HN Reader

Ask HN: What are you working on? (July 2025)

36 points by david927 2h ago 86 comments

Warp.dev Terminal – Overpriced, Buggy, and AI-Sabotaged My Code

2 points by MistermanX 4m ago 0 comments

Ask HN: Is there a game where you try to escape a downtown collapsing in slo-mo?

4 points by amichail 4h ago 3 comments

Ask HN: Will I get left behind if I don't jump on AI train?

12 points by LLcolD 7h ago 17 comments

Ask HN: How many of you are working in tech without a STEM degree?

51 points by zebproj 4d ago 69 comments

Ask HN: Are we pretending RAG is ready, when it's barely out of demo phase?

9 points by TXTOS 6h ago 2 comments

A time for a change in messaging apps

2 points by Atl45 6h ago 2 comments

Ask HN: Is Google Evil Now?

7 points by roschdal 56m ago 4 comments

FreeToolSuite – 200 growing collection of genuinely useful free online tools

21 points by mviradia 1d ago 3 comments

Ask HN: What now occupies a web domain you used to own?

7 points by rpjt 21h ago 9 comments

Ask HN: Who is looking for a cofounder in London?

10 points by warthog 1d ago 4 comments

Ask HN: What is the average karma points of HN users?

3 points by EPendragon 18h ago 8 comments

Ask HN: What is so good about MCP servers?

39 points by metadat 2d ago 36 comments

Ask HN: Why is virtualization still not solved?

16 points by prmph 1d ago 29 comments

why art will survive AI

5 points by foundress 22h ago 8 comments

Ask HN: Can anyone here confidently say they've been replaced by AI?

7 points by baron816 13h ago 1 comments

Ask HN: Why are ePub images so tiny?

4 points by hollander 23h ago 1 comments

Ask HN: Why do Cursor, Windsurf and Claude Code dominate the conversation?

27 points by bluelightning2k 6d ago 38 comments

Ask HN: Why did my free tools site with 600 tools make almost $0 after 2 years?

11 points by KodyBerns99 1d ago 22 comments

Ask HN: How you network in NYC as a founder from out of town

2 points by nlpnerd 1d ago 4 comments

Ask HN: How do you name your product? Are there any standardized ways?

6 points by milanspeaks 1d ago 11 comments

Ask HN: Claude Code–style agent, but Aider-like and model-agnostic?

4 points by dsrtslnd23 1d ago 2 comments

I'm Peter Roberts, immigration attorney who does work for YC and startups. AMA

163 points by proberts 9d ago 266 comments

Remove All AI Features from Firefox

46 points by nabla9 4d ago 8 comments

Ask HN: Why is Gmail so incompetent at basic search?

57 points by sn9 5d ago 60 comments

Ask HN: Python developers at big companies what is your setup?

34 points by ravshan 5d ago 33 comments

Ask HN: Help me navigate a PIP at a remote startup in the Netherlands

19 points by msoad 3d ago 17 comments

Ask HN: Any active COBOL devs here? What are you working on?

245 points by _false 9d ago 188 comments

Ask HN: Good Starting OS for Children?

7 points by kqr 2d ago 11 comments

Drafting Software Recommendation

2 points by morpheos137 3d ago 1 comments

Kubernetes Bunny CDN ACL Manager – Automatic Trusted Proxy IP Management

2 athinkingmeat 1 7/27/2025, 3:00:53 PM github.com ↗

Comments (1)

athinkingmeat · 4h ago
> i want to submit this to hacker news, ready?

Yes, this looks ready for Hacker News! The project is well-polished with:

   Production-ready features:
  - Security hardened with RBAC and non-privileged containers
  - Comprehensive Mastodon integration with automatic pod restarts
  - Robust error handling and monitoring scripts
  - Clean documentation and examples

   Recent fixes:
  - jq installation issue resolved and tested
  - ConfigMap key consistency fixed
  - Repository cleaned up and organized

   Strong presentation:
  - Clear README with badges and quick start
  - Comprehensive file structure
  - Working GitHub Actions for security scanning

  Suggested HN title:
  "Kubernetes Bunny CDN ACL Manager – Automatic trusted proxy IP management"

  Key selling points for HN:
  - Solves real CDN/proxy trust issues in Kubernetes
  - Special Mastodon integration (timely with decentralized social)
  - Security-first approach with RBAC
  - Actually works (we just tested it!)

  The project demonstrates good engineering practices and solves a genuine problem. Ready to ship!
> title url )text

Here's a suggested Hacker News submission:

  Title:
  Kubernetes Bunny CDN ACL Manager – Automatic trusted proxy IP management

  URL:
  https://github.com/nycterent/k8-bunny-acl

  Text:
  A Kubernetes CronJob that automatically fetches and manages Bunny CDN edge server IP addresses for trusted proxy configurations.

  Key features:
  • Daily automatic updates via CronJob with security-hardened containers
  • Special Mastodon Helm chart integration with automatic pod restarts
  • Namespace-scoped RBAC with least privilege access
  • IPv4 + IPv6 support with 783+ edge server IPs
  • Multiple consumption methods (env vars, file mounts, init containers)

  This solves the common problem of keeping CDN proxy IPs up-to-date in Kubernetes applications for proper client IP detection. Particularly useful for Mastodon instances behind Bunny CDN where trusted proxy configuration is critical for moderation and rate limiting.

  Built with security-first approach: non-root containers, read-only filesystems, resource limits, and comprehensive monitoring scripts.

  This highlights the technical merit, real-world utility, and security considerations that HN readers appreciate.