An Ode to Open Source

In 2023 I managed to leverage mesh VPN networking to link my machines and remotely manage open source. The future is beautiful!

This year has been a year of excitement for me. A new job. New challenges. And the amazing opportunity to volunteer as one of three release managers for PHP 8.3. This is not at all what I expected from my year.

And the sudden, unexpected changes have introduced unexpected challenges.

When I build a new release for PHP, I do so on a System76 Thelio desktop. For those who don’t know me well, I absolutely love both the machine and the company that built it. The only problem is that I travel quite a bit, and a desktop machine is a bit too big to carry across the country with me.

I’m also too busy lazy to set up a proper mobile workstation for this kind of build. So instead, I leveraged some additionally fun tech.


Years ago, I tried my hand at building a mesh VPN. I used a basic build of OpenVPN on a Raspberry Pi and tried to peer multiple physical machines together. I was geeking out heavily on machine-to-machine communication in my home lab (read: leveraging git-daemon to move code between machines that were otherwise offline). I’d demonstrated some cool tricks to friends at an event, but I wanted a persistent way to collaborate with the same folks after we all went home.

My dream of a Pi-powered mesh network fell short because, frankly, I had no idea what I was doing with networking. I had an image in my mind of how it would work, but the protocol overhead and NAT traversal woes meant I never really got it going.

Fast forward to 2023 and Eric Van Johnson of php[architect] fame introduces me to Tailscale. A fully-featured, Wireguard-powered mesh network.I’ve since connected all of my cloud servers and my entire home lab to one another – this first version is quite sloppy but still insanely effective. I can remotely connect to any of my machines from any other, regardless of location, and can even route all of my traffic through my home network directly. With minimal overhead!

Tailscale accomplished everything I tried to do with OpenVPN – and did so even better than I imagined. And it also solved my PHP release problem!

Building PHP

My desktop workstation is well configured for builds, set up with appropriate configuration for jump box traversal, and has GPG keys maintained in secure hardware. It’s a stellar dev box and a great release machine – it just doesn’t travel.

So when I do travel, I instead take my smaller System76 Lemur laptop. It’s not nearly as powerful, but is wildly portable and a joy to use. This machine is so comfortable, I used it almost exclusively to draft the latest edition of O’Reilly’s PHP Cookbook!

My Lemur is also set up, save the build tools, almost identically to my primary dev box so there’s little to no switching cost when I swap one for the other. Especially now with Tailscale in the mix.

Thanks to the peer-to-peer mesh network, I can edit code on my Thelio via VS Code as if it were local on my Lemur. I can edit, manage git, and even cryptographically sign my commits and my releases. Even when I’m across the country for work or even in Hawaii on vacation.

Embracing Open Source

I use WordPress for my blog because it’s open source and because it’s how I originally got into software development. I maintain PHP because I love the flexibility and power of the language. I use System76 hardware because I support their mission to build fully open source systems that embrace a focus on the user’s right-to-repair.

For the first time in my career I’m able to finally marry all of these passions together thanks to outstanding systems like Tailscale (which itself embraces open source for the clients and a free model for personal use). It’s exciting that we’re finally this far, and I can’t wait to see what we accomplish next!