HACKER Q&A
📣 host0

Local server, Global client – What am I missing?


I'm thinking about various deployment options for this client-server product my small team is making. OnPrem and SaaS comes with their own pros and cons, and this hybrid approach seems like a good middle ground.

This is what I am thinking of: We would package our python server that the user installs on their machine. The user then opens our internet hosted web client. The client calls APIs at localhost:5000.

The customer is happy because their files never leave their machine. We get real time analytics of what the user is doing with our product. We get to push fixes to the client quickly and conveniently. The server responds to our client only because we set the allowed origins.

I've been playing around with a POC and it works without issues so far. However I know that I'm definitely not the first person to think about this. Yet I do not recall seeing any product that is deployed like this. This leads me to believe there are some big issues with this idea which I seem to to be missing.

What are those issues? Have you seen/done something like this?

  👤 codingdave Accepted Answer ✓
Well, sure, it would work, but it is a security concern. You are proposing that you create a service that punches inside your customer's firewall. That typically is only done when there is a strong reason for it, not just for your analytics.

In the same spirit, you pushing updates to servers running on someone else's infrastructure is a problem - they need to be in control of their own servers, so odds are they want to do the updates themselves.

In short, this setup may be good for you, and may work for some customers, but you are fighting against some standard IT practices.

👤 andrewfromx
"We would package our python server that the user installs on their machine" - which version of python? What if the user already has python v3.8 will you force them to upgrade or use python version switcher? What about pip3? Will you install a bunch of packages? When I hear install on user's machine I think, use golang and ship just 1 binary.
👤 pestatije
No easy way to upgrade server...client and server must run in the same machine (no way to use multiple devices)...not possible to run offline...standard user management + security thrown out of the window