🛠️ Hacker News Tools

[DevOps] Show HN: Enroll, a tool to reverse-engineer servers into Ansible config mgmt Happy new year folks!<p>This tool was born out of a situation where I had &#x27;inherited&#x27; a bunch of servers that were not under any form of config management. Oh, the horror...<p>Enroll &#x27;harvests&#x27; system information such as what packages are installed, what services are running, what files have &#x27;differed&#x27; from their out-of-the-box defaults, and what other custom snowflake data might exist.<p>The harvest state data can be kept as its own sort of SBOM, but also can be converted in a mere second or two into fully-functional Ansible roles&#x2F;playbooks&#x2F;inventory.<p>It can be run remotely over SSH or locally on the machine. Debian and Redhat-like systems are supported.<p>There is also a &#x27;diff&#x27; mode to detect drift over time. (Years ago I used Puppet instead of Ansible and miss the agent&#x2F;server model where it would check in and re-align to the expected state, in case people were being silly and side-stepping the config management altogether). For now, diff mode doesn&#x27;t &#x27;enforce&#x27; but is just capable of notification (webhook, email, stdout) if changes occur.<p>Since making the tool, I&#x27;ve found that it&#x27;s even useful for systems where you <i>already</i> have in Ansible, in that it can detect stuff you forgot to put into Ansible in the first place. I&#x27;m now starting to use it as a &#x27;DR strategy&#x27; of sorts: still favoring my normal Ansible roles day-to-day (they are more bespoke and easier to read), but running enroll with &#x27;--dangerous --sops&#x27; in the background periodically as a &#x27;dragnet&#x27; catch-all, just in case I ever need it.<p>Bonus: it also can use my other tool JinjaTurtle, which converts native config files into Jinja2 templates &#x2F; Ansible vars. That one too was born out of frustration, converting a massive TOML file into Ansible :)<p>Anyway, hope it&#x27;s useful to someone other than me! The website has some demos and more documentation. Have fun every(any)-one.

[Other] Zero-Code Instrumentation of an Envoy TCP Proxy Using eBPF

[Other] Claude wrote a functional NES emulator using my engine's API

[Other] Torch.ts – building PyTorch in TypeScript from scratch to learn

[Other] Show HN: Use Claude Code to Query 600 GB Indexes over Hacker News, ArXiv, etc. Paste in my prompt to Claude Code with an embedded API key for accessing my public readonly SQL+vector database, and you have a state-of-the-art research tool over Hacker News, arXiv, LessWrong, and dozens of other high-quality public commons sites. Claude whips up the monster SQL queries that safely run on my machine, to answer your most nuanced questions.<p>There&#x27;s also an Alerts functionality, where you can just ask Claude to submit a SQL query as an alert, and you&#x27;ll be emailed when the ultra nuanced criteria is met (and the output changes). Like I want to know when somebody posts about &quot;estrogen&quot; in a psychoactive context, or enough biology metaphors when talking about building infrastructure.<p>Currently have embedded: posts: 1.4M &#x2F; 4.6M comments: 15.6M &#x2F; 38M That&#x27;s with Voyage-3.5-lite. And you can do amazing compositional vector search, like search @FTX_crisis - (@guilt_tone - @guilt_topic) to find writing that was about the FTX crisis and distinctly without guilty tones, but that can mention &quot;guilt&quot;.<p>I can embed everything and all the other sources for cheap, I just literally don&#x27;t have the money.

[Database] Show HN: 22 GB of Hacker News in SQLite Community, All the HN belong to you. This is an archive of hacker news that fits in your browser. When I made HN Made of Primes I realized I could probably do this offline sqlite&#x2F;wasm thing with the whole GBs of archive. The whole dataset. So I tried it, and this is it. Have Hacker News on your device.<p>Go to this repo (<a href="https:&#x2F;&#x2F;github.com&#x2F;DOSAYGO-STUDIO&#x2F;HackerBook" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;DOSAYGO-STUDIO&#x2F;HackerBook</a>): you can download it. Big Query -&gt; ETL -&gt; npx serve docs - that&#x27;s it. 20 years of HN arguments and beauty, can be yours forever. So they&#x27;ll never die. Ever. It&#x27;s the unkillable static archive of HN and it&#x27;s your hands. That&#x27;s my Year End gift to you all. Thank you for a wonderful year, have happy and wonderful 2026. make something of it.

[DevOps] Show HN: MCP Mesh – one endpoint for all your MCP servers (OSS self-hosted) Hey HN! I’m Gui from deco (decocms.com). We’ve been using this tool internally as the foundation for a few customer AI platforms, and today we’re open-sourcing it as MCP Mesh.<p>MCP is quickly becoming the standard for agentic systems, but… once you go past a couple servers it turns into the same problems for every team:<p>- M×N config sprawl (every client wired to every server, each with its own JSON + ports + retries) - Token + tool bloat (dumping tool definitions into every prompt doesn’t scale) - Credentials + blast radius (tokens scattered across clients, hard to audit, hard to revoke) - No single place to debug (latency, errors, “what tool did it call, with what params?”)<p>MCP Mesh sits between MCP clients and MCP servers and collapses that mess into one production endpoint you can actually operate.<p>What it does:<p>- One endpoint for Cursor &#x2F; Claude &#x2F; VS Code &#x2F; custom agents → all MCP traffic routes through the mesh - RBAC + policies + audit trails at the control plane (multi-tenant org&#x2F;workspace&#x2F;project scoping) - Full observability with OpenTelemetry (traces, errors, latency, cost attribution) - Runtime strategies as “gateways” to deal with tool bloat: Full-context (small toolsets), Smart selection (narrow toolset before execution), Code execution (load tools on-demand &#x2F; run code in a sandbox) - Token vault + OAuth support, proxying remote servers without spraying secrets into every client - MCP Apps + Bindings so apps can target capability contracts and you can swap MCP providers without rewriting everything<p>A small but surprisingly useful thing: the UI shows every call, input&#x2F;output, who ran it, and lets you replay calls. This ended up being our “Wireshark for MCP” during real workflows.<p>It’s open-source + self-hosted (run locally with SQLite; Postgres or Supabase for prod).<p>You can start with `npx @decocms&#x2F;mesh` or clone + run with Bun.<p>We’d love your feedback!<p>Links below:<p>Repo: <a href="https:&#x2F;&#x2F;github.com&#x2F;decocms&#x2F;mesh" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;decocms&#x2F;mesh</a><p>Landing: <a href="https:&#x2F;&#x2F;www.decocms.com&#x2F;mcp-mesh" rel="nofollow">https:&#x2F;&#x2F;www.decocms.com&#x2F;mcp-mesh</a><p>Blog post: <a href="https:&#x2F;&#x2F;www.decocms.com&#x2F;blog&#x2F;post&#x2F;mcp-mesh" rel="nofollow">https:&#x2F;&#x2F;www.decocms.com&#x2F;blog&#x2F;post&#x2F;mcp-mesh</a><p>edit: layout

[Other] Charm Ruby – Glamorous Terminal Libraries for Ruby

[Other] Show HN: Stop Claude Code from forgetting everything I got tired of Claude Code forgetting all my context every time I open a new session: set-up decisions, how I like my margins, decision history. etc.<p>We built a shared memory layer you can drop in as a Claude Code Skill. It’s basically a tiny memory DB with recall that remembers your sessions. Not magic. Not AGI. Just state.<p>Install in Claude Code:<p><pre><code> &#x2F;plugin marketplace add https:&#x2F;&#x2F;github.com&#x2F;mutable-state-inc&#x2F;ensue-skill &#x2F;plugin install ensue-memory # restart Claude Code </code></pre> What it does: (1) persists context between sessions (2) semantic &amp; temportal search (not just string grep). Basically git for your Claude brain<p>What it doesn’t do: - it won’t read your mind - it’s alpha; it might break if you throw a couch at it<p>Repo: <a href="https:&#x2F;&#x2F;github.com&#x2F;mutable-state-inc&#x2F;ensue-skill" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;mutable-state-inc&#x2F;ensue-skill</a><p>If you try it and it sucks, tell me why so I can fix it. Don&#x27;t be kind, tia

[Other] Obelisk 0.32: Cancellation, WebAPI, Postgres

[Other] Show HN: Zs3 – S3 server in ~1K lines of Zig, 250KB binary, zero dependencies Most S3 usage is PUT, GET, DELETE, LIST with basic auth. This does exactly that.<p>SigV4 auth, multipart uploads, range requests. Storage is just files on disk.<p>No versioning, no ACLs, no encryption. Use MinIO or AWS if you need those.

[DevOps] Show HN: Kuack – Run Kubernetes jobs in visitor browsers WebAssembly makes it possible to run serious computation in browsers. I wanted to see if we could treat browsers as Kubernetes workers.<p>Kuack is a Virtual Kubelet provider that schedules Kubernetes workloads to browser tabs. Visitors&#x27; browsers connect, report capacity, and become ephemeral workers. It looks like a regular Kubernetes node - same kubectl commands, same OCI images, same workflows. The difference is that pods execute in browsers instead of servers. With multi-platform OCI images, Kubernetes can fall back to regular nodes if no agents are available.<p>It&#x27;s designed for short-lived, stateless, CPU-heavy jobs: load testing from real networks, local data preprocessing, edge computing scenarios, machine learning tasks, etc.<p>Not a replacement for your cluster - just an extra option for workloads that benefit from browser execution.

[DevOps] Kubernetes egress control with squid proxy

[Other] Show HN: Pion SCTP with RACK is 70% faster with 30% less latency SCTP is a low level protocol focused on reliable packet transmission. Unlike hopelessly flinging packets from one device to another, it makes sure that the packets are correct using CRC, removes duplicate packets, and allows for packets to be sent in any order.<p>Going into an established library, I thought that everything was already implemented and that there wasn&#x27;t anything to do until I went through the existing issues and organized all the tasks and decided on an order. Sean DuBois (<a href="https:&#x2F;&#x2F;github.com&#x2F;Sean-Der" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;Sean-Der</a>), one of the co-creators and current maintainers of Pion, an open-source pure Go implementation of WebRTC (which uses SCTP), introduced me to a dissertation that was written about improving SCTP from 2021 (<a href="https:&#x2F;&#x2F;duepublico2.uni-due.de&#x2F;servlets&#x2F;MCRFileNodeServlet&#x2F;duepublico_derivate_00073893&#x2F;Diss_Weinrank.pdf" rel="nofollow">https:&#x2F;&#x2F;duepublico2.uni-due.de&#x2F;servlets&#x2F;MCRFileNodeServlet&#x2F;d...</a>). To my surprise, the features in it weren&#x27;t actually implemented yet, and generally went unused even though it depicted pretty big improvements. This came as a bit of a shock to me considering the countless companies and services that actively use Pion with millions of users on a daily basis.<p>This led to two things: 1) implement the feature (done by me) and 2) measure the performance (done by Joe Turki <a href="https:&#x2F;&#x2F;github.com&#x2F;JoeTurki" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;JoeTurki</a>). If you&#x27;re interested in reading more, please check out the blog post where we go over what SCTP is used for, how I improved it, and the effort that went into making such a large improvement possible.<p>This also marks a huge milestone for other companies and services that use SCTP as they can refer to the implementation in Pion for their own SCTP libraries including any real-time streaming platforms such as Microsoft Teams, Discord screen share, Twitch guest star, and many more!<p>For my personal background, please take a look at a comment below about what it was like for me to get started with open-source and my career related journeys. Thanks for reading!

[CLI Tool] Ed25519-CLI – command-line interface for the Ed25519 signature system

[Other] Show HN: I built an open-source wallpaper gallery for GitHub repos Hey HN,<p>GitHub has hundreds of wallpaper repositories with thousands of images, but actually browsing them is painful. You either clone gigabytes locally or click through the file browser one by one.<p>So I built WALL·E Gallery. Use existing collections or Paste a repo URL→ instant gallery.<p>How it works: - Fetches repo tree via GitHub (no cloning) - Proxies thumbnails (~50KB instead of 10MB originals) - Works with private repos too (with GitHub token)<p>Infinite scroll, search, dark mode, mobile friendly, self-hostable. No accounts, no tracking.<p>Live: <a href="https:&#x2F;&#x2F;walle.theblank.club" rel="nofollow">https:&#x2F;&#x2F;walle.theblank.club</a> Source: <a href="https:&#x2F;&#x2F;github.com&#x2F;amitray007&#x2F;wall-e" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;amitray007&#x2F;wall-e</a><p>Do share your suggestions&#x2F;feedback. Also, I did find my desktop wallpaper from this.

[Database] Show HN: Databasus – open-source backup tool for PostgreSQL, MySQL and MongoDB I had a post in the start of December about Postgresus 2.0: self hosted tool for PostgreSQL. Since then the project changed the name and added support of other databases: MySQL, MariaDB and MongoDB.<p>Website - <a href="https:&#x2F;&#x2F;databasus.com" rel="nofollow">https:&#x2F;&#x2F;databasus.com</a><p>GitHub - <a href="https:&#x2F;&#x2F;github.com&#x2F;databasus&#x2F;databasus" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;databasus&#x2F;databasus</a><p>Main features:<p>- Scheduled backups for multiple PostgreSQL, MySQL, MariaDB and MongoDB databases<p>- Storage to S3, Cloudflare R2, Google Drive, Azure Blob, NAS, SFTP, rclone, etc.<p>- Notifications about backup status via email, Telegram, Slack, Discord, MS Teams and customizable webhooks<p>- Works with both self-hosted and managed PostgreSQL (RDS, Cloud SQL, etc.)<p>- Runs as a single Docker container or via Helm on Kubernetes, can be installed via script<p>- There are workspaces and role-based access with audit logs

[Other] Building a macOS app to know when my Mac is thermal throttling

[DevOps] List, inspect and explore OCI container images, their layers and contents

[Other] Rust errors without dependencies