Skip to content

feat(vscode-cloud): fix internet access, type safety, and improve UX#26

Merged
vtempest merged 5 commits into
masterfrom
claude/bold-pasteur-O0Uht
May 19, 2026
Merged

feat(vscode-cloud): fix internet access, type safety, and improve UX#26
vtempest merged 5 commits into
masterfrom
claude/bold-pasteur-O0Uht

Conversation

@vtempest

@vtempest vtempest commented May 19, 2026

Copy link
Copy Markdown
Collaborator
  • Set enableInternet = true on CodeServerContainer so the container
    can reach the R2 S3-compat HTTPS endpoint (for geesefs FUSE mount)
    and github.com for repo cloning — this was blocking both features
  • Fix onStop signature to use StopParams from @cloudflare/containers
    instead of a manually typed object with wider reason: string
  • Fix DurableObjectState<unknown> cast to the correct SqlStorage type
  • Call renewActivityTimeout() directly instead of via duck-typing —
    the method is part of the public Container API
  • Guard getConfig() with try/catch so SQL SELECT errors on an
    uninitialised table return null rather than throwing
  • Add /__internal/state RPC on the DO to expose container state JSON
  • Add /status endpoint on the Worker returning userId + container state
  • Revamp first-visit setup page: copy button, idle timeout display,
    reset-password form, R2/GitHub info section
  • Add Google OAuth landing page at /auth/login (branded sign-in card
    with Google logo); /auth/login?direct= still redirects immediately
  • Redirect OAuth callback to /setup so users see their password before
    code-server prompts for it
  • Require GOOGLE_CLIENT_SECRET in authenticate() consistently with
    handleAuthRoutes() to prevent accidental dev-mode fallback
  • Document FUSE availability and internet access in wrangler.jsonc

https://claude.ai/code/session_01VSbGCNLi5Ydg8ViQijJEzG

claude and others added 5 commits May 18, 2026 23:44
@claude
feat(vscode-cloud): fix internet access, type safety, and improve UX
a5827d6 
- Set `enableInternet = true` on CodeServerContainer so the container
  can reach the R2 S3-compat HTTPS endpoint (for geesefs FUSE mount)
  and github.com for repo cloning — this was blocking both features
- Fix `onStop` signature to use `StopParams` from @cloudflare/containers
  instead of a manually typed object with wider `reason: string`
- Fix `DurableObjectState<unknown>` cast to the correct `SqlStorage` type
- Call `renewActivityTimeout()` directly instead of via duck-typing —
  the method is part of the public Container API
- Guard `getConfig()` with try/catch so SQL SELECT errors on an
  uninitialised table return null rather than throwing
- Add `/__internal/state` RPC on the DO to expose container state JSON
- Add `/status` endpoint on the Worker returning userId + container state
- Revamp first-visit setup page: copy button, idle timeout display,
  reset-password form, R2/GitHub info section
- Add Google OAuth landing page at /auth/login (branded sign-in card
  with Google logo); /auth/login?direct= still redirects immediately
- Redirect OAuth callback to /setup so users see their password before
  code-server prompts for it
- Require GOOGLE_CLIENT_SECRET in authenticate() consistently with
  handleAuthRoutes() to prevent accidental dev-mode fallback
- Document FUSE availability and internet access in wrangler.jsonc

https://claude.ai/code/session_01VSbGCNLi5Ydg8ViQijJEzG
@claude
feat(vscode-cloud): passwordless login, landing page, and pre-install…
5765f80 
…ed AI/dev extensions

Auth
- Switch code-server from --auth password to --auth none; the Cloudflare
  Worker (CF Access JWT or Google OAuth session) is the auth gatekeeper —
  the container is never directly reachable, so no password is needed
- Remove all password generation, storage, and reset machinery from the
  Container DO and Worker (getOrCreatePassword, /setup, /reset-password,
  /__internal/password)
- /auth/login now redirects straight to Google; the landing page explains
  the app before users sign in

Landing page
- Unauthenticated GET requests to any path (Google OAuth mode) now render
  a full landing page instead of bouncing to /auth/login
- Six feature tiles: isolated container, R2 persistence, GitHub auto-clone,
  Claude Code + Codex CLI, pre-installed extensions, idle sleep billing
- Responsive CSS-grid layout; adapts sign-in button to auth mode
  (Google / CF Access / dev mode)

Dockerfile
- Install python3, python3-pip, python3-venv for Python development
- Install Claude Code CLI (@anthropic-ai/claude-code) globally
- Install Codex CLI (@openai/codex) globally
- Pre-install ten VS Code extensions at build time via Open VSX:
  GitLens, Prettier, ESLint, Python, Tailwind CSS IntelliSense,
  Path Intellisense, Code Runner, Material Icon Theme,
  Error Lens, Code Spell Checker
  (failures are non-fatal; IDE still launches without them)

entrypoint.sh
- Remove PASSWORD env var and --auth password flag
- Richer default workspace settings.json: icon theme, font ligatures,
  word wrap, tab size, GitLens current-line blame, Error Lens levels,
  spell checker enabled

https://claude.ai/code/session_01VSbGCNLi5Ydg8ViQijJEzG
@claude
feat(vscode-cloud): teams dashboard, WakaTime tracking, and updated l…
815ff09 
…anding page

Teams (new src/teams.ts + src/admin.ts)
- D1-backed data layer: teams, team_members, team_invites tables
  auto-created via initTeamsSchema() on first /admin request
- Admin dashboard at /admin — lists all teams the user belongs to
  (ADMIN_EMAILS env var grants platform-wide visibility)
- Create team at /admin/team/new — creator becomes team admin
- Team detail at /admin/team/:id — members table with email, role,
  container status (fetched live from each user's DO), and join date
- Invite members: admin fills in email → generates a 7-day invite URL
  to copy and share (no email infrastructure required)
- Accept invite at /admin/accept-invite?token=... — validates token,
  adds user as member, deletes the single-use invite token
- Remove member: team admin can remove any member except themselves
- Pending invites table with remaining expiry shown on team detail page
- WakaTime card on team detail page explaining the pre-installed
  extension and linking to wakatime.com/dashboard

WakaTime time tracking
- Add WAKATIME_API_KEY env var — if set, auto-writes ~/.wakatime.cfg
  inside every container so the extension activates without manual setup
- Add WakaTime.vscode-wakatime to pre-installed extension list in Dockerfile

Landing page (src/index.ts)
- Reworked hero: "The cloud IDE for developer teams"
- Separate "For developers" feature grid (6 tiles) and a "Built for
  engineering teams" CTA section with purple accent and 5 bullet pills
  (team accounts, admin dashboard, email invites, WakaTime, container status)
- Nav shows "Team dashboard" link alongside primary sign-in action
- Footer updated to mention WakaTime

Config (wrangler.jsonc)
- Add D1 binding: TEAMS_DB / vscode-cloud-teams
- Add ADMIN_EMAILS var (comma-separated platform-admin emails)
- Add WAKATIME_API_KEY var with setup note
- Updated initial-setup comment block to include wrangler d1 create step

https://claude.ai/code/session_01VSbGCNLi5Ydg8ViQijJEzG
@claude
docs(vscode-cloud): rewrite README with full setup guide
01f871f 
Complete rewrite reflecting the current implementation:
- Architecture diagram updated: passwordless auth, D1 teams DB,
  WakaTime, AI CLIs, admin dashboard
- Step-by-step quick start: install, login, create R2/D1/KV resources,
  set secrets, configure wrangler.jsonc, deploy
- Auth option A (CF Access) and option B (Google OAuth) each with
  numbered steps and exact config snippets
- R2 setup: how to generate an API token, FUSE performance settings
- GitHub auto-clone: config and private repo PAT
- Teams dashboard: first-time setup, workflow walkthrough, routes table
- WakaTime: manual per-user setup, auto-configure via WAKATIME_API_KEY
- Pre-installed tools: AI CLIs table, VS Code extensions table
- Full configuration reference: env vars, secrets, Cloudflare resources,
  container sizing
- Cost estimates and all HTTP endpoints
- Local development and troubleshooting sections

Removed: all references to passwords, /setup, /reset-password (removed
in previous commits)

https://claude.ai/code/session_01VSbGCNLi5Ydg8ViQijJEzG
@vtempest
Merge branch 'master' into claude/bold-pasteur-O0Uht
076e2b4
@vercel

vercel Bot commented May 19, 2026
edited
Loading

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
appdemo-starter-docs Error Error May 19, 2026 2:27am
cccp-deployment Ready Ready Preview, Comment May 19, 2026 2:27am
starter-docs Ready Ready Preview, Comment May 19, 2026 2:27am

@cloudflare-workers-and-pages

cloudflare-workers-and-pages Bot commented May 19, 2026
edited
Loading

Copy link
Copy Markdown

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Updated (UTC)
✅ Deployment successful!
View logs		 vscode-cloud 076e2b4 May 19 2026, 02:22 AM

@vtempest vtempest merged commit aa0d644 into master May 19, 2026
3 of 8 checks passed
@vtempest vtempest deleted the claude/bold-pasteur-O0Uht branch May 19, 2026 02:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@vtempest @claude