Table of Contents

• Table of Contents
• Overview
  • Download
• Development
  • Model
  • Controller
  • View
  • Privacy

Overview

Teskemon is a SwiftUI application built to monitor Tailscale networks. It is provided under the GPLv3 open source license and without any warranty or liability. If this application is useful for you, please use as you wish and provide feedback. And yes, I do accept pull requests.

Download

• Teskemon Notarized Builds
• Teskemon Source Code
• Teskemon Development Updates

Requires macOS 14.4 or later because of TableColumnForEach

Development

Teskemon was the first app I developed to make heavy use of the new Swift Concurrency system. Concurrency is used to ping and check open ports on many network endpoints at once. That said, Teskemon uses a standard (boring) Model View Controller approach. There are 3 Swift Packages, Model, Controller, View. When I make big changes I usually post about it on Mastodon. Following along jeffburg.social/tags/Tailscale if you are curious.

Model

Contains all the basic model types and the conversion logic from the JSON provided by Tailscale tailscale status --json. These types can all be considered View Models if you like… they are all meant for the view.

Controller

Controller contains 3 sets of functionality:

1. Keychain access logic
2. Extension to Process (previously NSTask) to execute the CLI commands and parse the results. This is all done using async await
3. Property Wrappers that wrap the model complexity as well as the Keychain, Process, and Presentation complexity into simple types the views can read from and write to

In order to ensure consistency and live updating across all screens all the time either AppStorage or SceneStorage are used as an underlying storage primitive. AppStorage stores settings like custom names and the list of services. SceneStorage stores temporary information like the list of Machines from Tailscale, the results of the Service scans, and the presentation state of all the views.

View

This layer contains all of the views for the application. They are all fairly simply and mostly consist of Tables or Forms.

Privacy

Teskemon does not access the internet or use any analytics service. There is no login or other user information stored. The tailscale CLI does provide your name, but it is only stored in SceneStorage and never uploaded anywhere. Passwords are stored in the keychain but they are cached in memory for performance reasons.

That said, Teskemon is not sandboxed because it uses the Process API (previously NSTask). Because Process allows the application to run any executable on the machine, it is not possible to use this API in a sandboxed application. Process is only used to run netcat, ping, and the Tailscale CLI.

Also, if your employer tightly monitors their network, using Netcat to port scan a large number of ports on a large number of machines can cause warnings to go off (ask how I know). In those cases you may want to disable automatic refresh of Services, which is the default setting.