tfsec VS v2ray-core

Using pre-commit framework with terraform repository, will help your code to be kept clean, formated, updated document and checked for tf security issues (optional with tfsec) before committing and pushing the code to git source.

Here again more than one tool exists to assist. We will highlight two of the most popular ones here: tfsec and checkov. Both provide a predefined set of checks that they use to inspect your code, allowing to explicitly open exceptions (if you really want to) by annotating your code with comments, and adjust the configuration to ignore some modules, for example.

An additional benefit of using a CI workflow is adding automated tests. In this scenario, I’ve added a step leveraging tfsec to scan for static code vulnerabilities. In the example below, tfsec warns against creating an Azure network security rule which is fully open. This will halt and fail the workflow unless I provide an ignore comment to accept the warning.

· Provision an EKS Cluster (AWS) · Terraform v15.0 · Terraform Registry · Pre-Commit · Terraform Pre-commit · Terraform-docs · Tflint · Tfsec

Using terraform, create a skeleton directory that they can review for how EC2 instances should be created. Use tools like https://github.com/tfsec/tfsec or other scanners/linters to validate that your developers followed this process and didn't uncheck something.

I know tfsec (https://github.com/tfsec/tfsec) which is pretty good for AWS resources but I think vSphere resources are not implemented.

tfsec/tfsec (Go): 🔒🌍 Static analysis powered security scanner for your terraform code

Hey there! Lots of experience with this having lived in China for 2 years. I recommend you look into xray-core or v2ray.

https://github.com/v2fly/v2ray-core

https://github.com/XTLS/Xray-core

Here are my configs: https://github.com/acheong08/notes/tree/main/xray

cd ~ wget https://github.com/v2fly/v2ray-core/releases/download/v5.7.0/v2ray-linux-64.zip sudo apt install -y unzip unzip v2ray-linux-64.zip cp geoip/output/dat/* . ./v2ray uuid

If the changing por trick work you can try shadowsocks or v2ray.

Normal VPNs that you can see ads all over the place like N*rdVPN won't work, period. The correct way is to rent a few servers from different providers, make sure their ips are not blocked, and build your own V2Ray or Trojan service first. The Chinese gov will not be able to distinguish your Trojan traffic from ordinary https traffic, so the only thing that's sus to them would be the fact that all your traffic goes to one foreign ip, but I've been doing it for a few years without officials knocking on my door so yeah I think it will work for you as well. I don't take responsibility tho, do your research.

Given that every other client is mostly using https://github.com/v2fly/v2ray-core that can be compiled for every architecture/platform that Outline client supports, maybe it's worth investing time into allowing it as a backend. It can even be used for pure shadowsocks since it's for sure more updated than the old golang shadowsocks implementation.

v2Ray: https://v2fly.org