstream Git hosts
7. External dependencies¶
- GitLab (for source pulls)
- The host(s) provisioning workspaces
- Possibly Authentik for SSO
8. Authentication & access¶
- End-user login: Authentik OIDC
[CONFIRM]or local accounts - Admin login:
[INFO NEEDED] - MFA?
[INFO NEEDED] - Workspace SSH keys:
[INFO NEEDED]
9. Maturity assessment¶
[INFO NEEDED]
10. Known risks & vulnerabilities¶
[INFO NEEDED]Workspace persistence — if workspaces are recreated frequently, developers' uncommitted work is lost on restart.[INFO NEEDED]Resource exhaustion — many workspaces on one host can DoS each other.[INFO NEEDED]Source code on shared host — a host compromise leaks every active workspace's code.[INFO NEEDED]PAT proliferation — GitLab tokens in workspaces should be short-lived; long-lived tokens are theft targets.[INFO NEEDED]Backup of workspace state — Coder's DB + workspace volumes.
11. Impact if it goes down¶
Engineers fall back to local development. Onboarding stalls. Customer-facing impact: zero.
12. Owner & on-call¶
[INFO NEEDED]
13. References & links¶
- Public URL: https://coder.448.global
- Vendor docs: https://coder.com/docs
- Domain: see domains.md