I know that Hallpass is pretty cool, but most of the time it’s just a process that doesn’t do anything and still takes up our precious memory (~ 20 MiB). For me personally, all my apps have tailscaled running in the background. And now that we got Tailscale SSH, Hallpass becomes even more redundant.
Currently the only way to prevent Hallpass from running is to:
rm -rf /.fly
for FLY_PID in $(pgrep ^/.fly); do kill $FLY_PID; done
But it looks kind of dirty. And they won’t work if you use something like Distroless Container Images. So I think it would be great to have a config option to disable Hallpass.
I believe Hallpass is responsible for more than just SSH.
I believe it’s also used for the Wireguard tunnelling layer used for internal networking; so without Hallpass, your container couldn’t connect to anything in your fly private network (like postgres). (Staff may be able to correct me on this) but I believe Hallpass is a pretty essential process to your machine being alive.
If your container is operating at ~20MiB below the VM limit, you probably want to consider increasing your machine size to keep the OOM Killer at bay.