La Technique

Rightsizing a platform into a tool

I first learned about Tailscale—an excellent networking service that makes the renowned WireGuard VPN protocol easy to use—from author Robin Sloan’s October 2023 newsletter, who recommended it for serving a personal notes app not unlike Leornian. Shortly after, Django core developer Andrew Godwin blogged about using Tailscale to make a powerful home development server accessible—securely—from anywhere in the world. Inevitably, the idea of using a home server grew on me, and I recently bought a pre-loved Dell Wyse to serve Tailscale-tunnelled applications from my room.

I will write more about the home server experience some other time; today, I'm sharing about how this new setup led me to pivot the Leornian app towards a more appropriate scale, now that I have achieved my initial learning objectives with it. It’s a downsizing, or, to use the trendier word, a rightsizing. I know both terms have negative connotations, but no one is losing a job here.

Leornian is still something I find valuable, as a user myself, but developments in the last few months led me to realize that I didn’t really want to operate and maintain a public platform, and to keep up with all the potential added responsibilities that entailed. I never actively promoted Leornian anyway, so there’s no real loss here.

I spent several hours cutting out vast blocks and entire modules of code from Leornian, and then an hour or two more to add a little polish and make sure that the leaner product still works. The result is what I’m now calling Leornianite.

I was surprised at just how much simpler and leaner the codebase became. As I noted previously, turning a simple app into a content platform greatly expands the requirements for the software; you’d need to consider, at the least: content moderation, user support, and copyright and content licensing. You need to write code to support all these and all the usage scenarios that they imply. Thinking through and building all these for Leornian was a most excellent learning exercise, but moving forward, I’d like to stop worrying about them. I just want to be able to write and save my own notes, and run the Leornian Drill on them.

With Leornianite, freed from these considerations, I don’t even need user accounts and ownership relationships and permissions. I could skip a lot of input validations because I can trust where the input comes from (myself). A lot of the Django views ended up becoming basic, textbook CRUD implementations. I could afford to relax a lot about security, though I know I cannot, must not, completely disregard it; even with a Tailscale setup I’m sure there are still many threats to data confidentiality and integrity. For instance, I’ve been thinking about how it might be possible (a remote chance, but not impossible) to carry out CSRF attacks on Tailscale-tunnelled self-hosted web apps like Leornianite. Good thing Django protects against these by default, even if you skip login requirements on your app.

This new, single-user, self-hosted scope might lead to the question of why it has to be written with Python/Django, or as a web app at all, and not, say, as a mobile app. And the answer is simply because that’s what I’m still most familiar with, and there is really no problem with that. Perhaps one day I’ll get around to learning Golang, or the Android/Kotlin platform, and build versions of Leornian for those platforms.

Until then, whenever I find the time, I’ll continue to hack on Leornianite as the Django app that it is. Maybe I’ll finally add search next.