- Sandboxing for agents (Tavis)
- How people are safely sandboxing the tools they are using and shipping
- Security
- Managing many agents (Dan)
Felicitas Pojtinger pojntfx
You need SSH access, a personal Matrix account, a bot Matrix account, and a server (if self-hosting via Ollama, at least 32 GB of RAM)
Sign into your bot account in Element, go to Settings → Sessions, and delete any stale sessions to avoid E2EE key conflicts.
SSH into the server and create a dedicated nanobot user with passwordless sudo and lingering enabled (so its systemd user services survive logout):
pojntfx
/ main-binary.sh
Last active
March 17, 2026 06:57
Cross-Compile a puregotk app from Linux to macOS and run it via SSH
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -ex | |
| GOOS=darwin GOARCH=arm64 go build -x -o /tmp/sessions -ldflags="-X 'main.LocaleDir=/Users/pojntfx/Projects/sessions/po' -X 'main.SchemaDir=/Users/pojntfx/Projects/sessions/assets/resources'" . && scp /tmp/sessions pojntfx@[2001:569:7bcc:d80:98:6876:d203:c3b9]:/tmp/sessions && ssh -tt pojntfx@2001:569:7bcc:d80:98:6876:d203:c3b9 'codesign -s - /tmp/sessions && /tmp/sessions' |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # flatpak-builder | |
| ssh -p 22220 -t pojntfx@localhost "cd ~/Projects/sessions && flatpak-builder --user --force-clean --disable-rofiles-fuse --repo=repo builddir --install com.pojtinger.felicitas.Sessions.json --disable-updates && flatpak build-bundle repo sessions.flatpak com.pojtinger.felicitas.Sessions" && scp -P 22220 pojntfx@localhost:/home/pojntfx/Projects/sessions/sessions.flatpak /tmp/sessions.flatpak && flatpak install -u -y /tmp/sessions.flatpak && flatpak run com.pojtinger.felicitas.Sessions | |
| # Foundry | |
| ssh -p 22220 -t pojntfx@localhost "cd ~/Projects/sessions && foundry export" && scp -P 22220 pojntfx@localhost:/home/pojntfx/Projects/sessions/.foundry/cache/flatpak/staging/x86_64-main/com.pojtinger.felicitas.Sessions-x86_64.flatpak /tmp/sessions.flatpak && flatpak install -u -y /tmp/sessions.flatpak && flatpak run com.pojtinger.felicitas.Sessions | |
| # Go (static binary) | |
| ssh -p 22220 -t pojntfx@localhost "cd ~/Projects/portal && go build -o /tmp/usb ./cmd/usb" && scp -P 22220 pojntfx@local |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| make -C files/boot-keys clean | |
| make -C files/boot-keys IMPORT_MODE=local | |
| bst --no-strict build gnomeos/live-image.bst | |
| bst workspace open freedesktop-sdk.bst:components/linux.bst --directory ../linux/ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| doas setup-wayland-base | |
| apk add weston weston-backend-drm seatd weston-backend-wayland weston-shell-desktop weston-terminal font-dejavu | |
| doas adduser $USER video | |
| doas adduser $USER seat | |
| doas rc-service seatd start |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # phrog starts, phosh is still stuck in an endless loading loop for some reason | |
| #!/bin/bash | |
| doas apk add dbus elogind polkit-elogind seatd | |
| doas apk add phosh phoc squeekboard greetd-phrog | |
| doas apk add phosh-mobile-settings gnome-backgrounds | |
| doas rc-update add dbus default | |
| doas rc-update add elogind default | |
| doas rc-update add seatd default |
Commercial hosted providers (I recommend using these instead of hosting it yourself, esp. if you're setting this up for someone else):
- https://rcasys.com/en/services/hosting/managed-nextcloud-talk-videoconferencing
- https://www.spreed.eu/contact-nextcloud-talk-high-performance-backend/
This pad is heavily based on https://arnowelzel.de/en/nextcloud-talk-high-performance-backend-with-docker - it's probably best to check if there were any changes in that article before you proceede here.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # This is obviously not safe, but the only workaround I've found for apps that don't use the USB portal (https://flatpak.github.io/xdg-desktop-portal/docs/doc-org.freedesktop.portal.Usb.html) | |
| echo 'KERNEL=="tty*", MODE="0777"' | sudo tee /etc/udev/rules.d/99-tty-permissions.rules > /dev/null | |
| sudo udevadm control --reload-rules | |
| sudo udevadm trigger --subsystem-match=tty |
pojntfx
/ build-and-run.sh
Last active
August 6, 2025 19:57
Toggle active noise cancelling mode for AirPods on Linux with MagicPodsCore
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| git clone https://github.com/steam3d/MagicPodsCore.git | |
| cd MagicPodsCore | |
| ls | |
| mkdir -p build | |
| cd build | |
| cmake .. | |
| make -j$(nproc) | |
| ./MagicPodsCore |
NewerOlder