I just installed it. I've been wanting to play with Sandstorm for a while for two reasons: 1) seemed like a lot of people were excited about it and 2) I could not figure out what it was.
Regarding 2) I wondered: was this the "new heroku." Or, better than zeit? Or better than docker?
I still don't know.
After installing it, I went to the marketplace and looked at the set of apps. Looks like there is button to quickly install piwik (alternative to Google Analytics). It worked really well. There is a spreadsheet app. A git server.
But, I can do basically the same thing by going to the marketplace in Google Cloud Compute and choosing GitLab, or Wordpress, or whatever.
Sandstorm looks ugly. I know that does not mean it is better or worse, but GCE certainly looks more professional when I install one of their marketplace apps.
So, what am I missing about Sandstorm? If I choose apps like GitLab or Wordpress where there is a documented and easy way to migrate my data so that I can easily move off GCE and over to another provider. Then I feel that my lock-in risk is mitigated, but is there something else that Sandstorm gives me here that I'm missing?
> But, I can do basically the same thing ... what am I missing about Sandstorm?
The big difference, in my mind, is that each app is integrated with a permissions/capabilities model and strongly sandboxed by individual instance or document. Sandstorm itself handles logins, and handles capabilities to access documents; then e.g. there's no way that Etherpad can accidentally leak your doc to someone else unless you've granted a Sandstorm-level permission to that person.
It sort of flips from the "walled-garden app" model, where the app is the boundary and individual docs and users are within the app, to the traditional "computer with filesystem" model, where the user login and the file with permissions are system-level concepts. (Except instead of "file", they call it a grain, and it's a separate instance of Etherpad or Gogs or whatever.) That's also what makes this more than just Docker containers -- deeper integration into the app.
That also gives you flexibility to have a bunch of different instances of a single app, and IIRC, they have functionality to import/export those instances in a well-defined format from one host to another.
At least, that's what I remember from playing with it 4 years ago. In any case, I got the impression that the model was much more secure, and flexible, than just "install Gogs on vanilla Linux".
This is such a great comment. Tying together all the different login systems and making it work with a bunch of different systems behind those authentication systems is such a pain in the ass. Maybe Sandstorm tried to promote that as the key benefit at some point and it didn't resonate, but their site right now says "Sandstorm is an open source platform for self-hosting web apps" which does not differentiate it at all.
If I knew that I could create a private walled garden with a bunch of disparate apps that are all connected, that I would have been excited about. That's hard work they did, and it is a shame they don't promote that up front. I'm confused who they think they are talking to, since "open source apps" would only appeal to developer/sys-admin people anyway.
I suppose I don't know what self-hosting means. Does that mean NOT GCE, so DigitalOcean or Linode? Or, running my own server? Aren't those just all VMs in the end?
If I look at Cloudtron, I see Gogs (git), Wordpress, GitLab. etc. If I go to GCE marketplace, I see those same things. Both of these sites have a button where I can install those apps easily.
What does the addition of "self-hosting" mean for me?
I run Sandstorm on a desktop tower in my office. If the network goes down I can still access it, which is surprisingly handy. If I wanted to, I could run it on my local workstation and not use a server at all.
For most people, paying for a VPS is the easier and cheaper route maybe, but for some of us, that flexibility and total ownership is a much better option. I suppose it mostly boils down to who you trust more: Google Cloud, or your own skills. (and time/patience)
Adding to my own comment: self hosting also means that you can install the software on your own premises if you wish to. Or on some VM you rent at any VM provider.
That's always a fair point, but you can at very least pick your poison (hosting provider), and it's very portable to switch between them. Or if you want to, set it up on your own physical machine. I don't know enough about network security to run a publicly facing server from home, and I don't think I'll take the time to learn it any time soon. However, I may well end up running it at home at some point soon in a way that's only accessible from home, for truly private things like contacts. A nice in-between could be a community center intranet. (Though setting up auth within an intranet isn't easy yet)
To your point, I'd be curious if the data selling/using policies of Linode vs Google Cloud are different.
Regarding 2) I wondered: was this the "new heroku." Or, better than zeit? Or better than docker?
I still don't know.
After installing it, I went to the marketplace and looked at the set of apps. Looks like there is button to quickly install piwik (alternative to Google Analytics). It worked really well. There is a spreadsheet app. A git server.
But, I can do basically the same thing by going to the marketplace in Google Cloud Compute and choosing GitLab, or Wordpress, or whatever.
Sandstorm looks ugly. I know that does not mean it is better or worse, but GCE certainly looks more professional when I install one of their marketplace apps.
So, what am I missing about Sandstorm? If I choose apps like GitLab or Wordpress where there is a documented and easy way to migrate my data so that I can easily move off GCE and over to another provider. Then I feel that my lock-in risk is mitigated, but is there something else that Sandstorm gives me here that I'm missing?