Many people get surprised when I tell them my main computer is a Chromebook despite coding something almost everyday. There is one main reason why I can float around with a lightweight Chromebook: I have a Linux workstation I run everything remotely on. So the Chromebook acts as an easy, always up-to-date gateway. I wouldn’t recommend developing in the “cloud” using things like Codespace since the cost usually is not worth it.

My journey started as a regular Windows or Linux user. Then around 12 years ago I switched to coding purely in Vim because I was bored. All I needed was a terminal and having access to a Desktop environment didn’t mean much. I quickly transitioned to simpler window managers for browsing as the only GUI I was using was the web browser. Something like Openbox was more than enough with some custom keyboard shortcuts. During this period, I got a Chromebook and just SSHed into my Linux workstation. Life was good until I got exhausted from memorising every command and “massaging” my keyboard to get something done as the keybindings became more and more complicated. I ended up switching to VS Code and enabled Vim keybindings with SSH remote access. However, this meant that I had to run VS Code in the Linux container inside my Chromebook. It works but it’s not fast to boot or as stable; sometimes the menu buttons wouldn’t click or the terminal would get stuck.

That’s where code-server comes in. I wanted to switch to a fully remote setup I could access through a browser on my Chromebook without having to dip into the Linux container. Since I was already using Tailscale to securely SSH back into my workstation no matter how badly it was hidden, I decided to expose the service through Tailscale. Without enabling HTTPS, Chrome will almost always complain that it is an insecure website even though you’re routing everything through Tailscale. Luckily, Tailscale can generate certificates for you.

To get started, you can install code-server with:

curl -fsSL https://code-server.dev/install.sh | sh

and then follow through with these steps:

  1. Enable MagicDNS and HTTPS on your Tailscale admin console. These will allow you to access securely the code-server instance using a URL instead of an IP address.
  2. Run tailscale cert with the domain of your MagicDNS name, it automatically prompts you with it. This will dump your certificate and key in the folder you were running command. I placed these in the code-server config folder ~/.config/code-server so they are kept where they will be used.
  3. Edit code-server config.yaml to use the certificates with correct hostname:
bind-addr: [yourTailscaleIP]:8888
auth: password
password: [yourPassword]
cert: /home/[yourUsername]/.config/code-server/[yourHostname].crt
cert-key: /home/[yourUsername]/.config/code-server/[yourHostname].key
cert-host: [yourHostname]

Here I expose the service only on the Tailscale address to restrict it and use port 8888 to avoid clashes with development servers which often use the default 8080. Go ahead and restart the service if you enabled it:

sudo systemctl restart code-server@$USER

By browsing to the [yourHostname]:8888, you should now be greeted with the password login page. The best part is that Chrome will be happy with the HTTPS certificates and not complain.

Do not expose your code-server on a public endpoint for security reasons.

If you are still reading this article, then I recommend you install the code-server page a progressive web app so it behaves like a normal application that you can easily maximise etc. What I like about this setup is that it is always ready to go. I just open the link / tab and my whole VS Code is ready to go in a second. I don’t have to worry about my Chromebook cooking whilst trying update VS Code and its extensions.