This media is not supported in your browser
VIEW IN TELEGRAM
New feature: Self-recovery
Implemented at the backend level.
If the backend detects that the PID files, environment variables, container config file, or mountpoints have been deleted,
The backend will automatically restore the exact files that were deleted to their original locations.
Additionally,
You can now place containers anywhere.
For example, the rootfs.img can be inside your internal storage.
The backend will automatically create the necessary configuration inside /data/local/Droidspaces/Containers, and the app will automatically pick it up.
This means,
You no longer need to use the app for installation.
Implemented at the backend level.
If the backend detects that the PID files, environment variables, container config file, or mountpoints have been deleted,
The backend will automatically restore the exact files that were deleted to their original locations.
Additionally,
You can now place containers anywhere.
For example, the rootfs.img can be inside your internal storage.
The backend will automatically create the necessary configuration inside /data/local/Droidspaces/Containers, and the app will automatically pick it up.
This means,
You no longer need to use the app for installation.
❤2
v4.7.2 pre-release is out:
https://github.com/ravindu644/Droidspaces-OSS/releases/tag/v4.7.2-pre-release
It passed my “surface-level tests” 🗿
I know some guy with a wonky setup will still report bugs.
But in this release, the metadata is immutable - even if it gets nuked by Android, by you, or by some race condition I haven’t found lurking in the backend - no worries..!
The metadata will auto-heal within 3 ms, and you won’t even notice a thing.
TL;DR: This release hardens security more:
1. Metadata will never get corrupted or nuked.
2. No ghost containers allowed - even if the metadata is nuked or N/A, we scan the entire /proc within 3 milliseconds to catch any “lost” containers.
3. Nothing will be lost - nothing can escape.
@Droidspaces
https://github.com/ravindu644/Droidspaces-OSS/releases/tag/v4.7.2-pre-release
It passed my “surface-level tests” 🗿
I know some guy with a wonky setup will still report bugs.
But in this release, the metadata is immutable - even if it gets nuked by Android, by you, or by some race condition I haven’t found lurking in the backend - no worries..!
The metadata will auto-heal within 3 ms, and you won’t even notice a thing.
TL;DR: This release hardens security more:
1. Metadata will never get corrupted or nuked.
2. No ghost containers allowed - even if the metadata is nuked or N/A, we scan the entire /proc within 3 milliseconds to catch any “lost” containers.
3. Nothing will be lost - nothing can escape.
@Droidspaces
❤1
v4.7.3 is released with a critical bug fix!
https://github.com/ravindu644/Droidspaces-OSS/releases/tag/v4.7.3
I worked 4 days straight figuring out why PID files were getting nuked when "Run at Boot" was enabled. I even hardened the security, preventing users from running 2 containers with the same name, and ensured all metadata could be recovered even if /data ceased to exist, etc. (This added more complexity to the project-but ultimately helped in a good way, lol).
Only to realize…
The issue wasn’t in the backend at all.
It was in the app.
We had 2 different "Run at Boot" implementations: one in the app and one in the Magisk module.
Both did the same thing. The Magisk module "Run at Boot" feature was a later addition to the app, and I forgot to remove the old implementation.
This caused the bug, and it went unnoticed for 4 months!
Which is insane...
@Droidspaces
https://github.com/ravindu644/Droidspaces-OSS/releases/tag/v4.7.3
I worked 4 days straight figuring out why PID files were getting nuked when "Run at Boot" was enabled. I even hardened the security, preventing users from running 2 containers with the same name, and ensured all metadata could be recovered even if /data ceased to exist, etc. (This added more complexity to the project-but ultimately helped in a good way, lol).
Only to realize…
The issue wasn’t in the backend at all.
It was in the app.
We had 2 different "Run at Boot" implementations: one in the app and one in the Magisk module.
Both did the same thing. The Magisk module "Run at Boot" feature was a later addition to the app, and I forgot to remove the old implementation.
This caused the bug, and it went unnoticed for 4 months!
Which is insane...
@Droidspaces
❤3😁1
Droidspaces-v4.7.3-net-isolation-test.apk
12.6 MB
APK for testing..
if any issues, drop the log file from /data/local/Droidspaces/Logs/<name>/log
if any issues, drop the log file from /data/local/Droidspaces/Logs/<name>/log
❤3👎1
Fix network isolation in modern systemd on Droidspaces
( Android Only )
01. Enter the container's root shell and delete these files:
02. Create an override systemd-networkd config to keep our static IPv4 address:
03. Mask the useless systemd-networkd-wait-online service:
Done !
@Droidspaces
( Android Only )
01. Enter the container's root shell and delete these files:
rm -f /etc/systemd/network/10-wifi.network
rm -f /etc/systemd/network/20-mobile.network
rm -f /etc/systemd/network/30-other.network
02. Create an override systemd-networkd config to keep our static IPv4 address:
mkdir -p /etc/systemd/network
cat > /etc/systemd/network/99-unmanaged.network << 'EOF'
[Match]
Name=*
[Link]
Unmanaged=yes
EOF
03. Mask the useless systemd-networkd-wait-online service:
ln -sf /dev/null /etc/systemd/system/systemd-networkd-wait-online.service
Done !
@Droidspaces
🗿1
Droidspaces v5.0.0-pre-release !
🪵 What's new?
https://github.com/ravindu644/Droidspaces-OSS/releases/tag/v5.0.0-pre-release
[ App ]
[ Backend ]
Notes:
- For existing modern systemd containers like Ubuntu 25.04, Fedora, and Arch, you must apply this fix to make NAT mode work - new containers will be automatically fixed upon installation in the app.
- Kernel configurations required for NAT mode have been updated. Please get the new configurations from the app.
@Droidspaces
🪵 What's new?
https://github.com/ravindu644/Droidspaces-OSS/releases/tag/v5.0.0-pre-release
[ App ]
- app: implemented NAT/HOST/NONE Network modes to the container configuration menu
- add network isolation configuration requirements to the Droidspaces kernel configurations
[ Backend ]
- net: implement full network isolation with NAT, bridgeless fallback, and Android routing
- fix: Configure systemd-networkd to unmanage all network interfaces, preventing DHCP conflicts with Droidspaces' static IP setup
- mask systemd-networkd-wait-online.service and make udevadm trigger non-critical in udev-trigger.service
- fix: Apply interactive terminal check for foreground mode only to interactive commands like start, restart, or enter
- Add --reset command-line option to clear container configuration while preserving name and rootfs paths
- Implement a centralized logging engine with internal functions, container-specific file logging, and refactored logging macros
- Cache cgroup mount points, optimize mountinfo parsing, ensure correct PTY allocation in new PID namespaces, and prevent terminal I/O blocking
- Add check_ns function to verify network namespace support and integrate it into network mode validation
- Add live kernel probes for bridge and veth support to check NAT networking capability
Notes:
- For existing modern systemd containers like Ubuntu 25.04, Fedora, and Arch, you must apply this fix to make NAT mode work - new containers will be automatically fixed upon installation in the app.
- Kernel configurations required for NAT mode have been updated. Please get the new configurations from the app.
@Droidspaces
🗿3
This media is not supported in your browser
VIEW IN TELEGRAM
Demonstration of our isolated networking: it works perfectly even when switching between 3 different networks 🗿
M21 -> Mobile Data -> M14
It doesn’t even feel it.. 🗣
M21 -> Mobile Data -> M14
It doesn’t even feel it.. 🗣
🗿2
Droidspaces v5.1.0-pre-release is here..!
https://github.com/ravindu644/Droidspaces-OSS/releases/tag/v5.1.0-pre-release
What's new..?
[ Backend ]
THIS MUST FIX ALL OF THE NETWORKING ISSUE IN THE NAT MODE - NO FILES EDIT NEEDED.
If you did this thing before, please revert it.
@Droidspaces
https://github.com/ravindu644/Droidspaces-OSS/releases/tag/v5.1.0-pre-release
What's new..?
[ Backend ]
net: replace static RTNETLINK IP assignment with embedded DHCP server
THIS MUST FIX ALL OF THE NETWORKING ISSUE IN THE NAT MODE - NO FILES EDIT NEEDED.
If you did this thing before, please revert it.
@Droidspaces
❤2🔥1
This media is not supported in your browser
VIEW IN TELEGRAM
Networking is unkillable now 🗿
100% uptime.
Even if you enable or disable Wi-Fi, data, or hotspot thousands of times,
no worries!
The Droidspaces daemon will perfectly handle everything in the background 🗿
100% uptime.
Even if you enable or disable Wi-Fi, data, or hotspot thousands of times,
no worries!
The Droidspaces daemon will perfectly handle everything in the background 🗿
🗿4❤1
This is how Port Forwarding Works in NAT Mode
When a container runs in NAT mode, its network is completely isolated with a private IP (like
Port forwarding solves this by creating a mapping between a port on the phone's own IP (which IS visible to your local network) and a port inside the container.
For example, mapping phone port 22 → container port 22 means:
When someone on your network SSHes into <phone-ip>:22, the phone intercepts that connection and transparently forwards it into the container - as if the container were directly reachable.
The container itself never needs a public IP. The phone acts as the gateway.
When a container runs in NAT mode, its network is completely isolated with a private IP (like
172.28.33.133) that only the phone knows about. Other devices on your local network - and even your router - have no idea this private network exists, so trying to SSH directly into the container's IP from another device will simply fail.Port forwarding solves this by creating a mapping between a port on the phone's own IP (which IS visible to your local network) and a port inside the container.
For example, mapping phone port 22 → container port 22 means:
Another Device ──► Router ──► Phone (your real IP) ──► Container (172.28.x.x)When someone on your network SSHes into <phone-ip>:22, the phone intercepts that connection and transparently forwards it into the container - as if the container were directly reachable.
The container itself never needs a public IP. The phone acts as the gateway.
Droidspaces v5.3.0-pre-release
https://github.com/ravindu644/Droidspaces-OSS/releases/tag/v5.3.0-pre-release
This will be the last release from the
What's in this release:
- Universal, fully working network isolation, with a DHCP server for assigning IPs AND a daemon that watches network changes in real time to ensure 99.999% uptime. Works on both Android and Linux - tested on kernels 4.14 to 6.19 🗿
- Cgroups won't be isolated on kernels lower than 5.2. This makes it possible to run Ubuntu 24.04 and other semi-modern distros on older kernels with 100% compatibility. I'm literally running Ubuntu 24.04 with 100% systemd health on my old 4.14.113 kernel.
- Fixed CTRL+ALT+Q tends to reboot in foreground mode.
- More misc. improvements that I can't remember.
Notes: The upstream interface is the interface that has internet access, such as
Connect to Wi-Fi → Select the interface that appears → Disable Wi-Fi and connect to mobile data → Press the refresh button in that menu → Select the interface(s) that appear.
https://github.com/ravindu644/Droidspaces-OSS/releases/tag/v5.3.0-pre-release
This will be the last release from the
network-isolation branch. Once you guys test everything and confirm it’s working, I’m going to merge network isolation into the main branch and take a break from development for a while 😇What's in this release:
- Universal, fully working network isolation, with a DHCP server for assigning IPs AND a daemon that watches network changes in real time to ensure 99.999% uptime. Works on both Android and Linux - tested on kernels 4.14 to 6.19 🗿
- Cgroups won't be isolated on kernels lower than 5.2. This makes it possible to run Ubuntu 24.04 and other semi-modern distros on older kernels with 100% compatibility. I'm literally running Ubuntu 24.04 with 100% systemd health on my old 4.14.113 kernel.
- Fixed CTRL+ALT+Q tends to reboot in foreground mode.
- More misc. improvements that I can't remember.
Notes: The upstream interface is the interface that has internet access, such as
wlan0 or rmnet0. The app can auto-detect upstream networks - all you need to do is:Connect to Wi-Fi → Select the interface that appears → Disable Wi-Fi and connect to mobile data → Press the refresh button in that menu → Select the interface(s) that appear.
🔥1🗿1