> I understand why it’s hard to convince the rabid nginx greybeards that it isn’t “the shit” anymore.
I'm not sure about that. Nginx still feels like one of the more popular options and is generally a good fit for many of the problems that it tries to solve, at least in the deployments that I've seen it used in (reverse proxy, serving static assets, connected to PHP-FPM sometimes).
It also is the de factor Kubernetes ingress controller and other options like Traefik still haven't quite taken off in that space, at least to that degree. For example, the K3s distro has Traefik as the default ingress, but it's not quite as well documented (e.g. setting up your own custom wildcard SSL certificate).
Cannot really comment on the paid version, though. I can understand why it would be a thing, but it's also a bit concerning, as it usually is with open core and similar products.
I generally recommend Caddy over Nginx, but Nginx does still have certain advantages:
- Nginx supports OpenSSL commands that enable features like TLS record padding.
- Performance: better latency and scalability to more connections. Not everyone uses a CDN for static/cached content
- Kernel-accelerated TLS offload on Linux and FreeBSD
- Many existing modules provide unique functionality. The many modules for live video streaming and image processing are good examples.
- An ecosystem of patches with features like HPACK static dictionaries, dynamic TLS record sizing, etce
> …has terrible language integration.
Generally, "language integration" isn't really a use-case for vanilla Nginx; it's a use-case for Nginx Unit, an Nginx language-specific module, or OpenResty. I personally prefer the reverse-proxy route since it lets me use whatever language I want regardless of server support: Go, Rust, Python, C, etc.
If none of these are that important then I absolutely would not recommend Nginx; Caddy would be the better tool.
> People aren't writing internet scale software in lua for a reason.
I'd include Itch.io, much of Taobao, and some of the most popular API gateways (including Kong) in the category of "Internet-scale software written by 'people'".
- Performance: Requires nuanced tuning. Caddy performs competitively well for real world usage
- kTLS: Sacrifices memory safety.
- Existing modules: How do they perform compared to natively-compiled code? Caddy modules can do all that nginx modules can do, and more, but are natively compiled. I ran experiments with Caddy+Starlark that performed 2x as fast as Nginx+Lua.
I recommend users who link against OpenSSL to enable padding to multiples of at least 1024 bytes if they want to impede traffic analysis. The Nginx devs aren't interested in implementing random record padding or supporting the feature in BoringSSL/LibreSSL, unfortunately.
Can Caddy leverage either form of padding? If so, I might need to give it another look!
And regarding modules: most are written in C and dynamically loaded as shared objects or statically linked during compile-time. A bunch are listed at https://www.nginx.com/resources/wiki/modules/. The ones for live streaming and VODs are the hardest to replace, IMO. IPScrub was my favorite but I haven't used it for a few years.
Personally, I think live streaming and ffmpeg-based encoding are specialized enough to warrant a specialized server (like a custom Nginx build) and are a bit out of scope for a general-purpose user-friendly server like Caddy.
I'm not sure, I'd have to see what the crypto/tls package does.
I would push back against the notion that something like that is "out of scope" for a "general-purpose user-friendly server". Caddy is far from user friendly if you utilize its low-level JSON configuration API, and at its core, Caddy is an extensible server platform. Even its HTTP app is a plugin, and it can be extended to do frankly anything if you want it to. Streaming video is a use case that I know several people use it for already.
Redbean is a webserver. Go is not a webserver. Redbean cannot be "faster than Go". That's like saying that a car is faster than aluminum. Do you have benchmarks of Redbean versus Caddy that you can point to? I certainly haven't been able to find any.
I also haven't been able to find any in-depth independent benchmarks of Redbean. About the only thing I could find was someone struggling to reproduce the benchmark results.[0]
Personally, I've dealt with more than enough memory safety vulnerabilities caused by no programmer being good enough to write safe and correct C (or C++). Those vulnerabilities are easily prevented by choosing just about any other language people are likely to know about... so, I have no desire to deploy anything like Redbean when alternatives exist. It's cool to see the hacks they've been able to do with Cosmopolitan to make cross platform binaries, but hacks like that are not what I want for anything other than educational purposes, at least not until they've been more battle tested.
"If you want Rust-like promises then redbean can be compiled with ASAN memory safety. Cosmopolitan Libc has the only open source implementation of the Address Sanitizer runtime that's intended for production use. It causes redbean worker processes to crash and log a report should a bug like a buffer overrun, use-after-free, or stack smash occur. This has a marginal impact on performance. It can be useful in environments where interruptions in a service are more desirable than risking the system being compromised."
ASAN by itself cannot make those guarantees, from what I understand. Cosmopolitan would also have to make sure never to reuse virtual memory addresses for a start, and there’s actually even more to it than that. So, no, I’m not impressed by arbitrary claims like that. It’s such a bold claim. If it were true, Apple and Google would be adopting this ASAN implementation ASAP since they have tons of C and C++ code that would benefit from better safety at marginal performance cost.
In the mean time, if Redbean and Cosmopolitan want Rust-like promises of memory safety… they need to write it in Rust.
Uhm you realize Google invented ASAN? It's how they hunt for memory bugs in software like Chrome. If you love Rust, then we're actively working to port Rust to Cosmopolitan. https://github.com/ahgamut/rust-ape-example Rust in practice has `unsafe` code which needs something like ASAN to make it safer. In order to do that, you need a C library that has first-class support for ASAN where it isn't just an afterthought. I believe that in the future, Cosmopolitan Libc is going to help Rust be even more safe going forward.
I did specify “this ASAN implementation” with emphasis on the “this”, since it was presented higher in the thread as having marginal performance impact and excellent, rust-like safety. Google’s ASAN is not used on all production instances, last I heard, due to the large performance penalty. All sorts of memory safety issues slip past ASAN right now, especially when it is only used outside of production.
If ASAN were a silver bullet, C memory safety vulnerabilities would be a distant memory. They’re not. ASAN helps, but it isn’t enough.