GrapheneOS Web Server Improvements & Planned Offline Network Location Feature

We recently asked for additional sponsored 10Gbps dedicated servers in Europe. We received over a dozen offers and are still looking into and following those up. So far, we've received a 10Gbps update server from Zare in London and a 20Gbps one in Amsterdam from Cherry Servers.

We now have a total of 5 sponsored update servers:

20Gbps from Cherry Servers in Amsterdam10Gbps from Zare in London10Gbps from Xenyth in Toronto10Gbps from ReliableSite in Miami10Gbps from ReliableSite in Los Angeles

Cherry Servers also provided a 2nd server for geocoding.

We have a full list of our public-facing servers at https://grapheneos.org/articles/grapheneos-servers including details on the sponsored servers with links to the websites of the sponsors. All the update servers are sponsored since paying for the amount of traffic we'll be using would be very expensive.

In addition to the primary purpose of updates, we use these servers as a subset of our 11 locations for website/network services.

We moved our mail server to a system container on the Xenyth server where we're using our own AS and IP space via BGP to avoid spam filtering issues.

We're also going to be using a subset of these as additional ns2 anycast DNS locations. We already use the Xenyth server as 1 of our 9 ns2 locations and plan to use the Zare server for it soon too. This depends on BGP support including BGP communities for traffic engineering.

Cherry Servers also provided a 2nd sponsor server in Amsterdam for us to use as our first geocoding server via Nominatim. Nominatim is very demanding and calls for at least around 128GB of memory and 4TB fast NVMe storage. The initial data import for Nominatim took almost 2 days.

Geocoding means converting the description of a location such as an address or the name of a place to coordinates. It supports many different kinds of searches such as finding a pharmacy or park within a certain zone. There's also reverse search to convert coordinates to names.

We provide geocoding as an opt-in service with a choice between our proxy to the OpenStreetMaps Nominatim server (recommended) or directly using their service. Our proxy will soon be pointed at the server from Cherry Servers and then replaced with a new multi-server GeoDNS setup.

You can try out our new self-hosted geocoding server at https://ams.nominatim.grapheneos.org/ui/search.html. In addition to OpenStreetMaps data, we've imported the primary/secondary Wikipedia importance data, US/UK postcodes, US house data and OSM special phrases. It should be close to the OSM service now.

We provide our own implementation of both network-based location and geocoding in GrapheneOS. Network-based location is implemented with on-device positioning but still depends on a service to obtain location data for nearby networks. We're going to be self-hosting both services.

Settings > Location > Location services provides these settings.

Our added "Geocoder" setting provides a choice of using the GrapheneOS proxy or directly using the OpenStreetMaps service. It will soon change to choosing between our self-hosted service and the OpenStreetMaps one.

Our added "Network location" setting provides a choice between using the GrapheneOS proxy to Apple, Apple or Apple China. We're going to build our own cell tower and Wi-Fi location databases to provide our own non-proxy network location option including full offline support.

For network-based location, enabling "Wi-Fi scanning" is recommended since otherwise it has to fall back to only using cell towers when Wi-Fi is disabled and can't function if cellular is disabled. Wi-Fi scanning changes the meaning of the Wi-Fi toggle to allow scans when off.

Both network-based location and geocoding are opt-in for GrapheneOS. However, we recently added network-based location to our setup wizard to improve discoverability and are going to be adding geocoding there too once we're self-hosting it. OSM server rate limiting was an issue.

We're in the process of getting a sponsored server in Frankfurt from a non-profit with 10G DTAG transit, 10G vodafone and 10G DE-CIX ports in addition to the other transit. DTAG transit is very unique and will be very helpful for serving updates to users in Germany at peak times.

Mullvad will be sponsoring 2 servers for us from DataPacket where DataPacket will bill them for our account under their existing arrangement. We haven't deployed those yet since the locations and specs are more flexible and we want to follow up more less flexible offers first.

These server sponsorships are saving a significant amount of money which can go to hiring more developers instead. There are a bunch other offers we need to filter down to the ones which are a good fit and follow those up. Unfortunately we need to avoid France for the time being.