<isd>
fadelkon[m]: the collections are a bit weird, because they're an app of their own -- it's been a while, but I remember there being an option to specifically add the grain directly to your list or something.
ill_logic_ has joined #sandstorm
harish has quit [Ping timeout: 276 seconds]
ill_logic_ has quit [Ping timeout: 260 seconds]
cevi has quit [Ping timeout: 276 seconds]
cevi has joined #sandstorm
biotim has quit [Ping timeout: 276 seconds]
thekyriarchy has quit [Ping timeout: 276 seconds]
nolan_d has quit [Ping timeout: 276 seconds]
ill_logic_ has joined #sandstorm
ill_logic_ has quit [Ping timeout: 240 seconds]
nolan_d has joined #sandstorm
thekyriarchy has joined #sandstorm
biotim has joined #sandstorm
ogres has quit [Quit: Connection closed for inactivity]
frigginglorious has quit [Ping timeout: 260 seconds]
<LeoTindall>
Hi all! I'm looking at installing Sandstorm on a VPS, a Linode 2048 (2GB RAM, 40GB storage). I have a low-traffic blog on the same server. Do you think this'll be sufficient for responsive, single-user use of Wekan, Etherpad, and Ethercalc (and maybe a few others)?
<fadelkon[m]>
I share an instance on a machine with similar resources and it works perfectly. I bet that you processor will be better than a more than 7 year old pentium which I'm using. We don't have any blog aside, but if it's low traffic... I would give it a safe try :)
<LeoTindall>
Awesome, thank you :)
<LeoTindall>
Also, I presume it's simple to use my existing nginx server (which does SSL) to front the Sandstorm service?
<fadelkon[m]>
Bear in mind that sandstorm frees the resources of inactive grains automatically, so worst case would be many users with many grains at the same time. In a more common situation, a working group, a group of people would work in a couple of shared grains, so it's not that bad
<fadelkon[m]>
> Also, I presume it's simple to use my existing nginx server (which does SSL) to front the Sandstorm service?
<fadelkon[m]>
nope
<LeoTindall>
Oh. Yikes. Why not? Can't I just proxy-pass to whatever port Sandstorm is serving on, and restrict Sandstorm to localhost only?
<fadelkon[m]>
oh let me think about it
<fadelkon[m]>
sandstorm needs its wildcard cert for itself
<fadelkon[m]>
You could try putting it behind a reverse proxy, but then you need to manage this wildcard cert yourself
<LeoTindall>
Well if sandstorm does SSL itself that's fine - but presumably it can't get a wildcard cert for a subdomain of my domain, right?
<fadelkon[m]>
and you can find that for free just on sandcats.io (let's encrypt said will offer that at beginning 2018)
<fadelkon[m]>
> it can't get a wildcard cert for a subdomain of my domain, right?
<fadelkon[m]>
that's right, you need to use a sandcats.io subdomain
<fadelkon[m]>
however! there's a way you can share a host with sandstorm. It's snipproxy (link incoming), which forwards TLS tunnels to sandstorm if the host follows a pattern, and otherwise forwards it to wherever you want. Haven't tried myself, but 'd like to give it a try someday
<LeoTindall>
Might be easier to just set CNAME on my subdomain for now, and then switch to fronting with nginx/reverse proxy when those LetsEncrypt wildcard certs come out
<LeoTindall>
Anyway, thank you.
<fadelkon[m]>
you're welcome!
TC01 has joined #sandstorm
LeoTindall has quit [Quit: Leaving]
jemc has quit [Ping timeout: 260 seconds]
jemc has joined #sandstorm
jemc has quit [Client Quit]
jemc has joined #sandstorm
rolig has quit [Ping timeout: 246 seconds]
rolig has joined #sandstorm
<JonTheNiceGuy>
I forward sandstorm from nginx, and there's a script to borrow the wildcard cert from Sandstorm for nginx to use.
<JonTheNiceGuy>
I'll see if I've still got the gist for how it's done LeoTindall
<fadelkon[m]>
JonTheNiceGuy: I'm interested too :)