i

Sign up & request a machine

Create an account at halfpennymac.com/signup with your email and a password. You'll get a confirmation email — click the link and you're in.

From your dashboard at halfpennymac.com/account, click Request a machine. Fill in:

  • How many machines you need (1–5 in one go; get in touch for more)
  • What you'll use it for — e.g. iOS / macOS builds, OpenClaw agent, Tailscale exit node, local AI inference, browser automation
  • Tier — Budget (M1), Starter (M2), Pro (M4), or Max (M4 Pro). Not sure? See the FAQ breakdown.
  • Billing — monthly or annual (saves up to ~25%, paid upfront)

Submit. The request lands in our admin inbox and we'll start provisioning shortly. You'll see it on your dashboard as Pending.

Tip: If you need Xcode, a specific macOS version, or a particular tool pre-installed, mention it in the “What will you use it for?” field — we'll set it up before handing over.

ii

Pay & get credentials

Once we've provisioned the machine — fresh macOS install, our baseline hardening profile applied via MDM, Tailscale installed, your account ready — we mark the request as Fulfilled.

You'll get an email titled “Your Mac mini is ready” with a Stripe Checkout link. One click, complete payment, you're back on your dashboard.

The Pending card flips to a Reveal credentials button. Click it and you'll see — for thirty seconds, with a Copy button next to the password:

  • Your Tailscale hostname (e.g. node-05.your-tailnet.ts.net)
  • Your macOS username
  • Your initial password
  • A Tailscale invite link, if not already on the tailnet
  • Any tier-specific notes

The password isn't stored in plaintext. It's encrypted at rest with AES-256-GCM and decrypted only when you reveal it. You can re-reveal as many times as you need from the dashboard. Provisioning typically completes within a few hours; the 24-hour window covers edge cases and time zones.

iii

Set up Tailscale

Tailscale is how you reach your Mac. It creates an encrypted peer-to-peer connection — no public IP, no port forwarding, works from anywhere.

Choose your platform and follow the steps below:

1. Install Tailscale for Windows

Download and install from tailscale.com/download/windows. Run the installer and follow the prompts.

2. Accept the invite

Click the Tailscale invite link from your dashboard (or the email we sent). Sign in with your Tailscale account — or create one (the free tier is fine). Once joined, your Mac mini appears in the Tailscale app under “Network Devices”.

3. Make sure MagicDNS is on

In the Tailscale app, click the three-dot menu and check that Use Tailscale DNS (MagicDNS) is enabled. This lets you connect using the hostname instead of just the IP.

Verify it's working: Once both devices are on the tailnet, you should be able to ping your Mac mini by its Tailscale hostname (e.g. mini-01-501.tailb6b3a8.ts.net). You can also use the IP address shown in the Tailscale app (a 100.x.x.x address). Give it a minute for the peer-to-peer handshake on first connection.

iv

Connect to your Mac

You sign in with the username and password from your dashboard. Everything runs over your Tailscale tunnel — never exposed to the public internet.

Remote desktop:

Download RealVNC Viewer (free) from realvnc.com. You can also use Jump Desktop from the Microsoft Store.

Open the app, create a new connection, and enter your Tailscale hostname:

mini-01-XXX.tailb6b3a8.ts.net

Or use the 100.x.x.x IP address shown in the Tailscale app. Sign in with the username and password from your dashboard.

SSH (for command-line access):

Open PowerShell or Windows Terminal and run:

ssh yourusername@mini-01-XXX.tailb6b3a8.ts.net

Enter the password from your dashboard when prompted.

v

Installing software

You have a standard user account. Most software installs without needing admin rights:

  • Homebrew — works out of the box for CLI tools
  • App Store apps — install from your own Apple ID
  • Regular .dmg / .pkg installers — most work at user level

For anything that requires an admin password — system extensions, kernel extensions, some developer tools, VPN clients — just email us with what you need. We'll install it and confirm. No extra charge, no faff.

Pro tier customers have root access and can install admin-level software themselves.

Homebrew quick-start: If it's not already installed, paste this into your SSH session:

/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
vi

Backups and snapshots

We run nightly snapshots of your home directory to Backblaze B2, encrypted at rest. Snapshots are kept for 14 rolling days.

To request a restore, email us with:

  • The date you want to restore from (e.g. “yesterday's snapshot”)
  • Whether you want a full home directory restore or specific files/folders

We aim to complete restores within 4 hours during UK business hours.

A few things snapshots don't cover: system-level files, apps installed outside your home directory, and anything you've explicitly stored outside ~. For critical data, keep your own off-device backups too.

vii

Account security

Your account at halfpennymac.com/account is the only place your machine credentials live. A few things to know:

Two-factor authentication: Optional. Visit /account/security, scan the QR with an authenticator app (1Password, Aegis, Google Authenticator, Authy), and enter the 6-digit code. Subsequent sign-ins prompt for the code after your password.

Credential reveal: The password we deliver is encrypted at rest with AES-256-GCM. The dashboard decrypts on demand and displays it for 30 seconds with a Copy button, then re-hides. You can re-reveal whenever you need.

Billing: Subscriptions are managed by Stripe. Update your card, view invoices, or cancel via the Manage billing button on /account/billing. We never see card numbers — Stripe handles all of it.

Forgot your password? Use /forgot-password. We email a reset link valid for one hour. The Mac's password is separate and unaffected.

viii

Getting help

Email is the main support channel — team@halfpennymac.com or reply to any message from us. You'll get a reply from a real person, not a support bot.

Max tier customers have a dedicated Slack channel for quicker back-and-forth.

Common things we can help with:

  • Installing admin-level software
  • Snapshot restores
  • Xcode or toolchain setup
  • CI/CD runner configuration
  • Tailscale connectivity issues
  • Upgrading or downgrading your tier
  • Any questions not covered in the FAQ

If something is down or broken, email with “URGENT” in the subject and we'll prioritise it.