Skip to content

Top New Best Ask Show Jobs

NetBird Is Embracing the AGPLv3 License | Better HN

NetBird Is Embracing the AGPLv3 License (opens in new tab)

(netbird.io)

88 pointsbraginini7mo ago78 comments

78 comments

moomin7mo ago

More and more firms are realising that AGPL coupled with dual licensing allows them to be open source whilst protecting their commercial interests.

echelon7mo ago

AGPL doesn't have the critical "no commercialization" clause that prevents a direct competitor. It just prevents hyperscalers.

AGPL will stop Amazon. It won't stop WP Engine.

There needs to be a license that enables your customers to use you freely, but not your competitors from reselling your hard work.

jchw7mo ago

Your customers, potential competitors, and even hyperscalers are all possibly the same people at different points. AGPL works because corporate lawyers are horrified by it, not because it actually discriminates against hyperscalers. If you find something that even sane lawyers wouldn't tolerate, then you have greatly limited the benefits of being open source in the first place. If you make a license that actually discriminates on user or use case, then it's not open source.

If you want to protect your project from being resold by potential competitors, do not release it as open source.

I think this problem might solve itself, though. Slowly but surely, companies and power users have become very wary of VC funded companies making big promises and big open source releases, with the knowledge that there is rarely a plan for sustainability and that there is a good chance if they stand on that rug it could be pulled later. Soon, if trends continue, the advantages that you once got from announcing something as open source will start to evaporate and turn into a liability as people start seeing ahead to the eventual "but of course we have to be able to monetize this eventually" stage.

The way I see it, a project can always be open sourced later on once there's a way to do it and ensure the company can remain sustainable. For the flagship product of a company, especially a VC-funded company, not starting open source is the ethical thing to do.

graemep7mo ago

> There needs to be a license that enables your customers to use you freely, but not your competitors from reselling your hard work.

There are such licenses. They are just not open source.

bragininiOP7mo ago

Fair point, but it won't be considered open source. NetBird wants to stay open source. AGPL gives certain protection, but is not 100% bullet proof.

znpy7mo ago

> AGPL will stop Amazon. It won't stop WP Engine.

WP Engine is not a problem, Amazon is.

m4637mo ago

"no commercializaton" is not free software.

The users should not be restricted. The responsibility comes from redistribution.

resiros7mo ago

I think that's perfectly fair. The community is quick to put whoever builds commercial OSS software on a cross the moment they change their license to ensure they still have a competitive advantage. Instead, we should encourage commercial OSS companies. COSS companiesare one of the only venues for creating high-quality OSS projects that you can self-host.

I personally think the definition of open-source is problematic (and clearly biased by the lobbies of hyperscalers). Why aren't n8n or MongoDB considered open-source? (https://github.com/n8n-io/n8n/blob/master/LICENSE.md, https://www.mongodb.com/legal/licensing/community-edition) Why does requesting that others not sell your product make the project not open-source?

JoshTriplett7mo ago

> I think that's perfectly fair. The community is quick to put whoever builds commercial OSS software on a cross the moment they change their license to ensure they still have a competitive advantage. Instead, we should encourage commercial OSS companies.

Complete agreement there. I'd like to laud NetBird for using AGPL rather than one of the recent VC-fueled proprietary-with-source-available licenses.

> I personally think the definition of open-source is problematic (and clearly biased by the lobbies of hyperscalers).

Open Source has existed since before "hyperscaler" was a concept that existed, and before Software as a Service was a going concern. Its definition has not in any way been affected by the lobby of an industry that didn't exist when it was defined.

One rationale for not changing the definition of Open Source is an issue of Schelling points / focal points ( https://en.wikipedia.org/wiki/Focal_point_(game_theory) ). Right now, we have a common definition of Open Source; if everyone could put their pet restriction in ("no military", "no SaaS", "no AI", "no nuclear power"), we'd end up with a hundred variants and no ability to collaborate and share code across projects.

gr4vityWall7mo ago

> Why aren't n8n or MongoDB considered open-source?

In the case of MongoDB, it's because the SSPL requires that all the software used to offer the network service is also licensed under the SSPL. That prevents it from being used to write Free Software by mixing free programs and libraries that use a different license, even if they are free.

So, for example, if your network service supports managing MongoDB instances, and it includes Caddy or Nginx, then you're not complying with the license, as Caddy and Nginx aren't released under the SSPL and you cannot relicense them.

> Why does requesting that others not sell your product make the project not open-source?

Because requesting them to not do that makes your program proprietary, and thus non-free by definition.

bragininiOP7mo ago

The OSI definition doesn't allow that kind of restriction, mainly because it's all about keeping software as free and open as possible.

But the thing is, commercial open source companies play a huge role in making great open source tools, especially ones you can self-host. Without them, a lot of the software we rely on wouldn't even exist. People often push back when these companies change their licenses, but they forget the reality. Big cloud providers can make tons of money off open source projects without giving anything back. That's a tough spot for the folks.

I'm sure that in the nearest future we will have some COSS licenses :) Well, as an open source contributor I hope so

kiba7mo ago

Making money isn't the problem. Restricting it is.

api7mo ago

I'll put it rather bluntly: present-day open source is largely free labor for SaaS companies.

SaaS, meanwhile, is the least open and least free model of software distribution, significantly less open or free (as in freedom) than closed-source commercial software you run yourself. This model, SaaS, is powered from the ground up by open source, and most SaaS gives little or nothing back. Some SaaS is not much more than a management and UI layer built around pre-existing open source standards and code.

Something is very wrong if open source exists largely to enable the least free model of software distribution. Open source as currently conceptualized is stuck in the pre-SaaS eras of the 1980s and 1990s and refuses to adapt to what "free" and "open" mean in the new landscape.

It doesn't help that the OSI is fully captured by companies like Google, Amazon, Microsoft, and Meta with a vested interest in promoting the SaaS and cloud-first model. If local-first ever gained traction it would be a threat to not just their SaaS products but their incredibly lucrative cloud businesses.

phkahler7mo ago

>> I'll put it rather bluntly: present-day open source is largely free labor for SaaS companies.

I've used Free Software and Open Source over 20 years and have never paid a SaaS company a dime.

OTOH the most valuable software that I regularly use is Free Software as opposed to Open Source Software. So maybe the OSS really is primarily free labor for SaaS?

hodgesrm7mo ago

> SaaS, meanwhile, is the least open and least free model of software distribution.

Less free and less open than Oracle DBMS? That seems like a stretch.

yjftsjthsd-h7mo ago

> The community is quick to put whoever builds commercial OSS software on a cross the moment they change their license to ensure they still have a competitive advantage.

Yes, people object to pulling a bait and switch by taking something that was open source and then making it not open source.

> Instead, we should encourage commercial OSS companies. COSS companiesare one of the only venues for creating high-quality OSS projects that you can self-host.

We do encourage that. We also discourage commercial fake-OSS companies.

> I personally think the definition of open-source is problematic (and clearly biased by the lobbies of hyperscalers). Why aren't n8n or MongoDB considered open-source? (https://github.com/n8n-io/n8n/blob/master/LICENSE.md, https://www.mongodb.com/legal/licensing/community-edition) Why does requesting that others not sell your product make the project not open-source?

Part of the point of Open Source is that the software isn't completely tied to a single company. If software is under one of those more restrictive licenses and the company goes under, the software is dead. If software under an open source license is developed by a company that goes under, one or even many other companies can continue working on it. This also applies while the company is alive, too; as you note, commercial companies developing open source software is a good thing, and preventing parallel development or forks is bad for the ecosystem.

ognarb7mo ago

Honestly I think it's fair. Really the only people affected by this change are people creating proprietary forks, everyone else benefits from this change.

I just wish there was a way to ensure that the company itself doesn't do a proprietary fork.

whartung7mo ago

Simple. Don't have contribution agreements. Contributors maintain their copyright so as they can prevent relicensing. Mind, FSF requires copyright for their submissions (I believe), but they're, arguably, a "good actor" in this space.

But, if the code base becomes a patchwork of contributors, it can become difficult to relicense.

eikenberry7mo ago

FSF stopped requiring contributor agreements years ago.

sneak7mo ago

It’s not fair. The AGPL violates freedom 0 and is nonfree.

https://sneak.berlin/20250720/the-agpl-is-nonfree/

Running a SaaS with in-house modifications is a protected use case for free software. The AGPL is a EULA masquerading as a license.

triknomeister7mo ago

Definition of freedom has changed in cloud era. The idea behind GPL was, if you modify your code and distribute it, you need to contribute back the changes, with the wider goal of increasing the commons. All the legalese was just to make sure that the idea worked.

In the era of cloud, distribution needs to include distribution over wire, because so many apps are now run in the cloud. And that's why AGPL. It preserves the spirit of GPL in modern times.

satvikpendem7mo ago

If you are distributing an AGPL software as a derivative work, you must also distribute the source. You can make as many modifications for internal use and not distribute them, if you're not making a derivative work.

triknomeister7mo ago

> They see this as bad, because they think you should be forced to publish your modifications to the software you use internally, even if you don’t want to.

This is incorrect. You are only forced to publish if you are creating derivative works. See how overleaf uses propietary git integration with AGPL overleaf.

graemep7mo ago

That article makes a lot of dubious claims. The central claim is that by breaking links to the source code in development on your own machine with no one else using it, then you are breaking the license by not showing a notice offering the source to yourself.

This is typical of software developers trying to interpret law. Can you imagine someone explaining to a judge that they are suing for a breach of license terms under the circumstances. "So, you are saying he did not give himself access to the code on his laptop?"

Even if that nonsense was correct, there is a dead easy workaround. Run a server with the code on it bound to localhost and you then have your network server for all users interacting with the code (yourself!). Not needed, just an additional layer of proof the claim "it is impossible to comply" is false.

Edit: to add, I am also not impressed by the author's other blog posts, such as a moan about not having PRs for FOSS projects accepted for good reasons (if you dig down into it). Lots of other complaining and nonsense too.

OsrsNeedsf2P7mo ago

When given the choice, there are very few cases where I don't pick the open source product. The peace of mind it won't be shutdown on you, the confidence the company has in their code quality, or the option to ignore migrations and stay on previous versions is worth way more than featureset deltas.

mac-attack7mo ago

Licensing talk is confusing to someone not steeped in it. I talked to Claude about it 1-2 weeks ago when it was first announced and it was framed as a reinforcement of FOSS ideals.

I actually made the jump from tailscale -> netbird last month. Definitely more work and learning, but much more aligned w/ my perspective of self-hosting and open-source software. (Yes I thought about headscale but the YouTube reviews of netbird won me over).

bragininiOP7mo ago

What did you find harder to achieve with NetBird than with Tailscale? I refer to more work and learning. Or is it purely related top self-hosting?

mac-attack7mo ago

Going from tailscale in the cloud -> self-hosting netbird required a richer mental model so I had to learn more about routing, why ZTNA is better, what is OIDC, etc

I do think that netbird's documentation is easier to read than tailscale's, but the tone does still assume a solid foundational networking background in places.

My uneducated guess is that the product is appealing to networking professionals, but a growing number of current/former tailscale users that are otherwise new to networking, but familiar w/ self-hosting. With the latter group, there's a steeper learning curve (that would also be there for headscale or most other self-hosted mesh VPN solution fwiw)

bragininiOP7mo ago

In order to safeguard the long-term innovation, sustainability, and collaborative spirit of NetBird, we are switching to the AGPLv3 license - ensuring it remains a powerful, community-driven resource for decades to come.

hardwaresofton7mo ago

The future continues to be AGPL:

https://vadosware.io/post/the-future-of-free-and-open-source...

grandfugue7mo ago

Looks like AGPL is a new norm? Redis switched to AGPL too. SSPL is also common on the server side. Curious of how you view AGPL vs. SSPL and choose the former.

bragininiOP7mo ago

SSPL is appealing for business but it is not open source. That is a deal breaker for us. We want to remain open source under a license that is recognized as open source.

immibis7mo ago

SSPL is open source by every definition. The OSI rejected it, but their explanation for why boils down to "neener neener" (it's not backed by any facts). Most other organizations haven't bothered to take a position because no notable software uses it and it's not worth the hassle to evaluate (mongodb and redis have better alternatives so nobody cares about them).

satvikpendem7mo ago

They're switching because they saw the failure of doing the source-available rugpull and causing other, sometimes even more successful, forks to show up, like Redis and Valkey. SSPL is not open source so it's not something I'd ever choose.

bragininiOP7mo ago

+1

xxpor7mo ago

>The BSD-3 license, under which NetBird has operated until now, is a permissive license. It was instrumental in our early growth, offering maximum flexibility and encouraging wide adoption. However, this permissiveness also presents a significant long-term challenge with an imbalance where the value created by a community can be captured and privatized, ultimately undermining the sustainability of the open-source project itself. Well, AGPLv3 addresses this imbalance.

How is this logic not literally Embrace, Extend, Extinguish?

tokai7mo ago

They are literally changing license to protect from E³. The only logic that makes what they do E³ is the slavery is freedom logic.

colechristensen7mo ago

>How is this logic not literally Embrace, Extend, Extinguish?

It is exactly that. We need more free software which is actually free for everyone and every use case in all the senses of free. We don't need more "free software" except there are owners who get to control who uses it, how they use it, and how they can make money with it.

There is SO MUCH WASTE that could be eliminated by a few developers getting paid decent salaries to put their work into the public domain (by this I mean BSD style very permissive licenses).

Imagine a grant giving organization that companies were encouraged to give a hundredth of a percent of their revenue to which focused on paying full time developers to build and maintain fully featured tools which are the most useful to society as a whole.

anp7mo ago

I have said a lot of times that I feel like people keep trying to reinvent a state and taxes to pay for shared infrastructure with open source maintenance. I don’t know how to use the state to solve the problem without severely degrading the quality of what gets built though.

seanclayton7mo ago

Who does this extinguish other than people who didn't want to share with the rest of the world---ie. hoard?

bitpush7mo ago

That's a weird take. If another $company wants to continue development with BSD-3 license, they can do so starting today and nothing of value would be lost.

The change is NetBird company saying, the improvements from now on are AGPLv3 licensed, but that doesnt stop from anyone to fork today and continue with BSD-3 license.

j / k navigate · click thread line to collapse