• esafak
  • ·
  • 30 seconds ago
  • ·
  • [ - ]
Smaller cats, bigger screenshots, please.
Oh Sandstorm, what could've been...

Taking from https://sandstorm.org/about

> Kenton Varda [NB: kentonv around here] launched Sandstorm in 2014 via an Indiegogo campaign, before co-founding Sandstorm Development Group with Jade Wang to develop Sandstorm as both a Software-as-a-Service [...]

> In early 2017, Sandstorm Development Group ran out of funding and the team primarily joined Cloudflare. [NB: Where kentonv works to this day, leading the Cloud Workers team. Arguably related?] [...]

> In 2020, a group of Sandstorm enthusiasts began a community effort to revive development of Sandstorm. [...] As of 2022, Sandstorm Development Group has been completely dissolved, and development of the Sandstorm project has transitioned to a community-run model.

kentonv actually posted a recap of the history, including the tragic passing of Ian "zenhack" Denhart who was leading the community effort https://sandstorm.io/news/2024-01-14-move-to-sandstorm-org

  • swah
  • ·
  • 2 hours ago
  • ·
  • [ - ]
What could have been? I remember being so excited about this at that point, I was sure it was going to take a significant chunk of [famous web services still around]. They even send me stickers for Cap'n'proto..
Hello everyone. I have been using Sandstorm and put it to good use in the last few years.

I used it with Wekan for project management and I also run Dokuwiki for self-hosted docs. It has been zero maintenance for me so it has been great.

However, the packages ecosystem seems unmaintained. It is a pitty because I think the tool has a ton of potential and I really liked it.

I am considering moving to Yunohost or something similar but right now my little server hosts, together with other services, Sandstorm and I think Yunohost needs to monopolize the server.

So I would ask for recommendations on similar tools. Not bare Docker containers but fully lanaged platforms wirh one click installs where it is easy to add/remove users.

I have been thing a lot about why none of those self-hosting solutions never took off and most of them died off over the last decade.

Why are we going dehydrated in the middle of the ocean, with docker and so many open source alternative to the common software and services ?

My conclusion is this: just pick the distro you like, whether it is Debian, Fedora, Arch or FreeBSD. Preferably one with the selection of package you need. All those will be maintained in a few years too, you just need to upgrade.

Because in the end the solution was the problem. A Debian for example was meant to host Internet services, it is well put together and has a large selection of software and can be trusted. It is more than enough security features for hosting your own apps, especially if you access them through something like tailscale.

A lot of people (me included) thought that since containers were the hype we should build something new and setup everything like a corporation would do. Looking back it was a bad idea and it did not work (fact).

For Sandstorm alternatives with one-click installs and user management, consider Cloudron, Caprover, Umbrel, Unraid, TrueNAS SCALE apps, or Portainer with its app templates - most allow running alongside other services without monopolizing your server.
> So I would ask for recommendations on similar tools. Not bare Docker containers but fully lanaged platforms wirh one click installs where it is easy to add/remove users.

I've done a similar journey for my self-hosted stuff, started with Sandstorm, moved to Yunohost, but got frustrated with the configuration, and how different every package was and eventually have landed on using NixOS for my home servers. It's not a "fully managed platform" in the traditional sense, but if you're a developer, that's almost what you get. Adding new services is usually just adding the configuration for them.

Bit of a learning curve learning the language, tooling and ecosystem, but once you're over that hurdle, having all declerative configuration in SCM together with easy linking of configuration options together (define service ports once, reference them in other services, for example), and everything being easy to rollback, have been a god-send so far. Been running it for maybe 2 years or something by now, with more or less zero issues besides the ones I introduce myself.

Adding/removing users can be as easy as adding/remove one line of configuration, and redeploying. Simple enough for me and my family so far.

There are lots — “selfhosted OS” is the term to look for. Umbrel and CasaOS are some other popular ones. I don’t personal experience with any of them though.
I was initially enthousiastic about sandstorm when I encountered it, but in the end my preferred solution for self hosting has been Docker Swarm. Dead simple setup, low maintenance, everything easily deployable within Swarm (crons, backups, first deployment setup, reverse proxy config incl. certificates, etc).

Additionally a lot of projects provide a Docker compose file which is mostly compatible with swarm. I started using Swarm [1] when k8s was already ruling, but never regretted my choice.

1: https://www.yvesdennels.com/posts/docker-swarm-in-2022/

What I do want to understand is, why would anyone use this instead of NextCloud, for example. I'm all for having local setups though, as a general policy. It's just that from what I know, the difference in feature sets is just too huge right now.
This still exists? Is anyone using it? What's the use case?
Imagine iCloud but you can manage more than 1,000 files at once, the files transfer much more quickly and don't have to use a touch interface that flakes out, plus no rent.
I looked into Sandstorm when I moved away from NethServer; I'm a strong believer in self-hosting. Sandstorm was too haphazard with apps and security of apps didn't seem to be their highest priority. I went with Cloudron, it's a nice mix of good app selection and security.
The entire security model of sandstorm is incredibly strong. This criticism is hard to understand. Can you elaborate at all? Do you recall any specific issues?
  • jerf
  • ·
  • 1 hour ago
  • ·
  • [ - ]
The problem with the strong security is that it makes it expensive to port into the system. They also assumed more sharing than people actually seem interested in. I'm mostly just running apps that have no reason to share with each other because they each have their own domain anyhow. So the end result is the ecosystem was more expensive to join if you had an existing system than it might have been otherwise, and it inhibited getting projects onboarded.

I am not the craziest self-hoster, but I've got several things now. I run a core syncthing node, Immich, Jellyfin, and Pihole. (Honorable mention I suppose to a Vaultwarden image, which is run on the public internet but my scripts treat it like it's another self-hosted option, rsync'ing it down locally and including it in the daily backup.) None of those are on Sandstorm, and a major reason why is the security system. They don't match it and porting it is a rather large amount of effort.

I haven't used any of the self-hosting options, so I can't review if any of them are as nice as Sandstorm. All of the above is running in Docker on an Ubuntu N150 and a USB hard drive, home-grown, with a backup script (restic over S3, true backup) that covers them all. It ought to in principle do most of what Sandstorm does now by driving docker, albeit missing the sharing, which I can't say looked all that compelling anyhow, automatic backup integration, etc., because it really isn't all that hard to set up.

  • wisty
  • ·
  • 5 hours ago
  • ·
  • [ - ]
Security was their highest priority.

IIRC idea was that all security was done by sharing links (with capabilities) to documents.

Is it just me, or is Sandstorm just not maintained any more?

The most recent closed issues were self closed rather than as the result of development, while meanwhile the open issues continue to pile up with virtually no code changes made to the tree…

It’s a shame because it seems like it could have been a thing. Sadly though it’s hard to justify time investment into a platform like this if you know there’s little to no chance of getting any issues fixed.

There is a small community maintaining it - there should be a link to the Zulip on the website - but it is a small group and a complex beast. Some effort is going into a rewrite that keeps the same app/security model, but moves from C++ to Go and simplifies the database layer. I believe that's taking up a fair bit of contributor energy.
Cool, what would be the differences with a tool like https://dokploy.com/ ?
  • mkl
  • ·
  • 5 hours ago
  • ·
  • [ - ]
That seems to be totally different. Sandstorm was a way of building your own private ~equivalent of Google Workspace out of existing open source web apps running in containers behind a common auth system.