Yup, the sibling comments mention a few alternatives (FreedomBox and Yunohost) but Sandstorm is really the only one I've ever used that makes me confident in the state of the system long-term. Let me elaborate on that.

FreedomBox and Yunohost use more traditional software installation mechanisms; they'll install packages, run scripts, etc. They just add (sometimes very nice) UI around it. While that's great for some things, after a while things can get a bit messy. For example: what about when a package installation fails for some reason? Or one of the configuration scripts fails? Well, you're stuck logging in and troubleshooting, which isn't super fun (and might be intractable for less technical users).

Sandstorm, though? Everything is sandboxed and isolated from the rest of the system. Everything. Backing up or restoring an instance of an app is a few clicks in a web interface. Sandstorm handles auth so the app doesn't have to... etc etc.

This has its downsides, namely that apps that aren't written with this sort of usage in mind might not fit in as well. But for those that are, it's by far the best experience I've had. I have Yunohost and FreedomBox servers in varying states of disrepair, but my Sandstorm server keeps chugging along. Big fan.

:) Always glad to see Sandstorm fans here.

FWIW, there are places Sandstorm could improve here. Probably the biggest one for me is that Sandstorm backups do not happen automatically in the managed space. (You could automatically back up your Sandstorm server with another utility, and you can manually backup/restore individual grains in the web UI, but there isn't yet a really clean integrated way to restore grains inside Sandstorm.) But if this is the one thing you have to figure out outside of Sandstorm itself, that's not too bad (or unusual for many server applications).

Also, the parent suggests being able to offer a hardware box good-to-go, and I'd like Sandstorm to have that, or at least, a full distro release, where you do not have to worry about the server OS at all. It's something we've talked about quite a bit.

If you're from Sandstorm, can you please add Restyaboard?

I'm a contributor, I wouldn't say I am "from Sandstorm" though. I actually looked at Restyaboard packaging a couple times, but the roadblock I hit is that there is currently no working example of a Sandstorm app running Postgres as the backend. I believe another contributor managed to get an app running using Postgres, but I don't know how they did it. I think there's some aspect of the Sandstorm sandbox that throws Postgres for a loop, and you have to kinda hack around it.

> I believe another contributor managed to get an app running using Postgres, but I don't know how they did it. I think there's some aspect of the Sandstorm sandbox that throws Postgres for a loop, and you have to kinda hack around it.

That would be me. I've done it on a private app and helped bring it to another app, so it's repeatable. I'll try to explain it on the sandstorm-dev group in the next week or so.

FreedomBox is the only one that security updates from Debian. And for more than five years. Without breaking changes.

Eh? People who installed Sandstorm in 2014 are still getting regular security auto-updates today, even if they haven't touched their server between then and now. The very first app package ever built for Sandstorm -- created before Sandstorm was even announced publicly -- still works today, on the latest version of Sandstorm.

No, there are no backports of security fixes for the applications.

Sandstorm's security model inherently mitigates most application security bugs.

That said, it's definitely true that Sandstorm's app library suffers from insufficient maintenance.