docs: improve private network configuration guide tone and readability #910
Conversation
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
There was a problem hiding this comment.
Looks great, thanks for taking the time to revamp this guide! I have some suggestions but don't feel obligated to address all of them. Happy to take a second pass through if you do make more changes.
@marcleblanc2 mentioned that we might also want to consider adding a section for configuring docker networks to avoid IP range collision with the host/ network range. I think it would be something as simple as adding a brief note with the following codeblock, but it might also be good to add a link out to docker's documentation
networks:
default:
ipam:
driver: default
config:
- subnet: "172.20.2.0/27" #we probably don't want to recommend this CIDR specifically| In order for Sourcegraph to respect an organization's self-signed certificates, the private CA root certificate(s) will need to be appended to Sourcegraph's trusted CA root certificate list in `/etc/ssl/certs/ca-certificates.crt`. | ||
| When deploying Sourcegraph in private networks, you'll often need to configure TLS certificates to establish trusted | ||
| connections with internal services like code hosts. The recommended approach is to configure root CA certificates | ||
| through Sourcegraph's site configuration using `tls.external` in the `experimentalFeatures` section. |
There was a problem hiding this comment.
I think we need to check if this will work for executors, or at least add a note that depending on your executor deployment method this might not work.
- Revise overview section for clearer explanation of private networks - Enhance certificate management section with step-by-step instructions - Update validation steps with clear expected outcomes
- Add Docker Compose proxy environment configuration - Update certificate chain depth documentation - Add practical certificate extraction command - Include Cody LLM providers in external connections
trly
force-pushed
the
trly/REL-638-expand-tls-docs
branch
from
5a3ff98 to
08a7168
Compare
Pull Request approval
You will need to get your PR approved by at least one member of the Sourcegraph team. For reviews of docs formatting, styles, and component usage, please tag the docs team via the #docs Slack channel.