Ghost provides a configuration and a way to spin up tiny machines from your CLI, but designed in a way where GitHub Actions doesn’t have to be the backend. It’s the same effect as running gh create-repo, setting a workflow, and gh run workflow (gh is the official GH CLI). You can do the same with tmate and gh from the CLI now, this just has better devX and uses real SSH so you can agent forward to clone your repos like you would locally.
It is not “abusing” GH Actions nor “promote” that, nor “volunteering the money of others” (?), it is helping you use the Actions minutes on your account better.
For me it makes GH Actions, which I’ve always loved, way more useful, by saving time in the setup of these common workflows I use all the time: debugging a failure in CI. Getting an agent to iterate directly in the CI machine. Manual build and smoke on different OS, etc.
I had this idea for a while and was waiting for GH or someone to release an easier CLI for this, for a year or two, but they didn’t so I built it myself.
Honestly, I was tyring to pick a name, and I picked the one that made me laugh the most. Sparks joy. Because that's what it really is: a charity of ghost machines. GH provides these amazing free compute minutes, and this is a way to use them to focus on dev tasks.
You're not running a charity. You're probably violating their TOS and abusing the good will they're putting out towards open source projects.
I can't believe it but your little project has for the first time in my life put me in the position of defending Microsoft. I hope they shut it down ASAP.
Maybe you wanted something to attack or defend? Because this is mistaken.
Although, releasing free software like this is kinda like running a charity, right?
Charity can also mean goodwill and kindness - so that's the idea. But the name I picked because it made me laugh, it was so surprising and joyful - a charity of ephemeral ghost machines for your software work. Which is basically what GH actions is, this just makes it even more useful and faster to work with.
What abuse and TOS violation were you thinking this was?
> You will not reproduce, duplicate, copy, sell, resell or exploit any portion of the Service, use of the Service, or access to the Service without our express written permission.
Supposing they didn't have this clause, it would still be the wrong thing to do. You are clearly lacking a moral center or have killed your inner voice that normally speaks to people and tells them right from wrong.
These are not your computers to resell or reoffer as you please, even for free. They belong to Microsoft who pays for them and owns them, and therefore only Microsoft can decide how they are used and for what lawful purposes and under what conditions. You need their permission to do what you are doing, and I'm fairly certain you do not have that.
By abusing their services in this manner you are also directly attacking open source projects who make use of these services in a way that is compatible with their AUP.
You can probably do better: you can argue the ToS point without turning it into a character attack, or not?
"I think this violates GitHub’s AUP" is a kind of point. "You lack a moral center” sounds like your own compensatory projection of your guilt onto others to feel better, and is not a point - too many years on the inside? That is just a personal accusation, and I do not accept it. I bundle it up, and pass it back to you, reflected. You don't know me, and you're totally wrong in everything you tried to say about me. Which of course you wouldn't know anything at all about. All your information is bad, dude, and always has been. You don't check it? Sounds like you don't.
Ghostbox is not reselling or reoffering GitHub’s service. It is a CLI that helps a person create and connect to workflows in their own GitHub account, using their own Actions minutes, for software development work. The underlying pieces are already possible with `gh`, workflow files, tmate, SSH, and normal Actions usage.
It is founded on the idea of the Global Free Tier - that GitHub led the way in providing. Odd for you to criticize it given your work on UBI. But I suppose you prefer compliant dependents rather than empowered independent creators, right?
If GitHub says a specific part violates the terms, I’ll take that seriously. But your dislike of the workflow is 0% proof of any ToS violation, and it is 0% permission to try attack my character.
> You are clearly lacking a moral center or have killed your inner voice that normally speaks to people and tells them right from wrong.
That is a crazy thing to say, do you know that? I want you to go stand in front of a mirror and say that to yourself. Then imagine the kind of perosn you are, saying that to someone else. You are clearly just talking about yourself in that crazed statement. I do not accept that, in any way, that is all yours. But wow, you really do talk like an abusive person - but you don't loook like one. I guess you can't always tell.
I’m asking people to evaluate what the project actually does, not the moral story you are projecting onto it that you need to be true for your weird little twisted perosnal reasons that have 0% to do with me. I'm not actually sure you can do better - I'd like to think you could, any MD-based ex-NSA TAO spook could see that a regular perosn could. Obviously, you are 0% qualified to judge anything about moral character at all, yet you were so desperate to try that in your little comment above. Sorry, this is not your opprotunity to have moral feelgood moment compensation for all your years of bad by trying to abuse someone else. Rejected. Go figure out your issues yourself.
You really picked the wrong person to try to say that to, bud.
> Ghostbox is not reselling or reoffering GitHub’s service. It is a CLI that helps a person create and connect to workflows in their own GitHub account, using their own Actions minutes, for software development work.
You are not advertising it that way. I'm not the only person to call you out in these comments. Dozens of people have told you the same thing, and you've summarily dismissed all of their comments.
Clearly either you are doing something wrong (violating the ToS), or you are advertising a service that appears to be violating the ToS. If it's the latter, maybe you might want to change your website to be a little clearer, like stating that it requires a Github account and it will use that account and any ToS violations are on the user.
I'm amazed at your ability to tell others that they need to self-reflect while appearing to lack any capacity for self-reflection yourself. You solicited feedback and dozens of intelligent people are telling you the exact same thing, and you dismissed them and/or called them crazy.
> Odd for you to criticize it given your work on UBI.
It's not odd at all if you understood my work or understood that your service advertises itself as abusing another company's resources. FYI, I work in VBI, not UBI (and the distinction is precisely about abusing other people's resources without permission), but this isn't a conversation about my work, it's about your work.
> I'd like to think you could, any MD-based ex-NSA TAO spook could see that a regular perosn could.
No idea what you're saying here. Are you now making up false accusations about me? Speaking of abusive behavior.
> Happy to know what you think and talk about it.
Seems you aren't actually happy to hear what others think. Maybe don't solicit feedback on a high-traffic website if you don't want to hear it?
Fair point on calirty: if the site made Ghost/ghostbox sound like hosted computed services/reselling rather than the local CLI using your GH account and action's minutes that it in fact is, I might tigthen that wording.
Which obviously does not make it abuse or ToS violation simply because of that. As to whatever else you were going on with: all meer personal attack/insinuation, not argument. Critique Ghostbox's actual activity, not whatever you are projecting onto me.
This idea is great in concept, and I think it's important to state that, but the GitHub Actions stuff is against TOS iirc + they will need to address that pretty quickly.
So that's why we will see GitHub Actions continuing to go down so frequently every day of the week. From their "terms of service" [0]
> Ghostbox is software for launching short-lived development machines using third-party infrastructure such as GitHub Actions, tunnels, shells, agents, and related developer tools.
So this will go down, just like GitHub Actions since it abuses the subsidised free tier of GitHub Actions to run a service like this and it is likely against the GitHub TOS.
You're mistaken - ghost is not a "service". It is a CLI tool. And [0] is precisely how GH Actions runners are used everyday. It's not something other.
ghost doesn't "abuses the subsidised free tier". When you run ghost it uses your free minutes, not someone else's.
In reality, the % of Actions total global minutes that would be used for these hybrid "human and/or agent real-time" workflow where you drop into a machine would be tiny compared to the bulk p95 which is automated workflows for CI.
This is for where you want to drop into a consistent environment and get into the weeds or have your agent debug what's going on, or use the security isolation to develop safely in Actions cloud rather than rooting your laptop with an agent perhaps.
I don't believe in releasing source anymore after years of doing it. It's closed source, Rust binary, proprietary but free software offered as a utility. It's the same patterns as used by coding agents and many other CLI tools.
So, your threat model is that I’m really building my business and reputation by creating illegal, criminal malware? Ponder that, is that really a plausible thing to you? You think that about me?
No, I only use open source agents, weird of you to assume that I would make an exception just for agents. My threat model is that trust is earned, not given away to complete strangers who act hostile to simple inquiries.
I was sincerely interested in why you were choosing closed source, you decided to take it as an attack.
lol No, I didn’t take it as an attack (tho that's what it was) i just didn’t answer your question. If you’re not okay with that i guess you’ll need to figure that out yourself.
That’s where i was going with my reply - i wanted you to think more about it. You perceived it as hostile but really I was just asking you some questions, simple ones. It does seem like you’re projecting here, maybe consider that more.
Because even tho I didn't take it as an 'attack' it was an attack, really. Think: What are you saying: you don't trust some software that I wrote. What does that mean? That means you think it's going to do something bad. That means you think I'm going to try to do something bad to you, by this beautiful creative effort that I'm putting out. Like wut? You really are not a builder if you don't understand how that feels, for me, but also -if you don't see the problem with just thinking that's what I'm going to do, like that's crazy. Like you think it's okay to just accuse me of that, just casually, like what? And then you don't think I can saying anything about that - because otherwise I'm taking it as an attack. Which is what it was. So of course I'm going to say something, and I can. And if you don't like that - maybe think more before you accuse people of what you're just projecting.
So, I took it as ignorance, which is what it is, I assume, which is why I asked you questions. Because if I was going to give you my real answer, I don't think you would understand it. That's why I didn't answer your question, because I didn't feel you'd understand (why might that be? Because you just fake accused me of trying to do something I'm not doing?). Is that not obvious to you?
Anyway, what else were you saying? Not weird about agents, it’s so common. I guess you’re a little unusual in your fastidiousness about that. But that’s not a problem.
What about apps on your phone, are you okay with that? Or you have, like, a dumb phone?
If you do want to know my views on open source, maybe you can try your empathy and tell me why you think?
It’s okay if you don’t want to. I’m finding the interaction with you a little boring… lol
Ah, so very considerate of you, well someone's read it, but the short version is: you have 0 right to attack or accuse me in any way. The fact that you want to, just shows you're a bad perosn. You're wrong. You assumed I'm doing something bad, but you don't know me, you tried to blame me for your prejudice, but that's just you, projecting, crazy.
"Why do you want to protect your IP/time/effort rather than giving away your source code? I don't run binaries as a general rule, nothing to do with ghost, which looks cool, btw." is totally fair.
Assuming bad intent, malware, or hidden wrongdoing is not neutral criticism - it is warrantless attack.
No-one knows who you are, and you’re clearly not against using something like GH Actions in a way other than its intended purpose. What’s to say you won’t pivot to running a tiny VM on my machine and making it available to others?
Is that right? Well, some people know. I’m Cris, and you are?
But wait I’ve been building so much, for all this time, but you think what I’ve really being doing is building malware, and there’ve been no consequences, somehow nobody’s noticed and I’ve just “gotten away with it”?
I don’t think anything, and I’m not accusing you of anything, I’m just saying, a lot of folks started with pure motives and got poisoned along the way.
For what it’s worth, it’s not very reassuring that you have a bunch of open source projects but you’ve decided this one is not going to be. Rather than showing I can trust you, it rather makes me wonder what you’re hiding.
The answer may well be nothing, but it’s still strange.
I get you might feel that way about it, but that’s not how it is.
The strange thing is your reaction, don’t you think: If you see a proprietary source product and you think “what’s it hiding?” and if you can’t respect a boundary of not revealing source without projecting an imagined bad onto that, that’s just you, my dude, and I’m not responsible how you react at all.
So you might wanna try to put your mistaken attitude on me, but really you need to own that. And your attitude seems mistakenly entitled.
Also the trust issues are warrantless. And, in reality, if you look at my projects, the most important ones are not “open source”.
You judged too quickly, without context, like many here and arrived at conclusions that are just not warranted.
You shouldn’t be arguing with anyone about that because why you came to those doubts or conclusions is something you have to figure out yourself, it’s not something anyone else can help you with.
> I’m just saying, a lot of folks started with pure motives and got poisoned along the way.
That’s not how I see things. That’s not been my experience of the world. I understand if it’s been yours though. Poor you. I guess in that case my advice is just try to keep in mind that not everyone is gonna have the same kind of negative outlook as you and try to be understanding towards them. There’s a lot of good in the world if you open your eyes to it, I hope you find some.
> if you can’t respect a boundary of not revealing source without projecting an imagined bad onto that, that’s just you, my dude, and I’m not responsible how you react at all
I’m responding to the change, as something worth scrutiny. You used to publish open source projects, now this is closed source. Why?
> So you might wanna try to put your mistaken attitude on me, but really you need to own that. And your attitude seems mistakenly entitled
What mistaken attitude, what am I putting on you, and what is my “entitlement”?
> You judged too quickly
> You shouldn’t be arguing
> my advice is
Please stop dressing up your arguments as some kind of metaphysical commentary on my character. I don’t need advice, I didn’t judge you, and I didn’t plan on arguing.
You built something, some people think it’s cool, a lot of people think it’s problematic. You want to keep it closed source, some people find that worrying.
Keep your faux pity for yourself, engage with me in good faith on the merits of the points I’m making, otherwise we’re done here.
You think I owe you source code, is entitled. You project strange onto change, is low empathy. There's no metaphysics, your unwarranted criticism is a reflection of your character. Don't pretend your weird subjective reaction is anything I need to respond to, nor any reflection of me - it's just you.
You have 0 right to attack or accuse me in any way. That you think you do makes you even more entitled and low empahty. Geez....
Their pattern here of immediately going on the offensive to even the smallest amount of inquiry or criticism is totally normal and not at all suspicious.
Maybe they're just having a bad day. Friendly reminder that you don't have to respond to something as soon as you read it, or even at all.
Yeah, I think that's what the program creates in your github account. I see the source to those files embedded in the executable. (I'm not running the executable, but I downloaded the linux one to my mac to take a look inside.)
The multiple levels of abuse here are astounding. That grown adults can think projects like this are acceptable, let alone promote them, is hard to believe. I am 90% sure this is yet another vibecoded project. Has vibecoding really corrupted people?
First, I am fairly certain this violates Github's ToS. Second, it effectively amounts to a denial of service. Third, are people seriously using the .charity TLD to host something this frivolos? Have people got no sense of propriety anymore?
You can criticize the idea. You don't get to invent my motives nor my character, you have no idea about me at all, and you're totally 100% wrong about me, that's it.
If you have a criticism of ghost, make it. Otherwise you're just doing deluded moral posturing. Bye
No, this is just using GH Actions runners as ephemeral dev machines for your software work, plumbed together with cloudflared and tor for SSH and HTTP connectivity. It would likely been just a % of all Actions across all other jobs even if it was wildly popular. This is a mistaken interpretation, in reality.
I think it's just a good idea can trigger people. This is a good idea. But also perhaps some of the mad responses here are from people who are building secret ceremony "AI agentic coding isolated workspace" orchestrations startups or whatever, and they don't want you to know you can just use GitHub, on your free plan.
There are several claims here - ToS violation, denial of service, abuse - but 100% zero actual argument for them.
Ghostbox/ghost helps a person start and connect to workflows in their own GitHub account, using their own Actions minutes, for software development work.
You can dislike that. You or others can argue the ToS point. But trying desperately and deludedly to turn that into some nonsense statement about my character that you know nothing about is not criticism at all - it is just 100% werid-ass projection from you, and only abgout you. Do you get that?
this is exactly what a bad actor would do to temp the greedy. If they are providing free ssh access, why not just use an ssh client instead of curl|sh? That's crazy! And free compute is even crazier. I guess they could make money based off training or selling whatever you put on there.
To be honest a bit true, I use exe.dev and it prefers to use ssh or or just directly within the browser itself and that certainly helps with the trust (also exe.dev is awesome, +1 to it using since day 1)
Also the repository itself doesn't exist anymore as it shows me a 404, I haven't run any code or anything but it would definitely be nice if keepamovin talks more about it as the idea itself is nice but yeah.
The clean devX and minimalism of exe.dev definitely inspire by design for the ghost CLI. Essentially seeing exe.dev (which is a wholly different model, it's their own system - this is a local CLI tool you use to drive your GH account workflows), was the trigger for me to think "I should build this thing I've wanted for a long time". It's basically an improved gh CLI with a focus on real human-and-agent debugging and coding workflows on CI/multi-OS and infra, but written in a way where GH Actions doesn't have to be the backend - it's just the one I most use.
I'm not trying to make money on this. I just think it's a useful utility. The SSH tunnels are provided by cloudflared and tor (as a backup, CF free tunnels sometimes flake).
I know a lot of people talk about GH outages, but I personally haven't encountered it even tho as you can see form my profile (github.com/crisdosaygo) I'm on there everyday. Maybe my workflows don't hit the weak spots, idk.
But the reason I created this was because Actions always worked so well for me, and it seemed to have so many possibilities to build things on it.
Regarding the Global Free Tier, every GH account comes with Actions Minutes and this is way to have a nice CLI to put them to use toward your building, and maybe have a spot for agents to do some work you don't want locally.
Bigger picture, I feel GH led the way providing this idea of "compute as utility" (free compute for even free GH accounts, was amazing - but I really think that the future is shaped like that). I'm serious about that: AI will eventually become cheaper to train and infer, and the oversupply of compute will be a background layer we will have access to much cheaper. Just one of the trends. So the idea of the Global Free Tier or Background Compute as a universal utility, is something I think si really real.
Also probably important to note that the reliability issues GH seems to have faced, are more of a recent uptick, but Actions has had this free tier for ages.
Given the consistent outages everywhere on GitHub, they actually should put GitHub Actions under a paid tier only if they want their platform to be sustainable and stable. Period.
It's quite irresponsible of them to have almost all the core features free and a paid tier would significantly reduce abuse of it (and especially GitHub Actions) like this.
If they don't, then don't be surprised to see more outages on their platform.
Yeah folks on this thread mistakenly thought it was against ToS and flagged it to GitHub. I’m confident and trust GitHub will bring it back once they look into it. It’s not a ToS violation.
Yes, the repos are currently disabled after folks here flagged/reported to GH. I'm grateful GH restores once they get to looking at it.
Probably some abuse of the flag/report link on GH for ghost: some mistaken about what ghost is, some reacting to the possibility of widespread realization you can do your "secure agentic" workflows on your own free GH minutes rather than on the flaggers' secret sauce startups in the "AI isolation"/ephemeral machines space. And osme, I guess were just following the crowd.
You did fixate on disabling the repo in your comments here yourself.
Won't the supply-side incentives misalign with demand-side's desires in this case?
If you choose a specific company's free tier, you can rely on reputation and switch if they misbehave (e.g. they exfiltrate your secrets, log all your activities, build a profile on your workload behavior, etc). But if you don't know where your workload being deployed, the operator has less incentive to treat your compute with respect.
Means this is really only useful for nearly-public workloads, where tampering is not a critical failure mode.
The multi-provider angle is an interesting future direction. I built it atop Actions because that's what I use everyday, but I'm sure other similar things exist.
The main driver for me was I always felt actions had so much potential for a modicum of easier use, that would give huge benefits to my workflwos. Ghost CLI is that little bit easier.
I think there's a case for self-hosted runners, and right now it only supports the basic ubuntu, macos and window latest. But I see a path to adding the larger paid runners as part of the toml for machine shape in future.
This is interesting, but unfortunately it's a gradient on an infinite game of cat and mouse.
If blocking doesn't work, there will be phone verification. If that doesn't work you're gonna need to get orbed. If that doesn't work, you're gonna need to drink the verification cans. Or they will just kill the free tiers. There is no free lunch.
Thanks, I know exactly something which has been in my mind to build which can be made possible with this.
Basically any golang/any language cli application preferably-static can be dropped and ran in ghostbox plus xterm in browser (and additionally cloudflare tunnels) or perhaps directly to give a web link.
Anyone can then click on that web link to then try out the cli application. Think jujutsu and others too and they can do this upto 90 minutes.
Feel free to pick up on this idea as more importantly than not, I would personally love to see an idea like this, even something with asciinema to finally show how an app feels and looks.
Can you please tell me more about what is the structure behind Ghostbox and on what service does it run upon? Hetzner/OVH or something else? I would be interested to know more about the infrastructural decisions behind it and does it run on firecrackers, quite so many questions!
This is a really cool project, thanks for making this and have a nice day!
Thanks, bud. Right now it just uses spins up an ephemeral machine from GitHub Actions. I mostly used GH myself so have not added any more providers yet - but the Global Free Tier is trending up. Will add more in future.
You're mistaken - ghost is not a service consuming actions for itself - it's a CLI tool you run locally to drive workflows with sane default configs so you can easily drop into them and continue working or debugging in reliable and consistent infra, or have your agent do it. It is a better CLI for GH workflows (https://news.ycombinator.com/item?id=47982915), now whatever you were imagining.
I have never encountered any Actions reliability besides occasional networking stalls halting package installations. Actions has been so reliable that's what inspired me to make this. It's literally my go to test and develop platform. And I've used 10,000s of action minutes a month for a couple years on corp and personal plans.
Is there a meaningfully useful version of automatically write to an encrypted disk / RAM that could be used with a random cloud instance? Obviously the decryption key would be in RAM somewhere but as a short term best practice it might be somewhat useful
That specialized. I think on GH at least the runner you get is random and opaque to you? For encryption you could add a user-script to the ghost config, it supports that.
It ain't open source. You're free not to run closed-source software (tho OS/apps might be an issue ;)), but "closed source"/proprietary is 0 evidence of bad intent.
And (sad but true) "open source" is 0% evidence of goodness - as the whole industry of "supply chain attack protection" can enthusiastically attest.
Just so you know, in building this I ran hundreds of rust crates dozens of times on my personal laptop. In building BrowserBox I've run millions of times npm packages.
ghost is actually a thing that helps with this risk - precisely because it provides isolated hybride (CI/automated + human in the loop/AI) dev flows, easily on your existing GH Actions minutes. Free minutes! (Thanks GH <3). How does it help? Because it's an isolated machine. Not even your ssh key is on it (SSH agent forwarding), but you can clone your repos and run CI/builds/dev/agents, and even gate secrets using GH's existing surface for this.
It's a goto way to do dev securely - and protect against the very thing you (and many) falsely suspect ghost of. A paradox! But also a great opportunity to discuss where ghost helps - with the precise thing ppl mistook as doing. :)
If you're super concerned - do a "ghost bootstrap" - create a workflow that creates a machine with a shape you want and add's tmate. Use tmate to ssh in. Download ghost, create an ssh key, add it as a deploy key to a repo you want to work on (if wf is not already in that repo), and then ssh into the ghost machine from your other runner machine (which could also be a VPS from "trad cloud", just sayin).
Think about it: why would I spend 10+ years developing software in the open (see my GH: https://github.com/crisdosaygo) and building a business on (primarily) security/browsing products only to throw it all away to do whatever it is people are imagining here? Think about it. Why would I steal anything from anyone? So sell a secret? To access a private repo? From some rando? How profitable could that be? It sounds ridiculous. And most important for me: I never have, am not, and would never do because I'm not a bad person. None of the fear makes sense: it's all totally unjust to level that at me in any way.
Some years ago I toyed with the idea of running a minecraft server inside github actions,
I used tailscale to create a public endpoint and saved the world in an artifact that was re-loaded on the next run. It worked really well, but the point was never to actually use it for real.
Different companies and websites will very often have TOS's that contradict each other. TOS is contract law, so any single TOS only represents that one company's interests.
gh will have to tighten controls or even completely stop providing free minutes. And then the whole community will cry about MS ruining gh. No folks, this is an infrastructure abuse and it will have net negative impact on most fair users
AI=generated article that asks you to download and run some random binary. Github account is just more AI slop. Everything to me just screams that it's a malware.
Or this is normal here?
No, it got there organically, I wrote the copy and I've been deep in coding and tech long before AI. Wrong on all counts!
"botted" and "malware" are accusations, not arguments. You have no basis for that, stop abusively trying to launder your weird-ass character attacks as suspicion/critique.
Thanks. I posted and really didn't expect any points. So checking back after 40 minutes and seeing it blown up was quite a shock. I'm working through all the things people have pointed out!
I wish the link for "Global Free Tier" [1] included an actual list of the free tiers GhostBox is using (ideally also including some kind of table/rubric for comparisons and any limitations, benefits, etc unique to each).
It sounds like Github Actions is the first choice, if it's unavailable (or if Github blocks GhostBox in the future), are each of the alternatives viable as a more or less drop-in replacement? Or would there be loss of functionality?
Those are the questions I had when reading through the site so I think some basic technical docs would go a long way to help people understand the project and decide to give it a try. I like the cute/whimsical branding but I'll admit to doing a little internal eye-roll when I clicked that link expecting technical specifics and instead read:
> GitHub Actions is only the first place ghosts come from. There are strange little pockets of temporary compute all over the internet. Ghostbox makes them feel like one small machine.
It's a neat idea though, and I've definitely had moments where I wished I could just spin up a free, temporary VM/container to do something but didn't feel like researching the current free-tier landscape and filling out a sign-up form and stuff.
ghost creates 1 private special repo in your account, as a unified home to hold your config and runners for all your projects - it doesn't create a repo somewhere else and doesn't need any random secrets. If you do want to customize the config and add secrets tho, ghost does support that - put their names in the toml and it will wire them through for up.
Right now it's only GitHub Actions. I didn't want to overbuild in case it wasn't a thing for others. I mostly use Actions myself. But I'm open to adding more. I think the GFT is real.
I know a guy who gets a bunch of old hardware as a recycler, We made the Shell On Demand Appliance for DEFCON[1] awhile back and would love to expand it, but power/internet would just cost too much. we have the hardware and software to do this. just not the long term recurring
This is interesting. A quick calculation with AI suggests pricing for cents/core/GB/hour suggests cost for power+net is 0.5cent/core/GB/hour assuming "average load" (web browsing, installing packages). Or in otherwords ~$3.60 a month for a "tiny machine" on this load 24/7. I'm guessing with actual "per human" usage the cost per person is 10 - 30x lower. So you can serve 1000 people for free a month if you have $300 to pay for power/net.
I took this further and developed a table of breakeven and profit costs for different user sizes:
All figures use May 2026 US averages (EIA power rates + CBRE wholesale colo data); power+internet only. Profit factor is if exactly 10 % of all users pay the $3/month tier, how many times does the revenue cover your total power + internet cost?
My gut says these prices are still 20-30% too high at the mid-high end tho.
We need more of this because compute is trending infinitely cheaper. Maybe not today, maybe not tomorrow - but inference and training of AI will eventually breakthrough to optimal and cost way less. The oversupply of compute will provide "baseload" compute for all. GH was just way ahead of its time with free action minutes on every account. The Global Free Tier, is coming :)
In fact, it's already here, it's just not evenly distributed yet :)
Yes, that's about the shape of it, thanks! By controlling variables of the env (ie removing, fixing confounding factors), you can approach a more scientific process to development and testing, and make more rapid progress toward stability :)
Weird to have a .charity TLD but promote abusing Github Actions as free compute.
Volunteering the money of others is a favourite human pastime.
Ghost provides a configuration and a way to spin up tiny machines from your CLI, but designed in a way where GitHub Actions doesn’t have to be the backend. It’s the same effect as running gh create-repo, setting a workflow, and gh run workflow (gh is the official GH CLI). You can do the same with tmate and gh from the CLI now, this just has better devX and uses real SSH so you can agent forward to clone your repos like you would locally.
It is not “abusing” GH Actions nor “promote” that, nor “volunteering the money of others” (?), it is helping you use the Actions minutes on your account better.
For me it makes GH Actions, which I’ve always loved, way more useful, by saving time in the setup of these common workflows I use all the time: debugging a failure in CI. Getting an agent to iterate directly in the CI machine. Manual build and smoke on different OS, etc.
I had this idea for a while and was waiting for GH or someone to release an easier CLI for this, for a year or two, but they didn’t so I built it myself.
I misread that as OP saying "MY favourite human pastime" and lost some drink through my nose.
Yeah that would have been funny. Genuine sass is always funnier than phony moral indignation contempt. You were truly blessed by that misreading! :)
Honestly, I was tyring to pick a name, and I picked the one that made me laugh the most. Sparks joy. Because that's what it really is: a charity of ghost machines. GH provides these amazing free compute minutes, and this is a way to use them to focus on dev tasks.
IN future, I think I'll add other providers.
You're not running a charity. You're probably violating their TOS and abusing the good will they're putting out towards open source projects.
I can't believe it but your little project has for the first time in my life put me in the position of defending Microsoft. I hope they shut it down ASAP.
For Microsoft, free isn’t free… It puts them in a position of advantage. However, I still agree this is abusing goodwill and is rather disgraceful.
Maybe you wanted something to attack or defend? Because this is mistaken.
Although, releasing free software like this is kinda like running a charity, right?
Charity can also mean goodwill and kindness - so that's the idea. But the name I picked because it made me laugh, it was so surprising and joyful - a charity of ephemeral ghost machines for your software work. Which is basically what GH actions is, this just makes it even more useful and faster to work with.
What abuse and TOS violation were you thinking this was?
You are in direct violation of their Acceptable Use Policy: https://docs.github.com/en/site-policy/acceptable-use-polici...
> You will not reproduce, duplicate, copy, sell, resell or exploit any portion of the Service, use of the Service, or access to the Service without our express written permission.
Supposing they didn't have this clause, it would still be the wrong thing to do. You are clearly lacking a moral center or have killed your inner voice that normally speaks to people and tells them right from wrong.
These are not your computers to resell or reoffer as you please, even for free. They belong to Microsoft who pays for them and owns them, and therefore only Microsoft can decide how they are used and for what lawful purposes and under what conditions. You need their permission to do what you are doing, and I'm fairly certain you do not have that.
By abusing their services in this manner you are also directly attacking open source projects who make use of these services in a way that is compatible with their AUP.
You can probably do better: you can argue the ToS point without turning it into a character attack, or not?
"I think this violates GitHub’s AUP" is a kind of point. "You lack a moral center” sounds like your own compensatory projection of your guilt onto others to feel better, and is not a point - too many years on the inside? That is just a personal accusation, and I do not accept it. I bundle it up, and pass it back to you, reflected. You don't know me, and you're totally wrong in everything you tried to say about me. Which of course you wouldn't know anything at all about. All your information is bad, dude, and always has been. You don't check it? Sounds like you don't.
Ghostbox is not reselling or reoffering GitHub’s service. It is a CLI that helps a person create and connect to workflows in their own GitHub account, using their own Actions minutes, for software development work. The underlying pieces are already possible with `gh`, workflow files, tmate, SSH, and normal Actions usage.
It is founded on the idea of the Global Free Tier - that GitHub led the way in providing. Odd for you to criticize it given your work on UBI. But I suppose you prefer compliant dependents rather than empowered independent creators, right?
If GitHub says a specific part violates the terms, I’ll take that seriously. But your dislike of the workflow is 0% proof of any ToS violation, and it is 0% permission to try attack my character.
> You are clearly lacking a moral center or have killed your inner voice that normally speaks to people and tells them right from wrong.
That is a crazy thing to say, do you know that? I want you to go stand in front of a mirror and say that to yourself. Then imagine the kind of perosn you are, saying that to someone else. You are clearly just talking about yourself in that crazed statement. I do not accept that, in any way, that is all yours. But wow, you really do talk like an abusive person - but you don't loook like one. I guess you can't always tell.
I’m asking people to evaluate what the project actually does, not the moral story you are projecting onto it that you need to be true for your weird little twisted perosnal reasons that have 0% to do with me. I'm not actually sure you can do better - I'd like to think you could, any MD-based ex-NSA TAO spook could see that a regular perosn could. Obviously, you are 0% qualified to judge anything about moral character at all, yet you were so desperate to try that in your little comment above. Sorry, this is not your opprotunity to have moral feelgood moment compensation for all your years of bad by trying to abuse someone else. Rejected. Go figure out your issues yourself.
You really picked the wrong person to try to say that to, bud.
> Ghostbox is not reselling or reoffering GitHub’s service. It is a CLI that helps a person create and connect to workflows in their own GitHub account, using their own Actions minutes, for software development work.
You are not advertising it that way. I'm not the only person to call you out in these comments. Dozens of people have told you the same thing, and you've summarily dismissed all of their comments.
Clearly either you are doing something wrong (violating the ToS), or you are advertising a service that appears to be violating the ToS. If it's the latter, maybe you might want to change your website to be a little clearer, like stating that it requires a Github account and it will use that account and any ToS violations are on the user.
I'm amazed at your ability to tell others that they need to self-reflect while appearing to lack any capacity for self-reflection yourself. You solicited feedback and dozens of intelligent people are telling you the exact same thing, and you dismissed them and/or called them crazy.
> Odd for you to criticize it given your work on UBI.
It's not odd at all if you understood my work or understood that your service advertises itself as abusing another company's resources. FYI, I work in VBI, not UBI (and the distinction is precisely about abusing other people's resources without permission), but this isn't a conversation about my work, it's about your work.
> I'd like to think you could, any MD-based ex-NSA TAO spook could see that a regular perosn could.
No idea what you're saying here. Are you now making up false accusations about me? Speaking of abusive behavior.
> Happy to know what you think and talk about it.
Seems you aren't actually happy to hear what others think. Maybe don't solicit feedback on a high-traffic website if you don't want to hear it?
Fair point on calirty: if the site made Ghost/ghostbox sound like hosted computed services/reselling rather than the local CLI using your GH account and action's minutes that it in fact is, I might tigthen that wording.
Which obviously does not make it abuse or ToS violation simply because of that. As to whatever else you were going on with: all meer personal attack/insinuation, not argument. Critique Ghostbox's actual activity, not whatever you are projecting onto me.
[dead]
That's so weird.
This idea is great in concept, and I think it's important to state that, but the GitHub Actions stuff is against TOS iirc + they will need to address that pretty quickly.
So that's why we will see GitHub Actions continuing to go down so frequently every day of the week. From their "terms of service" [0]
> Ghostbox is software for launching short-lived development machines using third-party infrastructure such as GitHub Actions, tunnels, shells, agents, and related developer tools.
So this will go down, just like GitHub Actions since it abuses the subsidised free tier of GitHub Actions to run a service like this and it is likely against the GitHub TOS.
[0] https://www.ghost.charity/terms
You're mistaken - ghost is not a "service". It is a CLI tool. And [0] is precisely how GH Actions runners are used everyday. It's not something other.
ghost doesn't "abuses the subsidised free tier". When you run ghost it uses your free minutes, not someone else's.
In reality, the % of Actions total global minutes that would be used for these hybrid "human and/or agent real-time" workflow where you drop into a machine would be tiny compared to the bulk p95 which is automated workflows for CI.
This is for where you want to drop into a consistent environment and get into the weeds or have your agent debug what's going on, or use the security isolation to develop safely in Actions cloud rather than rooting your laptop with an agent perhaps.
Looks like the Github repo has already been nuked, I'm guessing for violating ToS on Github actions?
The website has a broken github link. Repo is here https://github.com/DO-SAY-GO/ghostbox-releases but it's only a README.md with binary releases. No public source code?
The readme says it’s proprietary code that’s free to use during a “preview”.
Odd to be so tied to GitHub for proprietary code.
GitHub is one of the most readily accessible sources of parasitic compute resources.
Yeah this seems pretty sketch.. I would not run that binary.
I don't believe in releasing source anymore after years of doing it. It's closed source, Rust binary, proprietary but free software offered as a utility. It's the same patterns as used by coding agents and many other CLI tools.
Can you elaborate on why you feel this way? I'm not going to trust a closed source binary with anything related to my personal projects
You trust the agentic coding binaries no doubt?
So, your threat model is that I’m really building my business and reputation by creating illegal, criminal malware? Ponder that, is that really a plausible thing to you? You think that about me?
No, I only use open source agents, weird of you to assume that I would make an exception just for agents. My threat model is that trust is earned, not given away to complete strangers who act hostile to simple inquiries.
I was sincerely interested in why you were choosing closed source, you decided to take it as an attack.
lol No, I didn’t take it as an attack (tho that's what it was) i just didn’t answer your question. If you’re not okay with that i guess you’ll need to figure that out yourself.
That’s where i was going with my reply - i wanted you to think more about it. You perceived it as hostile but really I was just asking you some questions, simple ones. It does seem like you’re projecting here, maybe consider that more.
Because even tho I didn't take it as an 'attack' it was an attack, really. Think: What are you saying: you don't trust some software that I wrote. What does that mean? That means you think it's going to do something bad. That means you think I'm going to try to do something bad to you, by this beautiful creative effort that I'm putting out. Like wut? You really are not a builder if you don't understand how that feels, for me, but also -if you don't see the problem with just thinking that's what I'm going to do, like that's crazy. Like you think it's okay to just accuse me of that, just casually, like what? And then you don't think I can saying anything about that - because otherwise I'm taking it as an attack. Which is what it was. So of course I'm going to say something, and I can. And if you don't like that - maybe think more before you accuse people of what you're just projecting.
So, I took it as ignorance, which is what it is, I assume, which is why I asked you questions. Because if I was going to give you my real answer, I don't think you would understand it. That's why I didn't answer your question, because I didn't feel you'd understand (why might that be? Because you just fake accused me of trying to do something I'm not doing?). Is that not obvious to you?
Anyway, what else were you saying? Not weird about agents, it’s so common. I guess you’re a little unusual in your fastidiousness about that. But that’s not a problem.
What about apps on your phone, are you okay with that? Or you have, like, a dumb phone?
If you do want to know my views on open source, maybe you can try your empathy and tell me why you think?
It’s okay if you don’t want to. I’m finding the interaction with you a little boring… lol
Yeah I'm not reading all that. Good luck with your repo
Ah, so very considerate of you, well someone's read it, but the short version is: you have 0 right to attack or accuse me in any way. The fact that you want to, just shows you're a bad perosn. You're wrong. You assumed I'm doing something bad, but you don't know me, you tried to blame me for your prejudice, but that's just you, projecting, crazy.
they weren't attacking you..
"Why do you want to protect your IP/time/effort rather than giving away your source code? I don't run binaries as a general rule, nothing to do with ghost, which looks cool, btw." is totally fair.
Assuming bad intent, malware, or hidden wrongdoing is not neutral criticism - it is warrantless attack.
No-one knows who you are, and you’re clearly not against using something like GH Actions in a way other than its intended purpose. What’s to say you won’t pivot to running a tiny VM on my machine and making it available to others?
Is that right? Well, some people know. I’m Cris, and you are?
But wait I’ve been building so much, for all this time, but you think what I’ve really being doing is building malware, and there’ve been no consequences, somehow nobody’s noticed and I’ve just “gotten away with it”?
Go check out my GitHub: https://github.com/crisdosaygo
I don’t think anything, and I’m not accusing you of anything, I’m just saying, a lot of folks started with pure motives and got poisoned along the way.
For what it’s worth, it’s not very reassuring that you have a bunch of open source projects but you’ve decided this one is not going to be. Rather than showing I can trust you, it rather makes me wonder what you’re hiding.
The answer may well be nothing, but it’s still strange.
I get you might feel that way about it, but that’s not how it is.
The strange thing is your reaction, don’t you think: If you see a proprietary source product and you think “what’s it hiding?” and if you can’t respect a boundary of not revealing source without projecting an imagined bad onto that, that’s just you, my dude, and I’m not responsible how you react at all.
So you might wanna try to put your mistaken attitude on me, but really you need to own that. And your attitude seems mistakenly entitled.
Also the trust issues are warrantless. And, in reality, if you look at my projects, the most important ones are not “open source”.
You judged too quickly, without context, like many here and arrived at conclusions that are just not warranted.
You shouldn’t be arguing with anyone about that because why you came to those doubts or conclusions is something you have to figure out yourself, it’s not something anyone else can help you with.
> I’m just saying, a lot of folks started with pure motives and got poisoned along the way.
That’s not how I see things. That’s not been my experience of the world. I understand if it’s been yours though. Poor you. I guess in that case my advice is just try to keep in mind that not everyone is gonna have the same kind of negative outlook as you and try to be understanding towards them. There’s a lot of good in the world if you open your eyes to it, I hope you find some.
> if you can’t respect a boundary of not revealing source without projecting an imagined bad onto that, that’s just you, my dude, and I’m not responsible how you react at all
I’m responding to the change, as something worth scrutiny. You used to publish open source projects, now this is closed source. Why?
> So you might wanna try to put your mistaken attitude on me, but really you need to own that. And your attitude seems mistakenly entitled
What mistaken attitude, what am I putting on you, and what is my “entitlement”?
> You judged too quickly > You shouldn’t be arguing > my advice is
Please stop dressing up your arguments as some kind of metaphysical commentary on my character. I don’t need advice, I didn’t judge you, and I didn’t plan on arguing. You built something, some people think it’s cool, a lot of people think it’s problematic. You want to keep it closed source, some people find that worrying.
Keep your faux pity for yourself, engage with me in good faith on the merits of the points I’m making, otherwise we’re done here.
You think I owe you source code, is entitled. You project strange onto change, is low empathy. There's no metaphysics, your unwarranted criticism is a reflection of your character. Don't pretend your weird subjective reaction is anything I need to respond to, nor any reflection of me - it's just you.
You have 0 right to attack or accuse me in any way. That you think you do makes you even more entitled and low empahty. Geez....
Their pattern here of immediately going on the offensive to even the smallest amount of inquiry or criticism is totally normal and not at all suspicious.
Maybe they're just having a bad day. Friendly reminder that you don't have to respond to something as soon as you read it, or even at all.
Dishonest. You have no idea about me, Plus "I don't trust your work" is an attack, it's not a neutral inquiry.
You tried to launder that through a question but it got rejected and exposed. And you can't cover that up now, no matter how much you try ever again.
Touch grass
I think you can (eventually) do better than your comments here.
https://github.com/crisdosaygo/ghostbox-home-reveal This looks more promising?
Yeah, I think that's what the program creates in your github account. I see the source to those files embedded in the executable. (I'm not running the executable, but I downloaded the linux one to my mac to take a look inside.)
"Access to this repository has been disabled by GitHub Staff due to a violation of GitHub's terms of service"
poof
Sorry I forgot to set it public. It's fine now.
The multiple levels of abuse here are astounding. That grown adults can think projects like this are acceptable, let alone promote them, is hard to believe. I am 90% sure this is yet another vibecoded project. Has vibecoding really corrupted people?
First, I am fairly certain this violates Github's ToS. Second, it effectively amounts to a denial of service. Third, are people seriously using the .charity TLD to host something this frivolos? Have people got no sense of propriety anymore?
Like social media vibe coding doesn’t change people. It just makes their character more obvious
You can criticize the idea. You don't get to invent my motives nor my character, you have no idea about me at all, and you're totally 100% wrong about me, that's it.
If you have a criticism of ghost, make it. Otherwise you're just doing deluded moral posturing. Bye
[flagged]
> Has vibecoding really corrupted people?
You have to go back further back than that, to the Great Recession, IMO.
> Have people got no sense of propriety anymore?
Judging by the proportion of drivers with their high beams on, blinding me on well-lit roads after dark - no, not anymore.
No, this is just using GH Actions runners as ephemeral dev machines for your software work, plumbed together with cloudflared and tor for SSH and HTTP connectivity. It would likely been just a % of all Actions across all other jobs even if it was wildly popular. This is a mistaken interpretation, in reality.
You can read what it is more clearly, here: https://github.com/crisdosaygo/ghostbox-home-reveal
Looks like that's definitely been disabled for breaking ToS. I guess that answers that question then.
No lol that’s just because people on the thread flagged it to GitHub. They haven’t looked at it yet. I’m confident they’ll bring it back when they do
This website has completely lost its ethos.
I think it's just a good idea can trigger people. This is a good idea. But also perhaps some of the mad responses here are from people who are building secret ceremony "AI agentic coding isolated workspace" orchestrations startups or whatever, and they don't want you to know you can just use GitHub, on your free plan.
There are several claims here - ToS violation, denial of service, abuse - but 100% zero actual argument for them.
Ghostbox/ghost helps a person start and connect to workflows in their own GitHub account, using their own Actions minutes, for software development work.
You can dislike that. You or others can argue the ToS point. But trying desperately and deludedly to turn that into some nonsense statement about my character that you know nothing about is not criticism at all - it is just 100% werid-ass projection from you, and only abgout you. Do you get that?
this is exactly what a bad actor would do to temp the greedy. If they are providing free ssh access, why not just use an ssh client instead of curl|sh? That's crazy! And free compute is even crazier. I guess they could make money based off training or selling whatever you put on there.
To be honest a bit true, I use exe.dev and it prefers to use ssh or or just directly within the browser itself and that certainly helps with the trust (also exe.dev is awesome, +1 to it using since day 1)
Also the repository itself doesn't exist anymore as it shows me a 404, I haven't run any code or anything but it would definitely be nice if keepamovin talks more about it as the idea itself is nice but yeah.
https://web.archive.org/web/20260501150640/https://github.co...
The clean devX and minimalism of exe.dev definitely inspire by design for the ghost CLI. Essentially seeing exe.dev (which is a wholly different model, it's their own system - this is a local CLI tool you use to drive your GH account workflows), was the trigger for me to think "I should build this thing I've wanted for a long time". It's basically an improved gh CLI with a focus on real human-and-agent debugging and coding workflows on CI/multi-OS and infra, but written in a way where GH Actions doesn't have to be the backend - it's just the one I most use.
I'm not trying to make money on this. I just think it's a useful utility. The SSH tunnels are provided by cloudflared and tor (as a backup, CF free tunnels sometimes flake).
Things like this are the reason why companies like GitHub then put everything under a paid tier.
I know a lot of people talk about GH outages, but I personally haven't encountered it even tho as you can see form my profile (github.com/crisdosaygo) I'm on there everyday. Maybe my workflows don't hit the weak spots, idk.
But the reason I created this was because Actions always worked so well for me, and it seemed to have so many possibilities to build things on it.
Regarding the Global Free Tier, every GH account comes with Actions Minutes and this is way to have a nice CLI to put them to use toward your building, and maybe have a spot for agents to do some work you don't want locally.
Bigger picture, I feel GH led the way providing this idea of "compute as utility" (free compute for even free GH accounts, was amazing - but I really think that the future is shaped like that). I'm serious about that: AI will eventually become cheaper to train and infer, and the oversupply of compute will be a background layer we will have access to much cheaper. Just one of the trends. So the idea of the Global Free Tier or Background Compute as a universal utility, is something I think si really real.
Also probably important to note that the reliability issues GH seems to have faced, are more of a recent uptick, but Actions has had this free tier for ages.
Given the consistent outages everywhere on GitHub, they actually should put GitHub Actions under a paid tier only if they want their platform to be sustainable and stable. Period.
It's quite irresponsible of them to have almost all the core features free and a paid tier would significantly reduce abuse of it (and especially GitHub Actions) like this.
If they don't, then don't be surprised to see more outages on their platform.
Do you realize how disastrous it would be for the open-source ecosystem to remove actions from the free tier?
Yeah, I can't imagine if open source maintainers had to pay for their own laptop, food, electricity, housing, transportation, or compute time.
They might have to figure out running CI on their own hardware. The horror.
Open source developers got along perfectly well before free GHA compute. It hasn’t been around for that long.
The repository now appears to be disabled.
https://github.com/DO-SAY-GO/ghostbox-releases
https://github.com/crisdosaygo/ghostbox-home-reveal
Yeah folks on this thread mistakenly thought it was against ToS and flagged it to GitHub. I’m confident and trust GitHub will bring it back once they look into it. It’s not a ToS violation.
GitHub is going to love this. No wonder Actions keeps getting worse and worse.
The repository has been disabled by GH.
https://github.com/DO-SAY-GO/ghostbox-releases
Yes, the repos are currently disabled after folks here flagged/reported to GH. I'm grateful GH restores once they get to looking at it.
Probably some abuse of the flag/report link on GH for ghost: some mistaken about what ghost is, some reacting to the possibility of widespread realization you can do your "secure agentic" workflows on your own free GH minutes rather than on the flaggers' secret sauce startups in the "AI isolation"/ephemeral machines space. And osme, I guess were just following the crowd.
You did fixate on disabling the repo in your comments here yourself.
Won't the supply-side incentives misalign with demand-side's desires in this case?
If you choose a specific company's free tier, you can rely on reputation and switch if they misbehave (e.g. they exfiltrate your secrets, log all your activities, build a profile on your workload behavior, etc). But if you don't know where your workload being deployed, the operator has less incentive to treat your compute with respect.
Means this is really only useful for nearly-public workloads, where tampering is not a critical failure mode.
I think you misunderstand what ghost is. It's not a cloud service. It's a CLI tool that runs workflows from your GH account: https://news.ycombinator.com/item?id=47982915
The multi-provider angle is an interesting future direction. I built it atop Actions because that's what I use everyday, but I'm sure other similar things exist.
The main driver for me was I always felt actions had so much potential for a modicum of easier use, that would give huge benefits to my workflwos. Ghost CLI is that little bit easier.
That is why unless you own it yourself, a "free tier" is not truly "free".
This service uses GitHub Actions and it is likely against GitHub's terms of service and GitHub can pull the rug if they wanted to.
If you don't own it, there is always a catch when something claims to have a "free tier". This is one of them.
I think there's a case for self-hosted runners, and right now it only supports the basic ubuntu, macos and window latest. But I see a path to adding the larger paid runners as part of the toml for machine shape in future.
This is interesting, but unfortunately it's a gradient on an infinite game of cat and mouse.
If blocking doesn't work, there will be phone verification. If that doesn't work you're gonna need to get orbed. If that doesn't work, you're gonna need to drink the verification cans. Or they will just kill the free tiers. There is no free lunch.
No because it's not an abuse to block. The thread converged upon that mistaken idea, but that's not the reality.
The reality is it's just a CLI that makes Actions more useful: https://news.ycombinator.com/item?id=47982915
Thanks, I know exactly something which has been in my mind to build which can be made possible with this.
Basically any golang/any language cli application preferably-static can be dropped and ran in ghostbox plus xterm in browser (and additionally cloudflare tunnels) or perhaps directly to give a web link.
Anyone can then click on that web link to then try out the cli application. Think jujutsu and others too and they can do this upto 90 minutes.
Feel free to pick up on this idea as more importantly than not, I would personally love to see an idea like this, even something with asciinema to finally show how an app feels and looks.
Can you please tell me more about what is the structure behind Ghostbox and on what service does it run upon? Hetzner/OVH or something else? I would be interested to know more about the infrastructural decisions behind it and does it run on firecrackers, quite so many questions!
This is a really cool project, thanks for making this and have a nice day!
Thanks, bud. Right now it just uses spins up an ephemeral machine from GitHub Actions. I mostly used GH myself so have not added any more providers yet - but the Global Free Tier is trending up. Will add more in future.
Nice way to automate the unethical destruction of the commons. Shared space and community standards are for suckers.
You're mistaken - ghost is not a service consuming actions for itself - it's a CLI tool you run locally to drive workflows with sane default configs so you can easily drop into them and continue working or debugging in reliable and consistent infra, or have your agent do it. It is a better CLI for GH workflows (https://news.ycombinator.com/item?id=47982915), now whatever you were imagining.
What did you imagine it was?
As unreliable as GitHub actions are, this is what ruins nice things (free for public repos) for the rest of us.
I have never encountered any Actions reliability besides occasional networking stalls halting package installations. Actions has been so reliable that's what inspired me to make this. It's literally my go to test and develop platform. And I've used 10,000s of action minutes a month for a couple years on corp and personal plans.
Is there a meaningfully useful version of automatically write to an encrypted disk / RAM that could be used with a random cloud instance? Obviously the decryption key would be in RAM somewhere but as a short term best practice it might be somewhat useful
That specialized. I think on GH at least the runner you get is random and opaque to you? For encryption you could add a user-script to the ghost config, it supports that.
Couldn't get it working on MacOS or Linux:
$ curl -fsSL https://www.ghost.charity/install.sh | bash Checking for Ghostbox updates... curl: (22) The requested URL returned error: 404 Could not fetch ghost-linux-x64.tar.gz from https://github.com/DO-SAY-GO/ghostbox-releases/releases/late...
Perhaps removed?
"There are spare machines everywhere. GitHub Actions is only the first place ghosts come from." ... seems a bit odd.
Should work fine now. REpo was not public at first.
Segfault provides something similar with a direct ssh connection: https://www.thc.org/segfault/
That's cool, thanks for sharing that.
Where is the source ? This looks fishy, no way I'll run this bin..
It ain't open source. You're free not to run closed-source software (tho OS/apps might be an issue ;)), but "closed source"/proprietary is 0 evidence of bad intent.
And (sad but true) "open source" is 0% evidence of goodness - as the whole industry of "supply chain attack protection" can enthusiastically attest.
Just so you know, in building this I ran hundreds of rust crates dozens of times on my personal laptop. In building BrowserBox I've run millions of times npm packages.
ghost is actually a thing that helps with this risk - precisely because it provides isolated hybride (CI/automated + human in the loop/AI) dev flows, easily on your existing GH Actions minutes. Free minutes! (Thanks GH <3). How does it help? Because it's an isolated machine. Not even your ssh key is on it (SSH agent forwarding), but you can clone your repos and run CI/builds/dev/agents, and even gate secrets using GH's existing surface for this.
It's a goto way to do dev securely - and protect against the very thing you (and many) falsely suspect ghost of. A paradox! But also a great opportunity to discuss where ghost helps - with the precise thing ppl mistook as doing. :)
If you're super concerned - do a "ghost bootstrap" - create a workflow that creates a machine with a shape you want and add's tmate. Use tmate to ssh in. Download ghost, create an ssh key, add it as a deploy key to a repo you want to work on (if wf is not already in that repo), and then ssh into the ghost machine from your other runner machine (which could also be a VPS from "trad cloud", just sayin).
Think about it: why would I spend 10+ years developing software in the open (see my GH: https://github.com/crisdosaygo) and building a business on (primarily) security/browsing products only to throw it all away to do whatever it is people are imagining here? Think about it. Why would I steal anything from anyone? So sell a secret? To access a private repo? From some rando? How profitable could that be? It sounds ridiculous. And most important for me: I never have, am not, and would never do because I'm not a bad person. None of the fear makes sense: it's all totally unjust to level that at me in any way.
This is 100% against githubs TOS lol.
Some years ago I toyed with the idea of running a minecraft server inside github actions, I used tailscale to create a public endpoint and saved the world in an artifact that was re-loaded on the next run. It worked really well, but the point was never to actually use it for real.
Different companies and websites will very often have TOS's that contradict each other. TOS is contract law, so any single TOS only represents that one company's interests.
No, these are dev machines you use for your software building, so it's not.
gh will have to tighten controls or even completely stop providing free minutes. And then the whole community will cry about MS ruining gh. No folks, this is an infrastructure abuse and it will have net negative impact on most fair users
That's a claim, not anything else. Yelling abuse doesn't make it so.
Ghostbox helps a human or agent run dev flows in their own (the human's) GitHub account, using their own Actions mins.
Was this botted to the top of the front page?
AI=generated article that asks you to download and run some random binary. Github account is just more AI slop. Everything to me just screams that it's a malware. Or this is normal here?
No, it got there organically, I wrote the copy and I've been deep in coding and tech long before AI. Wrong on all counts!
"botted" and "malware" are accusations, not arguments. You have no basis for that, stop abusively trying to launder your weird-ass character attacks as suspicion/critique.
or were the 'defend-microsoft' comments botted by AI, while the upvotes are organic? It's gotta be one or the other...
botted, probably teampcp doing it's usual scams.
[dead]
@keepamovin this looks cool, but notice that your README and github links are ghosting us (404)
Thanks. I posted and really didn't expect any points. So checking back after 40 minutes and seeing it blown up was quite a shock. I'm working through all the things people have pointed out!
Wow, this was really a cathartic thread. Was it as good for you as it was for me?
I wish the link for "Global Free Tier" [1] included an actual list of the free tiers GhostBox is using (ideally also including some kind of table/rubric for comparisons and any limitations, benefits, etc unique to each).
It sounds like Github Actions is the first choice, if it's unavailable (or if Github blocks GhostBox in the future), are each of the alternatives viable as a more or less drop-in replacement? Or would there be loss of functionality?
Those are the questions I had when reading through the site so I think some basic technical docs would go a long way to help people understand the project and decide to give it a try. I like the cute/whimsical branding but I'll admit to doing a little internal eye-roll when I clicked that link expecting technical specifics and instead read:
It's a neat idea though, and I've definitely had moments where I wished I could just spin up a free, temporary VM/container to do something but didn't feel like researching the current free-tier landscape and filling out a sign-up form and stuff.[1] https://www.ghost.charity/#gft
Yeah, I'm open to this concept, but I'm a little hesitant to clone a private repo somewhere random and undisclosed and then inject secrets.
ghost creates 1 private special repo in your account, as a unified home to hold your config and runners for all your projects - it doesn't create a repo somewhere else and doesn't need any random secrets. If you do want to customize the config and add secrets tho, ghost does support that - put their names in the toml and it will wire them through for up.
Right now it's only GitHub Actions. I didn't want to overbuild in case it wasn't a thing for others. I mostly use Actions myself. But I'm open to adding more. I think the GFT is real.
Its great that this is free for disposable use.
We need more of these. There are too many sandboxes that charge insane prices.
Curious what this runs on though and it would be great if this was completely open source.
Great work!
I know a guy who gets a bunch of old hardware as a recycler, We made the Shell On Demand Appliance for DEFCON[1] awhile back and would love to expand it, but power/internet would just cost too much. we have the hardware and software to do this. just not the long term recurring
[1] https://forum.defcon.org/node/246908
This is interesting. A quick calculation with AI suggests pricing for cents/core/GB/hour suggests cost for power+net is 0.5cent/core/GB/hour assuming "average load" (web browsing, installing packages). Or in otherwords ~$3.60 a month for a "tiny machine" on this load 24/7. I'm guessing with actual "per human" usage the cost per person is 10 - 30x lower. So you can serve 1000 people for free a month if you have $300 to pay for power/net.
I took this further and developed a table of breakeven and profit costs for different user sizes:
All figures use May 2026 US averages (EIA power rates + CBRE wholesale colo data); power+internet only. Profit factor is if exactly 10 % of all users pay the $3/month tier, how many times does the revenue cover your total power + internet cost?My gut says these prices are still 20-30% too high at the mid-high end tho.
Yes, we do! Thank you for the compliment :)
We need more of this because compute is trending infinitely cheaper. Maybe not today, maybe not tomorrow - but inference and training of AI will eventually breakthrough to optimal and cost way less. The oversupply of compute will provide "baseload" compute for all. GH was just way ahead of its time with free action minutes on every account. The Global Free Tier, is coming :)
In fact, it's already here, it's just not evenly distributed yet :)
I'd be worry about security tbf - this sounds cool until it's used to host some weird shenanigans and nobody has any kind way to tell who did what
Just shut this down.
None of the links to Github work because you're pointing at the main branch instead of your default branch ghosts-only
I appreciate the catch. Will change it. edit: should be good now.
This is why we can't have nice things. I sure hope this doesn't result in GH disabling actions for everyone.
Also somebody should Ghidra the project, see if they can find malware. I'm not saying anyone has to, just a thought
[dead]
An interesting set of ideas!
The broader concept seems to be "ephemeral environments", which is related to sandboxing, which is in turn is related to testing/debugging...
Related:
https://github.com/topics/ephemeral-environments
https://blog.invisiblethings.org/papers/2015/state_harmful.p...
Yes, that's about the shape of it, thanks! By controlling variables of the env (ie removing, fixing confounding factors), you can approach a more scientific process to development and testing, and make more rapid progress toward stability :)