Not a mobile issue. I am on desktop and had no idea what this service was because nothing on the initial UI explained what we were looking at. I went and double-checked when people here were talking about pricing and VMs. From the home page, I figured it was some text-based game or experiment and closed the page.
It looks like some people who work there are watching this thread, so to them I say: You have got to explain what this is, not just say "the disk persists..." and expect people to dig deeper. Most aren't that curious.
>From the home page, I figured it was some text-based game or experiment and closed the page.
Same, my first thought was that it's some pentesting game where you're given a VM and your task is to somehow break it. The line "the disk persists. you have sudo" sounds like game rules.
It's odd to see how people are not accustomed to plain websites anymore. You click the 'About' link in the footer, and get a direct explanation of what it is, pricing and the entire documentation.
It's kind of funny our experiences are so diffent. I almost immediately surmised it's some sort of on the fly generated vm you can access via a ssh jumpserver. Which it is! It's actually really neat. It's quite obvious that the authors want us to just ssh into it and try it out first.
It's not interactive. It's just an extremely brief brochure for the actual service, which is available via SSH. All the useful copy is under the About link at the bottom, which is so light as to fail WCAG contrast standards.
I mean, I've done engineering work for the last 15 years on most layers of the stack. Seeing an ssh command into a fancy url does not tell me anything about what that is going to accomplish. But yeah, you must be right.
I was confused too. I first thought I should open up my terminal and just enter `ssh dev.exe` and this would be some kind of ssh-based interface? Honestly my first thought is that it would be one of those cool dev hack / art projects like the old starwars traceroute to 216.81.59.173
It didn't read as a company with products at all to me from the front page. Just a cryptic " The disk persists. You have sudo." with links to "Login" and "About * Blog * Discord" --- no pricing link, which made me think it was a weird hobby / art.
This thread seems to reflect how the HN audience has shifted — less commenters know what `ssh example.com` does and more commenters concerned about privacy policy.
I've seen enough of these kinds of services in my lifetime that I also immediately knew what it was, for example sdf.org, which is one of the OG services, and various "tilde" services like tilde.town.
I thought the same, but it’s not quite like either of those things. It has their same benefits but way more flexibility with its VM model. It offers auth, and will forward most ports for developer access.
All this was totally lost on me from looking at the website. “I already have tilde and sdf, I don’t need this.”
If I hadn’t looked into the comments I would still think that.
I wouldn’t go that far but some link to pricing and documentation would be useful. I have absolutely no idea what the offering is here without those pieces of info.
Hyperbole much? I'm on mobile and think it's great. I wish more websites were like this. Just straight to the point instead of all the regular marketing fluff you need to decipher.
Yeah, and it really is not I would want to do, just like diving into unknown water that sparkles weird.. It's an instinct, can get past it but to get more info about the service... nah.
So I tried this the other day after Filippo Valsorda, another Go person, posted about it. My reaction was 'whoa, this really makes it easier to start a quick project', and it took a minute to figure out why I felt that way when, I mean, I have a laptop and could spin up cloud stuff--arguably I already had what I needed.
I think it's the combination of 1) really quick to get going, 2) isolated and disposable environments and 3) can be persistent and out there on the Internet.
Often to get element 3, persistent and public, I had to jump through hoops in a cloud console and/or mess with my 'main' resources (install things or do other sysadmin work on a laptop or server, etc.), resources I use for other stuff and would prefer not to clutter up with every experiment I attempt.
Here I can make a thing and if I'm done, I'm done, nothing else impacted, or if it's useful it can stick around and become shared or public. Some other environments also have 'quick to start, isolated, and disposable' down, but are ephemeral only, limited, or don't have great publishing or sharing, and this avoids that trough too. And VMs go well with building general-purpose software you could fling onto any machine, not tied to a proprietary thing.
This is good stuff. I hope they get a sustainable paid thing going. I'd sign up.
Also, though I realize in a sense it'd be competition to a business I just said I like: some parts of the design could work elsewhere too. You could have an open-source "click here to start a thing! and click here to archive it." layer above a VM, machine, or whatever sort of cloud account; could be a lot of fun. (I imagine someone will think "have you looked at X?" here, and yes, chime in, interested in all sorts of potential values of X.)
I don't think that it's actually public? From one of their explainers, no public IP is assigned, so you'll need to ar least have to use an additional service like Cloudflare Tunnel to use it for hosting anything.
[exe.dev co-founder here] You can make it public! Our TLS proxy supports it, and supports CNAME rules (plus a top-level trick) to let you put a domain name on it. To make the HTTP server on port 8000 of your VM public run:
Is this 2 CPUs/8GB RAM per VM (in other words, 50 CPUs/200GB RAM)? If so, this is an unbelievable bargain (too good to be true?); other cloud providers charge hundreds of dollars per month for an equivalent VM.
If, OTOH, it's 2 CPUs/8GB total, Hetzner offers an equivalent VM for about $5/month (with much more disk and bandwidth), and I'm not sure what the exe.dev value proposition is. (I'm also not sure why one would want to split 25 VMs across so few shared CPUs/such little memory.)
No I apologize for the confusion (exe.dev person here). What is different about this service is you get dedicated resources that you share between your VMs. The initial allocation is conservative, we want to give people more (or drop the price).
The goal is to reduce the marginal cost of creating a VM to zero. Instead of installing a container manager or using Unix users, just make another VM.
(I will get a better version of this table online tonight.)
You guys really need to work on simplifying your communication on your website. I was also very confused about how the 8GB - whether it is per VM, shared etc.
>Instead of installing a container manager or using Unix users, just make another VM.
What is the advantage of this? Unless you need something exotic like different kernel configurations per instance, what's the problem with using containers on the same instance?
BTW, a Hetzner dedicated server with 2 CPUs/8GB RAM that would let me run my own hypervisor is about $14 USD/month. For anyone who's a big enough power user to care about the distinction of running distributed workflows on VMs versus containers, I'm not sure that an extra $5/month is worth your "hypervisor as a service." But then again, HN commenters infamously poopooed Dropbox [0], so what do I know? :-)
Containers aren’t enough for me. I like to do things like create TUN devices, run docker compose, etc. I believe the VM is a fundamentally better abstraction.
Consider this: sometimes when you are using a VPS, you start a new project and say to yourself, "I should put this on a new VPS." Not all the time, but it does happen. And when it does, we are faced with the problem that starting a new project immediately costs us $X/month. I would like a new project to initially cost nothing.
Is that possible and useful with exe.dev? The docs say:
On the networking side, we don't give your VM its own public IP. Instead, we terminate HTTPS/TLS requests, and proxy them securely to your VM's web servers. For SSH, we handle ssh vmname.exe.xyz.
> run docker compose
You can run multiple compose stacks in a single VPS.
> you start a new project and say to yourself, "I should put this on a new VPS."
The docs remark “VMs share the resources allocated to the user” so I interpret as resources allocated to your account, VMs provisioned within those limits.
This is cool. I am currently using GitHub codespaces and I would love a version of it with nothing but a web based terminal. I don't need all the other windows they put around it. This might be it.
Trying my way around it now. Not sure what is going on:
me: apt install apache
the shell: exe.dev repl: command not found: "apt"
What is "exe.dev repl"? Am I not in a shell?
me: bash
the shell: exe.dev repl: command not found: "bash"
[exe.dev co-founder here] Hi there, I am not sure exactly where you are, but your VM is ubuntu derived and definitely starts with apt and bash. Perhaps try `ssh yourvm.exe.xyz`?
While at tailscale you built sketch.dev only to actually build this product ? Love it. Ultimate yak shave.
Kind of how like Antithesis was the product inside foundationdb.
- Email delay to Gmail inboxes for verifying an SSH key used via SSH via email is longer than the timeout of the "Waiting for verification email..." stage in the SSH key registration. Wait longer or provide a non-email way to authorize a new key. You could imagine a few ways to do this: Allow users to add/delete SSH keys from the website or exe.dev shell; create a bearer token/random string that I can generate from the exe.dev shell or website to associate a new SSH key; SSH key signatures (existing key signs new key); SSH CAs (like @cert-authority); etc.
- SSH U2F/FIDO2 authentication support has become mainstream, and offers you a way to have homogeneous auth across web and SSH interfaces. Maybe consider unifying authN this way?
- exe.dev ssh interface does not allow me to list SSH keys, only to delete them. Consider moving all authN/authZ functionality into an "auth" subcommand/submenu (like you have for "share") and support SSH pubkey CRUD in there.
- You make some strong assumptions about email addresses that aren't true -- what happens on email address changes, lost email access, etc. This will become more important when you start billing (and possibly costly).
- How do I manage persistent disks? Any way to attach them to a different VM after I'm done with them on the original one? Is there always a single PD per VM or can these be managed separately? What about data or database volumes? Can PDs be attached to one or multiple VMs at a time?
At what scale do you break even on fixed costs (wages, rents, etc.)?
I signed up and started a VM. Didn’t really expect the default chat interface at boot. I’m currently on my iPad and would probably have bookmarked it for later, but now I’m playing with it. Cool idea :)
Edit: it comes out of the box with screenshot capabilities. The defaults on this are very well considered. Im impressed within the first 15 min.
Edit2: this is very neat. I will be recommending it to my non-coder friends who don’t really have the local setup to use Claude but would like to try a Claude-like tool.
I wish they'd auto auth you with Github based on your pubkey, in a similar spirit to `ssh whoami.filippo.io`[1]. That would remove so much signup friction.
SSH is really the only protocol you can do shenanigans like that over, it's a shame not to use them.
That is neat trick, and interesting to know that's how ssh git@github.com works, but that does not feel practical for a real usecase. Aside from relying on a scrape of the Github users API (there's no "look up user by pubkey" API), what if I wasn't expecting to automatically log in with Github?
unlike others, i like the site and the initial prompt.
Lost me at "verify email" though. Why get so creative, yet limit yourself to archaic "email". Why do *YOU* the provider need me to have an email or a phone?
Look, mullvad can provide vpn services without email or all that nonsense. If you want people who will use ssh to order things, these are the same people that would get your service because you're not asking for dumb things like email. It's the first thing you ask of potential users, and it's an obstacle preventing them from giving you their money!
You can issue users a recovery/access key and/or let them user their ssh public key and trust they know how to manage that on their own. If you have messages for them, display that when they login. This sort of stuff differentiates your service, ssh does too, but it's cosmetic and gimmicky. I would prefer a rest-api over ssh anyways, but ssh is cool too.
You can’t host compute for anonymous users. I mean you can, but you won’t for long due to the abuse that will inevitably come with it. That you are responsible for. And anyway, it’s not always going to be free.
Yes, that is why they always require a credit card as well. I'm sure exe.dev will be no different soon but they are trying this in alpha to get feedback and traction; just hoping they won't attract the notice of the barbarian hordes right away.
I run https://pico.sh where we don’t ask for email. Even on our website we instruct users to generate a token so if they do lose their key they can use it to recover their account.
People regularly lose their ssh keypair and also don’t generate a token. I think using email as a form of recovery is totally fine and regardless when you have to pay for the service you’re going to give up your email (and other personal info) via payment processor
It isn't a free service -- only during the alpha you get access to an "Individual" account which would normally run $20/mo once the test period is over.
Oh, we're doing Fly again? Cool! I don't mean that sarcastically -- making it dead simple to get a VM at a domain or IP in a few seconds is good and useful. We should keep trying this idea, because every time it gets easier.
On a side note, a lot of people in this thread are doing a sort of "I don't get it, your website sucks" but it's like, come on dude! Just read the site! It takes less time to read the pricing, docs, and FAQ than it does to post about how you don't get it.
The problem without having consent is that it's easy to track who is using your service. Because there's no consent, they can redirect you to login and back, and grab your identity, without you doing anything other than loading the page.
You can do the same thing - with the added burden of actually having to set it up once ... After you set it up, it's however just as trivial to add new systems like with this linked example.
I got pretty much everything I'm self-hosting like that via keycloak (which itself let's me do social with via GitHub and Google etc pp) and a very similar nginx config like it's shown in these docs.
But the initial setup took multiple hours, even if the adding new services which support forward/proxy auth is extremely easy now.
(Jellyfin sadly doesn't as an example)
Just saying it in case you want to check it out.
I think it's fantastic they added that/provide this to their platform - it's a wonderful value-add
I think running and managing and possibly misconfiguring a keycloak java monolith would be exactly what I'd want to avoid which is why it's cool that they offer this.
There are a lot other identity providers around you can pick from, I merely mentioned it as I personally use it, as it's so easy to run and integrate with social auth - and comes with features such as simple password-less auth.
The forward auth/proxy auth is not a keycloak feature, it's a proxy feature, which just need some identity provider. If you look for the mentioned term via Google or AI/llm you will find multiple options, some of which are as easy to setup as a simple docker run cmd with an open port
Dang, everything about this feels really well considered. Semi-throwaway, nearly bare-metal machines that I can put on the internet with basically 0 config? I'll take
Sorry if I missed this in the docs, but how robust is the persistence? ie is it the disk that comes with a standard AWS VM? or is it a share backed by e.g. Ceph with multiple redundant copies?
Details coming in the next few weeks. The contents are regularly replicated to a disk cluster, though we have some more experimentation to do before we commit to exactly how frequently. This space has a lot of trade-offs, we believe we have found a new and interesting one.
Oh I’m going to need more info than this. It’s a service that provides persistent disk and VM’s but doesn’t tell you what those shared resource limits are, what the pricing is, or anything other than to ssh in…
Hello, an exe.dev person here. There are some very early docs, exe.dev/docs (which are also accessible over ssh once you ssh in). There is a lot more to come, very early days, please bear with us. I was not expecting to see it here today.
I have played with it and it's so easy get started with that now I want a quick-project idea as an excuse to use it!
I'm sure you've thought of this, but: lots of people have some amount of 'free' (or really: zero incremental cost to users) access to some coding chat tool through a subscription or free allowance like Google's.
If you wanted to let those programs access your custom tools (browser!) and docs about the environment, a low-fuss way might be to drop a skills/ dir of info and executables that call your tools into new installs' homedirs, and/or a default AGENTS.md with the basic info and links to more.
And this seems like more fuss, but if you wanted to be able to expose to the Web whatever coding tool people 'bring', similar to how you expose your built-in chat, there's apparently an "agent control protocol" used as a sort of cross-vendor SDK by projects like https://willmcgugan.github.io/toad-released/ that try to put a nice interface on top of everything. Not saying this'd be easy at all, but you could imagine the choice between a few coding tools and auth info for them as profile-level settings pushed to new VMs. Or maybe no special settings, and bringing your own tools is just a special case of bringing your own image or setup script.
But, as y'all note, it's a VM. You can install whatever and use it through the terminal (or VSCode remoting or something else). "It's a computer" is quite a good open standard to build on.
Thanks! We are thinking a lot about how to prepopulate VMs. The first thing we are going to start with is a fast ‘clone’ command, so you can preconfigure a base VM then make as many as you like. Lots of other ideas floating around too.
Re sketch: the code is not the same but the agent is deeply inspired by it. Eg the screenshot support, which just seems obvious to us. Philip has done the heavy lifting here, he hangs out in the discord if you want to chat about it.
I really like the concept, the persistence (with backups!), pre-installed agents, and how easy it is to go from experiment to a live server.
The downsides:
- usage-based pricing would be nice, $20/month is pretty steep to start, but also no room to scale up?
- 100GB/month is only 300k views for a small-ish page or API, 10k req/day is a tiny amount of traffic. Can't make anything public with that. Even the smallest servers at Hetzner have unlimited bandwidth
Those limits make it pretty clear it’s not really meant for hosting a production app. It’s for sharing something you’ve developed with friends/colleagues, or maybe a low traffic webhook handler for some personal thing. I made an Alexa skill for my kids once and it is perfect for that kind of project.
This is freaking fantastic. However, as a community college instructor I would like to have this self-hosted on a computer in campus. Excluding the CLI niceties, etc., it shouldn't be to hard to get a similar setup with Docker et al, right? (not for production)
It's not possible to run real VMs with docker (though you can get something similar with qemu). VM isolation is also much stronger than docker's, and VMs tend to be much more secure.
But if you just need a shell then yes, you can make something similar with docker.
Just setup an account and started a VM, but it's hanging when trying to access it while waiting on the public key response. Web based terminal not loading either. Guessing the site is getting the hug-of-death from HN users?
Very impressive demo. From VM curation to vibe coding something running on port 8000 in Shelley just worked in minutes. I imagine quite a few technically impressive things happening under the hood, would be interested in reading more about those.
Small nit: I think you should make it more clear in the docs (if not in the landing page) that one can just use any key with the ssh command the very first time and it automatically gets registered. Also on the web UI one should have the ability to add the ssh keys. I logged into the web UI first, and was a bit confused.
I think the pricing is alright for the resource and remote development features, though might be a bit much if someone doesn't need higher level of resources for deploying something that's mostly already developed.
Anyway, this reminds me of a product called Okteto that had similar UX. They were focused on leveraging k8s for declarative deployment. But for some reason they suspended their managed cloud/SaaS offering for individual/non-enterprise clients, I wonder if it was because they couldn't make the pricing work. Hope that doesn't happen here.
very cool, my only reason for not using it is latency. recommendation: look up user's ip and geo location, spin up VM in a datacenter with lowest latency.
I really enjoyed using this service. I signed up on my phone two nights ago, (using termux + ssh) and then used the builtin web agent to setup a small webapp. I was up and running with an HTTPS server in minutes, since all the HTTPS certs are automatically taken care of.
I'm not using it yet, but the way that it handles sharing looks incredibly sweet: an excellent way to take "home-cooked software and bare-foot developers" "perfect software: an audience of one" from one to a few / many people. Just sharing links that people can easily sign into, without having to build a whole auth system seems ridiculously easy here, and that is super cool. You don't have to think about it, you can just build your app: this fills a huge gap that makes making connected online software so much easier. https://outofdesk.netlify.app/blog/perfect-softwarehttps://news.ycombinator.com/item?id=46334206https://exe.dev/docs/sharing
I used the included Shelley agent, which has a perfectly adequate simple web ui, to do all development. It was able to debug a bunch of pretty gnarly problems, using screenshots & scrolling down to get check it's work.
My output is a super simple site, very close to vibe coded, in ~90 minutes, but I quite enjoyed setting up a little guestbook project here: https://nan-falcon.exe.xyz/
Hello, I am behind this company. My co-founder Josh Bleecher Snyder has also been hanging around the internet for a while. There are several of us hacking away. It is very early days, we have a lot of work to do to earn your trust but it is my intention to do so.
Both are also early Go engineers and developers who hacked on the Go stdlib for years. Most people in the Go community know them. Great people, and the idea speaks for it. I wish them best of luck.
[exe.dev co-founder here] You are right, you cannot! It was quite a bit of work. We have a blog post in the works that should come out in a couple of weeks with all the details.
I was just sufficiently nerd sniped by this, so let me know if I’m close:
Based on what the commenter below found about sshpiper I believe that you use the ssh identity + the ip from the slot to resolve the vm target. sshpiper knows how to route the ssh identity + slot ip to the correct VM. I suspect you have a custom sshpiper plugin to do that routing.
You use the slot record indirection so you can change the ip of a slot without having to update everyone’s A records across the customer base. It also makes it easy to shuffle around vm-slot mappings within a customer. I haven’t tested, but I’m guessing this dns server is internal (coredns?), and the ips too.
I did something similar (ip + identity routing) for a project a few weeks ago. Yours is a lot more elegant with the dns indirection.
I’m no ssh expert, but in theory you should be able to ssh -J exe.dev myvm.exe.xyz for a one-liner? Or maybe you don't even need it, if that DNS server within the ssh exe.dev is the same as the public DNS. Pardon for not testing it yet!
Would be interested in this too, I did some work in the past to make it work via Envoy proxy using HTTP CONNECT but that requires plugging in proxytunnel[0] or nc on client side.
> $ nslookup abc.exe.xyz
> abc.exe.xyz canonical name = s001.exe.xyz.
> $ telnet s001.exe.xyz 22
> Trying 100.20.12.135...
> Connected to s001.exe.xyz.
> Escape character is '^]'.
> SSH-2.0-SSHPiper
Looks like it's a combination of SSH server IP address + public key.
Each VM you create (up to 25 of them) gets a different CNAME record of the form s0NN.exe.xyz where NN ranges from 01 to 25. Each of these names, from s001.exe.xyz to s025.exe.xyz, resolves to a different IP address.
Therefore the individual VM can be distinguished this way, and the account they are associated with can be identified using the SSH public key that is used to authenticate.
In which country are the VMs hosted? Do you have a warrant canary? Where's the AUP and how much peeking into customer VMs and storage do you do to enforce it?
None of this actually matters. If you want to keep your data private, host it on your own hardware. Countries, company policies, etc are all essentially irrelevant
Seems it's overloaded now. I like the UX though. My usual question with any hosting is how do you avoid this being abused by hackers, scammers, etc.? Right now it's easy to just create any VMs for free based on a mail account, that seems ripe for exploitation (maybe it's down now cause someone's exploiting it?)
I was curious about the HTTP proxying, so here is a site showing how it looks on the VM side, displaying headers of the incoming request: https://hydra-cloud.exe.xyz
It also runs whois on the forwarded-for IP address, and displays netstat and ps output.
Interestingly the request comes from localhost. Not sure why that is.
POST /gateway/llm/_/gateway/fireworks/inference/v1/chat/completions HTTP/1.1
Host: 169.254.169.254
User-Agent: Go-http-client/1.1
Content-Length: 491
Accept: application/json
Authorization: Bearer implicit
Content-Type: application/json
Accept-Encoding: gzip
{"model":"accounts/fireworks/models/qwen3-coder-480b-a35b-instruct","messages":[{"role":"user","content":"Generate a short, descriptive slug (2-6 words, lowercase, hyphen-separated) for a conversation that starts with this user message:\n\nhello\n\nThe slug should:\n- Be concise and descriptive\n- Use only lowercase letters, numbers, and hyphens\n- Capture the main topic or intent\n- Be suitable as a filename or URL path\n\nRespond with only the slug, nothing else."}],"max_tokens":8192}
And, perhaps of more interest, actual conversations which start with the system prompt:
POST /gateway/llm/_/gateway/fireworks/inference/v1/chat/completions HTTP/1.1
Host: 169.254.169.254
User-Agent: Go-http-client/1.1
Content-Length: 10513
Accept: application/json
Authorization: Bearer implicit
Content-Type: application/json
Accept-Encoding: gzip
{"model":"accounts/fireworks/models/qwen3-coder-480b-a35b-instruct","messages":[{"role":"system","content":"You are Shelley, a coding agent and assistant. You are an experienced software engineer and architect. You communicate with brevity.\n\nYou have access to a variety of tools to get your job done. Be persistent and creative.\n\n
...
Truncated as it's huge, but here's a copy of the request data: https://victory-george.exe.xyz. Interesting to see the range of tools offered by the agent.
Turns out the request is coming from localhost because it's being forwarded over SSH. Their HTTP proxy causes a new SSH connection to be made to the VM:
Connection from 10.42.0.1 port 37456 on 10.42.1.75 port 22 rdomain ""
debug1: Local version string SSH-2.0-OpenSSH_9.9
debug1: Remote protocol version 2.0, remote software version Go
debug1: compat_banner: no match: Go
Which then requests a local TCP connection, in this case to port 8000:
debug1: Entering interactive session for SSH2.
debug1: server_init_dispatch
debug3: receive packet: type 90
debug1: server_input_channel_open: ctype direct-tcpip rchan 0 win 2097152 max 32768
debug1: server_request_direct_tcpip: originator 0.0.0.0 port 0, target 127.0.0.1 port 8000
debug1: connect_next: start for host 127.0.0.1 ([127.0.0.1]:8000)
debug2: fd 7 setting O_NONBLOCK
debug2: fd 7 setting TCP_NODELAY
debug1: connect_next: connect host 127.0.0.1 ([127.0.0.1]:8000) in progress, fd=7
debug3: fd 7 is O_NONBLOCK
debug3: fd 7 is O_NONBLOCK
debug1: channel 0: new direct-tcpip [direct-tcpip] (inactive timeout: 0)
debug1: server_input_channel_open: confirm direct-tcpip
debug3: channel 0: waiting for connection
This is in contrast to a normal SSH shell session:
debug1: Entering interactive session for SSH2.
debug1: server_init_dispatch
debug3: receive packet: type 90
debug1: server_input_channel_open: ctype session rchan 0 win 2097152 max 32768
debug1: input_session_request
debug1: channel 0: new session [server-session] (inactive timeout: 0)
debug2: session_new: allocate (allocated 0 max 10)
debug3: session_unused: session id 0 unused
debug1: session_new: session 0
debug1: session_open: channel 0
debug1: session_open: session 0: link with channel 0
debug1: server_input_channel_open: confirm session
debug3: send packet: type 91
debug3: receive packet: type 98
debug1: server_input_channel_req: channel 0 request pty-req reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req pty-req
debug1: Allocating pty.
I built a similar infrastructure, a bit more human friendly, for spinning up AI agents' sessions for scientific work rather than web dev. Also with Share link for the sessions. (https://ai-archive.io)
Hello, an exe.dev person here. They are VMs, on a crosvm-derived VMM. So I consider them "actually VMs", though we do not currently support custom kernels. You can do VM things in there, like create TUN devices, etc.
Thank you! Yes, KVM. And public IPs are very useful and we want to do them. We will have to charge and/or limit them, unlike VMs, unfortunately, because IPv4 is scarce. (I am busy trying to buy some right now.) You can follow along here: https://github.com/boldsoftware/exe.dev/issues/6
Not super important to me (and you state explicitly it may change) but your docs are a little out of date here, I think. crosvm versus Cloud Hypervisor / Kata Containers, is, I think, different?
exe.dev ▶ doc how-exedev-works
How exe.dev works (how-exedev-works) - press q to exit
You're an engineer. We're engineers. Let's talk about what's going on under the hood.
An "exe.dev" VM runs on a bare metal machine that exe.dev rents. We happen to use Kata Containers and Cloud Hypervisor, but that's a bit of an implementation detail (and may change!).
With most providers, your VM starts with a "base image" and is given a block device. Exe.dev instead starts with a container image (by default, "exeuntu"), and hooks up an overlay filesystem to the VM. This makes creating a new VM
take about two seconds. In exchange, we lose some flexibility: you don't get to choose which filesystem you're using, nor which kernel you're using.
On the networking side, we don't give your VM its own public IP. Instead, we terminate HTTPS/TLS requests, and proxy them securely to your VM's web servers. For SSH, we handle ssh vmname.exe.xyz.
No matter what i do, i can't ssh into VM that i created
Local terminal; always timeout
built in terminal; SSH handshake failed: ssh: handshake failed: EOF
shelley agent seems to be install, but it always shows isn't running.
[exe.dev co-founder here] Thank you! Not to give too many secrets away, but my hope is to follow a business model I have been part of before, and make it as cheap as possible for individuals so they encourage their employers to buy it for work. So I would very much love to get cheaper.
The two constraints are that, one, when small underlying resources are expensive (we hope to fix that soon by not being small!), and two, we do not want to make the resource allocation so small that the VM feels unpleasant to use. So there is a floor on how small we make them.
That said, I very very much want to drop prices. We started with conservative numbers.
Might be a good place for yunohost/coolify style services, especially if you have multiple separate entities - though probably tricky to do inbound mail because of IP allocation?
I'm not a fan of making ssh the primary access mechanism for a service. Just make a simple Web panel for managing VMs, and actually explain on the service on the Web page.
Super cool. I can't justify investing time in it at the planned pricing but I'll keep an eye on it if they can hack together a more competitive VPS option.
Remote resources only get your public key. It’s meant to be shared! Hence the word “public.”
The threat is having a private key stolen, in which case, having multiple keys can mitigate the amount of damage a threat actor can do. However, to steal your private key would involve a successful attack against your client, not against any server you might have given the public key to.
The description of authentication mechanism is confusing me. it’s over ssh, but how is this integrated?
> Private by default, share with discord-style links exe.dev takes care of TLS and auth for you. By default only you can reach your HTTP services, and you have easy mechanims to share them with friends and colleagues.
You ssh in with any key, and it asks you for an email to verify. You're then at a exe.dev console.
There are a couple different link patterns:
exe.dev ▶ doc sharing
Sharing (sharing) - press q to exit
You can share your VM's HTTP port (see the http proxy documentation /proxy) with your friends. There are three mechanisms:
1. Make the HTTP proxy public with share set-public <vm>. To point the proxy
at a different port inside the VM, run share port <vm> <port> first.
Marking it public lets anyone access the server without logging in.
2. Add specific e-mail addresses using share add <vm> <email>. This will
send the recipient an e-mail. They can then log into exe.dev with that e-mail,
and access https://vmname.exe.xyz/.
3. Create a share link with share add-link <vm>. The generated
link will allow anyone access to the page, after they register and login.
Revoking the link (which can be done with the remove-link command)
does not revoke their access, but you can remove users who are already
part of the share using share remove <vm> <email>.
Thanks! love the idea, looking forward to playing with this. I understand now from comments that this was brought to this site sooner than intended, sorry if I asked in a rude way.
Simpler and easier seems to be the answer. How much does it cost to spread 8gbs RAM across some VMs? Most providers require additional of how many VMs over how many hours, what the specs kf each are specifically, etc. Then once you have it you're setting up an SSH key or shared password depending on use and they make the authentication simpler as well. Maybe wouldn't be great for a huge business but it's you just wanted the ability to play with an isolated server, it might be worth it.
I have not used E2B (though I really like their web site), though it looks like there are quite a few differences. Our disks are persistent (without manual snapshotting), we have a TLS proxy by default with built-in auth and link sharing.
It also looks like they have many features we do not have (yet).
I believe the target use is also quite different. You can use exe.dev VMs for running your agent. But you can also use it for hosting your site. E.g. blog.exe.dev is an exe.dev VM.
Thanks for the response. In the "How exe works" page, it's mentioned that exe runs on bare metal with Kata containers, how is it different from firecracker? Were there any advantages?
The mention of Kata is out of date, we are fixing that, thanks! Our underlying VMM is very similar to firecracker (same upstream source). We believe our advantages are in how we run it. Several blog posts are in the works about technical details!
Thanks, I couldn't figure out what the hell was wrong. The front page is just... not helpful. Given the amount of pushbash how everyone feels about this, it should be removed from HN frontpage!
Thanks. I feel like I expect home pages to contain at least a modicum of information. And three seconds spent thinking about accessibility would have told them that light gray links on a white background are a terrible idea...
Apologies for the vagueness of the home page, we were not expecting to be here today. There is a little more info in our first blog post https://blog.exe.dev/meet-exe.dev and docs, but far needs to be written.
(We have also built some interesting tech behind this that we are excited to write up, I have a doc two pages long of blog posts we want to write.)
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.
I just tried this out in Firefox on macOS and there are no issues, so this might have something to do with our LetsEncrypt wildcard cert and the CA roots installed on Android. Could you tell me what version of Android you are using?
An error occurred during a connection to blog.exe.dev. SSL received a record that exceeded the maximum permissible length.
Error code: SSL_ERROR_RX_RECORD_TOO_LONG
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.
[exe.dev co-founder here] It is planned! The reason we have not got to it yet is it needs to be very different than IPv4 support. We have spent a lot of time on machinery to allow `ssh yourmachine.exe.xyz` work without having to allocate you an IPv4 address. The mechanisms for IPv6 can and should be different, but they will also interact with how assigning public static IPv4 addresses will work in the future.
We do not want to end up in the state AWS is in, where any production work requires navigating the differences between how AWS manage v4 and v6. And that means rolling out v6 is going to be a lot of work for us. It will get done.
I don't really see what's so different about this than any other dedicated server provider... I can sign up to any host right now and get an email with access to the server details... Like, what am I missing here?
[exe.dev co-founder] Hi! There is a mobile site. It is not super visible right now but you can use it to create VMs (and even build something on them with our agent if you like). If you ran into a particular bug I would love to get it in the issue tracker so we can fix it.
Val.town seems to be serverless, where as this is explicitly a server. One is really a subset of the other though, so I suppose if you're deploying ts functions to a service/server, and your execution costs match up with the tiers here, exe.dev could be cheaper.
Awesome project which I first thought might have something to do with microsft .exe format but not that big of a deal and I find this project really cool and I had thought about similar project like these so kudos that you built something like this!
I mean it and I wish the best of luck for the project
That being said, I tried to look at it for asap golang project deployments and I am the creator of https://spocklet-pomodo.hf.space/ a single main.go + single dep multiplayer pomodoro (please note that it was one shotted out of curiosity and also frustration as https://cuckoo.team would sometimes glitch for me)
That being said, I face the issue where I can't have a go.mod or run go mod tidy because I face this error
exedev@crimson-cobra:~$ go mod tidy
go: finding module for package github.com/gorilla/websocket
go: pomodo imports
Hope that the project fixes this and wishing best of luck to the project. I am a little busy right now with studies but your idea truly inspired me and perhaps I want to create a similar thing or collaborate on it with you too so I will join discord hopefully sooner than later.
I am looking further into it and seeing if I can fix that error as I would love to host some exe.dev's services and wishing the best of luck for the project and hope that it becomes sustainable enough.
Out of curiosity, if I may ask, what is the tech stack behind this which generates the vm's. Is it libvirt or firecracker perhaps?
For my own use cases, I recently rediscovered incus and even ran it on cachyos on my desktop to try it out and there were some hiccups partially because I was running it on non standard debian/ubuntu but I am overall very pleasant with incus but still, I am interested in what tech stack you used so please discuss!!
Also what cloud provider are you using. Pro tip but if you are looking for something cheap, either go with ovh or upcloud.
I really really love hetzner a lot too. (Hey hetzner_OL if you are reading this, love hetzner, have a nice day and hope your christmas was good:)
But still hetzner is a little admittedly more strict than ovh but maybe hetzner can respond to it as I know that their policy can ban accounts if someone abuses and considering that you provide compute (to even free) chances of abuse can rise but overall hetzner's the cheapest so I hope hetzner team might make an special exception/response to your post/my comment.
I am imagining a github private action which ssh's into this and then updates and runs a simple shell script which can be a reinstall state every time someone updates something in git to get git-ops style workflow. If someone implements it for exe.dev, just credit me :) (if you so wish)
`
An amazing product overall. 7/10 due to that one hiccup which saddened me a bit (but which I have faith can be fixed) but its a 9-10/10 potential and that means a lot and a 7/10 at launch is pretty good
Please just tell me every decision/question I had in depth since I love details about projects like these ^^
Another minor suggestion I can have is having asciinema gif too to showcase what it does for some people. To me I only understood to run the command ssh exe.dev which then helped me learn but the only way I understood what exe.dev does beforehand was reading the comments on HN
An asciinema can go a long way in this journey, perhaps, let me know your thoughts.
And have a nice day! One thing I am wondering tho is if you are gonna open source the project, one project which feels similar to your project which is open source is this https://github.com/ekzhang/ssh-hypervisor that runs on top of firecracker
Zero information available on mobile.
I thought it is some kind of portfolio site that does not work on mobile.
It looks like some people who work there are watching this thread, so to them I say: You have got to explain what this is, not just say "the disk persists..." and expect people to dig deeper. Most aren't that curious.
Same, my first thought was that it's some pentesting game where you're given a VM and your task is to somehow break it. The line "the disk persists. you have sudo" sounds like game rules.
How? It just says `ssh exe.dev`. Unless you are clairvoyant.
scroll down and hit the "about" link. I do agree though the landing page could be more resourceful.
I'm not going to SSH to a random server.
The disk and sudo mentioned are good enough clues, then you have the about.
> The disk and sudo mentioned are good enough clues
I mean, you do you and let's agree to disagree about a good landing page UX.
Opening a random website likely exposes you to more risk.
It didn't read as a company with products at all to me from the front page. Just a cryptic " The disk persists. You have sudo." with links to "Login" and "About * Blog * Discord" --- no pricing link, which made me think it was a weird hobby / art.
Homepage -> blog -> docs -> "all docs" button:
https://exe.dev/docs/list
Which has an about and pricing etc.
That is very counterintuitive to just find out what this is.
> ssh exe.dev
> The disk persists. You have sudo.
I've seen enough of these kinds of services in my lifetime that I also immediately knew what it was, for example sdf.org, which is one of the OG services, and various "tilde" services like tilde.town.
All this was totally lost on me from looking at the website. “I already have tilde and sdf, I don’t need this.”
If I hadn’t looked into the comments I would still think that.
https://exe.dev/docs/pricing
It's really annoying when you're interested in a product but can't find a price.
> ssh exe.dev
> The disk persists. You have sudo.
on mobile
And cannot open keyboard if that is needed. It is like big CTA but does not do anything.
Very strange landing page for maybe cool product.
I think knowing what the ssh command does is a pretty low bar for this platform
it's fiine i think
... which it is.
I think it's the combination of 1) really quick to get going, 2) isolated and disposable environments and 3) can be persistent and out there on the Internet.
Often to get element 3, persistent and public, I had to jump through hoops in a cloud console and/or mess with my 'main' resources (install things or do other sysadmin work on a laptop or server, etc.), resources I use for other stuff and would prefer not to clutter up with every experiment I attempt.
Here I can make a thing and if I'm done, I'm done, nothing else impacted, or if it's useful it can stick around and become shared or public. Some other environments also have 'quick to start, isolated, and disposable' down, but are ephemeral only, limited, or don't have great publishing or sharing, and this avoids that trough too. And VMs go well with building general-purpose software you could fling onto any machine, not tied to a proprietary thing.
This is good stuff. I hope they get a sustainable paid thing going. I'd sign up.
Also, though I realize in a sense it'd be competition to a business I just said I like: some parts of the design could work elsewhere too. You could have an open-source "click here to start a thing! and click here to archive it." layer above a VM, machine, or whatever sort of cloud account; could be a lot of fun. (I imagine someone will think "have you looked at X?" here, and yes, chime in, interested in all sorts of potential values of X.)
I don't think that it's actually public? From one of their explainers, no public IP is assigned, so you'll need to ar least have to use an additional service like Cloudflare Tunnel to use it for hosting anything.
— $20/month
— 25 VMs
— 2 CPUs
— 8GB RAM
— 25GB disk
— 100GB bandwidth
Is this 2 CPUs/8GB RAM per VM (in other words, 50 CPUs/200GB RAM)? If so, this is an unbelievable bargain (too good to be true?); other cloud providers charge hundreds of dollars per month for an equivalent VM.
If, OTOH, it's 2 CPUs/8GB total, Hetzner offers an equivalent VM for about $5/month (with much more disk and bandwidth), and I'm not sure what the exe.dev value proposition is. (I'm also not sure why one would want to split 25 VMs across so few shared CPUs/such little memory.)
The goal is to reduce the marginal cost of creating a VM to zero. Instead of installing a container manager or using Unix users, just make another VM.
(I will get a better version of this table online tonight.)
What is the advantage of this? Unless you need something exotic like different kernel configurations per instance, what's the problem with using containers on the same instance?
BTW, a Hetzner dedicated server with 2 CPUs/8GB RAM that would let me run my own hypervisor is about $14 USD/month. For anyone who's a big enough power user to care about the distinction of running distributed workflows on VMs versus containers, I'm not sure that an extra $5/month is worth your "hypervisor as a service." But then again, HN commenters infamously poopooed Dropbox [0], so what do I know? :-)
[0] https://news.ycombinator.com/item?id=9224
Consider this: sometimes when you are using a VPS, you start a new project and say to yourself, "I should put this on a new VPS." Not all the time, but it does happen. And when it does, we are faced with the problem that starting a new project immediately costs us $X/month. I would like a new project to initially cost nothing.
Is that possible and useful with exe.dev? The docs say:
On the networking side, we don't give your VM its own public IP. Instead, we terminate HTTPS/TLS requests, and proxy them securely to your VM's web servers. For SSH, we handle ssh vmname.exe.xyz.
> run docker compose
You can run multiple compose stacks in a single VPS.
> you start a new project and say to yourself, "I should put this on a new VPS."
I never did that.
Asking for a friend…
The only difference is the bandwidth: vps in europe givr you 10 tiles that, unmeterred.
Very cool for training: I can make people log into those vm and deploy nginx just for learning.
But my perception from the homepage is you can. Am I wrong?
Trying my way around it now. Not sure what is going on:
What is "exe.dev repl"? Am I not in a shell? Damn, it seems the "shell" is not a Linux shell?Thanks for trying it!
Oh, I think I found a real shell now! You have to click "VMs" then on the VM and then "Terminal".
Yay, this is great!
Edit: it comes out of the box with screenshot capabilities. The defaults on this are very well considered. Im impressed within the first 15 min. Edit2: this is very neat. I will be recommending it to my non-coder friends who don’t really have the local setup to use Claude but would like to try a Claude-like tool.
SSH is really the only protocol you can do shenanigans like that over, it's a shame not to use them.
[1] (seems overloaded right now) https://words.filippo.io/whoami-updated/
Lost me at "verify email" though. Why get so creative, yet limit yourself to archaic "email". Why do *YOU* the provider need me to have an email or a phone?
Look, mullvad can provide vpn services without email or all that nonsense. If you want people who will use ssh to order things, these are the same people that would get your service because you're not asking for dumb things like email. It's the first thing you ask of potential users, and it's an obstacle preventing them from giving you their money!
You can issue users a recovery/access key and/or let them user their ssh public key and trust they know how to manage that on their own. If you have messages for them, display that when they login. This sort of stuff differentiates your service, ssh does too, but it's cosmetic and gimmicky. I would prefer a rest-api over ssh anyways, but ssh is cool too.
People regularly lose their ssh keypair and also don’t generate a token. I think using email as a form of recovery is totally fine and regardless when you have to pay for the service you’re going to give up your email (and other personal info) via payment processor
https://exe.dev/docs/pricing
On a side note, a lot of people in this thread are doing a sort of "I don't get it, your website sucks" but it's like, come on dude! Just read the site! It takes less time to read the pricing, docs, and FAQ than it does to post about how you don't get it.
[1] https://exe.dev/docs/login-with-exe
You can do the same thing - with the added burden of actually having to set it up once ... After you set it up, it's however just as trivial to add new systems like with this linked example.
I got pretty much everything I'm self-hosting like that via keycloak (which itself let's me do social with via GitHub and Google etc pp) and a very similar nginx config like it's shown in these docs.
But the initial setup took multiple hours, even if the adding new services which support forward/proxy auth is extremely easy now.
(Jellyfin sadly doesn't as an example)
Just saying it in case you want to check it out.
I think it's fantastic they added that/provide this to their platform - it's a wonderful value-add
The forward auth/proxy auth is not a keycloak feature, it's a proxy feature, which just need some identity provider. If you look for the mentioned term via Google or AI/llm you will find multiple options, some of which are as easy to setup as a simple docker run cmd with an open port
I.e. https://docs.goauthentik.io/add-secure-apps/providers/proxy/...
I'm sure you've thought of this, but: lots of people have some amount of 'free' (or really: zero incremental cost to users) access to some coding chat tool through a subscription or free allowance like Google's.
If you wanted to let those programs access your custom tools (browser!) and docs about the environment, a low-fuss way might be to drop a skills/ dir of info and executables that call your tools into new installs' homedirs, and/or a default AGENTS.md with the basic info and links to more.
And this seems like more fuss, but if you wanted to be able to expose to the Web whatever coding tool people 'bring', similar to how you expose your built-in chat, there's apparently an "agent control protocol" used as a sort of cross-vendor SDK by projects like https://willmcgugan.github.io/toad-released/ that try to put a nice interface on top of everything. Not saying this'd be easy at all, but you could imagine the choice between a few coding tools and auth info for them as profile-level settings pushed to new VMs. Or maybe no special settings, and bringing your own tools is just a special case of bringing your own image or setup script.
But, as y'all note, it's a VM. You can install whatever and use it through the terminal (or VSCode remoting or something else). "It's a computer" is quite a good open standard to build on.
Is the chat descended from Sketch?
Re sketch: the code is not the same but the agent is deeply inspired by it. Eg the screenshot support, which just seems obvious to us. Philip has done the heavy lifting here, he hangs out in the discord if you want to chat about it.
Also, telling Shelley to get inspiration from the VM name can be fun.
I love the idea of just ssh in and do your thing. I’ll bookmark and come back when there’s some more info. Things are going to move fast…
The downsides:
- usage-based pricing would be nice, $20/month is pretty steep to start, but also no room to scale up?
- 100GB/month is only 300k views for a small-ish page or API, 10k req/day is a tiny amount of traffic. Can't make anything public with that. Even the smallest servers at Hetzner have unlimited bandwidth
But if you just need a shell then yes, you can make something similar with docker.
Small nit: I think you should make it more clear in the docs (if not in the landing page) that one can just use any key with the ssh command the very first time and it automatically gets registered. Also on the web UI one should have the ability to add the ssh keys. I logged into the web UI first, and was a bit confused.
I think the pricing is alright for the resource and remote development features, though might be a bit much if someone doesn't need higher level of resources for deploying something that's mostly already developed.
Anyway, this reminds me of a product called Okteto that had similar UX. They were focused on leveraging k8s for declarative deployment. But for some reason they suspended their managed cloud/SaaS offering for individual/non-enterprise clients, I wonder if it was because they couldn't make the pricing work. Hope that doesn't happen here.
I'm not using it yet, but the way that it handles sharing looks incredibly sweet: an excellent way to take "home-cooked software and bare-foot developers" "perfect software: an audience of one" from one to a few / many people. Just sharing links that people can easily sign into, without having to build a whole auth system seems ridiculously easy here, and that is super cool. You don't have to think about it, you can just build your app: this fills a huge gap that makes making connected online software so much easier. https://outofdesk.netlify.app/blog/perfect-software https://news.ycombinator.com/item?id=46334206 https://exe.dev/docs/sharing
I used the included Shelley agent, which has a perfectly adequate simple web ui, to do all development. It was able to debug a bunch of pretty gnarly problems, using screenshots & scrolling down to get check it's work.
My output is a super simple site, very close to vibe coded, in ~90 minutes, but I quite enjoyed setting up a little guestbook project here: https://nan-falcon.exe.xyz/
> David Crawshaw - before this, CTO and co-founder of Tailscale
> Josh Bleecher Snyder - was a Director of Engineering at Braintree, amongst other things
Based on what the commenter below found about sshpiper I believe that you use the ssh identity + the ip from the slot to resolve the vm target. sshpiper knows how to route the ssh identity + slot ip to the correct VM. I suspect you have a custom sshpiper plugin to do that routing.
You use the slot record indirection so you can change the ip of a slot without having to update everyone’s A records across the customer base. It also makes it easy to shuffle around vm-slot mappings within a customer. I haven’t tested, but I’m guessing this dns server is internal (coredns?), and the ips too.
I did something similar (ip + identity routing) for a project a few weeks ago. Yours is a lot more elegant with the dns indirection.
I’m no ssh expert, but in theory you should be able to ssh -J exe.dev myvm.exe.xyz for a one-liner? Or maybe you don't even need it, if that DNS server within the ssh exe.dev is the same as the public DNS. Pardon for not testing it yet!
[0] https://github.com/proxytunnel/proxytunnel
[1] https://github.com/tg123/sshpiper
Each VM you create (up to 25 of them) gets a different CNAME record of the form s0NN.exe.xyz where NN ranges from 01 to 25. Each of these names, from s001.exe.xyz to s025.exe.xyz, resolves to a different IP address.
Therefore the individual VM can be distinguished this way, and the account they are associated with can be identified using the SSH public key that is used to authenticate.
Though not a fan of 100GB and egress charges. Is there a way to hardcap that?
I guess I could implement something VM side but that’s a bit convoluted
Sort of a container which "feels like" a VM? Reminds me of Virtuozzo / OpenVZ VM approach which was popular ~20 years ago when RAM was expensive...
https://road-kernel.exe.xyz/
also it's a bad ui meme
It also runs whois on the forwarded-for IP address, and displays netstat and ps output.
Interestingly the request comes from localhost. Not sure why that is.
Enjoy my creation https://love-storm.exe.xyz:8001
some feedback:
No matter what i do, i can't ssh into VM that i created Local terminal; always timeout built in terminal; SSH handshake failed: ssh: handshake failed: EOF
shelley agent seems to be install, but it always shows isn't running.
The two constraints are that, one, when small underlying resources are expensive (we hope to fix that soon by not being small!), and two, we do not want to make the resource allocation so small that the VM feels unpleasant to use. So there is a floor on how small we make them.
That said, I very very much want to drop prices. We started with conservative numbers.
``` ssh exe.dev Please complete registration by running: ssh exe.dev Connection to exe.dev closed. ```
The threat is having a private key stolen, in which case, having multiple keys can mitigate the amount of damage a threat actor can do. However, to steal your private key would involve a successful attack against your client, not against any server you might have given the public key to.
> Private by default, share with discord-style links exe.dev takes care of TLS and auth for you. By default only you can reach your HTTP services, and you have easy mechanims to share them with friends and colleagues.
Is anyone with access to a link able to get in?
Edit: Answered below, thank you.
There are a couple different link patterns:
> ssh exe.dev
Please complete registration by running: ssh exe.dev Connection to exe.dev closed.
Anyone get a similar issue?
like you give 2 cpu. 8gb memory for 20vms. Which I believe you wont be able to use 20 of them at the same time if they share 2 cpu only
I have not used E2B (though I really like their web site), though it looks like there are quite a few differences. Our disks are persistent (without manual snapshotting), we have a TLS proxy by default with built-in auth and link sharing.
It also looks like they have many features we do not have (yet).
I believe the target use is also quite different. You can use exe.dev VMs for running your agent. But you can also use it for hosting your site. E.g. blog.exe.dev is an exe.dev VM.
(We have also built some interesting tech behind this that we are excited to write up, I have a doc two pages long of blog posts we want to write.)
https://blog.exe.dev/meet-exe.dev
Secure Connection Failed
Firefox nightly
148.01a
I'll check for updates
Edit: still broken
148.0a1 (Build #2016134322), 757b8230f44e4152aeb7b9031ff95219471ab993 GV: 148.0a1-20251226204324 AS: 148.20251224050247 OS: Android 15
Edit: also same on OnePlus Nord N30
147.0b7 (Build #2016133535), 455e50920c4926534376b719df4cf1ed714bc61d GV: 147.0-20251222164020 AS: 147.0 OS: Android 14
What TLS error do you get? Untrusted CA?
I am not sure. I even tried Google Chrome
This site can’t provide a secure connection blog.exe.dev sent an invalid response. ERR_SSL_PROTOCOL_ERROR
https://i.imgur.com/HOwb7g3.jpeg
also tried mozilla firefox on desktop
Secure Connection Failed
An error occurred during a connection to blog.exe.dev. SSL received a record that exceeded the maximum permissible length.
Error code: SSL_ERROR_RX_RECORD_TOO_LONG
ssl labs says everything is finehttps://www.ssllabs.com/ssltest/analyze.html?d=blog.exe.dev
We do not want to end up in the state AWS is in, where any production work requires navigating the differences between how AWS manage v4 and v6. And that means rolling out v6 is going to be a lot of work for us. It will get done.
I added a public tracking bug here: https://github.com/boldsoftware/exe.dev/issues/16
I mean it and I wish the best of luck for the project
That being said, I tried to look at it for asap golang project deployments and I am the creator of https://spocklet-pomodo.hf.space/ a single main.go + single dep multiplayer pomodoro (please note that it was one shotted out of curiosity and also frustration as https://cuckoo.team would sometimes glitch for me)
That being said, I face the issue where I can't have a go.mod or run go mod tidy because I face this error
exedev@crimson-cobra:~$ go mod tidy go: finding module for package github.com/gorilla/websocket go: pomodo imports
github.com/gorilla/websocket: module github.com/gorilla/websocket: Get "https://proxy.golang.org/github.com/gorilla/websocket/@v/lis...": dial tcp: lookup proxy.golang.org on 1.1.1.1:53: read udp 10.42.0.45:33739->1.1.1.1:53: i/o timeout
Hope that the project fixes this and wishing best of luck to the project. I am a little busy right now with studies but your idea truly inspired me and perhaps I want to create a similar thing or collaborate on it with you too so I will join discord hopefully sooner than later.
I am looking further into it and seeing if I can fix that error as I would love to host some exe.dev's services and wishing the best of luck for the project and hope that it becomes sustainable enough.
Out of curiosity, if I may ask, what is the tech stack behind this which generates the vm's. Is it libvirt or firecracker perhaps?
For my own use cases, I recently rediscovered incus and even ran it on cachyos on my desktop to try it out and there were some hiccups partially because I was running it on non standard debian/ubuntu but I am overall very pleasant with incus but still, I am interested in what tech stack you used so please discuss!!
Also what cloud provider are you using. Pro tip but if you are looking for something cheap, either go with ovh or upcloud.
I really really love hetzner a lot too. (Hey hetzner_OL if you are reading this, love hetzner, have a nice day and hope your christmas was good:)
But still hetzner is a little admittedly more strict than ovh but maybe hetzner can respond to it as I know that their policy can ban accounts if someone abuses and considering that you provide compute (to even free) chances of abuse can rise but overall hetzner's the cheapest so I hope hetzner team might make an special exception/response to your post/my comment.
I am imagining a github private action which ssh's into this and then updates and runs a simple shell script which can be a reinstall state every time someone updates something in git to get git-ops style workflow. If someone implements it for exe.dev, just credit me :) (if you so wish) ` An amazing product overall. 7/10 due to that one hiccup which saddened me a bit (but which I have faith can be fixed) but its a 9-10/10 potential and that means a lot and a 7/10 at launch is pretty good
Please just tell me every decision/question I had in depth since I love details about projects like these ^^
Another minor suggestion I can have is having asciinema gif too to showcase what it does for some people. To me I only understood to run the command ssh exe.dev which then helped me learn but the only way I understood what exe.dev does beforehand was reading the comments on HN
An asciinema can go a long way in this journey, perhaps, let me know your thoughts.
And have a nice day! One thing I am wondering tho is if you are gonna open source the project, one project which feels similar to your project which is open source is this https://github.com/ekzhang/ssh-hypervisor that runs on top of firecracker
UPDATE: this is fixed now.
https://exe.dev/docs/how-exedev-works
https://exe.dev/docs/pricing
If the downvotes were inappropriate, other users will usually correct them. In this case the comment ended up being heavily upvoted.
Unfortunately, complaints like the one you added don't get garbage-collected when that happens, so they linger on, adding noise to the thread.
https://news.ycombinator.com/newsguidelines.html
So, exactly what you said, but for the benefit of the user, and for the profit of the company, by offering an excellent product.
(I am a happy customer of their previous product, Sketch.dev.)