You're really going to run into trouble with the "no credit card required" thing - people are going to use your service to, at worst, spam and abuse other people and, at best, mine crypto.

Webapp.io's money making part (which facilitates this) is a DevOps company (CI/CD, preview environments, etc) which is already hammered with that sort of thing - see this post (from when we were called LayerCI) discussed by TravisCI for context: https://blog.travis-ci.com/2021-10-20-mining

But this article says the solution was to require credit card for free use. The parent comment is noting that these guys are not doing that.

"These guys" are the same guys.

So I think the question is: "what changed from your prior analysis?"

[I am not parent poster] A new product launched. Abuse can be ignored in initial stages (indeed, it can be useful as a stress test and for boosting user numbers).

Crypto miners and spammers become a problem when they are crowding out legit customers, at which point they'll be pruned, and new signups will require credit cards.

So what you're saying is, the first hit is free?

Hey HN,

We recently finished our firecracker-based webapp hosting platform.

It's like if Vercel and Docker had a baby: You write VM configurations in a language that looks like a Dockerfile, and every commit creates a preview environment which can be "promoted" to a production site.

Here's an example configuration:

``` FROM vm/ubuntu:18.04 RUN curl -fSsL https://deb.nodesource.com/setup_12.x | sudo -E bash RUN apt-get install nodejs COPY . . RUN npm install RUN npm run build RUN BACKGROUND npm run start EXPOSE WEBSITE localhost:3000 ```

This product combines our firecracker-based hypervisor (200ms cold starts) with a global CDN written in Go (using Caddy for TLS termination)

We can offer everything for free because we charge for the DevOps side (CI/CD & preview environments) - we have no intention of getting users and then upselling people for hosting.

We're obviously very excited about this launch, and would love to hear your feedback.

> You write VM configurations in a language that looks like a Dockerfile

What are the differences from a Dockerfile?

Serverless isn't that enjoyable for me since I don't like using old versions of stuff. Vercel doesn't support Node 19, which means you can't use built-in fetch without it logging a warning about fetch being experimental every time you call it.

IIRC it took a long time for Node 18 to be available.

Containers FTW. You can use things in production when the maintainers release to production, not when AWS Lambda has them.

> You can use things in production when the maintainers release to production, not when AWS Lambda has them.

You can run anything the hell you want in AWS Lambda as it is literally just a container. The documentation even shows you how to write your lambda function entirely in a handful of lines of bash using curl to request the job and submit the result.

What are the limitations of the free hosting? Surely I can’t deploy once and scale infinitely without paying you, right?

It's two environments per unique account - though you can email support to prove you're a real person and get this moved up.

We haven't had to formalize any policies, but they'll be similar to other cloud free tiers:

- HTTP only (no terabytes of videos or images exclusively)

- No crypto mining

- No phishing sites

- No sending emails, attacking others, etc

We currently do about a million builds a year, so 99% of projects shouldn't cause problems for us.

Vercel aka Zeit originally hosted Docker containers.

We don't actually host docker containers - the configuration DSL is based on Docker, but has crucial differences

In particular, you can do things like

RUN BACKGROUND docker-compose up

EXPOSE WEBSITE 8080

This is super important for most use-cases, since otherwise you have to deal with networking and version control.

What's the strategy for dealing with persistent data? (Postgres, KV store, whatever)? How do I set that up and connect to it?

If you're running in AWS (looks like it), how do I set up private networking with RDS?

It's advertised as a VM so it should have a persistent filesystem. So sounds like you can run your own DB service in the same VM or use SQLite.

Eg in this Django app example they are using PostgreSQL: https://docs.webapp.io/examples/django

Ty for asking this. I was searching the docs all over for this and surprised it wasn’t mentioned.

Your Docs [0] and Examples[1] page, or many [2] other page in the footer for that matter, return a blank page?

[0] https://webapp.io/docs/main

[1] https://webapp.io/docs/examples

[2] https://webapp.io/docs/integrations

Firefox, latest version, no ad blocker enabled. After nosing around in your source a bit, it seems the redirect to https://docs.webapp.io doesn't work for me?

We actually just migrated to NextJS this week - so there's still a few hairy bits with the frontend. Thanks for the report, should be fixed now.

Thanks, can confirm: works fine now!

Why would I use this over fly.io? It seems to be very similar at first glance

I can't even find their vm details (cpu/memory + bandwidth) and many other things.

Will add those to the landing page - they got lost in the Figma design

Same question here, it seems to be a fly.io clone without the global anycast network.

We do have a caching anycast proxy like fly, render, and other webapp-focused PaaS providers.

I'd like to try out your service, but would not be willing to link my GitHub account, and I do not have a Google account. Any chance of a non-federated sign in method?

What access does it require to your GitHub that you are weary about? (Actual question, I am not involved with Webapp.io at all)

Practically - We don't actually require you to use Docker, and we don't use it under the hood. The configuration (which looks like a Dockerfile) can run multiple containers in the same VM:

FROM vm/ubuntu:22.04

RUN (install docker)

RUN REPEATABLE docker-compose build

RUN BACKGROUND docker-compose up

EXPOSE WEBSITE localhost:8080

You can also just run entirely non-docker services:

RUN BACKGROUND redis-server

- The DSL will watch which files are used for each build step to skip everything you haven't changed, so builds are much faster - You can use us to clone VMs and run Cypress tests in parallel, then promote one of the clones to a preview environment, and another to a production environment - We're more declarative (in my opinion), we don't have a CLI. Everything is done by editing a Layerfile and git pushing it

TL;DR, we focused on a declarative configuration format to quickly build, fork, and hibernate VMs, where Fly is more focused on building/shipping docker containers (though the products do fill a similar niche)

Hey! Best of luck with this. Real quick: we don't use Docker "under the hood" at fly.io either. We take OCI containers as inputs, and transform them into VMs. The only "Docker" running here is the code that allows us to accept our users existing containers.

Sure, I meant "docker" here as a simplification for the OCI format.

It's good to diversify the built-on-Firecracker-as-a-service space.

When creating an account with Github, why do you ask permission to "act on my behalf"? There is no such permission when creating an account with Google

Fly.io has no credit card free hosting for a bit, then immediately stopped due to insane bot abuse.

Might wanna check their article, because you may face the same problems.

We need our server to run very close to our database, preferably in the same datacenter. Does webapp.io support that yet?

I signed up and tried to authorize a single github repo, I received a '500 error' from https://webapp.io/api/after_github_oauth?code=&installation_...

It looks like all of the auth data is empty - maybe you logged into an account which doesn't have permission to install on that repository?

If you email me at colin@webapp.io with your GitHub account name, webapp.io account (if any), and the name of the repository, I can take a look for you.

Ah, I stripped it from the post, didn't want to leave some important tokens on the internets.. :D I removed the authorization and tried again a few minutes later, it ended up working. Probably a temporary problem.

Any chance you will open-source this?

This application will be able to:

- Access the authenticated user's API Grants complete read/write access to the API, including all groups and projects, the container registry, and the package registry

Why is write access necessary?

Hey HN! Co-founder of webapp.io here. Looking forward to your feedback :)

Looks great! Will deploy my next project on here and see how good it is :)

Where does the money come from?