Comment by Aurornis
1 day ago
> this server is physically held by a long time contributor with a proven track record of securely hosting services. We can control it remotely, we know exactly where it is, and we know who has access.
I can’t be the only one who read this and had flashbacks to projects that fell apart because one person had the physical server in their basement or a rack at their workplace and it became a sticking point when an argument arose.
I know self-hosting is held as a point of pride by many, but in my experience you’re still better off putting lower cost hardware in a cheap colo with the contract going to the business entity which has defined ownership and procedures. Sending it over to a single member to put somewhere puts a lot of control into that one person’s domain.
I hope for the best for this team and I’m leaning toward believing that this person really is trusted and capable, but I would strongly recommend against these arrangements in any form in general.
EDIT: F-Droid received a $400,000 grant from a single source this year ( https://f-droid.org/2025/02/05/f-droid-awarded-otf-grant.htm... ) so now I’m even more confused about how they decided to hand this server to a single team member to host in unspoken conditions instead of paying basic colocation expenses.
>We worked out a special arrangement so that this server is physically held by a long time contributor with a proven track record of securely hosting services.
Not clear if "contributor" is a person or an entity. The "hosting services" part make it sound more like a company rather than a natural person.
The OSU Open Source Lab gives machines to groups in their datacenter: https://osuosl.org/services/hosting/
It has hosted quite a few famous services.
Which famous services?
I doubt OSU is going to host F-Droid. It doesn't even sound like F-Droid would want them to host it.
https://osuosl.org/blog/osl-moving-to-state-data-center/ mentions several major, famous services/projects that OSUOSL either has hosted in the past or is still hosting: kernel.org, Debian, Gentoo, Drupal, OpenWRT, OSGEO. https://osuosl.org/blog/osl-future/ also mentions hosting Mozilla at the time of the Firefox 1.0 release, and having previously hosted Apache Software Foundation. Closer in relevance to F-Droid, OSUOSL hosts the GitLab instance used by postmarketOS: https://postmarketos.org/blog/2024/10/14/gitlab-migration/
F-Droid is the best known non-corporate Android App Store... Why wouldn't they be willing to host it?
It's a critical load-bearing component of FOSS on Android.
There is nothing wrong with hosting prod at home. A free and open source project needs to be as sustainable and low maintenance as possible. Better to have a service up and running than down when the funds run out.
> I know self-hosting is held as a point of pride by many, but in my experience you’re still better off putting lower cost hardware in a cheap colo with the contract going to the business entity which has defined ownership and procedures. Sending it over to a single member to put somewhere puts a lot of control into that one person’s domain.
If they really want to run it out of a computer in their living room they should at least keep a couple servers on standby at different locations. Trusting a single person to manage the whole thing is fragile, but trusting a few people with boxes that are kept up to date seems pretty safe. What are the odds they'd all die together? Paying a colo or cloud provider is probably better if you care about more 9s of uptime, but do they really need it?
Yup. But the same can happen in shared hosting/colo/aws just as easily if only one person controls the keys to the kingdom. I know of at least a handful of open source projects that had to essentially start over because the leader went AWOL or a big fight happened.
That said, I still think that hosting a server in a member's house is a terrible decision for a project.
> if only one person controls the keys to the kingdom
True, which is why I said the important parts need to be held by the legal entity representing the organization. If one person tries to hold it hostage, it becomes a matter of demonstrating that person doesn’t legally have access any more.
I’ve also seen projects fall apart because they forgot to transfer some key element into the legal entity. A common one is the domain name, which might have been registered by one person and then just never transferred over. Nobody notices until that person has a falling out and starts holding the domain name hostage.
It doesn't say it's in someone's house. Maybe the guy runs a business doing this.
At least they know where it is. They can go knock on the door.
> one person had the physical server in their basement
Unless you have even the faintest idea about how F-Droid does it, please stop spreading FUD. All the article says is that it is not a normal contract but a special arrangement where one or a select few have physical access. It could be in a locked basement, it could be in a sealed off cage in a data center, it could be a private research area at a university. We don't know.
A special arrangement with an academic institution providing data center services wouldn't be at all surprising, that has been the case for many large open source projects since long before the term was invented, including Linux, Debian and GNU itself.
Many of these are run by professionals with high standards. The Debian project has done pioneering work with reproducible builds, for example, something the F-Droid project is also very much involved with. Those things are what creates trust in the project.
> It could be in a locked basement, it could be in a sealed off cage in a data center, it could be a private research area at a university. We don't know.
Yes, and that is exactly the problem. They didn't write "a large university/company/government institute which wishes to remains anonymous has graciously donated space in their ISOwhatever certified in-house hosting facility", they wrote "physically held by a long time contributor".
It is written as if it is just Some Guy's Mom's Basement, with a guarantee of Trust Me Bro. If it is indeed hosted in a professional environment, why don't they say so?
People are assuming the worst because it isn't their first rodeo, and they've seen it go wrong time and time again. If F-Droid wants to be taken seriously Just Trust Us isn't good enough - especially with their main selling point being "you can't trust Google"!
> A special arrangement with an academic institution providing data center services
They would have said this if it were the case. Why would they make it sound so sketchy if it wasn't otherwise? There is no "FUD", you don't know better than anyone else would either, so you don't get to make that argument and then speculate yourself.
Ultimately hosting is not the most critical part as long as backups are stored in places other members of the projects have access to (and one copy could be in their own home, I don't think the f-droid repos have grown to be that big they can't be hosted on commodity NAS).
What is usually more critical is who has the credentials for the domain management.
Is colocation not considered to be "self-hosting" in the cloud era?
In these times, even running your own software on a provisioned VM is considered self-hosting sometimes.
It's just a build server no? If that's the case it's not the end of the world.
Or does it also serve the APKs?
depending on how you view it, the build server _does_ serve the APKs, right?
400K would go -fast- if they stuck to a traditional colo setup. Donations like this are rare and it may be all they get for a decade.
Personally I would feel better about round robin across multiple maintainer-home-hosted machines.
> 400K would go -fast- if they stuck to a traditional colo setup.
I don’t know where you’re pricing coloration, but I could host a single server indefinitely from the interest alone on $400K at the (very nice) data centers I’ve used.
Collocation is not that expensive. I’m not understanding how you think $400K would disappear “fast” unless you think it’s thousands of dollars per month?
I, personally, have a cabinet in a colo. With $400k, I can host it at that datacentre with the income from risk-free return never exercising the capital with 10 GigE, 3 kW of power. If I can do it, they can do it.
Modern computers are super efficient. A 9755 has 128 cores and you can get it for cheap. If you've been doing this for a while you'd have gotten the RAM for cheap too.
If I, a normie, can have terabytes of RAM and hundreds of cores in a colo, I'm pretty sure they can unless they have some specific requests.
And dude, I'm in the Bay Area. Think about that. I'm in one of the highest cost localities and I can do this. I bet there are Colorado or Washington DCs that are even cheaper.
I to am in the bay area, and clearly I have been shopping at the wrong colos. I expected to find nothing with unlimited bandwidth for under $1k/mo given past experience with what may have been higher end DCs.
In any event if I was the volunteer sysadmin that had to babysit the box, I would rather have it at my home with business fiber where I am on premises most of the time because getting in and out of a colo is always a whole thing if their security is worth a damn.
Even given a frugal and accessible setup like that I can imagine 400k lasting 5 years tops especially if paying for the volunteers business fiber and much more especially given I expect some of it is to provide a sustainable compensation to key team members as well. Every cent will count.
400k would last me 13 years for a rack, power and 10Gbit/s bandwidth at my colo place (Switzerland, traditionally high prices)
Yes, but that's not their only expense.
8 replies →
For reference, in the US at least, there was/is a company called Joes Data Center in KC who would colo a 1U for $30 or $40 a month. I'd used them for years before not needing it anymore, so not some fly by night company(despite the name).
At that rate, that would buy you nearly 1000 years of hosting.
I was trying to avoid naming exact prices because it becomes argument fodder, but locally I can get good quality colo for $50/month and excellent quality coloration with high bandwidth and good interconnects for under $100 for 1U
I really don’t know where the commenter above was getting the idea that $400K wouldn’t last very long
1 reply →
Those prices are rock bottom! For that price, what do you get for (a) power budget, (b) Internet connectivity, (c) ingress and egress per month?
I Googled for that brand and got a few hits:
The homepage now redirects here: https://patmos.tech/
Another under appreciated point about that data center: It has excellent geographical location to cover North America.
Joe's got bought out by Patmos.
The jury's still out on whether or not this is a good thing.
3 replies →
For a server? The going rate for a 1/4 cabinet is $300-500/month.
If 100 years is fast, yes. You can get pretty sweet colo for 4k per year. I know cheaper places too.
A full rack, 10 gigabits bandwidth and 1920W of power is available for as little as $800/month: https://1530swift.com/colocation.php
Of course you have to buy the switches and servers…
> a $400,000 grant
IDK if they could bag this kind of grant every year, but isn't this the scale where cloud hosting starts to make sense?
400k could get you 10 Dell Poweredges with a 128 core CPU, 256GB of RAM and multiple terabytes of storage _multiple times_. 400k easily covers two of these machines, and colocation space is about 2k per year.
Cloud hosting only makes sense at a very, very small scale, or absurdly large ones.
You have two options. Colo if you still want physical access to your devices, or cloud, where you get access to nothing beyond some online portals.
Colo is when you want to bring your own hardware, not when you want physical access to your devices. Many (most?) colo datacenters are still secure sites that you can't visit.
7 replies →
So that they can pay 100x more expenses for.. no gain? They would pay an arm just for traffic.
It's OpEx. MBAs will pour unlimited money into OpEx to avoid CapEx.
1 reply →
CloudFlare is free/cheap and hey presto, no servers to manage!
5 replies →