Why not make Cloudron fully open source again?
-
-
Interesting weekend read: https://plausible.io/blog/open-source-funding
-
@marcusquinn said in Why not make Cloudron fully open source again?:
Interesting weekend read: https://plausible.io/blog/open-source-funding
Didn't think that was the best article to be honest.
It mentions charging for support, but not the good ol' charge for support + updates model which has proven successful for loads of open source projects, including the first ever billion dollar open source company Red Hat. But also think of the vast majority of the WordPress premium plugins and themes ecosystem.
-
@jdaviescoates said in Who here has actually already packaged an app that is already in the Cloudron App store?:
@girish and @nebulon, obviously. Who else?
EDIT: I just realised I could do an Advanced search for "most of the packaging work" in Announcements to find lots of them (although not all, as e.g. that didn't find Moodle).
In no particular order:
- @atrilahiji did much of the work for the Moodle
- @doodlemania2 did most of the packaging work for Pixelfed and Apache Guacamole
- @jimcavoli did most of the packaging work for Metabase, Grafana, Snipe-IT and Grav CMS
- @thetomester13 did most of the packaging work for Firefly III and PrivateBin
- @fbartels did most of the packagingwork for Statping
- @ultraviolet did most of the packaging work for Vault, Trilium Notes and Apache Guacamole
- @msbt did most of the packaging work for TeamSpeak, YOURLS, Alltube Download, Bookstack and helped with Matrix/Riot
- @syn did most of the packaging work for Mastodon
- @Felix and @iamthefij did much of the heavy lifting for Bitwarden
- @murgero did the initial ground work for Directus
- @cve-random did the majority of the work for Jellyfin with the help of @mehdi
- @mehdi also implemented OpenVPN
- @sumacinitiative helped out with LimeSurvey and SearX
- @BrutalBirdie did most of the work for Greenlight
- @erics packaged dolibarr
I did a few other searches too and think I've likely got most of them now, but who is still missing?
Anyone?
Hey everyone tagged above.
First of all: THANK YOU!
Second of all: as people who've actually contributed apps to Cloudron, I'd really appreciate your input in this thread
-
Hey @marcusquinn @yusf @murgero @d19dotca @fbartels @will @necrevistonnezr @mehdi @msbt @Lonk @doodlemania2 @imc67 @ruihildt @JOduMonT @atrilahiji @scooke @heliostatic @jimcavoli @Hillside502 @robi @thetomester13
As valued contributors to this forum, if you've not chimed in here already, please do so!
To all those on both lists above: HUGE RESPECT (and I really want to hear from you)
-
@jdaviescoates Woop - jeez - didn't know I could get stars for being so distracting
I'm in the good idea but not in a hurry camp - FOSS comes with admin work - and for now, I can see development progress is pretty healthy.
I've equally worked on a stack that should and will eventually be OS - but when I can commit the time to supporting the community expectations on top of our own needs, so I see both sides.
It may only a matter of time - but for now, in source available I think we all trust. So yes, but patiently
-
@marcusquinn said in Why not make Cloudron fully open source again?:
in source available I think we all trust
Exactly. Changing licenses only really makes sense if the current license really hinders meaningful external contributions. And I have not yet seen this.
-
I don't agree with you guys. I think it does hinder contributions, but you would not notice it.
It's not like people would decide to not contribute and come say it on the forums or anything. They just... would do nothing.
Like I said earlier, back then I would not have contributed the OpenVPN server if cloudron were not open source. I honestly would not even have considered it as a platform to use. For a lot of people, it's not about what you can or cannot do with the code, it's really a matter of principles.
-
@mehdi said in Why not make Cloudron fully open source again?:
It's not like people would decide to not contribute and come say it on the forums or anything. They just... would do nothing.
And I don't agree with the above
From past experience, if someone is invested enough to make a meaningful contribution they usually try to establish some for of contact with the maintainers before starting work (or at least they should, what if that contribution does not fit with the current scope of the project?). I had plenty of discussions in the past because people did not think that AGPL would be a good fit for them.
-
@mehdi said in Why not make Cloudron fully open source again?:
I don't agree with you guys.
I don't either.
But it's not just about people actually contributing code either, it's about wider uptake.
I already know quite a few people who used to subscribe to Cloudron but no longer do so because it's no longer open source.
@mehdi said in Why not make Cloudron fully open source again?:
For a lot of people, it's not about what you can or cannot do with the code, it's really a matter of principles.
Exactly. I also know people and agencies who won't subscribe nor use it as a matter of principle like @mehdi says.
This is causing needless wheel reinvention as they then go off and try to patch together others tools to create a similar experience to Cloudron, when they could otherwise just contribute to improving Cloudron instead.
There are also quite a few public authorities who would be more likely to adopt it if it were open source.
Whether or not Cloudron being open source would lead to more contributions to the code (I think it would as @mehdi is far from alone in his principles), I feel fairly certain that Cloudron could sell more subscriptions and therefore fund further development if it were open source again.
-
Thanks for raising this question, @jdaviescoates.
I am personally not sure open-sourcing is critical here, as I think the first beneficiaries would be big cloud platforms (AWS, etc) that would then be able to host it and cut out any income for the developers. The current source available arrangement strikes me as probably necessary and appropriate.
I'm increasingly convinced that OSS as such is broken as a means of protecting against corporate exploitation, and it should not be celebrated as an end in itself. Based on my conversations with @girish, I think the single most important fact about Cloudron is that the company is bootstrapping (based on our subscription fees) and not seeking an exit. As long as that's the case, I think the community should support their self-defense through licensing.
Rather than fixating on licensing, it might be more relevant to all of us to discuss the possibility of an "exit to community" for Cloudron, in which ultimately the company we pay into becomes owned byβand accountable toβthe people who rely on it. This could help ensure that the company we're paying into, and that is stewarding the code we depend on, doesn't get captured by forces beyond our control.
-
@ntnsndr said in Why not make Cloudron fully open source again?:
Thanks for raising this question, @jdaviescoates.
I am personally not sure open-sourcing is critical here, as I think the first beneficiaries would be big cloud platforms (AWS, etc) that would then be able to host it and cut out any income for the developers. The current source available arrangement strikes me as probably necessary and appropriate.
I'm increasingly convinced that OSS as such is broken as a means of protecting against corporate exploitation, and it should not be celebrated as an end in itself. Based on my conversations with @girish, I think the single most important fact about Cloudron is that the company is bootstrapping (based on our subscription fees) and not seeking an exit. As long as that's the case, I think the community should support their self-defense through licensing.
Rather than fixating on licensing, it might be more relevant to all of us to discuss the possibility of an "exit to community" for Cloudron, in which ultimately the company we pay into becomes owned byβand accountable toβthe people who rely on it. This could help ensure that the company we're paying into, and that is stewarding the code we depend on, doesn't get captured by forces beyond our control.
+1!
Very good points. -
@rmdes said in Why not make Cloudron fully open source again?:
@ntnsndr wait, are you https://twitter.com/ntnsndr ?
It is
I know Nathan uses Cloudron with his students at at the University of Colorado Boulder and so I reached out to him to chime in here
As I mentioned to him in email:
re protecting against corporate exploitation, given it is "specifically designed to ensure cooperation with the community in the case of network server software" my understanding is that the AGPL provides at least some protection against that as per https://www.gnu.org/licenses/agpl-3.0.en.html
@ntnsndr replied:
The AGPL is indeed oriented this way, though from what I understand its protections have proved overly ambiguous and inadequate against the present threats.
So whilst I really love co-ops and 'exit to community stuff' (and I'd fully support, and be really excited by such a future for Cloudron were @nebulon and @girish open to such ideas?) I think my question still stands:
What exactly is it about Cloudron and/or the AGPL that leads @nebulon and @girish to the conclusion that if Cloudron were fully AGPL licensed they would be unable to continue with the existing sustainable business model of selling subscriptions for updates and support?
Given the tech giants are already the most powerful human entities on the planet, ever, with almost unfathomable resources (this visualisation of e.g. just Bezos' personal personal wealth is pretty gut wrenching), I think if they wanted to directly compete with Cloudron they could very easily do so regardless of how the code is licensed: they could just allocate an infinitesimally small percentage of their budget to reverse engineer it. But, really, why would they bother? They already own and run the infrastructure the powers the vast majority of the Internet, including nearly all web and mobile apps.
-
@jdaviescoates said in Why not make Cloudron fully open source again?:
re protecting against corporate exploitation, given it is "specifically designed to ensure cooperation with the community in the case of network server software" my understanding is that the AGPL provides at least some protection against that as per https://www.gnu.org/licenses/agpl-3.0.en.html
Moreover, to outsiders, Cloudron itself looks exactly like the "corporate exploitation" we're supposedly protecting ourselves against with proprietary code: if Docker and the 80+ open source app we can all run on Cloudron weren't themselves open source (and Ubuntu and so much else), well then Cloudron couldn't exist.
I know this isn't strictly true given upstream contributions and the genuine desire of @nebulon & @girish to be able to increase such contributions in the future, but it's nevertheless a valid perspective and criticism to make: Cloudron has built a successly business off the back of open source, just like the tech giants (and basically every business using tech, i.e. basically every business).
And this isn't hypothetical either. If you click in some of the links I included in my OP these are exactly the arguments some people are making against recommending/ using/ promoting Cloudron.
-
Maybe I'm wrong and hopefully @girish @nebulon will find the time to chime in here but I think this issue is related to survival, ability to live from one's work more than anything else.
I may be wrong, I don't know.But this thread here : Open Collective could be a way to do both : securing funds from the community, in full transparency, funds that could even benefit other OSS projects AND at the same time, secure a line of income for those that contribute directly and make the Cloudron project possible.
The argument that X or Y have made a business off the back of open source is valid in the absolute but also worthless until the big tech giants, the entire web has been powered by open-source without ever, society, either in the US/EU etc...ever considering that The Internet is a common good, a public service and that those that built it, from kernel developers to external contributors are in fact creating common value that is largely sucked by big corps and big players, at a scale impossible to compare to what Cloudron staff is taking.
This question is a structural global problem more than a particular approach that concerns only cloudron; its good to have this discussion but it's even better to put those giants that extract wealth in vast orders of magnitude compared to cloudron, in front of the problem.
it's easier to rant and even attack little projects, it's much more complicated to bring this disucssion at european, american, global level and actually find ways to fix this mess from a global perspective.
-
Maybe we should all give it a rest now in trying to tell Girish und Nebulon what do do with their project and their income and trying to nudge them into one direction.
-
@rmdes said in Why not make Cloudron fully open source again?:
The Internet is a common good, a public service and that those that built it, from kernel developers to external contributors are in fact creating common value that is largely sucked by big corps and big players, at a scale impossible to compare to what Cloudron staff is taking.
This is true, but just for devil's advocate's sake it's also true (and often unmentioned) that big corps have actually also been the primary funders/ developers of of lots of open source too e.g. the Linux kernel: I'm not sure of current figures but I remember in the past IBM employees had written something like 70% of the code.
But yeah, I totally want to ensure @girish and @nebulon can continue to work on and get properly paid for working full time on Cloudron. They've created a really amazing product, and in some ways even more impressively have built a really fantastic community around it too. Both of those things are Really Hard (TM) and they've totally nailed it.
I'm also totally up for hearing, and open to being convinced by, arguments that if Cloudron were AGPL again it would somehow make it harder to pay @girish and @nebulon to work on it and to have sustainable livelihoods. I just can't see that myself (I might be blind) and don't think anyone has actually made that case yet?
I'm beginning to sound like a stuck record, but all I can see are positives.
I guess the potential risk isn't really that tech giants would clone and undercut Cloudron at all. The risk is that some random freelancer or agency could potentially do so. This is actually the story of how Sharetribe became proprietary: someone did clone their business and undercut them, cutting into their revenues.
As I understand it (please someone correct me if I'm wrong) AGPL is designed specifically be used to prevent that (well, at the very least to prevent people doing that without also contributing back - but perhaps that's all it does and that's the problem?), but that wasn't the understanding of Sharetribe's developers.
How real is that risk? How many paying customers here would go elsewhere? Given how much we all value the community here, I think very few.
There are loads of GPL premium wordpress plugins out there, many of which can be found for free out in the wild. But in most cases it pays to pay. In the end it's just so much easier to get updates and support in a timely manner by paying.