Dropserver Progress - September 2025

This is the progress report for Dropserver for September 2025. The previous report is here.

Bubblewrap woes

Dropserver uses Bubblewrap as a second layer sandbox. bwrap uses Linux namespaces to create its sandbox, and as such things can sometimes get prickly.

For some reason, on Debian 12 I can not get ds-host to start a sandbox with bwrap enabled when it is running from systemd. It works fine when I start it up manually, but as a systemd service, no go. I tried all kinds of things and I just can’t get it to work. Something is different in this situation and I don’t know what and I just can’t get it to work.

The folks over at Sandstorm have also had some issues with Linux distros (Ok I mean Ubuntu) making it harder for some namespace features to work.

There are real security issues to be fair. This thread gives some idea of what’s on the maintainers' minds.

De-emphasizing Bubblewrap

For my project, I think it’s best to continue to support Bubblewrap as long as it works. However I will not recommend it so much anymore.

  • It’s harder and harder to get it to work
  • It doesn’t offer significant additional security. Deno is fairly mature and stable and should be enough.
  • My goal is to support platforms other than Linux, where this kind of fine-grained sandboxing doesn’t exist anyways.

I’d rather focus on making sure the way I use Deno is safe rather than trying to wrestle with bwrap, which is only available on one platform.

I’ll rearrange the docs to put the bwrap stuff in a separate page for those who feel they really want this.

Tailscale in the Real World

I was thrilled to finally ship Tailscale integration and I still think it’s transformative for people who self-host.

However my experience trying to get some people hooked up with the app on their phones has been less than great. Installation is easy and quick, but for some people, it’s a legit battery drain.

Nobody likes their phone losing battery faster than normal. It’s just something about the current moment in smartphone tech. Batteries last long on a good phone, but battery vampires are never welcome. So I have some people who have the Tailscale app but leave it turned off until they need it, which… OK. 😔

I know Tailscale has done a lot of work on battery issues for their apps, but you can still see a number of complaints in recent app reviews. I suppose there is only so much they can do yet I still hope it gets better somehow.

Occasionally laggy

Once in a while, I’ll open the Leftovers app and it will sit there with the refresh spinner running. If I refresh the app it sits there trying to load.

At other times, in fact most of the time, it’s blazingly fast.

But when it stalls we’re talking 7 to 10 seconds of lag here. A painful wait.

I’m pretty sure it’s a Tailscale issue. I’ve only seen this behavior on the apps I access from Tailscale, and the logs don’t indicate a slow request processing time (I do need better request logging in ds-host though).

I have a suspicion that it’s a DNS issue, but I suppose it could be anything in the process of connecting a tunnel. When I tried to observe the requests by connecting the phone to the Chrome debugger, I was unable to reproduce the issue. Weird.

Also, it’s not always the case. In September I experienced the lag frequently. Now in October it seems much better? Though it still happens. Maybe TS was having some difficulty, though their status panel never showed a problem.

Leftovers App Work

I improved the Leftovers app.

  • I added a ❄️Freezer❄️ section. You can now specify that items are in the freezer and set their expiry time in months instead of days. Commit 21dfb72.
  • The data automatically reloads every time the app visibility changes to “visible”. This helps ensure you’re always looking at the freshest (ha) food listing. Commit 605d18b.
  • I added a little spinner that shows the data loading. A tap causes the data to load again. I fiddled with CSS animations until I could get the spinner to slow down convincingly instead of abruptly stopping. Sometimes I like playing with CSS. (See commit above.)
  • Fought a battle with package.json and postcss.config.js and vite.config.js and yarn and npm to upgrade to Tailwind 4. I never enjoy playing with these sickos. Commit 41b2557.

Version 0.7.0 of Leftovers is now out. The previous significant update was 18 months earlier. I enjoy the pace of development of home-cooked apps.

Brainstorming Better Install Experience for ds-host

I spent the rest of the month thinking about how I can improve the installation experience for ds-host. As it stands it’s really pretty poor. I keep running into this myself when I want to quickly install it to test something out and I just can’t do it quickly, even though it’s my project and I’ve done it many times. 😭

Dropserver is my attempt at making self-hosting more approachable to non-tech users. But right now the installation experience completely defeats the whole effort of the project. So it’s what I’m tackling next, and I intend to make it good.

It’s going to require a rework of the config file and a number of assumptions that are baked into the code (I talked about domain names, “DropIDs”, and other things last month), but it needs to be done.

I think this will have to be a separate blog post though.

Onwards

See you next month. I’ll try not to wait til mid-month to write the progress update. I already have exciting things to write about for October!

Olivier Forget

Los Angeles, USA
RSS Email Mastodon BlueSky

Aerospace Engineer turned sofware developer and bootstrappin' entrepreneur.