frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Show HN: Forgejo Appliance, a private Git server based on OrbStack and Tailscale

https://github.com/highpost/forgejo-appliance
5•highpost•3h ago

Comments

highpost•3h ago
Forgejo is an open-source GitHub clone written in Go. I wanted to run Forgejo on an old Mac mini at home and make it remotely accessible through Tailscale. So, I built Forgejo Appliance: an opinionated blueprint based on an OrbStack VM running on macOS with Ubuntu Server, PostgreSQL and the tsbridge reverse proxy.

I think of Forgejo Appliance as an open-source black box. It makes the Forgejo service available through a web interface, but beyond that, it’s pretty opaque. The VM is designed to be ephemeral (torn down and rebuilt for updates). Internally, it’s a group of three server apps tied together with UNIX sockets. This avoids the DNS and security headaches of exposing local TCP/IP ports. Like a managed cloud app, you can’t even connect to it with SSH.

It wasn’t all fun and games. Navigating through the host and guest restrictions felt like threading a needle:

  - The macOS Security Framework restricts Keychain access to local shell sessions.
  - Let’s Encrypt has a strict rate limit for certificate requests, which makes tearing down and rebuilding ephemeral VMs difficult.
  - TLS certificates are usually managed as small directories of files. To persist them across ephemeral boots, I tar-ed, compressed, and base64-encoded the whole directory into a small string and stuffed it directly into Apple Keychain.
  - When testing isn’t going well, you can easily stack up ghost Tailscale nodes and trigger MagicDNS collisions.
Forgejo Appliance stores its secrets in Apple Keychain, uses Google Workspace SMTP for notifications, and uses BorgBackup with rsync.net for remote backups. The end result is secure (thank you, Tailscale) and reliable.

Show HN: Searchable directory of 22k+ products from worker-owned co-ops

https://www.workerowned.info/
219•IESAI_ski•5h ago•36 comments

Show HN: Curvytron 2, I rewrote my browser party game, 10 years later

https://curvytron2.com/
7•tom32i•1d ago•3 comments

Show HN: Salt – a systems language with Z3 theorem proving in the compiler

https://salt-lang.dev
25•bneb-dev•8h ago•10 comments

Show HN: GolemUI – Declarative Form Engine

https://golemui.com
34•wtfdeveloper•10h ago•54 comments

Show HN: Cyclearchive.com – search vintage cycling magazines

https://cyclearchive.com/search/
6•alastairr•4d ago•2 comments

Show HN: Shark Tank but you pitch your idea to indie hackers

https://indiesharktank.vercel.app/
4•roozka10•3h ago•0 comments

Show HN: Forgejo Appliance, a private Git server based on OrbStack and Tailscale

https://github.com/highpost/forgejo-appliance
5•highpost•3h ago•1 comments

Show HN: QR code renderer in a TrueType font

https://qr.jim.sh/
73•foodevl•4d ago•12 comments

Show HN: Pglayers – PostgreSQL extensions as stackable Docker layers

https://github.com/pglayers/pglayers
33•iemejia•9h ago•4 comments

Show HN: GONK – Lightweight Edge-Native API Gateway in Go

https://github.com/JustVugg/gonk
3•vforno•3h ago•0 comments

Show HN: PMB – local memory for coding agents that shows if it is used

https://pmbai.dev
21•oleksiibond•2d ago•7 comments

Show HN: Classify mechanical faults using Contrastive Language-Audio Pretraining

https://github.com/adam-s/car-diagnosis
8•dataviz1000•9h ago•0 comments

Show HN: Toolnexus for Python – MCP, agent skills,a2a for any LLM

https://pypi.org/project/toolnexus/
2•muthuishere•2h ago•0 comments

Show HN: Banto – Turn any topic into a live game room in minutes

https://banto.tv
2•douglaspham•3h ago•0 comments

Show HN: Simulate what AI agents do to an engineering org (no signup)

https://www.orgonaut.co/tools/agentic-reorg-simulator/
2•orgonaut•3h ago•0 comments

Show HN: Morph Reflexes – Multi-head classifiers for agent traces

12•bhaktatejas922•1d ago•2 comments

Show HN: Z-Jail – A 130 KB Linux sandbox-C99 with 7 defense layers and zero deps

https://github.com/Division-36/Z-Jail/
20•Zierax•6h ago•23 comments

Show HN: Moxie – an open-source money agent that can't act without your consent

https://github.com/JacobBrooke1/moxie
2•JacobBrooke24•4h ago•0 comments

Show HN: My 13-year-old built an ant colony tracker

https://formicarium.es
72•abelgvidal•1d ago•51 comments

Show HN: CLI that helps AI agents avoid vulnerable dependencies

https://github.com/clidey/deptrust
3•modelorona•5h ago•0 comments

Show HN: Reminal – A zero-config SSH alternative that's also mobile friendly

https://github.com/harshalgajjar/reminal
11•harshalgajjar•11h ago•2 comments

Show HN: HackerNows – Native iOS HN Client

https://hackernows.app/
27•maguszin•15h ago•54 comments

Show HN: LIBR tracing with source ledger rows and byte-exact PDF verification

https://exitprotocols.com/engineering/libr-state-machine/
4•cd_mkdir•8h ago•2 comments

Show HN: a Rust OS kernel built for LLM inference

https://github.com/Kanchisaw03/axiom
3•Kanchisaw•7h ago•0 comments

Show HN: Open-source sandbox for your product team

13•spacspade•8h ago•12 comments

Show HN: Nat traversal using ICMP Destination Unreachable packets

https://github.com/hajoon22/icmp-nat-traversal
4•hajoon22•12h ago•2 comments

Show HN: Open-Source Interview Platform

https://github.com/CoderScreen/coderscreen
6•rogutkuba•8h ago•0 comments

Show HN: Trigora – A hosted runtime for event-driven TypeScript workflows

https://trigora.dev
2•hypervs•8h ago•0 comments

Show HN: AnalystAIPack – 118 runnable agent skills for malware analysis and RE

https://github.com/meltedinhex/analyst-ai-pack
3•sdkhere•8h ago•0 comments

Show HN: I Made TS Compiler Graph MCP: 10x Fewer Tokens in Claude Code and Codex

https://github.com/samchon/ttsc/tree/master/packages/graph
3•autobe•8h ago•0 comments