1.  

    Sounds like it supports only pairs, not N machines?

    Another option: Resilio Sync. https://www.resilio.com/ I use it to keep a directory sync’d between N different servers. Has worked like a charm for years now.

    1.  

      Any advantages of using Resilio Sync over Syncthing?

      1.  

        Resilio Sync supports encrypted-only nodes, that can participate in the swarm and provide storage/bandwidth, but can only see cipher text.

        Another benefit is that the model is more user-friendly. You can just give another person a read-only or read-write key and they can join a folder simply using that key. No need to add a devices to folders, use introducers, etc.

        Unfortunately, Resilio Sync (then Bittorrent Sync) started out as a free for private use + reasonable price for business use. Now they have a very complicated licensing structure, where for business use you have to get a subscription, but at least for 5 users. You have to pay 615 Euro per headless machine (which they call a server, weird for a peer to peer system). Home users only get a subset of features and you have to pay quite a hefty price to unlock the rest.

        I think Resilio Sync can work in an enviroment where it’s deployed/used company-wide. But if you are using Resilio Sync and want to share a file with a colleague, things become very messy (you need to purchase 5 subscriptions).

        It’s a shame, I was quite a big fan of Resilio Sync, but their licensing changes drove me away (and I and some family members paid for the Pro version, back when it was a perpetual license at a reasonable price, AFAIR including business use).

    1. 24

      In a similar vein, here is a bootstrap theme based on geocities: http://code.divshot.com/geo-bootstrap/

      I use it all the time for CTFs.

      1. 10

        Was Bootstrap one of the reasons the web became boring? The first framework where every site looked the same?

        1. 2

          I don’t know if it was the first per se but it in my mind, it had the most impact in setting us on the current path.

        2. 4

          Just applied this to the work app. Gonna have to seriously resist pushing this live on April 1st for a bit. (Our users hate change sadly, as per usual.)

          1. 2

            Could you maybe just add a button to turn it on or something? Like Twitter’s night mode switch except instead of turning everything dark it turns everything back to the 1990s.

            Also if you were really feeling this prank you could monkey-patch XmlHttpRequest so that it played a dialup tone and called setTimeout() before sending a request. You know, for that 90s* internet speed feel. (Now that I actually write this comment I think I’m legitimately going to add this as a mode to the bottom-right corner of my website.)

            [*]: I was not alive during 80% of the 90s but I’m told everything was very very slow.

          2. 1

            Sadly for a very old version of bootstrap. Any newer versions for v3 or v4?

          1. 17

            Another disadvantage of services is that you can’t do a database transaction that includes operations from more than one service.

            Unrelated, I worked at a place a few years ago that built microservices because they wanted the various services to work concurrently, and they were using Ruby. Unfortunately, trying to boot all the services, the right order, ensuring a service didn’t come up unless one it depended on came up, was tough. It also forced me to switch from a spinning disk to a solid state one simply because of the number of files being loaded at once.

            That experience was part of what motivated me to learn Elixir. Years later, I recently worked on an Elixir umbrella app. It was like microservices, but running the whole thing was easy. In production, they deployed one app to one server, one to another, and let both of them depend on a third app, which was deployed to both. All the apps that needed a database shared the same one.

            1. 24

              Unfortunately, trying to boot all the services, the right order, ensuring a service didn’t come up unless one it depended on came up, was tough.

              Don’t do that. You need to deal with network issues anyways, so bring them all up and let your error handling take care of it.

              1. 8

                trying to boot all the services, the right order, ensuring a service didn’t come up unless one it depended on came up, was tough.

                I don’t know you usecase, but that seems to be a complex thing to implement that probably shouldn’t be needed.

                1. 2

                  systemd has service dependencies and sd_notify built-in. Few people use it but it’s totally possible to start a web of services. Of course this doesn’t help with off-machine resources.

                  http://0pointer.de/public/systemd-man/systemd.service.html

                2. 6

                  Another disadvantage of services is that you can’t do a database transaction that includes operations from more than one service.

                  You absolutely can; I do all the time. It may require fundamentally rethinking what we mean by “database” though.

                  Most people think a database is somewhere between “a black box that stores data” and “a black box of hard algorithms for data query” or something like that. To them, they conveniently ignore that the “database” is a service outside of their application, and “can’t transact” across that service boundary either. That’s part of why database migrations and schema changes are so hard: Version 2 and Version 3 of your application are potentially separate services – even in the monolith – and because you “can’t transact” between versions of your application (what does that even mean!?) you’re forced to put logic into your application to deal with both the old schema and the new schema, and you may even often have to do on-the-fly upgrades.

                  Or you just have downtime.

                  Or you have a whole separate system, and your “transaction switch” is on some kind of network load balancer. Blue/green or whatever you want to call it.

                  However there’s a very different way: If your application is the database (and this is easier than you probably think), your crud operations simply need to log their intentions, and then have something read the log which materialises the results into views you can use.

                  One way to do this is to go heavy on the stored procedures. I like this approach, but SQL is a really terrible application language, and many programmers are very bad at SQL. Many databases don’t have an audit table for the stored procedures – there isn’t very good version control for them, so that’s another reason people don’t like it. Maybe the tooling could be improved though.

                  Most people usually go the other way.

                  In Erlang/Elixir, I may (for persistence) use a disk_log to write out arbitrary terms, and have a subscriber pick them up – that is also a gen_server that you can query. At startup, I can read the logs. If the logs are big, my gen_server knows enough to checkpoint – just write out State to another file, and include the offset in the disk log.

                  In Go and Smalltalk you can do something similar.

                  In C, or lots of other languages that don’t have processes, you can still get this functionality with a little thought, because the operating system has processes and fifos/socketpairs for you to use! It feels very similar to writing microservices, which sucks for different reasons (notably the lack of good IPC, e.g. php has serialize), but it’s not the same as microservices: just mutually cooperating processes. Qmail is a great example of this architecture, that is probably just a bit more complex than it would need to be today since the whole world is Linux and iOS now.

                  In q I don’t even need to do that. I can just use the -l and -r options which give me logging/subscription built-in to the runtime. It’s also much more enjoyable because the language doesn’t suck as bad as SQL, and we have great IPC.

                  Putting your data responsibilities in your application isn’t popular though. People actually think redis or Postgresql are fast, and many programmers doubt themselves able to make something as fast (let alone faster). This kind of approach however, tends to be done well around 1000x faster than using “a database” (and maybe done poorly or naïvely only 10x faster), gets you 100% uptime even in the face of schema changes, all of the benefits of a distributed/multiservice application with none of the downsides.

                  This is, as I see it, a serious barrier: Programmers lack the confidence to build things outside of their specialisation (whether they call it “back end” or “front end”) and even terms like “full stack” seem to be (in their normal usage of the term) limited to “code” – very few “full stack” developers seriously consider rolling a new database for every application. And I think they should.

                  1. 1

                    What is q ?

                    1. 1
                  2. 3

                    Another disadvantage of services is that you can’t do a database transaction that includes operations from more than one service.

                    You can using distributed transactions, but that’s a whole other nightmare to contend with.

                    1. 2

                      Unfortunately, trying to boot all the services, the right order, ensuring a service didn’t come up unless one it depended on came up, was tough.

                      Topological sort?

                    1. 4

                      All of cloudbootup.com runs with a single sinatra file that is 50 or so lines of code on a $5/month digital ocean VM. Updating things is a matter of writing some HTML and invoking rsync to sync up the new static assets.

                      Only reason sinatra is involved is because I needed to handle form submissions and that was the simplest way I could think of. All the CSS is inlined and all images in the posts and articles are inlined with base64 encoding if they’re small enough. Surprisingly my threshold for what would be inlined or not was also about how big I was willing to make the posts and I settled for something that is between 100-500kb.

                      I look forward to more spartan web developments.

                      1. 7

                        If you want to ditch Sinatra, I use CGI to handle webhooks so that I don’t need Ruby running 24/7. It’s a little arcane but NoOps is pretty sweet.

                        https://www.mikeperham.com/2015/01/05/cgi-rubys-bare-metal/ https://www.mikeperham.com/2018/10/12/testing-rubys-cgi/

                        1. 0

                          👍

                      1. 1

                        No mention of the possibility of using a faster ruby implementation?

                        1. 3

                          Such as? JRuby is the only usable alternative and requires the org to opt into the JVM ecosystem. With MRI, there’s a long tradition of moving performance-sensitive app bits into native C extensions for speed.

                          1. 0

                            Yeah, jruby. I’m not sure what you mean by JVM ecosystem. You install jruby. Then you change your script to run jruby instead of ruby. There’s no need to know anything at all about java.

                            On the plus side, it solves the inner loop problem where the overhead of calling a small function kills any performance gain. And it makes all the code you don’t rewrite faster too.

                            1. 5

                              Come on, jruby isn’t free, here’s four off the top of my head:

                              • Every developer needs to install the JVM locally.
                              • Every developer needs to learn how to read JRuby backtraces
                              • Every native MRI gem in the app needs to be ported to a JRuby equivalent
                              • Rails bootup needs considerable tuning or infrastructure must switch between MRI and Jruby for unit testing (30 second test bootups are painful)

                              etc… Those things are surprising expensive for a company with hundreds of engineers.

                          2. 1

                            There are faster Ruby implementations than Rust?

                            1. 1

                              How fast does the code need to be?

                          1. 4

                            Java did this 20 years ago with its J2EE Pet Store demo app. It’s also a nightmare of unnecessary enterprise complexity.

                            https://www.mobilefish.com/tutorials/petstore_1_3_2/petstore_1_3_2_quickguide_start.html

                            1. 17

                              Somebody needs to solve the mismatch between the value generated by free software and the inability to get paid. Programmers shouldn’t have to take a huge pay cut to work on libre software.

                              Having to ask for ‘donation’ is an insult to the dignity of a competent programmer who can otherwise get a very lucrative offer for his/her skills.

                              1. 10

                                I honestly think to a large degree this has been solved if we follow the example of SQLite. Rather than trying to reach out all all possibly users of SQLite, trying to get a monthly donation of like $1/$2/$5 from each user, they focus on the corporate users of the software and ask for significant investment for things that corporate users specifically care about and aren’t “donations”:

                                • Email Support: $1500 a year.
                                • Phone Support: $8000 a year base, for SLA response time goes up to $50,000.
                                • Consortium Membership: $85,000+
                                • Title/License: $6000
                                • AES Custom Version: $2000
                                • CEROD Custom Version: $2000
                                • ZIPVFS Custom Version: $4000
                                1. 2

                                  Note that this doesn’t work if the software isn’t going to be used by companies. For instance I have a hard time picturing a company pay for sway or aerc.

                                  1. 1

                                    Absolutely, stuff that is of no use to a corporation is harder to deal with this way. I would argue that at certain levels of corporate dependency, even niche products like text editors and diff tools can get widespread financial backing. I have seen both (text editors and diff tools) get major contributions in terms of cash from corporations.

                                2. 9

                                  Donations are difficult to justify by companies both legally and in terms of business. They also cannot guarantee any continuity to the recipient. Moreover, donations are inherently unfair to donors VS non-donors.

                                  Public funding has been invented exactly for this.

                                  1. 2

                                    Moreover, donations are inherently unfair to donors VS non-donors.

                                    Could you elaborate “fair” a little?

                                    I cannot settle on a definition of fairness around donations (esp. to develop open source software) that I, myself, would use in this situation, and so I would surely fail at assuming the definition intended in your comment.

                                    1. 4

                                      Forgive me for the platitude: If a company donates a lot and a competitor does not (while still benefiting from the same shared public good), the latter has an advantage. This little prisoner dilemma around donations encourage greed over cooperation. That’s why taxes are mandatory.

                                      1. 2

                                        If a company donates a lot and a competitor does not (while still benefiting from the same shared public good), the latter has an advantage.

                                        That sounds right but might not be. IBM backed Linux when Microsoft and SCO were going to patent sue everyone trying to use it. IBM both was donating labor to Linux and would counter-sue to keep it open. The result over time was IBM got massive benefit from Linux while proprietary offerings folded or went into legacy mode over time.

                                        I mean, IBM and Linux are both kind of unique. That success might not extrapolate. It might for companies who can stand to gain a lot from a community around their product. The community might be bigger if the company significantly invests in open source and community activities.

                                      2. 3

                                        I assume the rational is that open source code is a public good in the same way that clean water or science is. If you spend a lot of money making sure that your local river has clean water, or a lot of money to study physics then the benefits are shared by everybody but the costs were incurred by just you.

                                        “Fairness” in the context of shared resources generally means that the costs of providing the resource are shared by the users of the resource in proportion to the benefit those users each receive.

                                      3. 2

                                        I agree that public funding was meant to solve problems much like this, but that doesn’t make it an easy solution.

                                        There are thousands of new libraries created every day, which ones will you fund? How much money should you give Pixie Lang?

                                        The NSF gives grants to researchers who are motivated to publish papers, which journals will only accept if the papers reveal something new and important. If you give money to open source developers do they have any external motivation to produce useful things? What is preventing them from adding a million new features to OpenSSL rather than carefully auditing the code and fixing tricky bugs?

                                        If ruby is given enough public funding to hire 10 developers, won’t that make the developers who weren’t chosen feel like they’re not as important? Would they continue contributing as much as they have when they know somebody else is getting paid?

                                        Many open source projects have contributors from many different nations. Is the agency doing public funding okay with giving money to non-nationals?

                                        1. 2

                                          public funding was meant to solve problems much like this, but that doesn’t make it an easy solution

                                          It worked better than other alternatives during the last 100 years to develop phones, early computers, semiconductors, satellites, a lot of medicine, aeronautics, chemistry… Anything that does not have a short or medium-term return.

                                          Is the agency doing public funding okay with giving money to non-nationals?

                                          A lot of long-term scientific research is funded through global nongovernmental organizations.

                                      4. 6

                                        Not a great comfort to a libertarian, I’m sure - but for those who believe in government intervention, taxpayer-funded work on core infrastructure is an obvious way to share the load (since broadly speaking, society at large benefits from access to improved technology).

                                        IIRC at least one of the OpenSSL core team was funded - for years - off the German social security pension. RMS’s work at MIT was largely funded through the US government. DARPA paid for a ton of computing infrastructure.

                                        1. 4

                                          Who is this somebody who needs that?

                                          Describing your own desires as someone else’s needs is a cop-out.

                                          1. 1

                                            I discuss this a lot. It usually breaks the moment I bring in the notion that this somebody should probably be paid, at around, say, 10-20% if what the developers get.

                                          2. 1

                                            If the software is valuable, you can license it such that you can sell it for money.

                                            1. 6

                                              This is a pretty often mentioned, but not every FOSS software has a straight forward business model attached. For example, programming languages are far too remote from an actual product for people to actually invest in them on large scale. Yet, they certainly have huge value! If you see the struggle to get a widely used project as MRI funded…

                                              Sure, I could get my money by consulting in that programming language and being an expert in it, but there, the incentive is actually again to have other people developing it and just run around using their stuff.

                                              Also, not every programmer wants to become a salesperson or build end-user products.

                                              1. 3

                                                You can also license it freely and sell it for money. There’s no inherent contradiction in “commercial free software”. Indeed, sr.ht seems like it fits this category.

                                                1. 1

                                                  Great example (and congrats again) :)

                                                  In my experience, most such software is very hard to deploy for yourself (since the primary maintainer has no real reason to work on that aspect and nobody else tends to step up).

                                                  This is in no way a jab at your fantastic work - merely an observation of how this, like every funding structure, exerts a pull on the project funded.

                                                  1. 1

                                                    Congrats? For what? I’m not Drew.

                                                    1. 1

                                                      Huh, somehow I got my wires crossed, sorry.

                                                2. 1

                                                  I wonder if that’s true, and if not, why.

                                                  You’ve done it. And perhaps I have too (although one might tell my own story in different ways). But the people who manage to create functioning open source software from scratch have failed to earn real money from it with such frequency that I wonder whether there’s some blocker. That some personality trait that’s necessary to create that software also blocks generating income from the software.

                                                  1. 1

                                                    I absolutely believe this is the case, personality traits that draw people to open source software tend to push them away from the obvious avenues of income. I think they also fear angering their communities if they start to value corporate users over regular users. I think this fear is misguided, if regular users get much a much better product because of that corporate support, I believe they will be very understanding / support (ala sqlite).

                                                    1. 1

                                                      That some personality trait that’s necessary to create that software also blocks generating income from the software.

                                                      I don’t believe this is the case. FOSS comes out of a culture where many people could make their ends meet. Either by being employed by MIT or by having a paid day job.

                                                      It’s something our community - as a whole - could easily ignore and not build structure around. That’s falling on our feet now. Those structures will take years to build.

                                                1. 4

                                                  That page is annoying free of any link to the actual source code. Such terrible user design: that’s literally what I’m there to see. Am I just dense or missing the link?

                                                  1. 6

                                                    By crawling up the directory, I found the source:

                                                    https://www.ioccc.org/2018/mills/prog.c

                                                  1. 4

                                                    Music and software have many of the same problems. Music has a complex ecosystem of copyright and licensing to help musicians get paid for their creativity and yet there’s still lots of middlemen, like record labels, making huge returns, somewhat akin to software’s VC. Read about ASCAP: https://www.petekeen.net/ascap-for-open-source-software

                                                    My latest thought is having all companies with an engineering team “tithe” 10% of their engineering payroll to license all OSS for commercial use but there’s a million questions to be dealt with, just like ASCAP.

                                                    1. 2

                                                      Agree with this (see my comment on this post). I think the details you suggest sound like a good starting point. Do you know of any projects that want to move to this model? I think we should try to do this.

                                                      1. 1

                                                        Why would they bother? They’ll just go back to writing their own internal libraries and toolchains. Paying 10% of your payroll to use code you don’t have control over? Are you mad?

                                                        1. 1

                                                          Why not? Access to all open source, royalty and litigation risk free?

                                                      1. 5

                                                        The proliferation of easy package managers like Rubygems and NPM have made this lesson so much more obvious. The easier it is to change, the more likely one of those upstream changes will break you.

                                                        1. 3

                                                          OTOH, it’s become very easy to pin and document your dependencies with great reliability and precision, so from that perspective his attitude does seem a bit out of date.

                                                        1. 2

                                                          I still can’t determine how Go modules would make my life measurably better than plain old GOPATH. 🤷🏼‍♂️

                                                          1. 4

                                                            One thing I always liked about GOPATH and using VCS for dependency fetching is how easy it is to make changes to your dependencies: just cd over to the easy known path of your dep, make a change there, rebuild your project, then push your change up from your dep. Great! There’s no need to go find the git repo and clone it and then mess with your manifests to use local sources like you’d need to do with Rubygems/Bundler, or participate in symlink hanky-panky like with NPM.

                                                            But the downside is that when you need to work on two different projects that require different versions of a dependency, you need either two GOPATHs, or some other tacked on dependency management scheme using vendor. Either way means an additional tool for you (and your team) that you need to version and install on workstations and train people to use, which I see as an annoyance.

                                                            With go modules, it’s still very easy to get a version-controlled copy of a dependency (just clone the module URL), and then to use that copy when you build a specific project (by specifying the path of your local clone in your go.mod file). And you don’t need any tools other than go to do it.

                                                            1. 4

                                                              i was critical about the improvements at first, too, but they work really well for me where i’ve used them. the design is well thought out, migration from existing systems isn’t hard (fully automatic in my case, only small code bases though). the checksums for modules (go.sum) is also nice to have. it pays that the go team seems to read many papers and take their time with things.

                                                              i still manage my sources like in the GOPATH with full paths, which i’ve found very useful (and do so for other languages). i always know the url to the repository :)

                                                              1. 2

                                                                Were you a Go user at the time when code.google.com got closed down? Vendoring is a way to protect against events like this, or packages being taken down/moved from/on github/… by their authors. Modules and the planned global mirrors take this idea further, making the resulting ecosystem more globally interoperable than vendoring alone. While code.google.com may still exist in your GOPATH, there’s no easy way you could share your code that’s using it with others.

                                                                Also, modules introduce a somewhat controlled way of upgrading code & dependencies. Especially dependencies of dependencies, and further down the rabbit hole.

                                                                1. 1

                                                                  Or an npm user when left-pad got deleted? Vendoring would’ve avoided that problem, too. Plus, you can still work / deploy when the npm registry is down.

                                                                  1. 1

                                                                    Yarn does have an “offline mirror” feature that is now one of the more significant distinguishing features from npm.

                                                                    https://yarnpkg.com/blog/2016/11/24/offline-mirror/

                                                                2. 2

                                                                  If you ever need a non-master branch of a dependency, modules will help.

                                                                  1. 2

                                                                    I had to immediately look for April 1st in the date on the article. Disturbing that it wasn’t there.

                                                                    1. 3

                                                                      “We have a license for IBM Blockchain, what do we do with it?”

                                                                      1. 2

                                                                        And in related news, Bitcoin is down 1.8% after the announcement. Whereas, Walmart’s is up 0.37% due to increased confidence in their tech strategy by some investors who also have money in Bitcoin.

                                                                  1. 1

                                                                    I worry about the weight/inertia of a change process where adding _ support within constant integers takes months of feedback and review (e.g. const MB = 1_024 * 1_024). At first glance, that seems like a straightforward and purely additive change so why the baggage?

                                                                    1. 4

                                                                      Because of Golang’s backwards compatibility promise it is crucial to ensure even “straightforward” changes are carefully considered. Once _ support is landed, it will not go away.

                                                                      1. 2

                                                                        Go isn’t somebody’s weekend hobby sandbox. Hundreds of thousands of programmers write code in it, lots of tools generate code for it, millions of lives and livelihoods are affected by code written in it. There is no “at first glance” on that level. Welcome to the big leagues.

                                                                      1. 2

                                                                        For some reason I thought this article was going to be more legal: about land ownership, estates and timber rights.

                                                                        1. 6

                                                                          I’ve also tried to be open about my Sidekiq business and how it has grown over the past 5 years. It’s one thing to build a business on open source, it’s another to be open about the business itself. A recent interview:

                                                                          https://launched.app/blog/how-a-solo-founder-grew-an-open-source-tool-to-over-1m-arr/

                                                                          1. 2

                                                                            I appreciate you writing up posts on makig money with open source. More peope need to at least know it’s out there and think about it even if they might ultimately not go for money. I think there’s an awareness problem on top of ideological motivations.

                                                                            1. 1

                                                                              as someone looking to eventually start their own business, this is an awesome resource, thank you!

                                                                            1. 9

                                                                              I respect how they came to their old name but “bro” does have unfortunate baggage these days. I’m glad they found a new name they can be proud of.

                                                                              1. 3

                                                                                This is true.

                                                                                A product name is what’s supposed to represent you to the rest of the world. Connotations, type-ability, and relative uniqueness are basically what a name is for: if it carries negative connotations, then it isn’t serving its purpose.

                                                                                And trying to put a halt to the euphemism treadmill is like bravely standing your ground against a tsunami: the people who claim to do that tend to be all wet.

                                                                                1. 7

                                                                                  My hope for the future of Go is that it will continue to embrace simplicity in the face of cries for complexity.

                                                                                  I agree. I used to be a large proponent of adding generics to Go. But since Rust has taken off, I’d like it if Go and Rust explore two different approaches: Go with a drastic approach to simplicity and GC, Rust with parametric polymorphism + memory safety without GC. So with that in mind, I wouldn’t mind if Go did not add generics.

                                                                                  I am using Rust as my primary language, but I would like it if there was a fall-back option in case Rust or Rust libraries become over-engineered. This is just personal opinion and I don’t want to be controversial, but I think Haskell went from a simple functional language to type wizardry. Scala followed a similar path, except that it already started as a more complex language by aiming to be a functional language, while simultaneously implementing many OO concepts. Type wizardry can be fun, but it typically results in libraries that are hard to use by diverse teams or set of contributors. Rust libraries are generally ok in this respect, but there is definitely a lot of room of over-engineering with generics and traits.


                                                                                  The thing that I miss the most in Go, besides less repetitive error handling, is deterministic destruction. Especially when binding C. There is no guarantee when/if finalizers run and asking that callers call or defer a Close() function is a bit annoying. Destructors and GC are not mutually exclusive. A minor shortcoming is the lack of more powerful sum types.

                                                                                  Outside the language, it would be nice to have a slower compiler that inlines and optimizes more aggressively. As far as I understand, gccgo performance is currently not much better yet than the native Go compiler.

                                                                                  But everyone probably has a different set of wishes and if they were all added go Go, we’d end up with something that is not Go. So, it’s probably best for Go’s designers to be conservative ;).

                                                                                  1. 1

                                                                                    I’m getting more and more disenchanted with Rust’s memory safety claims. Seems like every week now we are hearing about another overflow in a Rust library due to unsafe. If you build a footgun, someone will use it.

                                                                                    1. 19

                                                                                      That is a good sign. The bad things you hear in the news are those that are rare and thus not dangerous. The really dangerous stuff is not reported in the news because these bad things happen all time.

                                                                                      For a comparison, statistically you will probably die from some form of cancer in a hospital. That does not get reported in the news. Being killed from a plane crashing into a skyscraper. That is newsworthy, but nothing to be afraid of.

                                                                                      When was the last time an overflow in a C program was on the lobsters frontpage?

                                                                                      1. 2

                                                                                        Compared to the status quo (C, C++), Rust is in a far better position, and far easy to audit. It’s great that some of these other bugs are being sorted out, but it would be far worse in a language with no separation between safe and unsafe code. Yes, I would love to see a systems language that has been formally verified from the ground up, with dependent types that we can prove properties about some of the more tricky low level stuff, but this is hard to do and will take more years, and even then it’d be prudent to install escape hatches for practicalities sake.

                                                                                    1. 5

                                                                                      Sys-V style daemons have been deprecated for over a decade now, since Upstart and Systemd became things. Don’t use this.

                                                                                      http://0pointer.de/public/systemd-man/daemon.html

                                                                                      1. 1

                                                                                        A very interesting read. Thanks for the link! I work with embedded sound technology where its not uncommon to enter platforms that are driven from a highly hardware oriented technology house - here you often have no systemd, no upstart, no runit, no nothing but a pile of confusing intricate init scripts done in ash. From my perspective daemonizing the old fascion way is still a skill needed to be mastered. But as your link very well descripes, the pitfalls are many, and I certainly hope that eventually all of us will enter the new-style deamon way :-)

                                                                                      1. 6

                                                                                        So, what’s the business model now?

                                                                                        1. 3

                                                                                          We are looking at a few options based on initial engagements with folks:

                                                                                          • the standard “support” model
                                                                                          • running Wallaroo as a hosted option in the cloud for folks. So for example, we install Wallaroo into your AWS account, hook it up to your data sources and run it for you.
                                                                                          • enterprise version where we build around the core product and create value that isn’t of interest to the open source community but are to large enterprises. for example, i doubt many folks in the open source community are interested in using Wallaroo with Kdb but its come up on more than 1 occassion with larger enterprises.
                                                                                          1. 4

                                                                                            Third option works the best. I mentioned that in the licensing discussion in another thread. Active Directory integration was the example I gave. Things like that stay proprietary. Good luck regardless.

                                                                                            1. 3

                                                                                              Yeah, the thing we want to do is not have it be features that are integrated into the open source product. We don’t want to keep things from the open source option, rather we really want to build around it. It’s hard. It’s going to be interesting but, I think it’s the right thing to do.

                                                                                              1. 6

                                                                                                Sounds risky to me. I respect your team’s commitment to principles, though.

                                                                                                Kind of adding to other comment, one thing I forgot to mention is you can just license it to businesses. That may sound counterintuitive since who would pay for open-source software they can get for free, right? A number of people on HN told me they license GPL software to businesses. One was at OpenSUSE but another just did custom apps for businesses that they allowed to go FOSS. They weren’t critical to competitive advantage, developer highlighted benefits of FOSS like extra features at lower cost, and they were cool with it. One pointed out that even Stallman encouraged people to charge for free software.

                                                                                                So, that’s possible at who knows what odds of success or level of revenue for Wallaroo. The main benefit they told me is businesses like having someone accountable for what they’re using. Someone to call, sue, or whatever. The other factor is that many believe you have to pay for good software. The “cheap” software is garbage. Free software must be even worse. Instead of arguing with them, those selling FOSS said they’d rather just let them pay a lot of money for the software and their own foolishness. :)

                                                                                                1. 3

                                                                                                  O yes, that “license” with a “neck to wring” is part of what we cover in “support”. Sorry, we’ve been discussing it for so long that I forgot that many people rightly consider them to be different items.

                                                                                                  It is risky but personally, I see the alternative as more risky. The infrastructure tooling space is dominated by open source products. Even if we create a better product, would we really be able to outpace a large open source project? Probably not. Could we lose lots of business to “its good enough” and people using another tool? Probably.

                                                                                                  Those are also risks. So ya, risky but, we think worth the gamble.

                                                                                                  1. 3

                                                                                                    Good thoughts on infrastructure. I had one more idea but would’ve worked better if you GPL’d it. That is embedding it into commercial products that want to layer on top of your project or use one of its components. In the GPL model, they buy a copyleft exemption so they don’t have to GPL their product. Apache breaks that model given companies can just repackage it for free without legal risk from giving nothing back. Since you want it permissive, I tumbled idea around in head and it still might work.

                                                                                                    There might be companies that want to integrate your stuff with theirs who would prefer to pay your company to do it faster (your experts) and with less integration risk. You could mention integration of Wallaroo into commercial offerings as a service Wallaroo Labs offers. I don’t think this would be common. It could be a nice supplement to main revenues if priced well to encourage the practice, you avoid any deals that look like a resource drain (or just charge extra for it), and Wallaroo kept modular enough to make that easy.

                                                                                                    1. 2

                                                                                                      I’m a huge fan of the GPL but man, it really scares large enterprises and makes selling to them much harder.

                                                                                                      1. 4

                                                                                                        Oh I hear you. I was mainly mentioning it for other readers that might be evaluating pro’s and con’s of various options in licensing their software. The paid service for embedding was for you. I could see why you’d want to avoid GPL if dealing with big business. I also mostly “thank” Microsoft for that.

                                                                                                        1. 1

                                                                                                          Why not offer Wallaroo Pro which is Wallaroo/GPL relicensed with a commercial license? That’s literally part of my business model with Sidekiq (LGPL) and Sidekiq Pro (commercial).

                                                                                                          1. 2

                                                                                                            It’s something we considered but again, fear of GPL will keep some developers from using Wallaroo for free in some enterprises. In the end, we wanted to leave that open as a possibility.

                                                                                                            I’m comfortable with the GPL. Many people are not and their lack of comfort definitely ended up leading to a lack of comfort from other non-engineers at Wallaroo Labs. Apache 2 is a “safe license”. No one balks at it.

                                                                                                            All of that said, I think the model you have is a completely valid one.