katspaugh

Hi all!

I realized it’s really not secure to run coding projects directly on my Mac. All the NPM hacks recently, especially with agentic coding — you’re always one npm install away from a disaster.

So I’ve built a small CLI called machine that starts a Lima VM for each of your projects. It supports declarative “profiles” which are like package.json for your VM. The default profile comes with standard stuff like Node.js, git, Docker, Claude Code and Codex.

If you share your projects.toml with your team, every developer can spin up your team’s entire dev environment with one command. No need to install dev tools, clone repos, npm install anything manually.

Another cool thing is that you can use the native MacOS keychain or 1password to forward SSH signatures to the VM. So every time you need to commit or push code, you touch the Touch ID key and it’s signed. SSH keys never leave the host.

The same is done for env variables and secrets. You inject them with one command from 1password when the machine starts and they are never stored in a file.

Repo: https://github.com/katspaugh/machine

Genuinely curious about your feedback!

Look, every journaling app out there wants you to organize things into folders and tags and templates. I just wanted to write something down every day.

So I built this. One note per day. That's the whole deal.

- Can't edit yesterday. What's done is done. Keeps you from fussing over old entries instead of writing today's.

- Year view with dots showing which days you actually wrote. It's a streak chart. Works better than it should.

- No signup required. Opens right up, stores everything locally in your browser. Optional cloud sync if you want it

- E2E encrypted with AES-GCM, zero-knowledge, the whole nine yards.

Tech-wise: React, TypeScript, Vite, Zustand, IndexedDB. Supabase for optional sync. Deployed on Cloudflare. PWA-capable.

The name means "one day" in Japanese (いちにち).

The read-only past turned out to be the thing that actually made me stick with it. Can't waste time perfecting yesterday if yesterday won't let you in.

Live at https://ichinichi.app | Source: https://github.com/katspaugh/ichinichi

Hi HN and Happy New Year!

I built DailyNote, a minimalist daily notes app: one note per day, a year-at-a-glance calendar, and local-first storage.

The interesting bit is the encryption + sync model:

  - Notes are always encrypted locally before syncing to Supabase.
  - A dedicated data key (DEK) encrypts notes; your password only wraps that DEK (KEK).
  - So when you change your password, it just re-wraps the DEK — no re-encryption of note data.

I built the whole project in one day using Claude + Codex with a spec‑driven approach (tight PRD → implementation). It’s React/TypeScript, IndexedDB for local persistence, and optional cloud sync.

Demo: https://dailynote.xyz/

Repo: https://github.com/katspaugh/dailynote

Would love feedback on the crypto model, UX, or anything else.