SFTPGo sustainability #1218
Comments
It might be due to the new Github sponsorship policies, in case you were unaware they no longer accept PayPal as a payment method and a lot of other projects lost sponsors due to this change. It's also very plausible that many don't know (or ignored the warning emails) and are even unaware that their subscriptions were terminated. |
Maybe this can be true for some sponsors. For some of them I have no contacts other than github username and obviously I can't mention them here or in another post. I tried to contact the other ones but no reply so far |
|
@drakkan email me [email protected] ... lets connect there. |
|
I just started to evaluate sftpgo, but feature wise it looks very powerful. I'll poke around in my place to see if I can arrange sponsorship for this. |
|
I am getting leverage for a company to use SFTPGo for our applications. I will work on a budget addition to try to get some more support. |
|
|
|
For those interested, please use the offer from "SFTPGo Authors", the other one is deprecated and will not be updated anymore. Thank you |
|
Hello, as a last attempt to keep SFTPGo completely open source I have added some support plans which can be purchased from the SFTPGo website. Thank you |
|
Glad to hear you worked something out! When the agreed sponsorship period we paid in advance ends, do you prefer we switch over to the subscription plan? Best, |
as you prefer. I can generate a payment link that matches our current deal (annual payments instead of monthly and the same amount). Thanks for supporting SFTPGo! |
|
I've just created a subscription to the AWS marketplace "container edition". I've added a service account to run the app with the recommeded IAM permissions.
Is there a specific container registry I need to use for this version and have it register with AWS, or just the standard one (ghcr.io/drakkan/sftpgo)? Thanks
|
Hello, thank you for subscribing to container offer, you have to run the images on Amazon ECS or EKS to use the offer. Below the usage istructions there are the credentials and the links to the Amazon ECR registry to pull the images
the latest version are 709825985650.dkr.ecr.us-east-1.amazonaws.com/sftpgo-authors/sftpgo:v2.5.1 distroless images have just been removed from the public repository and will remain available only on ECR (or a private registry for project sponsors who don't want to use AWS services). |
|
Thanks for the quick response @drakkan, I guess I didn't go far enough and didnt click the "Launch software" to get to that screen. I am using EKS and have a lot of services running already, but haven't needed to pull images from ECR yet, just from public and our private registries. Now I just need to setup something to automatically renew the registry credentials in a pull secret automatically as it looks like they expire after 12 hours... Would it be acceptable to pull the image locally and push to our own private container registry that we are already have the cluster setup to pull from? I'm haven't looked into how AWS Marketplace container products work, so not sure if it's a requirement that they're pulled directly from ECR from a metering perspective. Thanks again |
It should work, as an AWS subscriber you can contact us by writing to support at sftpgo.com, please write there for follow up questions, this is a bit off topic here. Thank you!
|
|
Hi SFTPGo Team, With the current attacks on closed-source file sharing systems this year, I definitely want to make sure there is a strong open-source solution. We have started using SFTP Go and have so far been happy with the product and we're happy to donate to keep this going. I do believe that there is opportunity now, given these attacks, to rally around a community project. I suspect this will get more popular, so I guess I'm just chiming in to say "don't lose faith" and I think now is the time. |
Thanks for the nice words and for your sponsorship. If you have any problems/questions about SFTPGo please contact us at the dedicated support email address. I'm tired of pinning these posts, it seems like I'm begging. If people don't realize the importance of supporting a community project like this they deserve sql injections vulnerabilities or to get ignored if they want a free software and also free support |
|
For what it's worth, this thread is what spurred me to sponsor. It's not like we wouldn't have, but I didn't feel any urgency until I read this. So while I know it feels like begging, and you shouldn't have to beg, folks like me are a bit dense and don't think to act until something hits us over the head. So maybe it's not bad to hit people over the head with this sort of thing? |
|
I'll take into consideration what you wrote, but I don't like to ask, it's not easy for me to publish posts like this. The main README should already explain why it is important to sponsor the project. Let me know if you want your company logo in the sponsor section. Thank you! |
|
Same as @nandanrao I also was prompted by this thread to find a way to ensure that we're not freeloading as by default I'd just pull the released package into a custom packer build and call it a day without giving it a second thought. Not because I don't want to pay, but because SFTP implementation is just one task on my ever growing list of things to do. I would second the suggestion to keep the thread open as you deserve to be rewarded for your work, but more importantly, it's in our common interest to ensure first and foremost, longevity of the software but also your ability to develop its feature set further and address any potential security vulnerabilities. Thanks for all your hard work. |
|
@nandanrao @lstyles thank you. |
|
Maybe it's not the best place to ask as we are mostly devs here and contribute by code directly or indirectly more than by money ? Do sponsors looks at github issues ? |
New code contributions increase the maintainance workload without improving motivation or sustainability. Reviewing and iterating or pushing back on PRs is work! Often more than writing the code itself. I have no other place to ask, I hope people using SFTPGo ask their company to support the project. Do you have better ideas? |
|
i use sftpgo to share stuff with friends/remote backup etc. not much tbh. i'd like to enable more security/check logs/etc but i just dont know how. i cant event enable webdav https lol i think it's because i dont have a valid certificate not sure. doesnt really matter i guess. i use it over tailscale. anyway hopefully i can donate in the future and then i'd feel "ready" for making suggestions hehe |
|
Hello, Nicola, please keep this issue pinned, without it, i wouldn't have push my company to select and pay for your product |
|
we are willing to sponsor too, have written you an email, hope you saw it |
I replied on October 15th, I will forward the response to you again, try checking your spam folder too. Thank you |
|
My institution won't sponsor you, but I did just set up a personal $5/month sponsorship. It's ... pretty paltry, but I hope it encourages others to support you :-/ |
Thanks, appreciated |
|
Hello, My company may or not sponsor you for your work. It already does for some other open source projects. Regards, |
|
Just sponsored with my personal account because I agree support requests must be a real time consumer. Regards, |
So Finally I've got time for this and needed to rethink what to say or not. First off, I don't need the feature at all. I made the commit because I thought this was a cool project and that this feature would make sense for the product itself. Since I was publicly exposed to receiving free features, I had no motivation to push my request for regularly spending money, which is unfortunate because my initial goal was to spend money. I still think it's a great product. |
|
@mistadave I didn't mean to make a personal attack, I'm sorry if it seemed that way. You are right, I probably shouldn't have mentioned a specific PR (I only got the last one at the moment), but rather spoken more generally. Again, I apologize if I hurt your feelings, that was absolutely not my intention. And I am not writing this to change your mind about supporting the project, but because I made a mistake, just because there are many people who expect free support/features and/or, even worse, make money basing their business on SFTPGo without giving anything in return, it is not fair to generalize. |
@drakkan thanks for your response and the apology. |
|
Just discovered SFTPGo. I find it to be a very good piece of software. Simple and does what it does best. No over complication with tons of features not needed. While I have not implemented this for our company usage, I came across this post and is sad that sustainability of this software is bad. Hence I would like to provide donations to dev. The current model is support service which is too high for us to pay. Is there a donation page for us to "buy you a coffee"? I know it's not much but it's a small token of appreciation coming from a small start-up. |
Thank you for your kind words, I appreciate them. |
|
Hi @drakkan, I was wondering if you could give an update concerning the current financial viability of your solution. Of course, given the situation outlined in this issue, we would like to have a bit more certainty that you intend to carry on with the maintenance of the project for the foreseeable future. Put differently, if you are rather considering to shut it down in the next few months we hope that you would be transparent about it as well. We currently use a different SaaS solution for SFTP and are looking to migrate about a dozen external parties onto our new solution (which could be based on SFTPGo). We would like to avoid another migration of this scale right after being done, due to the project shutting down! If you'd rather not make any public statements about this currently, then please let me know, so that we can converse over email. |
|
@mario-d-s thanks for your comment. I think it's worth clarifying publicly. Luckily we found other ways to make the project sustainable (support plans, SaaS offerings, resource-based billing, custom developments etc.). We no longer respond on GitHub because we have discovered the downside of open source software: many companies resell, base their business on and/or try to make money with SFTPGo without giving anything back and often also violating our trademarks and the AGPLv3 license and ask for help here as anonymous GitHub users when their customers report a problem. If you are interested in using a supported copy of SFTPGo or our SaaS plans (which already use the private version of SFTPGo), please contact us via email. |
|
@drakkan it's good to read that your company seems to be doing well! Under the new license / business model, will you still keep Docker images available for self-hosting? It could be a private registry to which only paying customers get access... Also, will potential customers still be able to easily do a trial of SFTPGo? |
|
✋ I'm highly following this topic as i'm also very concerned with an enterprise usecase |
|
I'm just passing by since I'm subscribed to the topic and as a long time user of SFTPGo and i thought to share my experience. I've been using SFTPGo for four years, fully self-hosting it on-prem with hundreds of users, complex permissions, and all supported protocols, including the web UI. Along the way, I hit some bumps—mostly my own doing—but @drakkan has always been incredibly responsive, whether through GitHub, email, or even a 1:1 meeting to help with our setup. We renew our yearly sponsorship because the system is rock-solid and battle-tested. If you're a sysadmin looking for a reliable solution, I highly recommend it. |
Yes, such a repository is already available and we are sharing it with trusted Enterprise Plan subscribers for now, we will offer this version to all our Enterprise Plan subscribers when it is ready. We will also provide deb/rpm repositories and installers for Windows (not all our users use Docker/Kubernetes).
Yes. I still believe in Open Source and this move is very hard for me, I tried to avoid it in different ways. The open source version will not be abandoned, just some new features will not be available, this does not mean that everyone will have to use the private version. If you use the open source version today and you are satisfied with the features offered (which we believe cover many use cases) you can continue to do so, it will not stop working and we will commit to maintain it as we have done since 2019. |
|
That sure seems like a generous way to continue the product for those who are using the Open Source version today. Thanks for the clarifications! |
|
Hi @drakkan my organization uses SFTPGo more and more and I would like to push the idea to switch to a paid plan. |
|
@adriens thanks for using SFTPGo. What happens if you have an issue? Will you ask for help here on GitHub hoping someone will take the time to help you? You can find all the information on our website: sftpgo.com. Our Enterprise plans include our security hardening guide and early security patches. Side note: our company was accepted as a Google Partner a few days ago, so I think we will be able to offer SFTPGo on Google Cloud Marketplace in the next few weeks, initially as a VM and later also as a container. |
|
Awesome I have all the required informations I needed. |
This is also included. The Terraform provider has some known issues and we should improve its code, but it should work fine as is, at least for most common use cases and with some workarounds. |
Thanks for all these informations @drakkan I could produce a simple yet complete note about the benefits of the paid plan. |
Unfortunately SFTPGo is not financially viable yet which means its sustainability model is failing.
SFTPGo users have increased a lot but only a few of you support the project with sponsorships/donations.
With few exceptions, companies/people generally start sponsoring for a few dollars a month ask a lot of questions/features and once they have their answers/features they stop sponsoring. Not to mention the people who don't sponsor at all and who contact me privately if I close as invalid their issues whose answer is in the documentation or big companies using SFTPGo without returning anything back.
SFTPGo offerings on Azure and AWS are by far the cheapest of similar products, and SFTPGo has more features than many commercial products there, yet subscriptions are low.
I can't keep investing all this time in SFTPGo under these conditions. If each of you donated a small amount there would be no sustainability problems but unfortunately this is not the case.
I'm sorry but I'm considering switching to an open core model or something similar where not all features are available in the free version.
I'm posting this in hopes that something will change, but honestly I'm skeptical now. I lost about 10 sponsors, for no reason, this month alone.
The text was updated successfully, but these errors were encountered: