My plan is to have YunoHost running on
mydomain.com:[80|443], and Sandstorm running on a separate domain
foobar.sandcats.io:8443. No plan for public access, authenticated users only. May be allow anonymous use of Zerobin.
A nice thing about Sandstorm is that it’s completely self-contained. There’s no dependencies of nginx / apache reverse proxy. It runs on its own SSL/TLS capable web server. The wildcard SSL cert signing is completely free and does not depend on
certbot or any 3rd party tools. So, any potential conflicts with YunoHost’s web server config is really the last thing I’d worry about.
My understanding of Sandstorm’s files structure: Everything (code, logs, databases) is installed under
/opt/sandstorm prefix. Prefix can be changed during install. The only external files that will be installed are init / systemd scripts.