6.
HN
Paperclip, Open-source orchestration for zero-human companies
Paperclip is an open-source orchestration platform that automates the management of autonomous AI companies with minimal human involvement. Built using Node.js and React, it efficiently coordinates various AI agents like OpenClaw, Codex, and Claude Code to achieve unified business objectives. Its key features include task management, goal alignment, cost control, governance mechanisms, organizational charting capabilities, mobile accessibility, and the capability to manage multiple AI companies within a single deployment environment. This makes Paperclip particularly suitable for users overseeing numerous AI agents who need comprehensive oversight over tasks, expenses, and goals without manual tracking.
Paperclip tackles common challenges in managing multiple AI agents by offering persistent task sessions, streamlined agent configurations, automated cost monitoring, scheduled jobs through heartbeat mechanisms, and integrated governance structures. Unlike typical chatbots or workflow systems, Paperclip is designed to run entire companies rather than just manage individual agents or workflows.
The platform supports self-hosting without requiring an account and provides a quickstart guide for setup using Node.js and pnpm. Future enhancements on its roadmap include improving OpenClaw integration, supporting cloud-based AI agents, enabling transactions involving whole AI companies, simplifying agent configurations, enhancing documentation, and developing a plugin system.
Paperclip is released under the MIT license and welcomes community contributions through platforms like Discord, GitHub Issues, and Discussions. Its core aim is to facilitate the seamless orchestration of AI agents into cohesive business operations.
Keywords: #phi4, AI agents, Asana, Bash, Claude Code, Clipmart, Codex, Cursor, HTTP, Nodejs, OpenClaw, Paperclip, React UI, Tailscale, Trello, Vercel, accountability, atomic execution, autonomous companies, budgets, business, community, company templates, continuous agents, contributing, development, event-based triggers, goal-aware execution, governance, heartbeats, isolation, mobile ready, orchestration, org charts, persistent state, roadmap, rollback, skill injection, solo-entrepreneur, task manager, ticket system
github.com an hour ago
|
182.
HN
I vibe coded my dream macOS presentation app
The author crafted a custom macOS presentation application named Present.app within approximately 45 minutes prior to delivering a talk at Social Science FOO Camp. Developed using SwiftUI and Swift, the app facilitates presentation management through sequences of URLs with features such as automatic URL saving, full-screen navigation via arrow keys, font size adjustments, and crash recovery capabilities. Additionally, remote control functionality was integrated, allowing control over the local network via Tailscale on a phone. The rapid development process involved prompting an AI model with specific instructions followed by examining the resulting codebase to identify implementation patterns, which included unique choices like employing socket programming without relying on libraries. This project illustrates Swift's suitability for quick application development and demonstrates how traditional software engineering skills can be effectively combined with emerging tools like AI models to streamline coding processes. The author underscores that while native developers remain crucial, these innovative techniques enhance their ability to swiftly create functional solutions.
Keywords: #phi4, CSRF vulnerabilities, Keynote, Swift, SwiftUI, Tailscale, URLs, Xcode, browser crash, full screen, macOS, presentation app, remote control, socket programming, technical knowledge, vibe coded, web pages
simonwillison.net 23 hours ago
|
205.
HN
Networking with Agents: Put Them in the Right Conversations with Tailscale
The article explores how integrating Tailscale with Firetiger addresses challenges in connecting agents on public networks to privately hosted databases such as Postgres, MySQL, and Clickhouse. It highlights the difficulties posed by overlapping CIDR blocks in VPC peering, complexities of site-to-site VPNs, and security risks associated with bastion hosts. The solution involves using Firetiger Network Transports with Tailscale to establish secure connections that ensure end-to-end encryption, thereby simplifying inter-network communication without exposing private databases to the public internet. Users can manage permissions via Tailscale ACLs and create ephemeral devices within their network for enhanced security during database management tasks. The setup process includes configuring Tailscale Credentials, creating a Network Transport in Firetiger with these credentials, and adjusting agents to monitor or manage databases securely over this transport. Overall, the integration of Firetiger with Tailscale effectively resolves typical networking issues, enabling seamless agent interactions with private networks while boosting security and operational efficiency.
Keywords: #phi4, ACLs, AWS PrivateLink, Agents, Auth Keys, Bastion Hosts, Clickhouse, Cloud, Connectivity, DBA Agent, Database, Encryption, Ephemeral Devices, Firetiger, MySQL, NAT, Networking, OAuth, Permissions, Postgres, Private Network, Security, Tailnet, Tailscale, VPC Peering, VPNs
blog.firetiger.com a day ago
|
251.
HN
Paperclip – Open-source orchestration for zero-human companies
Paperclip is an open-source orchestration platform designed to manage AI-driven companies by coordinating various AI agents as a central hub. It offers tools such as Node.js servers and React UIs for defining business goals, hiring virtual teams, budget allocation, and governance within digital workplaces. By providing features like task management, cost control, goal alignment, and multi-company support, Paperclip allows users to run multiple AI projects simultaneously without being overwhelmed by complexity or operational costs. The platform integrates with a range of AI agents such as OpenClaw, Claude Code, Codex, Cursor, Bash, and HTTP-based services, addressing challenges like tracking agent activities across sessions, maintaining configurations, preventing costly runaway processes, and ensuring regular execution of recurring tasks. Key functionalities include persistent state management for agents, atomic task execution, goal-aware workflows, and the ability to import/export company templates.
Unlike a chatbot or an agent development framework, Paperclip focuses on orchestrating companies composed of AI agents, supporting self-hosted environments without requiring an account. Users can quickly start with commands like `npx paperclipai onboard --yes`. The platform's roadmap highlights future enhancements such as improved integration with cloud agents and the development of a plugin system for increased extensibility. Encouraging community involvement, Paperclip fosters contributions through platforms like Discord, GitHub Issues, and GitHub Discussions and is licensed under MIT © 2026.
Keywords: #phi4, AI agents, Asana, Clipmart, Discord, GitHub, Nodejs, OpenClaw, Paperclip, React UI, Tailscale, Trello, Vercel, agent coordination, atomic execution, autonomous companies, budgets, community Extracted Keywords: Paperclip, community Keywords: Paperclip, contributing, development, goal alignment, governance, governance rollback, isolation, mobile ready, multi-company, orchestration, org charts, persistent state, portable templates, roadmap, runtime skill injection, solo-entrepreneur, task manager
github.com a day ago
|
292.
HN
Mercury – Transforming Drone
The Mercury Transforming Drone stands out as an innovative drone design characterized by a simple transformation mechanism that allows it to carry payloads up to 1 kg within its inner bay. It is equipped with RGB, depth, and thermal cameras for enhanced imaging capabilities, alongside Ardupilot and GPS technology for precise navigation. The drone's safety features include wheel and prop guards, which are managed via a mobile application. Key hardware components encompass linear actuators, BLDC motors, a Raspberry Pi 5, and sensors such as an IMU and TOF camera. Power is supplied by Lipo batteries, bolstered by buck converters and Electronic Speed Controllers (ESCs). PCB files necessary for assembly are provided in Gerber format.
For those looking to assemble the drone, all required STL files can be downloaded readily. Full access to the CAD project files (.SLDPRT & .STEP) is available through a Patreon subscription. The software setup process involves installing autonomy software on a Raspberry Pi 5, with detailed instructions for setting up a virtual environment and executing essential scripts like `start_mavproxy.sh` and `run.sh`. Network control of the drone is facilitated via Tailscale, complemented by convenience scripts for managing startup processes.
Support for this project, including collaboration opportunities, can be found on Discord. The development and maintenance of the Mercury Transforming Drone are spearheaded by core contributors Alvaro L. and Connor Raymer.
Keywords: #phi4, Ardupilot, Autonomy Software, BLDC Motor, Bill of Materials, Buck Converter, CAD Files, Cable, Cube Flight Controller, Dependencies, Depth Cameras, Discord Server Keywords: Drone, Drone, ESC, ESP32S3, Frame, GPS, H Bridge, IMU, Linear Actuator, Lipo Battery, Mavproxy, Mercury, Mobile App, PCB Files, Payload Bay, Propellers, RGB Cameras, Radiolink R8XM, Raspberry Pi, STL Files, Screws, Software Setup, T Plug, TOF Camera, Tailscale, Thermal Cameras, Transformation, USB Webcam, Virtual Environment, XT60
github.com a day ago
|
550.
HN
Streaming My Vitals to Dr. Claw
The text describes a personal project where the author set up an AI-driven health monitoring system utilizing OpenClaw agents, Discord, Gadgetbridge, and Tailscale to stream vital data from a Helio Strap directly to their server. This setup allows for near real-time access to various health metrics such as heart rate, HRV, and sleep data, with automatic syncing every few hours without manual SSH key configurations. An AI agent, humorously named "Dr. Claw," is integrated into Discord to provide health reports, alert on abnormal vitals, and occasionally misunderstand commands due to its name. The author uses LiteLLM for model swapping across different setups and explores various AI tools like Claude Enterprise, Codex, qwen 3.5, and GLM-5 through Ollama Cloud.
The system is framed as an experimental endeavor that utilizes OpenClaw's tooling while maintaining security by setting the agent’s permissions to read-only access for external services. Additional integrations improve the management of development tools on the go, although some tasks like git commits still necessitate manual intervention with secure SSH forwarding. The author concludes by suggesting that a safe and open setup with OpenClaw can be achieved through using verified skills and limiting external service permissions to read-only mode.
Keywords: #phi4, 1Password, AI Doctor, Claude Enterprise, Daily Report, Discord, GLM-5, Gadgetbridge, Git Repositories, Graphene, Health Agent, Helio Strap, LiteLLM, Ollama Cloud, Openclaw, Qwen 35, SQLite, SSH Forwarding, Tailscale
zach.codes 2 days ago
|
734.
HN
Vibes: A simple mobile-focused chat app to talk to an agent via the ACP protocol
Vibes is a mobile-focused single-user chat application designed to facilitate seamless interactions with coding agents via the ACP protocol, drawing inspiration from Toad's implementation while offering a Slack-like user interface. It supports mobile interfaces over Tailscale and provides real-time updates through SSE (Server-Sent Events), along with rich media support for Markdown, KaTeX, and Mermaid rendering.
The app shares its web UI with piclaw and features real-time token updates to enhance interactive sessions. A workspace explorer equipped with a file tree sidebar supports drag-and-drop uploads, previews, and keyboard navigation. It includes an integrated code editor based on CodeMirror 6, offering syntax highlighting for 13 languages, Vim mode, search/replace functionality, among other tools. Persistent storage is managed via SQLite, handling messages, media, and full-text search.
The application supports theme switching between dark and light modes according to system preferences and features slash commands for agent control and utilities such as /commands, /model, and /thinking. Its mobile-first design ensures compatibility across various devices, with support for installing a Progressive Web App (PWA) that functions as a standalone web app.
Installation is possible directly from GitHub or through tools like uv for faster setup. Development involves managing dependencies, running tests, linting, and handling frontend builds via Makefile commands. Vibes is open-source software licensed under the MIT license.
Keywords: #phi4, ACP protocol, API endpoints Extracted Keywords: Vibes, API endpoints Keywords: Vibes, CodeMirror 6, KaTeX, Markdown, Mermaid, PWA, SPA, SQLite, SSE, Slack-like, Tailscale, Vibes, chat app, code editor, coding agents, development, development Comma-separated List: Vibes, development Final Keywords: Vibes, installation, mobile-friendly, slash commands, web UI, workspace explorer
github.com 3 days ago
|
889.
HN
Mercury is a transforming drone anyone can build
The Mercury is an innovative open-source transforming drone designed to be built and customized by anyone interested in advanced drone technology. It features a 1 kg payload bay equipped with RGB, depth, and thermal cameras, which are controlled via the Ardupilot + GPS system. A standout feature of the Mercury is its transformation capabilities, managed through a simple mechanism that users can operate using a mobile app.
To construct the Mercury, several key components are necessary, including linear actuators, propellers, BLDC motors, a Raspberry Pi 5, data dongle, batteries, screws, carbon fiber sheeting, cables, connectors, an IMU, cameras (TOF and USB webcam), buck converter, flight controller, ESCs, and custom PCBs. In terms of software, the project provides autonomy software to be installed on the Raspberry Pi 5, along with scripts such as `start_mavproxy.sh` and `run.sh` for operational guidance.
For individuals seeking comprehensive access to CAD files (.SLDPRT & .STEP), joining the project's Patreon is suggested. The Mercury project also fosters community involvement through its Discord server, encouraging support and collaboration among users. By offering pre-designed components and software assistance, the project aims to promote innovation in drone technology while ensuring ease of use for enthusiasts and developers alike.
Keywords: #phi4, Ardupilot, BLDC Motor, Buck Converter, Cube Flight Controller, DRV8871 H Bridge, Discord server, ESP32S3, EasyEDA CAD, GPS, Lipo Battery, MPU 9250, Mavproxy Bridge, Mercury, PCB files, RGB, Radiolink R8XM, Raspberry Pi, SEQURE ESC, STL files, TOF Camera, Tailscale, USB Webcam, autonomy software, depth, drone, linear actuator, mobile app, prop guard, thermal cameras
github.com 4 days ago
|
956.
HN
Open source drone that can hold cargo
The MERCURY drone is an open-source cargo-holding model designed with a transformation mechanism that accommodates payloads up to 1 kg within its internal bay. It features advanced sensory capabilities, including RGB, depth, and thermal cameras, which facilitate comprehensive environmental analysis and navigation through the integration of Ardupilot and GPS systems. The drone can be conveniently controlled via a mobile application, enhancing user interaction and accessibility.
The drone's hardware components are meticulously chosen to optimize performance and functionality. These include 4x BLDC Motors (A2812 2812 900KV) paired with 8" propellers, a Raspberry Pi 5 for processing tasks, and dual Lipo Batteries (3S 2200mAh). Additional elements such as an Inertial Measurement Unit (IMU), Time-of-Flight (TOF) camera, Electronic Speed Controllers (ESCs), actuators, custom Printed Circuit Boards (PCBs), along with various screws, CF sheets, cables, and connectors, are integral to its assembly.
To ensure ease of use, users can download STL files necessary for physical assembly and autonomy software tailored for the Raspberry Pi 5. Setup requires creating a virtual environment and installing specific dependencies, while control is facilitated through scripts like `start_mavproxy.sh` and `run.sh`. For extended range communication, Tailscale setup is recommended to enable long-distance control.
The MERCURY drone community offers robust support, providing additional resources such as customizable CAD files accessible via Patreon. Further assistance and engagement are available on Discord channels, where users can seek guidance and share insights with fellow enthusiasts.
Keywords: #phi4, Ardupilot, BLDC Motor, Buck Converter, CAD Files, Cube Flight Controller, DRV8871 H Bridge, Discord server, ESC, ESP32S3, GPS, Lipo Battery, MERCURY, MPU 9250, Mavproxy Bridge, Open source, PCB files, RGB camera, Radiolink R8XM, Raspberry Pi, STL files, TOF Camera, Tailscale, USB Webcam, autonomy software, cargo, depth camera, drone, linear actuator, mobile app, propellers, thermal camera
github.com 4 days ago
https://news.ycombinator.com/showhn.html 4 days ago
|
965.
HN
Peer-to-Peer Networking: Build a VPN Tunnel with Wintun on Windows – Part 2
This article delves into constructing a VPN tunnel akin to Tailscale's peer-to-peer networking framework by implementing it with the Wintun driver on Windows, aiming to demystify the operations of Tailscale using a Layer 3 adapter known as Wintun. The foundation of this setup relies on a predominantly open-source codebase, except for the DERP server used as a relay. At its core is a peer-to-peer mechanism that utilizes direct UDP connections between devices, facilitated by a process called UDP hole punching with the assistance of a STUN server. In this method, devices register their public IP and port with the STUN server to enable direct UDP packet transmission, maintaining the NAT mapping through periodic keepalive packets.
A key insight is the necessity for consistent source ports across sessions to ensure stable connectivity due to router handling of NAT mappings. The author leverages Wintun to simulate a Layer 3 network connection by creating a TUN adapter capable of encapsulating and decapsulating IP packets within UDP packets. Accurate Maximum Transmission Unit (MTU) calculation is crucial here to prevent packet fragmentation or loss, resulting from the overhead introduced during UDP encapsulation. A recommended safe MTU value for the TUN adapter is 1400 bytes, which accounts for a typical 28-byte header.
The implementation involves two main components: `server.go` and `peer.go`, designed to manage connections between Windows PCs using CGNAT addresses as specified in RFC 6598. To prevent conflicts with common private address ranges, the TUN adapters are assigned IP addresses within the 100.64.0.0/10 range, reflecting Tailscale's addressing approach.
However, this setup encounters certain limitations. Direct peer-to-peer connections falter when both peers share a public IP due to Hairpin NAT issues, necessitating specific router configurations for resolution. Additionally, lacking a fallback mechanism such as a TURN server, the system may drop connections if UDP hole punching fails. Overall, the article serves as an introductory exploration into building a Tailscale-like VPN tunnel on Windows using Wintun, while addressing practical challenges and constraints experienced during its implementation.
Keywords: #phi4, CGNAT, Hairpin NAT, L3 Adapter, MTU Calculation, Magicsock, NAT Mapping, Peer-to-Peer, RFC 6598, STUN Server, Source Port, TURN Relay, Tailscale, UDP Hole Punching, VPN, Windows, Wintun, WireGuard
www.0xmm.in 4 days ago
|
1089.
HN
Paperclip: Open-source orchestration for zero-human companies
Paperclip is an innovative open-source orchestration platform designed to streamline the operations of autonomous AI companies with minimal human oversight. Built using Node.js and React, it serves as a comprehensive task manager that integrates various organizational elements such as charts, budgets, governance structures, goal alignment strategies, and agent coordination into a single dashboard interface. The platform enables businesses to define strategic objectives (e.g., launching the leading AI note-taking app with $1M in monthly recurring revenue), hire AI agents like OpenClaw or Claude Code, and manage their operations centrally.
Key features of Paperclip include its capacity for orchestrating zero-human companies by allowing users to bring their own AI agents into workflows. It offers a suite of comprehensive management tools that cover goal alignment, cost control, governance, organization charts, ticket systems, multi-company management, and mobile readiness. Additionally, it addresses several operational challenges such as task tracking across multiple sessions, context gathering for AI agents, disorganized agent configurations, runaway processes that incur high costs, and manual job scheduling.
Distinguishing itself from other tools, Paperclip is not a chatbot or workflow builder but focuses on coordinating AI agents into cohesive business operations. It offers advanced features like budget management, governance enforcement, and session maintenance that surpass those found in traditional task management platforms such as Asana or Trello.
Paperclip can be set up locally using Node.js and Postgres without requiring a dedicated account, allowing for the operation of multiple isolated companies within one deployment. As an open-source and self-hosted platform, it provides flexibility in production environments. Developers are encouraged to contribute to its development, which includes improvements like easier OpenClaw onboarding, cloud agent integration, and ClipMart—a feature for buying and selling company templates.
In summary, Paperclip represents a specialized toolset tailored for managing AI-driven companies by focusing on scalability, coordination, and operational efficiency in handling multiple autonomous agents.
Keywords: #phi4, AI agents, Asana, Clipmart, Discord, GitHub, Nodejs, OpenClaw, Paperclip, React UI, Tailscale, Trello, Vercel, agent coordination, atomic execution, autonomous companies, budgets, community Extracted Keywords: Paperclip, community Keywords: Paperclip, contributing, development, goal alignment, governance, governance rollback, isolation, mobile ready, multi-company, orchestration, org charts, persistent state, portable templates, roadmap, runtime skill injection, solo-entrepreneur, task manager
github.com 5 days ago
|
1257.
HN
Remotely unlocking an encrypted hard disk
The article presents a method for remotely unlocking an encrypted hard disk at early boot stages by integrating Tailscale and SSH into the initramfs of a Linux system. This solution addresses challenges such as frequent changes in public IP and power outages, which hinder remote access via SSH to systems with encrypted partitions. By embedding Tailscale in the initramfs, networking is established early enough to unlock disks remotely without local input.
The setup involves incorporating Tailscale for network connectivity and Dropbear as an SSH server within the initramfs, ensuring security through measures like Tailscale Access Control Lists (ACLs) and disabling key expiry. This configuration allows SSH access solely for unlocking the encrypted partition via systemd-tty-ask-password-agent, thereby reducing unauthorized shell access risks.
The author provides detailed steps to implement this solution on Arch Linux, which includes installing necessary packages, configuring initramfs hooks, setting up Tailscale tags and keys, and creating secure networking configurations. This approach ensures remote access even if the user's laptop battery dies during travel. The article highlights a creative application of system components to address practical connectivity issues and underscores that with adequate technical expertise, complex tasks can be accomplished on computers.
Keywords: #phi4, ACLs, Arch, Ethernet, Linux, SELinux, SSH, WiFi, authorized_keys, device-timeout, dropbear, early boot, encrypted hard disk, encryption password, init PID, initramfs, initrd, key expiry, mkinitcpio, network interfaces, networking, public IP, security, service management, systemd, tailscale
jyn.dev 6 days ago
https://github.com/gsauthof/dracut-sshd 5 days ago
https://aur.archlinux.org/packages/mkinitcpio-wifi 5 days ago
https://winmagic.com/en/products/full-disk-encrypt 5 days ago
https://www.recompile.se/mandos 5 days ago
https://www.recompile.se/mandos/man/intro.8mandos 5 days ago
https://docs.redhat.com/en/documentation/red_hat_e 5 days ago
https://salsa.debian.org/kernel-team/initramfs-tools&#x 5 days ago
https://news.ycombinator.com/item?id=46676919 5 days ago
https://www.dns-sd.org/ 5 days ago
https://www.rfc-editor.org/rfc/rfc7250 5 days ago
https://www.cyberciti.biz/security/how-to-unlock-luks-u 5 days ago
https://gitlab.archlinux.org/archlinux/mkinitcpio/ 5 days ago
https://nixos.wiki/wiki/Remote_disk_unlocking 5 days ago
https://systemd.io/TPM2_PCR_MEASUREMENTS/ 5 days ago
https://pikvm.org/ 5 days ago
https://github.com/marcan/takeover.sh 5 days ago
https://news.ycombinator.com/item?id=45294440 5 days ago
|
1430.
HN
I Wail, for My Tailscale Fails: How My Packets Got Dropped Beyond the Pale
In March 2026, a professional encountered network issues while setting up autocomplete using Ollama on a Windows Subsystem for Linux (WSL) environment connected via Tailscale. The core problem was identified as packet drops occurring when the payload size exceeded specific limits. Initial latency inconsistencies during autocompletion prompted an investigation that revealed connectivity issues between WSL and Tailscale's network interface, particularly involving large payloads.
The issue stemmed from Maximum Transmission Unit (MTU) constraints, where packets larger than 8184 bytes were dropped due to improper handling of fragmentation by Hyper-V’s Network Address Translation (NAT). Unlike root users who could handle larger packet sizes, non-root users faced limitations tied to socket buffer limits. The investigation highlighted that Hyper-V silently discarded UDP packets when there was a mismatch between the declared and actual payload sizes post-fragmentation.
Resolution efforts focused on adjusting MTU settings for network interfaces like eth0 and tailscale0 to account for WireGuard encryption overheads, effectively circumventing some issues. Tailscale provided a workaround specific to WSL by increasing the MTU of eth0 by 20 bytes, though this was not fully explained. The exploration also considered MSS clamping as a solution for TCP packet fragmentation, but it proved insufficient in resolving all problems.
The investigation underscored the complexities involved with network configurations in virtualized environments like WSL and Hyper-V. It revealed differences between WSL's and typical Linux networking behaviors regarding packet fragmentation handling. Ultimately, the MTU settings were properly configured to resolve the issue, highlighting a need for deeper understanding of network layers when troubleshooting such intricate setups.
Further exploration into WireGuard and Tailscale usage exposed additional complexities like MTU mismatches where the actual capacity was lower than anticipated due to overlooked headers from encapsulation. Attempts at MSS clamping failed to address non-TCP packet fragmentation issues, including those seen with ICMP packets. The investigation also highlighted Hyper-V's limitations in handling fragmented packets without sending error notifications back.
The study delved into how WireGuard’s use of the Don't Fragment (DF) bit and Tailscale’s varied connectivity settings based on network types affected performance. Using Tailscale’s TCP-based DERP relay was identified as an effective workaround for fragmentation issues, due to TCP's inherent MTU adjustment capabilities across different network hops.
This document underscores the multifaceted challenges of networking with VPN technologies like WireGuard and Tailscale, especially in environments with inconsistent MTU management. It emphasizes a comprehensive understanding of underlying network layers as critical for effective troubleshooting and highlights various tools and concepts encountered during this investigation, such as conntrack, Wireshark, and different networking settings.
Keywords: #phi4, DERP, Hyper-V, ICMP, Linux kernel, MSS Clamping, MTU, NAT, NAT traversal, TCP, Tailscale, UDP, WSL2, WireGuard, Wireshark, conntrack, encapsulation, encryption, fragmentation, hole-punching, iptables, packet reassembly, routing
jusung.dev 6 days ago
https://news.ycombinator.com/newsguidelines.html 6 days ago
|
1599.
HN
Show HN: TailBar – Tailscale menu bar app for macOS
TailBar is a native macOS menu bar application developed using Swift/SwiftUI that simplifies the management of Tailscale networks without needing terminal or browser access. It provides users with an interface to view servers, peers, exit nodes, and connection statuses directly from the menu bar, thus minimizing context switching often required when managing these aspects through a terminal. Installation is straightforward via Homebrew using a simple command or by building from source with Swift 5.10+ on macOS 14 (Sonoma).
The app addresses the inconvenience of managing Tailscale tasks, such as serving HTTPS, checking funnels, and exit node management, by offering an integrated interface that handles these functionalities seamlessly. TailBar monitors servers automatically, detects dev ports, shows real-time peer connections, traffic statistics, key expirations, and allows for browsing and switching exit nodes based on location suggestions. It employs the Tailscale Local API for direct integration and defaults to CLI as needed.
In addition to these features, it supports various keyboard shortcuts that enhance usability by allowing users to quickly switch tabs, search, refresh data, or close windows without navigating away from their current workspace. Compared to the official Tailscale app or CLI/Admin Console, TailBar offers more streamlined functionalities like serve management and real-time updates directly through the menu bar.
Looking ahead, the roadmap for TailBar includes features such as multi-profile switching, file sharing via Taildrop, system notifications, a signed .app bundle, MagicDNS integration, among other enhancements. The development and testing of TailBar are facilitated using Swift, focusing on improving user experience and expanding its capabilities to further integrate with Tailscale services.
Keywords: #phi4, CLI fallback, Homebrew, Local API, MagicDNS integration, Swift/SwiftUI, TailBar, Taildrop, Tailscale, connection status, development, exit nodes, keyboard shortcuts, macOS, menu bar app, multi-profile switching, peers, servers
github.com 7 days ago
|
1905.
HN
Show HN: Cmdop – Check your terminal from your phone, through NAT, free forever
Cmdop is a tool designed to provide comprehensive system management capabilities remotely through a phone interface at no cost indefinitely. It eliminates the need for traditional VPNs, port forwarding, and file transfer protocols like SCP/SFTP by offering full access to users' systems via terminal commands, file operations, browser automation, and AI-driven tasks. The tool's architecture utilizes an agent-based model that facilitates connectivity through any NAT or firewall by establishing outbound connections from a server-side agent. This design ensures seamless operation across various network configurations.
A standout feature of Cmdop is its integration with artificial intelligence, allowing users to execute AI workflows with structured outputs defined using Pydantic models. Additionally, it supports browser automation on target machines, enabling remote web navigation and interaction, along with traditional file operations such as reading, writing, or listing files without relying on conventional protocols. Moreover, Cmdop includes network analysis capabilities for capturing and analyzing API traffic to aid in endpoint discovery.
The tool provides a Python SDK that employs gRPC/HTTP2, efficiently multiplexing all services over a single connection for streamlined interaction. Installation is straightforward via pip with the command `pip install cmdop`, and usage examples are available for various tasks such as terminal operations, file management, AI agent utilization, and browser automation, as demonstrated in a sample Python SDK code snippet.
Cmdop offers two primary methods of establishing connections: remote access through cloud relay to bypass NAT/firewalls, and local direct IPC connection to an already running agent. Compared to conventional tools like Tailscale, ngrok, or SSH, Cmdop provides more integrated system management functionalities, including terminal streaming, file operations, browser automation, and AI tasks, making it a robust solution for managing systems across diverse environments. The tool requires Python 3.10+ along with either a local CMDOP agent or an API key for remote access to function effectively.
Keywords: #phi4, AI agent, API key, CMDOP, NAT, NAT traversal, NetworkAnalyzer, Pydantic, Python, SCP, SDK, SFTP, SSH, Tailscale, VPN, WireGuard, browser automation, cloud relay, file operations, gRPC, multiplexing, ngrok, outbound connection, phone, remote access, skills, structured output, terminal access, terminal streaming
github.com 8 days ago
|
2163.
HN
Tangled: Our €3,8M seed round
Tangled has successfully secured a €3.8M seed financing round, led by byFounders and supported by Bain Capital Crypto, Antler, and influential figures such as Thomas Dohmke and Avery Pennarun. Over the past year, Tangled evolved into a federated code collaboration platform where users maintain ownership of their data, currently serving over 7,000 users with more than 5,000 repositories. The company's mission is to establish itself as a leading code forge and foundational infrastructure for future open-source projects, aligning with byFounders' commitment to community focus and transparency.
Looking forward, Tangled plans to enhance its platform through the release of spindle v2, which will feature micro VMs, protocol-level improvements, customizable dashboards, migration tools from GitHub, improved search functionalities, and performance upgrades. To support these initiatives, Tangled is expanding its team and encourages applications from interested candidates. New users are invited to join via Discord or visit the platform's website for more information, as Tangled extends gratitude to all contributors supporting their journey.
Keywords: #phi4, AT Protocol, Antler, Bain Capital Crypto, CI, CI (spindle v2), CLI, Discord, Discord Keywords: Tangled, GitHub CEO, Nix CI, PRs, Tailscale, Tangled, byFounders, code collaboration, community-driven, federated network, global presence, infrastructure, investors, micro VMs, migration tool, mission control dashboard, open source, performance improvements, repositories, search functionality, seed round, transparency, €38M
blog.tangled.org 9 days ago
https://ufos.microcosm.blue/collection/?nsid=sh.tangled 9 days ago
https://www.byfounders.vc/insights/term-sheet-guide 9 days ago
|
2387.
HN
Computers Should Be Liberating
The "Computers Should Be Liberating" zine, featured on Jyn's website, is an integral part of the 8th issue of PagedOut, an experimental technical magazine. It encompasses a diverse range of topics related to technology, featuring contributions from several authors who explore subjects such as computer operators, persistence models, future technologies, and access control systems. Allan Blomquist discusses Tomorrow Corporation's technological demonstrations; Chip Morningstar delves into capabilities, while Bret Victor provides insights on Dynamicland. Jyn contributes original writings that reflect on the future of terminals, the core principles of Rust programming language, and personal reflections on enjoying coding. The website serves as a comprehensive showcase of Jyn’s interests in both technical advancements and engaging with code creatively, complemented by links to their professional profiles on GitHub and LinkedIn.
Keywords: #phi4, Audacious, CTF, Capabilities, Code, Coherent, Computers, Dynamicland, Fun, Ghosts, GitHub, Joy, Jyn, Liberating, LinkedIn, Operators, PagedOut, Persistence, Pharo, Procrustean, Tailscale, Terminal, Tomorrow, Zine
jyn.dev 10 days ago
|
2398.
HN
Show HN: OpenClaw-kapso, Give OpenClaw a stable WhatsApp number (Go, kapso.ai)
OpenClaw-kapso is a plugin designed to integrate OpenClaw with WhatsApp Cloud API through Kapso, offering a reliable solution for AI agents requiring stable WhatsApp numbers. The tool features three delivery modes: polling (default), Tailscale Funnel (real-time communication under 1-second latency without configuration), and custom domain setup. It leverages the official Cloud API to avoid bans associated with reverse-engineered methods.
Key aspects of OpenClaw-kapso include its architecture, which facilitates interactions between WhatsApp, a poller module, OpenClaw Gateway, and AI agents using Kapso's API. Security is emphasized through sender allowlisting, rate limiting, role tagging, and session isolation, with an inherent default mode restricting interactions to pre-approved numbers only.
Designed for efficiency, it employs a stateless approach, ensuring near-zero idle CPU usage by avoiding persistent connections or session management. Installation is straightforward, requiring minimal environment variables like `KAPSO_API_KEY` and `KAPSO_PHONE_NUMBER_ID`, along with optional configuration via a config file (`config.toml`).
To set up OpenClaw-kapso, users can install it using Go commands or prebuilt binaries from GitHub Releases, configure the OpenClaw agent by incorporating SKILL.md into the workspace, and set necessary environment variables. Security features vary across delivery modes: Allowlist Mode restricts interactions to specified numbers; Tailscale Funnel offers real-time messaging via tunneling without requiring a domain; and Custom Domain Mode necessitates HTTPS for webhook URLs setup through a reverse proxy.
The project is designed with easy development and community contribution in mind, providing tools for building, testing, linting, and installing binaries. Distributed under the MIT license, it encourages open collaboration within its user base.
Keywords: #phi4, API, Go, Kapso, NixOS, OpenClaw, Tailscale, Tailscale Funnel, WhatsApp, agent, allowlist, configuration, delivery, delivery modes, development, environment, environment variables, latency, license, license Keywords: OpenClaw, polling, rate limiting, reverse proxy, security, session, session isolation, webhook
github.com 10 days ago
|
2489.
HN
Remotely unlocking an encrypted hard disk
The article presents a method for remotely unlocking an encrypted hard disk during the early boot process using Linux's initramfs on an Arch-based system. It begins by explaining the role of initramfs as a small initial RAM filesystem that runs at early boot, providing a platform to install necessary software and execute modifications. The author identifies key challenges in setting up secure networking, SSH services, and Tailscale within this environment, emphasizing the need to prevent key expiration and restrict shell access while using Access Control Lists (ACLs) to allow connections only from authorized devices.
The solution involves implementing several critical steps: installing Dropbear for SSH capabilities, configuring it to execute a specific unlock command, and setting up systemd services for networking with sd-network. The setup also includes enabling Tailscale in initramfs through configurations and hooks defined in mkinitcpio.conf, along with configuring network settings during early boot to ensure secure key management.
Detailed steps guide the reader through configuring Arch Linux to support these functionalities by setting up keys, editing necessary configuration files, and rebuilding the initramfs. The article concludes by underscoring that with sufficient technical knowledge and creativity, complex tasks such as remotely unlocking an encrypted disk can be accomplished without sacrificing security. It highlights how understanding and manipulating low-level boot processes enable innovative solutions to specific challenges in computing.
Keywords: #phi4, ACLs, Arch, BIOS, Ethernet, Linux, SSH, WiFi, authorized_keys, device-timeout, dropbear, early boot, encrypted hard disk, initramfs, initrd, key expiry, mkinitcpio, network interfaces, networking, power loss, security, service management, systemd, tailscale
jyn.dev 11 days ago
|
2822.
HN
Show HN: Ambit-OpenCode – Cloud IDE with Seamless Mobile <> Desktop Handoff
Ambit-OpenCode is a cloud-based Integrated Development Environment (IDE) designed to facilitate seamless project transitions between mobile and desktop devices. Utilizing Tailscale for networking and Fly.io for cloud infrastructure, it offers robust features such as secure project storage, an agent-driven interface, and a comprehensive built-in cloud shell pre-configured for user convenience. The platform simplifies the setup process, making it accessible for users. As an open-source solution, Ambit-OpenCode encourages community feedback to enhance its development. Users can explore its capabilities through a one-week free trial offered by Fly.io; after the trial, the service incurs a cost of approximately $5 per month. For additional support or inquiries, users are encouraged to contact the developers via email.
Keywords: #phi4, Ambit-OpenCode, Cloud IDE, Flyio, Mobile Desktop handoff, Tailscale, agent-driven IDE, cloud shell, feedback, free trial, open-source, project storage, setup
github.com 12 days ago
|
3031.
HN
Show HN: Tspages – static site hosting platform for your Tailscale network
Tspages is a streamlined static site hosting platform tailored for integration with the Tailscale network, offering an efficient method to deploy static websites under custom hostnames within a Tailnet environment. It merges elements of public hosting and internal servers by providing secure site hosting without shared secrets or external authentication layers. Its ease of deployment allows users to utilize straightforward methods such as drag-and-drop, archive uploads, or curl commands.
Key features include robust authorization control managed via Tailscale Application Grants with custom capabilities, ensuring identity-based permission enforcement through Tailnet policy. Deployment management is facilitated by easy switching between versions and access to a global feed of all site deployments. Built-in analytics track visitor data on a per-site basis, with options for enabling or disabling tracking as needed.
The architecture assigns each site a unique tsnet hostname within the Tailnet (e.g., `design-system.funky-animal.ts.net`). The control plane serves deploy and admin APIs, while Tailscale’s identity system manages credentials without the need for tokens or API keys, streamlining access controls. Sites can be customized through configuration files that set parameters like SPA fallback routing, custom headers, and redirections.
For usage, users quickly configure tspages with `tspages.toml` settings and deploy sites using curl commands. An admin dashboard provides site management tools and traffic analytics visibility for administrators, while restricting user access to authorized sites only. The API facilitates site management tasks such as deployment uploads and deletion, alongside analytics queries.
Tspages emphasizes security by leveraging Tailscale Application Grants for granular authorization control aligned with user roles and site-specific needs. This platform is ideal for hosting internal documentation and tools efficiently within a secure, identity-based network environment, eliminating the complexity of traditional server setups.
Keywords: #phi4, API, GitHub Actions, HTTPS, Tailscale, admin dashboard, analytics, authorization, capability grants, configuration, control plane, deployment, static site hosting, tspages, upload formats
github.com 13 days ago
|
3143.
HN
I vibe coded my dream macOS presentation app
The author recounts their rapid development of a custom macOS presentation application named Present, crafted in about 45 minutes using Swift and SwiftUI prior to delivering a talk. Designed to address the unreliability of browser-based presentations, Present enables users to create presentations by organizing URLs into slides, which are saved automatically. Notably, it features fullscreen mode with keyboard navigation for seamless slide transitions, enhancing user experience. An innovative aspect is its remote control functionality via a web server accessible on the author's phone, facilitated by Tailscale, allowing cross-device connectivity. Despite Swift being an unfamiliar language to the author, Present's straightforward and functional code demonstrates Swift’s suitability for such development tasks. This project not only offers practical solutions over traditional tools like Keynote or browser tabs but also underscores the potential for personal growth in engineering skills through engaging with new technologies.
Keywords: #phi4, CSRF vulnerabilities, Keynote, Swift, SwiftUI, Tailscale, URLs, Xcode, browser crash, full screen, macOS, presentation app, remote control, socket programming, technical knowledge, vibe coded, web pages
simonwillison.net 14 days ago
|
