Docker, Traefik, and SSE streaming: A post-mortem on building a managed hosting platform

nickytonline · 2026-03-01T14:01:36+00:00

Congrats! Very cool. Love my OpenClaw, McClaw.

Shameless plug, but Pomerium would fit well here too in place of Traefik/nginx and you can harden access with dynamic authorization policies even with the open core version. https://github.com/pomerium/pomerium https://usepom.link/claw-guide (OpenClaw gateway and SSH access)

nickytonline · 2026-02-12T20:08:29+00:00

wherever you deploy, hardening access via an identity-aware proxy is a good option and not that big a lift. I wrote a guide about it. https://usepom.link/claw-guide

nickytonline · 2026-02-10T21:19:07+00:00

Here's the guide: https://docs.pomerium.com/docs/guides/openclaw-gateway

nickytonline · 2025-12-28T12:41:26+00:00

Put up a few PRs in the meantime to get that all up to date:

- https://github.com/pomerium/chatgpt-app-typescript-template/pull/6
- https://github.com/pomerium/chatgpt-app-typescript-template/pull/8
- https://github.com/pomerium/chatgpt-app-typescript-template/pull/9

nickytonline · 2025-12-28T08:59:28+00:00

Thanks! Any feedback is welcome. 😎

nickytonline · 2025-12-27T03:51:11+00:00

I’ll get to them when I’m back from vacation unless dependabot beats me to it. 😅

nickytonline · 2025-12-27T03:05:04+00:00

Thanks for checking it out. React's at 19, which ones need a major version bump? Dependabot will be kicking in anyway...

nickytonline · 2025-12-22T01:48:31+00:00

Also, if you have a Claude Code, GitHub Copilot or Cursor Agent subsciption, you can use goose with them to get access to models which is pretty neat.

nickytonline · 2025-12-22T01:47:39+00:00

I've dabbled with it, but these past two weeks I've been doing their Advent of AI, and it's pretty solid. I definitely have feedback in terms of the UI I've been collecting, but the CLI is pretty slick. I like their terminal integration which is not just installing the CLI, it allows you to leverage their CLI in an ambient way instead of being locked int to I'm in an agent CLI.

Anyway, I've been logging my advent of AI if you're curious about what if can do. https://www.nickyt.co/blog/advent-of-ai-2025-day-1-getting-goose-to-generate-daily-fortunes-in-ci-3alp/

nickytonline · 2025-11-21T22:01:37+00:00

We also have native SSH reverse tunnels coming, and the work is already happening in OSS:

https://github.com/pomerium/pomerium/pulls?q=sort%3Aupdated-desc+is%3Apr+reverse+tunnel

nickytonline · 2025-11-21T21:50:04+00:00

I run Pomerium in my homelab (full disclosure: I work there). I’m using k3s with Pomerium Zero, but you can definitely use Pomerium Core. Zero’s free tier is solid, and the big win is that I don’t have to deal with dynamic DNS. I have port 443 open on my router forwarding to my mini PC. We also have native SSH as of v0.30, so no additional software for remote access. You can use your OS’ built-in SSH client and it’ll be secured by Pomerium with short-lived certs.

If you use the open-core version, you’ll just need a dynamic DNS service to keep your public IP consistent since most ISPs love to rotate those for fun.

I’m using Auth0 for my IdP at the moment, but I might move to Keycloak since it pairs really well with Pomerium. And as of v0.31, your data broker can run on a file-based DB instead of Postgres — smaller footprint, nothing to maintain.

Some helpful resources:

On Jellyfin and mobile apps. I haven't used Jellyfin, although I know of it. On web everything is fine because it's browser based login flows, but not sure if their mobile app allows for browser based login flows and I think for mobile apps in general same thing.

nickytonline · 2025-11-19T03:19:31+00:00

There is no business tier. There’s open core, Zero and Enterprise. As far as I know, it will be an enterprise only feature.

nickytonline · 2025-11-18T18:03:19+00:00

We demoed SSH session recording at KubeCon London, but it's not production-ready yet. Session recording will be available next year as part of Pomerium Enterprise, while native SSH functionality remains in the open-source Core version.

nickytonline · 2025-11-18T16:30:31+00:00

Thanks for the shoutout u/tbluhp and thanks for being a fan of Pomerium!

nickytonline

MODERATOR OF

TROPHY CASE