📚 Zap Platform Documentation

Complete documentation for the Zap platform, including development guides, testing procedures, and infrastructure details

Core Documentation
Platform-wide documentation and guides
Topic Documentation
Specific guides and troubleshooting
External Links
MacBook Tunnel Setup
VPN tunnel configuration for MacBook • Topic Documentation

MacBook Reverse SSH Tunnel Setup

This guide sets up a persistent reverse SSH tunnel from the MacBook to orcus.lan, allowing orcus.lan (and Cursor running on it) to SSH back to the MacBook for testing.

Quick Manual Start (Temporary)

Run this command on the MacBook:

autossh -M 0 -f -N -o ServerAliveInterval=60 -o ServerAliveCountMax=3 -R 2222:localhost:22 jd@192.168.1.24

Password: jd

This creates a reverse tunnel where:

  • orcus.lan can SSH to localhost:2222
  • Which forwards to MacBook's SSH port 22
  • autossh monitors and reconnects if it drops

    • Permanent Setup (Survives Reboots)

    Step 1: Install autossh

    brew install autossh

    Step 2: Set up SSH key for passwordless auth (recommended)

    On MacBook: 

    # Generate key if you don't have one
ssh-keygen -t ed25519 -f ~/.ssh/id_orcus_tunnel
    Copy public key to orcus.lan
    
ssh-copy-id -i ~/.ssh/id_orcus_tunnel.pub jd@192.168.1.24
    Test passwordless connection
    
ssh -i ~/.ssh/id_orcus_tunnel jd@192.168.1.24 whoami

    Step 3: Create launchd service (macOS)

  • Copy the plist file:
    •    sudo cp /var/www/zap/infra/launchd/com.getzap.reverse-tunnel.plist /Library/LaunchDaemons/
   ``
  • Edit the plist to use your SSH key (if you set one up):
    • 
       `bash
   sudo nano /Library/LaunchDaemons/com.getzap.reverse-tunnel.plist
   `
   
   Add after the autossh arguments:
   `xml
   -i
   /Users/juliandarley/.ssh/id_orcus_tunnel
   `
  • Set permissions:
    • 
       `bash
   sudo chown root:wheel /Library/LaunchDaemons/com.getzap.reverse-tunnel.plist
   sudo chmod 644 /Library/LaunchDaemons/com.getzap.reverse-tunnel.plist
   `
  • Load and start:
    • 
       `bash
   sudo launchctl load /Library/LaunchDaemons/com.getzap.reverse-tunnel.plist
   sudo launchctl start com.getzap.reverse-tunnel
   `
    Step 4: Verify
    On orcus.lan:
    bash

    Test connection

    ssh -p 2222 juliandarley@localhost whoami

    With password

    sshpass -p '0788' ssh -p 2222 juliandarley@localhost whoami 
    

    Managing the Service
    bash

    Check status

    sudo launchctl list | grep reverse-tunnel

    Check logs

    tail -f /tmp/reverse-tunnel.log tail -f /tmp/reverse-tunnel.err

    Stop

    sudo launchctl stop com.getzap.reverse-tunnel

    Unload (disable)

    sudo launchctl unload /Library/LaunchDaemons/com.getzap.reverse-tunnel.plist 
    

    Troubleshooting
    Tunnel keeps dropping
    Check network stability and increase retry intervals:
    bash

    Edit the plist and increase ServerAliveInterval to 120

    sudo nano /Library/LaunchDaemons/com.getzap.reverse-tunnel.plist sudo launchctl unload /Library/LaunchDaemons/com.getzap.reverse-tunnel.plist sudo launchctl load /Library/LaunchDaemons/com.getzap.reverse-tunnel.plist 
    

    Port already in use
    bash

    On orcus.lan, check what's using port 2222

    sudo lsof -i :2222

    Kill the existing tunnel if needed

    sudo pkill -f "ssh.*2222" 
    

    Authentication fails
  • Ensure SSH key is set up correctly (see Step 2)
    • 

  • Or ensure password authentication is enabled on orcus.lan
    • 

  • Check /var/log/auth.log on orcus.lan for SSH errors
    • Architecture
    MacBook (192.168.68.55) │ │ autossh -R 2222:localhost:22 │ ▼ orcus.lan (192.168.1.24) │ │ ssh -p 2222 juliandarley@localhost │ ▼ MacBook SSH (port 22)     ``

    This allows:

  • Cursor (running on orcus.lan) to SSH into MacBook
  • Testing web apps on MacBook Chrome
  • Debugging across both machines

    • Current Status

  • ✅ Manual tunnel working on port 2222
  • ⏳ Permanent service setup (follow steps above on MacBook)

← Back to Zap Projects 🖥️ Orcus Server Docs →