Skip to content

docs: improve private network configuration guide tone and readability#910

Merged
trly merged 6 commits intomainfrom
trly/REL-638-expand-tls-docs
Feb 10, 2025
Merged

docs: improve private network configuration guide tone and readability#910
trly merged 6 commits intomainfrom
trly/REL-638-expand-tls-docs

Conversation

@trly
Copy link
Contributor

@trly trly commented Jan 22, 2025

  • Revise overview section for clearer explanation of private networks
  • Enhance certificate management section with step-by-step instructions
  • Update validation steps with clear expected outcomes

Pull Request approval

You will need to get your PR approved by at least one member of the Sourcegraph team. For reviews of docs formatting, styles, and component usage, please tag the docs team via the #docs Slack channel.

@vercel
Copy link

vercel bot commented Jan 22, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
sourcegraph-docs ✅ Ready (Inspect) Visit Preview 💬 Add feedback Jan 31, 2025 3:46pm

@trly trly requested review from loujar and marcleblanc2 January 22, 2025 20:38
@trly trly requested a review from Galindo-J January 22, 2025 20:52
@trly trly marked this pull request as ready for review January 22, 2025 21:34
loujar
loujar reviewed Jan 22, 2025
View reviewed changes
Copy link
Contributor

@loujar loujar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great, thanks for taking the time to revamp this guide! I have some suggestions but don't feel obligated to address all of them. Happy to take a second pass through if you do make more changes.

@marcleblanc2 mentioned that we might also want to consider adding a section for configuring docker networks to avoid IP range collision with the host/ network range. I think it would be something as simple as adding a brief note with the following codeblock, but it might also be good to add a link out to docker's documentation

networks:
  default:
    ipam:
      driver: default
      config:
        - subnet: "172.20.2.0/27" #we probably don't want to recommend this CIDR specifically

docs/admin/config/private-network.mdx Outdated
In order for Sourcegraph to respect an organization's self-signed certificates, the private CA root certificate(s) will need to be appended to Sourcegraph's trusted CA root certificate list in `/etc/ssl/certs/ca-certificates.crt`.
When deploying Sourcegraph in private networks, you'll often need to configure TLS certificates to establish trusted
connections with internal services like code hosts. The recommended approach is to configure root CA certificates
through Sourcegraph's site configuration using `tls.external` in the `experimentalFeatures` section.
Copy link
Contributor

@loujar loujar Jan 22, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we need to check if this will work for executors, or at least add a note that depending on your executor deployment method this might not work.

@trly trly requested a review from MaedahBatool January 23, 2025 15:46
@trly trly requested a review from loujar January 24, 2025 21:17
@trly trly force-pushed the trly/REL-638-expand-tls-docs branch from 5a3ff98 to 08a7168 Compare January 24, 2025 21:33
@trly trly force-pushed the trly/REL-638-expand-tls-docs branch from 08a7168 to b862187 Compare January 27, 2025 14:04
marcleblanc2
marcleblanc2 previously requested changes Jan 28, 2025
View reviewed changes
marcleblanc2
marcleblanc2 reviewed Jan 28, 2025
View reviewed changes
marcleblanc2
marcleblanc2 reviewed Jan 28, 2025
View reviewed changes
@trly trly requested a review from marcleblanc2 January 28, 2025 21:28
trly added 6 commits January 31, 2025 10:35
@trly
docs: improve private network configuration guide tone and readability
b249d2a 
- Revise overview section for clearer explanation of private networks
- Enhance certificate management section with step-by-step instructions
- Update validation steps with clear expected outcomes
@trly
docs: add additional private network document improvement
ae4ef9a 
- Add Docker Compose proxy environment configuration
- Update certificate chain depth documentation
- Add practical certificate extraction command
- Include Cody LLM providers in external connections
@trly
docs: fix docker-compose example formatting
e014ed9
@trly
docs: add additional info on docker networking
0ae6e10
@trly
docs: fix typo
fbba25a
@trly
docs: updated private-network docs
4501813 
* removed docker-compose networking recommendations
* updated TLS certificate section heading and overview
@trly trly force-pushed the trly/REL-638-expand-tls-docs branch from ac6dfba to 4501813 Compare January 31, 2025 15:42
@trly trly dismissed marcleblanc2’s stale review February 6, 2025 15:00

All changes should be addressed now

MaedahBatool
MaedahBatool approved these changes Feb 10, 2025
View reviewed changes
Copy link
Contributor

@MaedahBatool MaedahBatool left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM feel free to merge. :)

@trly trly merged commit 3133a53 into main Feb 10, 2025
3 checks passed
@trly trly deleted the trly/REL-638-expand-tls-docs branch February 10, 2025 20:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@loujar loujar loujar approved these changes

@Galindo-J Galindo-J Awaiting requested review from Galindo-J

@marcleblanc2 marcleblanc2 Awaiting requested review from marcleblanc2

+1 more reviewer

@MaedahBatool MaedahBatool MaedahBatool approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@trly @marcleblanc2 @MaedahBatool @loujar