Co Op cloud alternatives

Co-op Cloud has done a great job of listing out their opinions of the pros / cons of other server / app management software.

Copy / pasted from their FAQ so I can easily reference.

Cloudron

Pros

  • 👍 Decent web interface for app, domain & user management.
  • 👍 Large library of apps.
  • 👍 Built-in SSO using LDAP, which is compatible with more apps and often has a better user interface than OAuth.
  • 👍 Apps are actively maintained by the Cloudron team.

    Cons

  • 👎 Moving away from open source. The core is now proprietary software.
  • 👎 Libre tier has a single app limit.
  • 👎 Based on Docker images, not stacks, so multi-process apps (e.g. parsoid visual editor for Mediawiki) are a non-starter.
  • 👎 Difficult to extend apps.
  • 👎 Only supported on Ubuntu LTS.
  • 👎 Upstream libre software communities aren't involved in packaging.
  • 👎 Limited to vertical scaling.
  • 👎 Tension between needs of hosting provider and non-technical user.
  • 👎 LDAP introduces security problems - one vulnerable app can expose a user's password for all apps.
  • 👎 Bit of a black box

@boris commentary: do I wish that Cloudron were fully open source? Yes. But I also like that the team has a sustainable business where they keep all of these apps packaged and updated over time! They mention the SSO model here as LDAP, but in fact it's OIDC now.

Yunohost

Pros

  • 👍 Lovely web interface for app, domain & user management.
  • 👍 Bigger library of apps.
  • 👍 Awesome backup / deploy / restore continuous integration testing.
  • 👍 Supports hosting apps in subdirectories as well as subdomains.
  • 👍 Doesn't require a public-facing IP.
  • 👍 Supports system-wide mutualisation of resources for apps (e.g. sharing databases by default)

    Cons

  • 👎 Upstream libre software communities aren't involved in packaging.
  • 👎 Uninstalling apps leaves growing cruft.
  • 👎 Limited to vertical scaling.
  • 👎 Not intended for use by hosting providers.

@boris commentary: I took a look at Yunohost and found it scary from a security perspective. Packaging is a pile of bash scripts. More apps but they're mostly undermaintained

Caprover

Pros

  • 👍 Bigger library of apps.
  • 👍 Easy set-up using a DigitalOcean one-click app.
  • 👍 Works without a domain name or a public IP, in non-HTTPS mode (good for homeservers).
  • 👍 Deploy any app with a docker-compose.yml file as a "One Click App" via the web interface.
  • 👍 Multi-node (multi-server) set-up works by default.

    Cons

  • 👎 Single-file app definition format, difficult to tweak using entrypoint scripts.
  • 👎 Nginx instead of Traefik for load-balancing.
  • 👎 Command-line client requires NodeJS / npm.
  • 👎 Requires 512MB RAM for a single app.
  • 👎 Backup/restore is "experimental", and doesn't currently help with backing up Docker volumes.
  • 👎 Exposes its bespoke management interface to the internet via HTTPS by default.

Ansible

Pros

  • 👍 Includes server creation and bootstrapping.

    Cons

  • 👎 Upstream libre software communities aren't publishing Ansible roles.
  • 👎 Lots of manual work involved in things like app isolation, backups, updates.

Kubernetes

Pros

  • 👍 Helm charts are available for some key apps already.
  • 👍 Scale all the things.

    Cons

  • 👎 Too big – requires 3rd party tools to run a single-node instance.
  • 👎 Not suitable for a small to mid size hosting provider.

Docker-compose

Pros

  • 👍 Quick to set up and familiar for many developers.

    Cons

  • 👎 Manual work required for process monitoring.
  • 👎 Secret storage not available yet.
  • 👎 Swarm is the new best practice.

I'll skip the the "doing it manually" old school version of server + app maintenance.

Notes mentioning this note