

Sandstorm – Personal Cloud Platform - zimbatm
https://sandstorm.io/

======
zimbatm
There's the traditional webmin-like console where you can install "apps", all
NAS have something like that but it requires that all apps are trusted to be
secure. This looks like a model that would go beyond that and provide a
sandbox with capability-sharing mechanism.

------
DamnYuppie
I will be honest this looks very intriguing to me. I am very tired of my data
strewn across a multitude of services where they are in control of every
aspect of it and can change their policies on a whim. To those who say I don't
have to use them I agree and my current usage is very minimal overall. Yet I
would really welcome a cloud based solution that would allow me to store my
data and leverage the apps I want while maintaining a strong sense of control.
I would gladly pay for such a solution even if all the apps aren't on par with
their free counter parts, I am willing to sacrifice features for control.

I am kind of sad I didn't think of this myself!

------
plq
From my initial skimming of the source code, this is not just a web interface
in front of the package manager of your favourite distro -- the apps need not
be trusted and work isolated from the host operating system. But why not use
docker instead of reinventing things like namespace instrumentation?

EDIT: Answering my own question:
[https://groups.google.com/forum/#!searchin/sandstorm-
dev/doc...](https://groups.google.com/forum/#!searchin/sandstorm-
dev/docker/sandstorm-dev/_I7cHARMrZA/chEWWcIo600J)

~~~
kentonv
Setting up Linux namespaces using the raw syscalls is actually not very hard.
Sandstorm does this in a few dozen lines of code. Adding Docker as a
dependency would add a whole lot of complication without actually buying us
much.

There is a big difference is use case here: Docker aims to be configurable
enough that you can take arbitrary off-the-shelf Linux apps -- or even entire
distros -- and make them run in a container. Sandstorm, on the other hand,
requires apps to be ported to a very specific environment. The porting isn't
usually very hard, but it means Sandstorm doesn't need so much configurability
and can make stronger assumptions about how an app behaves which lets us do
more interesting things with it. For example, Sandstorm can implement unified
login and sharing across all apps, it can enforce security between apps, it
can transparently update an app without potentially disrupting its storage,
and it can selectively give apps access to each other's semantic APIs rather
than just low-level ports.

All that said, using Docker as a tool to assist in building app packages may
make sense; we actually build some of our apps this way. This -- and the
general difference between Docker and Sandstorm -- was discussed a bit in this
blog post:

[https://blog.sandstorm.io/news/2014-05-12-easy-
port.html](https://blog.sandstorm.io/news/2014-05-12-easy-port.html)

------
_ZeD_
How is this different from owncloud[1]?

[1] [http://owncloud.org/](http://owncloud.org/)

~~~
kentonv
OwnCloud is primarily a DropBox clone which also provides the ability to
install "apps" on top. Those "apps" are perhaps better described as "plugins"
\-- they augment the OwnCloud interface using code which (as I understand it)
runs inside the OwnCloud server. Apps must be written in PHP and there is no
sandboxing or access control to prevent a bad app from doing bad things.

In contrast, Sandstorm apps are isolated by default and can be written in any
language. Sandstorm does not provide a shared "filesystem" but rather gives
some private storage space to each app and then expects them to talk to each
other via RPC if they want to share data.

We (the Sandstorm team) are actually thinking of porting OwnCloud to Sandstorm
as an app. :)

------
peaton
I'm a little confused by the web page. Is there a link to an example of
integrating/porting an existing app with this platform?

~~~
kentonv
Yes:

[https://github.com/sandstorm-io/sandstorm/wiki/Porting-
Guide](https://github.com/sandstorm-io/sandstorm/wiki/Porting-Guide)

Though, that guide uses a toy example. We should probably write docs covering
more realistic cases.

