undefined | Better HN

0 pointssimonw5mo ago0 comments

The most convincing implementation I've seen of this so far is to lock down access to just a single IP address, then run an HTTP proxy server at that IP address which can control what sites can be proxied to.

Then inject HTTP_PROXY and HTTPS_PROXY environment variables so tools running in the sandbox know what to use.

0 comments

thomasballinger5mo ago

Codex remote environments seem to do this, we had to add support (via two lines of code) for these proxy environment variables to our CLI to support talking to GitHub from these environments.

j / k navigate · click thread line to collapse

0 pointssimonw5mo ago0 comments

Then inject HTTP_PROXY and HTTPS_PROXY environment variables so tools running in the sandbox know what to use.

0 comments

thomasballinger5mo ago

Codex remote environments seem to do this, we had to add support (via two lines of code) for these proxy environment variables to our CLI to support talking to GitHub from these environments.

j / k navigate · click thread line to collapse