Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Why not make Cloudron fully open source again?



  • @nebulon If I understand the dynamics introduced by an open source licence like AGPL, someone having the access to the source code, and in fact having the source code, does not make them a "user" of Cloudron. They simply have the software and can install it and do whatever. But when they have problems, as they surely will because of Docker, where will they turn to? Most likely the original creators of the software... and when you and @girish can't help because of other time constraints, I can imagine the complaints and badmouthing that would follow. This would potentially have the effect of Cloudron (the subscription service) getting a bad name, losing customers, and eventually going out of business. So it makes sense to me that you've tightened up the licence so that the amazing user experience can remain intact and manageable.

    I am not an open source purist, starting from the fact that I have no control over the VPS I rent on which I run Cloudron. It is, as someone in your chats said, a compromise for a purist. For the rest of us who don't want to pay an opaque behemoth company anything, Cloudron is simply the best. And it has the open source spirit, if not the correct licence on every bit of code. And importantly, the software actually works, a theme that I've repeated a few times on different threads. I applaud the Cloudron team for making decisions to enable them to keep the software open AND working.



  • @nebulon I can't speak for @jdaviescoates, but I would point out just 4 benefits:

    • Greater Contributions. With a source available, but proprietary license, anyone who contributes a bug fix or feature immediately loses license to their own work, or at least would have to in order for Cloudron to be able to enforce its license and copyright. Aside from the potential legal mess, this is almost certainly a deterrent to substantial outside contributions. An open source license makes Cloudron much more enticing to contribute to.
    • Benefits of Broad Adoption. Those willing to do the work to run their own Cloudron instance from the source code may have been loud, but they weren't likely customers to begin with. While not paying, these potential users do offer some benefits. They're more likely to provide good bug reports, patches, and answers to community questions. Even while promoting the free use of Cloudron, they are reaching an audience you would otherwise have to pay to reach. Even if the vast majority of users were to use Cloudron for free, as I suspect the majority of Nextcloud users do, in volume it really becomes a net benefit to Cloudron.
    • Long-Term Assurance. The choice to self-host one's own infrastructure can be stressful. It becomes less stressful when you know that the software your using is open source and will be viable as long as there is a community willing to keep it going. This is one reason open source users become such loud advocates. They want that thriving community to live on forever, in a way they can't necessarily ensure a company will.
    • Part of a Bigger Cause. I like you @nebulon and @girish. I like what you have made, and I hope you succeed, probably more so than most companies I buy products/services from. But at the end of the day you are a company. People like companies, they support causes. It's hard for me to express how when Cloudron went from open source to proprietary it changed my feelings. I still tell people about it and have tried to make important strategic introductions. But I don't donate my time to Cloudron like I do Inkscape. I don't extol the virtues of Cloudron over all other proprietary solutions, like I do Nextcloud. Supporting a company selling a proprietary solution is just not the same as supporting a company that is part of a bigger cause. Cloudron has the potential to be part of that cause. I want it to be open source.

    Addendum: This is all said with full awareness that you need and deserve to get paid. Don't listen to anyone who expects anything otherwise. For the reasons stated above, and others, I think you can still make a living and perhaps even a better living releasing software with an open source license.



  • I'm a fan of open source and certainly encourage it with my team - but it comes with overhead and responsibilities beyond working on the actual product, so it's not something to take on lightly or without expectation for the time-costs in managing that.

    On the flip-side open-source is infinite almost free referral marketing.

    From a business point of view, I would think that hosts themselves should be the primary target for sponsorship since the more that can offer Cloudron, the broader their potential customer-base and those customers subscription to their resources.

    If Cloudron.io were able to Terraform the Cloudron instances to popular hosts and then the cloudron.io site was the only way to manage multiple hosts with a subscription, I could see value in that because the subscription costs is still less than the time-costs being saved.

    I'm fine with hybrid models, we can hire developers to fix issues if they have a higher priority for us than you guys but also it is important to me that the platform commitments we make have a sustainable business model to remain motivated and evolving as needs arise.

    Your work, your choice, either way big kudos for what you've already done and thanks for saving me a ton of time and money already!



  • We are all a pretty tight community at this point, but putting aside the reddit and mastodon "external" comments for a minute... Ive been a cloudron user, customer & supporter since the beta & was mainly drawn to the platform for its Open Source solution....when that changed I understood the reasoning, calculated the positives & they simply outweighed the negatives. Has that move been "BAD" ? maybe in terms of some "adoption" but my point is that I would have and always will pay for the value @girish & @nebulon are providing!! So, YES it would be ideal for Cloudron to be fully open source...For me its a matter of "Principal"... The amount of people who would actually roll out their own implementation without support are far and in-between. Myself & others I am sure are literally going out of our way to sell this platform/solution for both of our sake... Personally I would prefer that we go with the Red Hat model over the SFDC model. Regardless I'm here for the ride & appreciate everything ya'll are doing. ✌🖤+1



  • Some notes to add on this:

    • GPL v3 covers commercial interests nicely and ensure any additions or modifications must also remain open and therefore available back to yourself to choose to include or not as you wish without cost or consequence.
    • Include your website link and email in your copyright notice, since the licence specifies that the copyright notice must always remain in-tact and included, to make sure every copy and version links back to yourselves as the originator.


  • @marcusquinn said in Why not make Cloudron fully open source again?:

    GPL v3 covers commercial interests nicely

    Yes, but only when the other party offers downloads of the product. Not when it's only hosted publicly (the installed product). In the latter case agpl would ensure that code is being made available.

    But usually and honesty a lot people (if they contribute or not) only care about the freedom aspect, and there gpl or agpl are not sufficient enough for some people.

    In essence, the type of license should also be dependent on the audience of developers you want to attract by at.



  • The value of Cloudron and why we pay a license is the appstore. So my naive person think that changing the platform code back to free software wouldn't affect negatively Cloudron business model.

    It seems to me part of the reasoning to the license change was there wasn't much contribution to the platform anyway. I believe the same argument can be used to change it back to free software. 😄

    I'm sad not to be able to recommend Cloudron as the best open source paas since the license change.
    It has in effect changed my relation to the project, from an invested advocate to a simple client.

    Moving Cloudron back to free software would bring much needed positivity to 2020. 😉



  • @ruihildt said in Why not make Cloudron fully open source again?:

    I'm sad not to be able to recommend Cloudron as the best open source paas since the license change.
    It has in effect changed my relation to the project, from an invested advocate to a simple client.

    I totally agree with this part. More than that, I would never have picked up Cloudron at all at the beginning if it weren't open source.

    And as to contributions, I am the author of one of these rare contributions ^^ (to make the platform compatible with the OpenVPN app), and I would definitely not have contributed if it were not open source.

    TLDR: I am 100% in favor of switching back to an open source licence.

    (As for the precise licence, I do not really care, be it MIT, Apache, GPL, AGPL ... whatever.)



  • Given the nature of the responsibility of the Cloudron system, security is the biggest aspiration for me from open-source, along with a security reporting process that allows for private communication of any issues found.

    I recommend including this somewhere on your site:

    https://www.zerodayinitiative.com/advisories/disclosure_policy/

    My page own open-source on our own platform (WP&Woo stack) for interest:

    https://brandlight.org/i/transparency/proudly-open-source/

    Although we haven't open-sourced that whole stack yet, it's planned.


  • Staff

    As for security issues to have a private conversation, please see https://cloudron.io/security.html

    Also as mentioned earlier, we do share the view that it is useful to introspect the code to see what is happening on your server, this is already achieved by our source-available policy, so feel free to audit that in the git repo.