I know that Hallpass is pretty cool, but most of the time it’s just a process that doesn’t do anything and still takes up our precious memory (~ 20 MiB). For me personally, all my apps have tailscaled running in the background. And now that we got Tailscale SSH, Hallpass becomes even more redundant.
Currently the only way to prevent Hallpass from running is to:
rm -rf /.fly
for FLY_PID in $(pgrep ^/.fly); do kill $FLY_PID; done
But it looks kind of dirty. And they won’t work if you use something like Distroless Container Images. So I think it would be great to have a config option to disable Hallpass.
I believe Hallpass is responsible for more than just SSH.
I believe it’s also used for the Wireguard tunnelling layer used for internal networking; so without Hallpass, your container couldn’t connect to anything in your fly private network (like postgres). (Staff may be able to correct me on this) but I believe Hallpass is a pretty essential process to your machine being alive.
If your container is operating at ~20MiB below the VM limit, you probably want to consider increasing your machine size to keep the OOM Killer at bay.
I believe it’s also used for the Wireguard tunnelling layer used for internal networking; so without Hallpass, your container couldn’t connect to anything in your fly private network (like postgres).
No, I believe 6PN Private Networks (if this’s what you mean) has nothing to do with Hallpass right now. Actually Hallpass was introduced later than 6PN Private Networks.
If your container is operating at ~20MiB below the VM limit, you probably want to consider increasing your machine size to keep the OOM Killer at bay.
Yes of course I increased my machine size. And 20 MiB certainly isn’t much. I’m just used to killing /.fly/hallpass in all my apps, so I thought it would be nice to have a config option.