not quite sure what the second sentence means (phone autocorrect?).
the rest i absolutely agree with.
not quite sure what the second sentence means (phone autocorrect?).
the rest i absolutely agree with.
Fair point, Johannes. You’re right—the Halting Problem essentially dictates that I can't mathematically prove the absence of a back door without providing the source for audit. In high-security environments, 'Trust me' is a zero-value argument.
To be clear, I am an Infrastructure Specialist at a large multi-national enterprise; coding isn't my primary job—managing thousands of nodes is. I built this on my own time (2 months to be precise) specifically to solve the 'sprawl' and manual inventory headaches I face in my professional day-to-day. Hence, can't share my 2 months handwork.
So I'm sharing the binary as-is for admins who deal with similar scale and want the UI/UX I’ve spent months refining. I respect that this isn't for everyone, especially those with strict open-source mandates.
For those curious, I recommend running it in a network-isolated VM. You’ll see it only attempts to hit the Proxmox API ports you define in your local inventory. I appreciate the high bar for security you're setting here.
To be clear, I am an Infrastructure Specialist at a large multi-national enterprise; coding isn't my primary job—managing thousands of nodes is. I built this on my own time (2 months to be precise) specifically to solve the 'sprawl' and manual inventory headaches I face in my professional day-to-day. Hence, can't share my 2 months handwork.
So I'm sharing the binary as-is for admins who deal with similar scale and want the UI/UX I’ve spent months refining. I respect that this isn't for everyone, especially those with strict open-source mandates.
For those curious, I recommend running it in a network-isolated VM. You’ll see it only attempts to hit the Proxmox API ports you define in your local inventory. I appreciate the high bar for security you're setting here.
Thanks for the hint, of course it was Androids Auto-Typo-Feature
I edited my post, I meant:"Your point don't address the root concern though. It's quite difficult to proove that a certain Software doesn't have a specific feature ( aka malicious code) due to the Halteproblem."
This isn't actually improving your case
I'm not a developer myself but mainly a sysadmin. Thus I wouldn't trust code written by me in a production environment (except small scripts, nagios plugins etc). Software Engineering after all isn't my main work and thus my skills in it (including quality assurance) is quite lacking. I would publish the source though so somebody with better skills could give me hints to improve it.For the same reason I wouldn't trust code written by somebody with a similiar background, especially if I can't verify it.
It has nothing to do with open-source mandates per se. After all of companies run closed-source software. It's just usually not from some unknown guy from a forum. At best it's somebody known in the community, but even then publishing the source makes it more trust worthy, because it shows at least effort. Some friends of me startet a company after college who develop a closed-source password manager. In this special case I would use it, but this is only because I know the envolved people and trust them. If I happened to go to a different college than them I would be more hesitant in using their software. Somebody from a forum who I don't know is harder to trust, sorry.
It should also be noted (didn't tried it myself up to now), that the ansible collection for managing ProxmoxVE also has an inventory plugin:
https://docs.ansible.com/projects/a...llections-community-proxmox-proxmox-inventory
It allows using ProxmoxVE as inventory for ansible but together with ansible-inventory it should be trivial to use it to export inventory lists.
I hear you, Johannes. Trust is the hardest currency to earn in this industry, and starting as an 'unknown' on a forum is a steep hill to climb. I respect your caution—it’s the right mindset for a production admin.
Regarding the Ansible plugin: You’re absolutely right that it’s great for data export. However, the goal of HyperGate wasn't just to 'get the data'; it was to build a centralized, visual portal and launch-engine for admins who prefer a unified UI over managing flat lists or running CLI commands every time they need to jump between clusters.
I’ll leave the tool here for those who find value in that specific workflow. I appreciate the back-and-forth—it’s been a good reality check on the community's security expectations. Cheers!
Thanks for feedback
Regarding the Ansible plugin: You’re absolutely right that it’s great for data export. However, the goal of HyperGate wasn't just to 'get the data'; it was to build a centralized, visual portal and launch-engine for admins who prefer a unified UI over managing flat lists or running CLI commands every time they need to jump between clusters.
I’ll leave the tool here for those who find value in that specific workflow. I appreciate the back-and-forth—it’s been a good reality check on the community's security expectations. Cheers!
Thanks for feedback
