Nowadays, tailscale or cloudflare access + tunnel works amazing well for private... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		NhanH on June 29, 2022 \| parent \| context \| favorite \| on: GitHub incident – now resolved Nowadays, tailscale or cloudflare access + tunnel works amazing well for private service that you might need access on untrusted network. So the needs for keeping them up to can be delayed a lot more (of course, jenkins is a special case since it might be pulling and executing untrusted code, but I think that is something you need to care even without security issue specific to jenkins itself).

_joel on June 29, 2022 [–]

Yea, quite right, also use runners on ephemeral build targets as that can reduce some of the attack surface for running untrusted code, don't do it all in the box.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact