Infrastructure Audit · Woz

Your Dev Setup: Audit & Scorecard

A layer-by-layer grade of how you connect to and work on the Mac Mini, and how it stacks up against the other ways people do this. Letter grades are my engineering judgment, not a measured benchmark. Every hard number below was pulled live from your machine during this session.

Generated 2026-06-29 · Source: live audit of acedashbot-1 (Mac Mini) this session · Woz

A−

Strong, modern, secure foundation. Two real gaps.

You are well above the setup most people run. The wins: top-tier hardware, a genuinely excellent security posture, and a workflow purpose-built around Claude Code. The two things holding it back from an A: connection resilience while you travel, and the fact that none of your hand-tuned config is reproducibly backed up. The crash that started all this (tabs dying every day or two) was a single low setting, now fixed.

What you are actually running

Server

Mac Mini, Apple M4 Pro, macOS 26.5.1 newest (sw_vers + sysctl machdep.cpu)

You connect from

MacBook Pro (seen on your private network as aces-macbook-pro)

Front door

SSH tunneled through a Cloudflare Tunnel: cloudflared access ssh to ssh.managementhd.com (cloudflared 2025.11.1). Also reachable over your Tailscale private mesh (Mini = acedashbot-1, 100.77.44.93). Zero inbound ports open to the internet.

Connection type

Plain SSH riding over that tunnel. mosh 1.4.0 is installed on the box but not wired in unused

Terminal app

Ghostty (a fast, modern terminal). Config file is empty, so it runs on 100% defaults unconfigured

Tab/window manager

zellij 0.44.0 with session-saving on. tmux 3.6a and screen 4.00.03 are also installed but unused.

Why sessions survive

zellij keeps running on the Mini even when your laptop disconnects, so your tabs wait for you. Reattach with zellij attach.

Shell + config

zsh. Dotfiles are unmanaged: no backup repo, so the tuning lives only on the Mini not backed up

The work itself

Claude Code auto-launches into zellij panes from your ~/.zshrc the moment you connect.

Fixed this session

Open-file limit was 256 (the macOS default for SSH logins), which made zellij run out of handles and crash every 1 to 2 days, killing all tabs. Raised to 65,536 in ~/.zshrc (safely under the system cap of 92,160). Server is holding 156 handles right now.

Layer-by-layer grades

Server hardware

M4 Pro on the newest macOS. As good as a personal dev box gets.

Security / access

A−

Cloudflare Tunnel plus Tailscale, no exposed ports. Genuinely excellent. Slight redundancy of two overlays.

Travel resilience

C+

Biggest gap. Plain SSH drops on every network change. mosh is installed but not used. zellij saves the session, but you still reconnect by hand.

Terminal app choice

Ghostty is a top modern terminal. Right pick.

Terminal config

Empty config. Leaving font, theme, and shell-integration polish on the table.

Tab manager (zellij)

A−

Modern, session-saving on. The crashes were a config gap, not a flaw in the tool, and they are fixed.

Persistence model

A−

Keeping the session alive server-side is the correct resilience design.

Config backup

Unmanaged. If the Mini died, your hand-tuned setup is not reproducibly saved anywhere.

Workflow fit

Claude-Code-in-zellij auto-launch is purpose-built and slick. Nothing generic about it.

How it compares to the other options

Alternative approach	What it is	Verdict for you
Plain SSH + tmux + Terminal.app the common baseline	The way most developers connect to a remote box: a stock terminal, an exposed SSH port, and the classic tmux for tabs.	You are above this
mosh + tmux road-warrior standard	Adds mosh, which keeps your connection alive across wifi changes, dead zones, and laptop sleep. The gold standard for people who work while traveling.	Beats you today
Eternal Terminal (et)	A mosh-style always-connected link, but with normal scrollback that mosh lacks. Not installed on your box.	Viable plan B
VS Code Remote / Cursor Remote	A graphical editor that runs on your laptop but edits files on the Mini. A different paradigm built around a GUI, not the terminal.	Not a fit
Cloud dev environments Coder, Gitpod, devcontainers	Rent a server in the cloud and develop there. Useful when you do not own hardware or need a fresh box per project.	Overkill

The one place a standard setup would beat yours today is travel resilience, and only because you already have the fix installed (mosh 1.4.0) and just are not using it. Everywhere else, you are ahead of the common baseline: your tab manager is more modern than tmux, your terminal is faster than the stock app, and your front door is far more secure than an exposed SSH port.

What I would do next, in order

Wire up mosh over your private networkHigh impact

This is the big one for travel. mosh keeps your session connected when you switch wifi, go through a dead zone, or close the laptop lid, no reconnecting by hand. You already have mosh installed; it just needs to run over Tailscale (your private mesh), because mosh needs a path that the Cloudflare tunnel cannot give it. Roughly a 20 minute setup, and the every-network-change reconnect dance goes away.

Back up your config so the setup is reproducibleMedium

Right now your carefully tuned .zshrc, Ghostty, and zellij settings live only on the Mini. If that machine ever failed, rebuilding from memory would be painful. Putting these few files in a small tracked repo means a new machine is back to your exact setup in minutes. I can set this up and keep it updated.

Give Ghostty an actual configQuick win

It runs on 100% defaults today. A 10 minute pass to set a good font, a theme, and shell integration makes the day-to-day feel noticeably nicer. Low stakes, easy to do, easy to undo.

Want me to just do #1 and #2? Both are squarely in my lane, low risk, and reversible. Say the word and I will wire up mosh and stand up the config backup, then report back when each is verified working.