mal.haza.website

Holster router

Lots of updates this week, I gave a presentation on Holster at the June LoFi meetup and published a new npm package. The meetup was at 1am for me, so not the best time to be trying to explain how Holster works! 😅 but it was great to be invited to speak and hear from others doing similar work. I've also been going back and watching previous LoFi episodes which are really interesting and great to see how much work is going on in the local first application space.

The npm package I've released is called holster-router and is an extraction of some of the work that went into RSStream. I've done that so I can re-use the same routes and user creation process in a new Holster based project that I'm about to start. RSStream uses the concept of invite codes to control accounts, but the new project will be more open than this, so the holster-router functions that are shared between these projects will allow for more than one way to create an account. The recent work that went into user storage limits should mean that sign-ups can be open without worrying about server storage. All the other routes for managing password updates and resets will be shared and the new project will add new routes to holster-router as the sign-up model for that is worked out.

Holster 2.1.0

A new version of Holster is available that provides a new feature I've wanted to add for a while. This is per-user storage limits. It is off by default, but starting Holster with a new userLimit option set to true will check how much data is stored under a public key before writing updates to disk. This is a server only feature and allows controlling your disk usage if you have limited resources.

One of the things I often thought about when learning about GunDB was how you were meant to run a relay when all data is distributed. Holster is careful to only store data that browsers request, but if you host a public relay I think you should be able to decide how those resources are used. Holster already had options for memory limits, so now it has options for disk usage too. The default is only 1MB, but can also be set in the options when starting. If you set it to zero then unlisted users are effectively blocked from storing data on your server.

Listed users should be added to a simple .user_limit.json file in your application directory, it's just an object containing public keys and their allowed storage in megabytes. Your application can update this file for Holster to read from, which is what RSStream is doing now. Holster then checks it periodically while also tracking user storage in a second file called .user_storage.json. For more information and settings to update when running a relay see the Holster API docs.

Future work for this feature can be done at the application level, for instance you can provide feedback to users about how much storage they're using and provide an endpoint to increase it. Note that this is only backup storage on your server, all their data is still stored locally if you use IndexedDB.