(github.com)

67 points xlmnxp | 1 comments | 22 Oct 25 08:37 UTC | HN request time: 0s | source

Show context

myzek ◴[22 Oct 25 09:31 UTC] No.45666685[source]▶

I don't want to be a hater, but exposing access to your homelab through a "fully vibe coded" application (it's mentioned at the bottom of the README) is probably not a good idea.

The idea itself sounds fun though

replies(7): >>45666794 #>>45666805 #>>45667638 #>>45668320 #>>45672456 #>>45673770 #>>45676658 #

sanex ◴[22 Oct 25 12:52 UTC] No.45668320[source]▶

>>45666685 #

It's open source. Audit it like you would any other service that exposed your homelab to the Internet. How do you know XYZ repo isn't coded for some bootcampers capstone project? I bet those are even less secure.

Edit: should have mentioned I am a bootcamp grad, not just throwing random shade.

replies(2): >>45668415 #>>45669044 #

1. OrderlyTiamat ◴[22 Oct 25 13:42 UTC] No.45669044[source]▶

>>45668320 #

If I had to audit security services for exposing homelab to the internet, I wouldn't use those services in the first place. I'm fine trying things out, but this is a very important security boundary, and it's a solved problem. Why risk it with an auditor who does it for a hobby (me)?

↑

Knocker, a knock based access control system for your homelab