Is anyone here running Sandstorm? If yes, what’s your experience?

I really like the idea of “grains” where an instance of the app runs for each document/project/unit of data your app has. It does improve security a lot, because it is very similar as running root-less docker.

I also like the unified auth and user management sandstorm provides.

  • verstra@programming.devOPEnglish
    2·
    8 hours ago

    For example, ether pad (document editor) is a) packaged to be single-click deployable on sandstorm (this is similar to dokploy), but also b) modified so that it runs each document as a “grain”.

    In sandstorm, “grain” is some chunk of data + an instance of the app running. So when you open a document, it will spawn a new process for it on the server and attach the data needed to that process (similar to how you would attach volumes to docker containers). This grain is isolated from other open documents, which is good for security, but also good for development:

    • apps don’t need to handle the organization or storage of documents (they just write to a dir and sandstorm associates it with the grain),
    • apps don’t need to handle user auth or permissions,