Skip to content

Dispatches

Using VS Code Remote Tunnels for Headless Remote Development

VS Code

The best development machine isn't always the one under your hands. Laptops are wonderful daily drivers, but they're also thermally constrained, battery-bound, and constantly moving between networks. For serious build and test work, especially on Go projects that need real Linux, Windows, and macOS coverage, I keep the compute somewhere stable and let my laptop act as the control plane.

With VS Code Remote Tunnels, you run the VS Code CLI on a remote machine, authenticate it with your GitHub account, and connect to that machine from VS Code or vscode.dev without opening inbound firewall ports, maintaining a VPN profile, or teaching dynamic DNS yet another way to disappoint you.

Remote development used to mean one of two things: SSH into a server and live in a terminal, or carry around a fragile stack of VPNs, jump boxes, port forwards, editor extensions, and local configuration. That worked, but it made the developer's laptop the place where every concern collided.

Modern remote development is a cleaner architectural split:

  • The laptop is the interface. It provides the screen, keyboard, editor chrome, GitHub sign-in, and whatever local ergonomics make you productive.
  • The remote node is the execution environment. It owns the CPU, memory, disk, operating system, SDKs, build cache, test dependencies, and long-running processes.
  • The identity provider brokers access. With Remote Tunnels, GitHub authentication gives you a familiar access path without requiring a public SSH endpoint.

It lets you treat development environments more like durable infrastructure and less like whatever happened to be installed on the laptop.

For my open source work, the benefits are immediate. The builds are fast, but fast is relative when you're compiling repeatedly, running integration tests, linting large module graphs, or validating cross-platform behavior against platform-specific dependencies. A headless machine with more cores, more memory, a warm module cache, and a stable network turns the edit-build-test loop into something predictable. The laptop stays cool. The battery lasts longer. The build cache stays where the builds happen.

Hard Days

Reflection

On a flight to Vermont, after the death of my nephew this past Winter, I wrote this song about the quiet, isolating gravity of depression. It’s the kind that makes the floor feel like the only safe place to look, because looking up feels like asking for too much.

We spend so much time trying to outrun our own shadows, forgetting that they only exist because there's a light somewhere behind us.

This song is for the heavy hours, for those Lost in Shades of "I'm Okay", and for anyone carrying a weight they can’t quite put into words.

Lyrics

HARD DAYS

I see you staring at the floorboards
Like they’re fixin’ to give way
Tracing every crooked crack
Lost in shades of “I’m okay”
The world is getting louder
You’re moving in reverse
And every breath you’re taking now
Feels borrowed, feels like a curse

You’ve been carrying that mountain
Since the sun went down
Just trying to keep your head
Above where you would drown

     The hard days don’t get the final say
     Even when you’re fighting just to make it through the day
     Hold on like a spark in rain
     Yeah, the darkness never learns your name

If you’re out there hovering
Somewhere this side of gone
Listen to me clearly now
You don’t have to be so strong
There’s a seat here at the table
And it’s yours, no questions now
And your worth is never measured
By your fear or by your doubt

It’s okay to crack and break
Okay to feel small
This ain’t where your story ends
It’s only just a wall

     Repeat Chorus

The ceiling’s feeling heavy
The air is thick as lead
And the lies begin to circle
Every corner of your head
You think you’re just a burden
Like a bad debt or a ghost
But you’re the very thing
This broken world needs most

Don’t trust the shadows
When they’re whispering, no
Don’t believe it’s better
To just let it go
The sun is a promise
The night can’t outrun
So stay through the shadows
Stay ‘til the dawn comes

Yeah, the hard days
Don’t get the final say
Even when you’re fighting
Just to make it through the day
Hold on like a spark in rain
Yeah, the darkness
Was never made to stay

Writer: J. Ryan Johnson (BMI)
Copyright: © 2026 J. Ryan Johnson. All rights reserved.
Phone: +1 (407) 902-5419
Email: hello [at] tenthirtyam [dot] org

Copyright

Lyrics: © 2026 J. Ryan Johnson. All rights reserved.

Audio Disclaimer

Lyrics: Original | Audio: AI-Generated

I am a songwriter and a musician, but I am not the voice meant to inhabit these verses.

I've used AI to bridge the gap for the concept demos, crafted to serve as blueprints that capture the genre, tone, and weary soul I hear for each song.

They exist as an invitation, offered in the hope that these lyrics will eventually reach the hands of an artist and storyteller who can bring them fully into the light.

Until then, they remain as they were born: quiet reflections on the grit and grace found just north of the county line.

A Long-Awaited Exhale

For most of my life, I thought everybody's brain was about like mine. Loud, busy, and hard to steer.

I figured other people were just better at keeping theirs in the lane. That was the story I had.

They could sit still. They could start the thing they didn't want to start. They could schedule the appointment, make the call, answer the email, finish a small task, then move on with their day like it hadn't cost them anything.

I thought I was lazy. Or weak in some way nobody had named out loud yet.

School taught me how to fake my way around it.

I could read a chapter three times and come away with almost nothing. Then a teacher would tell some sideways story in class, not even part of the lesson, and I'd remember the whole thing years later in detail. I could put off a paper until the night before, write it half-crazed at the kitchen table, and get a better grade than I did on the one I had tried to do the right way.

Nobody called that a pattern, not then.

Teachers said I was bright but scattered. Smart but unfocused. Capable of more, if only I would apply myself.

I heard that enough times that it stopped sounding like an opinion. It sounded like a verdict.

And I believed it.

A Mindful Habit for Maintaining Online Accounts

Free trials pile up. Side projects die. Shopping sites you used once still have your card on file. After a few years, you end up with a lot of accounts you don't remember creating and even less confidence in how they're secured.

Most online accounts don't disappear just because you stop using them. They can still hold your data, old passwords or recovery factors, and sometimes your payment details. Every forgotten login is another door you left unlocked.

  • Breach Exposure: forgotten accounts often still have weak or reused passwords, and many either don't support MFA or have it available but not enabled.
  • Privacy Leakage: abandoned accounts can keep personal data, billing details, and usage history long after you stop using the service.
  • Recovery Pain: if one gets hijacked, recovery can fail fast when the old email address, phone number, or other method is no longer yours.

Before deleting any account, confirm you no longer need access to purchased content, invoices, or exported data from that service.

Regular audits aren't exactly fun, but they keep your account footprint smaller and easier to defend.

I used to clean this up in occasional panic sessions. It never stuck. But what finally worked was a simple lifecycle: inventory, classify, decommission, and monitor.

Transitioning GitHub Pages to Deploy from Artifacts Instead of a Branch

For a long time, publishing this site was simple in the best possible way. ProperDocs built the HTML, Materialx handled the presentation, and a GitHub Actions workflow ran properdocs gh-deploy through task deploy. That command force-pushed the rendered site to a gh-pages branch, then GitHub's Pages backend quietly noticed the branch update and published it.

That model still worked, but the warning lights started blinking in the generated pages build and deployment job. GitHub was warning about Node.js 20 deprecation inside the Pages deployment path.

The noisy warning was only the symptom. The deeper problem was architectural: the deployment was still using a Git branch as an artifact transport.

The fix was to stop publishing a branch at all. The GitHub Action now builds the content, uploads the contents as GitHub Pages artifacts, and then actions/deploy-pages publishes it through GitHub's modern Pages deployment path.

Ansible Vault: A Practical Deep Dive

Ansible

Ansible runs need secrets at runtime: passwords, API tokens, private keys, TLS material, and cloud credentials. You don't have to keep those in Git. External stores, CI variables, and untracked local files are all valid patterns. Ansible Vault is for the case where you want encrypted variables and files versioned next to the playbooks, roles, and inventory that use them, with the vault password kept out of the repository.

This post walks through ansible-vault and the runtime flags that unlock encrypted content during a run: create and edit vaulted files, wire passwords from files or prompts, use vault IDs, and avoid the mistakes that still leak secrets after decryption.

Vault is built into Ansible. It's not a centralized secrets manager, and it doesn't replace runtime discipline around logs, registers, and task output.

Out of Time

Reflection

Earlier this year, while walking a nearby trail, the wind through the trees pulled my mind toward the world of Twin Peaks. In that atmosphere, a song idea hit me with such clarity that I had to stop and write it down right there.

The song is a "what-if" scenario that peers into the final, silent hours of Agent Dale Cooper. It asks: what if he was truly in love with Audrey Horne, but too afraid to admit it to himself?

I imagined him alone in his hotel room at the Great Northern, just before the end, finally confronting the truth he was too disciplined to reach for when it was right in front of him. In this moment, he realizes that his badge and his protocols weren't just signs of duty, but a shadow he hid behind to avoid the vulnerability of a dream he was too afraid to join.

I wanted to translate that regret into a song that captures being "out of time" in every sense:

  • Realizing the truth only when the opportunity has vanished.

  • Being eternally suspended in the static of the Black Lodge, where that final moment of regret loops forever.

It’s a confession meant for a tape recorder that might never be heard, a trade of every Bureau secret for one more chance to sit in a booth at the Double R and tell her it was always her.

Lyrics

OUT OF TIME

Black coffee, white noise, headlights in the rain
Late-night diner, Double R calling out my name
You move like you remember what I can’t explain
Like a photograph that shifted when I looked away

     Every little signal bends when you walk in
     The words turn to static, then they start again
     If you’re a warning, I don’t care
     I’m already there

     Meet me where the neon lies
     Nothing here is real tonight
     In the pines the truth rewinds
     And your eyes don’t match your eyes
     Say you’re mine, say you’re mine
     Even if it’s out of time

Ceiling fan confession turning slow above the bed
Tape hiss in the background, words you never said
Your touch is like a code I almost understand
But the closer I get, the more it slips out of my hands

     Repeat Prechorus

     Repeat Chorus

Red curtain in my mind, I can’t find the door
Steps echo backward across the checkered floor
If I say it plain, it breaks, so I speak in waves
Pull me through the static, let me make the same mistakes

     Repeat Chorus

Writer: J. Ryan Johnson (BMI)
Copyright: © 2026 J. Ryan Johnson. All rights reserved.
Phone: +1 (407) 902-5419
Email: hello [at] tenthirtyam [dot] org

Copyright

Lyrics: © 2026 J. Ryan Johnson. All rights reserved.

Audio Disclaimer

Lyrics: Original | Audio: AI-Generated

I am a songwriter and a musician, but I am not the voice meant to inhabit these verses.

I've used AI to bridge the gap for the concept demos, crafted to serve as blueprints that capture the genre, tone, and weary soul I hear for each song.

They exist as an invitation, offered in the hope that these lyrics will eventually reach the hands of an artist and storyteller who can bring them fully into the light.

Until then, they remain as they were born: quiet reflections on the grit and grace found just north of the county line.

Using a GitHub Discussions-First Approach Intake for Maintainers

I still spend time re-routing #1234: a question filed as a bug, a feature pitch that should've been an Ideas thread, an install problem with no version in the body. Discussion category forms fix what shows up in the forum once someone lands there. This post is about policy and wiring: where contributors go first, and what happens when they open New issue anyway.

Some maintainers want questions, ideas, and suspected bugs in GitHub Discussions, triaged in public, with Issues opened only after the work is real. That takes five pieces: chooser routing, a reserved issue template, discussion forms (see How to Write Effective GitHub Discussion Templates for YAML and the Ideas and Community Help examples), CONTRIBUTING.md, and a pinned rules thread.

How to Write Effective GitHub Discussion Templates

I'm wiring up community intake for an upcoming open source project. Issue forms and a pull request template were the easy parts. Community discussions were what I hadn't nailed yet.

I wanted a public place for questions and early ideas without Issues turning into a pile of one-liners. I've set up GitHub Discussions on other repos before; this time I wanted the same structured intake issue forms already give you.

So I used discussion category forms: YAML on the same schema as issue templates, with required fields, defaults, and labels on create, tied to a category instead of an issue chooser. Questions stay in the forum. Work that needs a tracker still opens an issue.

If you've shipped issue templates before, the field types won't surprise you. What's different is the plumbing: .github/DISCUSSION_TEMPLATE/, one YAML file per category, and a filename that must match the category slug—not bug.yml copied from Issues.

Publishing Docker Images to GitHub Container Registry

GitHub Container Registry ("GHCR") is GitHub's OCI-compatible container registry at ghcr.io. If your source code, releases, issues, permissions, and automation already live in GitHub, publishing container images to GHCR keeps the distribution path close to the repository that produced the image.

In this post, we'll publish a Docker image two ways: first manually from a local terminal, then automatically from GitHub Actions whenever a GitHub Release is published. Along the way, we'll cover image naming, authentication, permissions, release-driven tags, OCI labels, and the small details that make GHCR feel predictable instead of mysterious.

GHCR differs from a generic public registry when your project is already GitHub-centered:

  • Images can be associated with a repository.
  • Repository permissions can be used for package access.
  • GitHub Actions can publish with the built-in GITHUB_TOKEN.
  • Images can be public or private.
  • Tags, labels, and package metadata sit near the release and source history.
  • The registry supports standard Docker and OCI tooling.