Hey everyone,
I just set up a self-hosted GitHub Actions runner in my homelab and wrote about it in my self-hosted blog! This is my second blog entry, so I would really appreciate any feedback or suggestions to help improve my writing is more than welcome.
You can check out the post here: https://cachaza.cc/blog/02-self-hosted-ci-cd
I also thought this wasn’t an issue anymore, there’s a setting in the Actions settings where you can enable or disable workflows from forked pull requests. But someone on Reddit spooked me a bit about it, so for now, I’ve made the repo private until I’m 100% sure there are no risks. I wanted it public because I was considering using GitHub Issues as a backend for blog comments, but I’ll reevaluate that. Also, thanks for the idea of running a local git server with mirroring to GitHub—I hadn’t considered having two upstreams. That could be a great setup, especially since I’m still in college and trying to build in public for future job opportunities while keeping CI/CD self-hosted.
I did create a fork and MR, and neither used your runner (sorry if that is what spooked you).
Develop local and push remote also let’s you sanitize what is public and what isnt. Keep your half-backed personal projects local, push the good stuff to github for job opportunities.
No worries! When I checked the repo, I didn’t see any forks, and my Proxmox resource usage looked normal, so I didn’t think anything bad happened. I just got cautious after a Reddit user pointed out that the config I thought was safe wasn’t actually secure.
I hadn’t thought of it that way, but it makes a lot of sense. I was just avoiding committing certain things and only pushing finished work to GitHub.