Sandstorm is an open-source platform that packages and runs web applications in security-hardened sandboxes on a personal server, functioning as a self-hosted web app operating system. It provides a curated app store where users discover and install sandboxed web applications with one-click ease, while each application runs in an isolated container that uses Linux kernel security features to separate it from the host and other apps. The platform includes a centralized authentication layer so users sign in once and gain access to all installed applications without managing separate accounts per app.
The platform distinguishes itself through a capability-based security model where each app instance, called a grain, runs in its own sandbox and can only access resources explicitly granted through a system-level permission dialog known as the Powerbox. Every app grain receives a unique subdomain, enabling the reverse proxy to route requests to the correct container, while the platform automatically handles HTTPS provisioning, DNS updates, and backups. Applications are distributed as self-contained bundles that declare their dependencies and entry points in a manifest file, and the platform supports packaging any Linux-compatible web application into a secure, distributable bundle.
Sandstorm handles automated server administration including configuring HTTPS, DNS, backups, and email for a self-hosted server without manual intervention. It provides centralized user access control that manages login and permissions for all installed apps, with support for restricting access by role or user account and authenticating via external providers including Active Directory. The platform also enables inter-application communication through the Powerbox, allowing apps to share data by passing capability references through a system-level dialog that mediates access.