Hacker News new | past | comments | ask | show | jobs | submit login
Is Caddy Free? (caddyserver.com)
132 points by embik on March 10, 2016 | hide | past | favorite | 52 comments



Out of an abundance of desire for you to be happy and this project to succeed:

You should sell something. You have a variety of options for "something." [+] You will always make more money selling something than selling nothing. Your project is orders of magnitudes too small, and not popular enough with the right people, to subsist on donations from developers. (Sponsorships are a thing you can sell, and are not donations. They're priced at 3~4 orders of magnitude higher than donations, are budgeted out of places other than "charity", and can be sold rather than hoped for.)

You do not owe anyone an apology for choosing to sell something. You do not owe yourself an apology for choosing to sell something. You do not need to mention the economy or your personal economic circumstances. It will not successfully motivate anyone to pay you a thousand dollars. No lawyer in the country does that. No doctor in the country does that. No teacher in the country does that. You being compensated for your professional labor is not an outlandish request. It is the default. This will discomfit some freeloaders in your community. They contribute no patches or money. Let them wget the binaries; do not allow them to wget an iota of your stress budget.

[ + ] A specific example of a thing you can sell that can't be said of every OSS project that hits HN: There exist literally thousands of businesses on the Internet which host websites for other businesses. Some of them allow their customers to upgrade service to include an HTTPS certificate; many don't, would like to, but cannot offer that given technical constraints. Caddy is a drop-in [ ++ ] minimal-risk option for any less-than-galactic-scale hosting company to offer "HTTPS certs at scale that just work" for e.g. the local bakery.

This is something they can offer to clients. You can sell them on the desirability of offering it and let them promote powered-by-Caddy "free SSL certs for everyone purchasing our hosting." Any measurable uptick in business from a hosting company running at anything greater than dormroom scale is worth $$$$. You can say "There's a repo on the Internet which suggests a way that you can get this done; if you'd prefer to ship it by next Tuesday, there's a glide path available for $THOUSANDS."

[ ++ ] On reading more closely it isn't quite "drop-in" but given the amount of value that would surface for users and the additional revenue possibilities that would suggest prioritizing that fairly highly. The joys of product management. The specific feature you probably want is reverse proxying; happily, Go is practically a language built to write reverse proxies in.


Thanks for your comment, patio11! I don't regret adding a payment box to the download page. My only regret right now is that I'm not a more tactful/skillful writer. :) Sponsorships are a great idea; I think many companies would benefit from having their customers use a web server with automatic HTTPS, or who believe security and privacy on the Web should be easy.

I admit it's a little weird transitioning from undergrad where you pay to do things when you're told to, to a professional living where you do things because you're good at it and are paid to do it.

Addendum: The business value in a "drop-in minimal-risk" option for hosting companies is appealing. If I do end up going the business plan route to earn a living, it would probably be something like that.


It's a little weird, but you'll get used to it.

Caddy looks great, and I might end up using it for my next project. If I do, and I make money off it, consider at least one sponsorship secured. :)


Hi folks, author here. Want to respond with a few things.

First, thanks for your support. The project has received the blessing of so many of you and dozens - over 60 - of you have jumped in to contribute code to make Caddy awesome. Really appreciate it, since I can't do it alone! The Go and infosec community has really been amazing.

As I say in the post, this is not a business plan. I'm not relying on this to earn a living. BUT I am a starting graduate student and if I am going to continue maintaining Caddy on the side of graduate school, it will need your support.

I know "free software" is a loaded term (cheers to rms) but in this post I hope it's obvious that I'm not talking about "free as in freedom" -- this post is about cost/economics. Caddy is still Apache licensed.

Also: Several people have donated to the project (and Arroyo Networks sponsors it) because they believe in free and automatic privacy for the Web, and they want Caddy's focus on UX to permeate to other software products. Even backend servers can have good UX. This is a cause that I feel passionate about and am happy to do for you, time/funding permitting. (I hope Caddy will help people see how easy security/privacy can be for the Web, similar to how Signal does it for SMS and Keybase for PGP.)

In the end, I wanted to raise awareness of an issue, that even "free as in price" open source projects have a cost, in time and talent that's invested by the developer. "This is just open source."


Really glad you're thinking about this, and making it explicit, buuuuut...

Why not dual-license, or look at the Fair Source license? The "donate please" button is just going to be ignored, like Sublime's donate nag screens.

Make it so at least big companies who have open-source policies will pay for a non-GPL license or support etc. You don't have to publish the history containing Apache 2, republish, and write all new code with AGPL-3.0.


> The "donate please" button is just going to be ignored,

I'm sure the "donate please" button will be mostly ignored, but putting a "pay what you want" before the download button will not be.

Way back when, I wrote a windows IME for typing Hanyu Pinyin with tone marks (https://www.pinyinput.net) and for years just had a "Donate" button on the site.

In the first 6 years of release, I could count on two hands the number of donations it received (despite tens of thousands of downloads).

Then I changed the site so instead of having both a download and a donate button that it just had a "purchase" button and a "pay what you want" field with a suggested price of $5, with $0 allowed if you want.

It's still essentially the same setup as before - you can download it for free or you can make a donation, but now by explicitly asking, every day or two someone makes a "purchase" - sometimes only a dollar, sometimes $5, once even $50.

Sure, with this setup, Caddy probably won't make as much as if they offered paid support plans, however they will almost certainly make more than they did with just a "donate" button up the top of the page.


Ubuntu does something similar, but since they work on many things they let you decide how to split things up. What's interesting to me is that they show a cost comparision at the bottom, such as $5 being the same as the cost of a pint of beer. This really helps the user realize something like "I buy a pint at the bar without thinking, why can't I give the same amount to software I use every day?"

http://www.ubuntu.com/download/desktop/contribute/?version=1...


> The "donate please" button is just going to be ignored, like Sublime's donate nag screens.

Do people ignore when Sublime tell them to buy a license?

I might not be representative but I bought next time I had money and it asked.

Also, if possible I would be happy if you don't go AGPL, I'll be happy to pay without like I do for Elementary and Sublime Text. As long as I can pay an amount that is small enough that I don't have to discuss it at home or with my boss ( ~ < $40 at my current salary / position) I'm happy to support projects I like. For projects I use a lot I do nag my company to buy a support plan.

BTW: Don't everybody do this?


I don't use your service at the moment, as I have nothing I need hosted. But if I did, what would you consider a reasonable payment amount? i.e. your "If all of our subscribers paid this, we would cover our costs."


Hard to say, since I don't track its usage in the wild... I only know the number of hours put into the project. But I think you're right, it would definitely be helpful to have that number on the page. I'll see if I can come up with an accurate estimate, or maybe suggest what people normally contribute after a little more time has passed.


Looking at alternatives to a fully deployed organization with a support structure. Consider slack. Elixir-lang.slack.com is a great example of a dev project with an active slack community. Have you considered starting a slack group for Caddy - maybe charge a small stipend for access? It will help develop the community, provide a support venue (with a cadre of people helping each other), and provide some sustenance for the project.


It looks like they already have a gittir chat room: https://gitter.im/mholt/caddy.

I'm not sure if Gittir supports gating access like you mention, but I think some of the other suggestions here might even be more promising. The advice by patio11 comes to mind:

"You should sell something."

This something should be a substantial product offering; something more than access to an "exclusive club hangout room."


gophers slack. You can find mholt there, almost all the time.


As patio11 invariably says, offer a paid support option to make it real easy for businesses to give you money.


Are you sure you're attributing that advice to the right person?

Because it's orders of magnitude less valuable advice that "offer a paid version of the product". (Which you'll notice Patrick saying quite regularly about open source projects using charity as a business model.)

Selling software you've built is a proven way to make money. Selling consulting for software you've built is also a proven way to make money. But only one of those require you to actually do additional work in order to collect the money. The smart choice should be obvious to anyone with a fully formed sense of laziness.


Most recent example: https://twitter.com/patio11/status/658748957250596864

The issue is: it's easier for a business, particularly the line manager, to just sign a contract for "support" which comes out of his OpEx budget than to get a company to deal with a charitable donation which will probably have to go through Finance and Legal.


You're right. I had read your previous post as "consulting" rather than paid support (in which no actual work need take place in the normal case.)

As you (and Patrick) say, that works nicely.


Yes, the appeal to peoples' conscience by asking them to pretend it is a free trial unfortunately won't work at all to get money from businesses. On the other hand, a support package with a definitive price is much easier for a developer to justify to the boss.

And BTW -

> My text editor costs $70

That's a bug, not a feature ;)


Nginx model appears to be working for them.


I just went to look at it, and cannot for the life of me figure out what Nginx Plus is trying to sell me for my $1900 a year. Clue me in?


This seems like it outlines it pretty well:

https://www.nginx.com/products/feature-matrix/


Ctrl-F "Compare" on https://www.nginx.com/products/ and expand the table.


If all you want is a web server? Nothing except support. If you use it as caching load balancer or media streaming solution, you get a lot of valuable features.


> we're inviting you to support Caddy by honestly paying back the value it provides you

So those who are not paying are dishonest. That's a bit aggressive, don't you think?

> There's no such thing as free software. The question is, "Who pays the price?"

You're conflating two things here: the license of the software and profits of the programmers. I understand that conflating them here works for your argument here, but they are different things. Of course there is such a thing called free software. Go's HTTP library, which Caddy is wrapping, is a free (both as in free beer and as in freedom) software for example. Are you "honestly" going to send some percentage of your earnings to Google, and "pay back the value it provides you"?

My entire OS is free software.

I do donate sometimes, but this has nothing to do with the license of the software I'm using. I'm donating not because somebody is trying to convince me that not doing so is immoral, but because I can and want to.

All this sounds similar to what Elementary OS people did a while ago. They called their non-paying users cheaters. And while they asked money for their FOSS distro, they weren't paying upstream or Debian anything. By their logic, they are also cheating, but of course they don't talk about it.

Disclaimer: Never used your product (or Elementary OS for that matter), never going to use it either.


> There's no such thing as free software.

This just makes my mind jump to Maggie Thatcher. The complaint is valid but the explanation is tone-deaf at best.


I'm not involved with Caddy, but in my understanding the author has had some bad times with his previous project. Sounds like - although it was popular among companies and government - he had open bills caused by his work on it. That certainly is a rather frustrating experience.

> I learned a lesson from my last project, Papa Parse. That project, like Caddy, experienced a very successful reception on Hacker News. It was picked up by numerous companies to enhance their product offering; government departments around the world use it, and even the United Nations and Wikimedia integrate it. But now I have to pay the bills, and inevitably, work goes where the money does.


My gut tells me asking for donations probably won't bring in that much, unfortunately :|

Just wanted to say this project looks awesome. Builtin https configuration and the simplicity of the config file are very nice.


I've been using Caddy for at least a year now, and I host several high-traffic sites on it.* I was one of the first people to try the Let's Encrypt support when it was in Alpha. The Caddy team has been amazingly supportive and responsive during the whole process. Last week when I read this post I immediately dug out my personal credit card and donated $75. It's not much, but they add up. I hope others will too. I agree that making a paycheck out of open source is complicated and confusing. Cheers to Matt & team for trying.

* Not HN definition of "high" probably, but still, not joe's blog either.


I think the best model would be a $5 a year membership fee for a mailing list informing users of updates to the software. If someone is using Caddy in production, they'll want to be alerted the moment that an update is available and this would provide that.


At $5/year, you would need 30,000 subscribers just to pay for one senior developer.


But $5/year is so cheap you can easily get one-man-shops to buy into it and you might even get people that don't use the product but want to follow the project to subscribe.


Just yesterday I downloaded Caddy to a DO droplet, pointed a domain at it, and https literally "just worked." Caddy is magic, and certainly worthy of donations.


Confusing since it is still free software by Stallman's definition.


Yeah, sorry, English is failing me here. The article isn't about freedom, it's about economics/finances.


you are confused.

Free in english means either 0$ or free as a speech. Free software is the later.

And Stallman contradicts you : making your free software sustainable by founding yourself is a must.

http://www.gnu.org/philosophy/selling.en.html

So before shaming fellow free software coders about what we do and know better than you, RTFM.

Our workforce IS NOT FREE.


> So before shaming fellow free software coders about what we do and know better than you, RTFM.

Calm down, nobody's shaming anybody.


will the money get split amongst all contributers that ask?

otherwise I'm not sure how I feel about the lead developer getting contributions but asking to get money to keep for themselves.


https://caddyserver.com/download#payment says

> Funds are used to pay the author and some developers so they can continue to actively develop the project and provide support to you.

> After each fiscal year, funds permitting, we'll hire an external CPA to verify the expenditure on the account. Audit results will be made available for you to view.


Donations are a hard way to run a business. Wikimedia struggled for years to keep the servers on. Unstable at best. I would go with a dual-licensed approach and/or support model.

A tiered support model is a no brainer for most businesses especially if the lower tiers are relatively cheap. A high-end “bells and whistles” model also make sense for some companies who use it mission critical scenarios.


Wikimedia is anything, but not a good example of a well structured organisation. The Wikimedia organisational structure is bloated and causes a high monetary overhead. Wikimedia spent $42.1 million between 2012 - 2013. Even estimated pessimistic that amount of money would be enough to run Wikipedia for at least the next 30 years with an estimated annual traffic growth of 10% (too high on purpose[0]). And that's a very(!) pessimistic calculation I quickly run utilizing our default BI for an international HA class 5 project.

[0] https://stats.wikimedia.org/EN/TablesWikipediaZZ.htm


Before they left St Petersburg, Fl for the promised land - their costs were a lot lower and they still struggled.


It sounds like Caddy is a side project for the author, so there probably isn't time for tiered support in addition to development.


This is a marketing move, which is fine and dandy. But the message isn't 100% correct. Supporting anything requires resources, true. But that doesn't mean there aren't plenty of software projects that not only work fine, but once written require little to no support. I'm mainly talking about this line

> There's no such thing as free software.


I would say that a web server requires ongoing support to be viable. Any software that handles network interactions between potentially unknown parties is inherently in the crosshairs of bad actors. Once a vulnerability is found, it must be patched, or that software is no longer safe to use.


> I would say that a web server requires ongoing support to be viable.

Absolutely and I think the author should have concentrated on that future-deliverables aspect rather than the 'what you owe to Caddy' argument.

The latter is emotionally strong but logically frail; as the author himself points-out he depends on Go and Let's Encrypt ( amongst many other 'free' projects I'm sure ) so will he be making a 'what I owe to you' contribution upstream to all those projects? He won't have much money left after that let alone paying the voluntary cost of a Github Enterprise account, of course, because otherwise someone else is paying for his use of that service...

Spinning the request as a support-contract for ongoing bug and security fixes would not only have been more business-friendly but also more robust as a general appeal.


He says

> There's no such thing as free software.

That's a hyperbole.

He also says

> The question is, "Who pays the price?"

Not everything is done for gain. When someone gives you an apple you're probably not that concerned about how it came to be, to you that apple is free. But there's also that added advantage of software - you can copy and share it just like that with the whole world.


I don't think they're saying everything has to be for gain. But there is definitely the point about "who pays the price" – whether it's the opportunity cost of lost income from working on caddy, or other price (time with family, friends, etc).

I do agree with patio11 that it's easier to just have a real support contract. IMO, one of the model open source projects is Sidekiq. It's become a very sustainable business for its author.


I think the issue is more high-level, a question of "how to start and sustain a small-ish infrastructure-ish open-source business?"

There are successful open-source projects, sure. The predominant MO seams to be for the main developer(s) to have a true "day job" which implicitly or explicitly finances him while he works on the open source thing. If he's lucky, the project can transform into a business a full-time job. If not, screw it, it's business as usual.

As for thinking that something very useful will be well paid for, I think the OpenSSL project disproved it once and for all: unless someone is actively thinking about finances and going the extra mile to attract business and money to the open source project, it will be both governed and treated as a hobby project.

tl;dr: if you're betting on getting rich on writing yet another web server, I hope you have rich parents ;) That's unfortunate, but it's the truth.


This is the reason to, if possible, avoid single-sourced open source projects, and instead focus on projects that enjoy a large, healthy and diverse developer community. Volunteer efforts ebb and flow, and it is by growing a community around a project, that you reduce the risk of open source projects either going Open Core (ala nginx) or simply fading away due to lack of cycles and resources.

With all that said, if you depend on Caddy, you should support it.


Giving something for free then creating paywall is IMHO bad idea, can be frustrating for a lot of people.

You should give something extra for price you want. Just look at Nginx plus etc. I wanted to use caddy in one of my projects but now I will just use nginx to have stable product. Sorry.


Do we need heart to heart talks about why someone charges for a service or why people need money to support themselves? When I buy cereal at a grocery store I don't need the clerk to huddle with me and explain how they arrived at the price or why there's need for a price at all. Just put a price on it and we'll pay it if it's worth the price.


If it is sponsored by Arroyo networks than why am I paying additional money for it?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: