Look for escape hatches. I run a self-hosted Cloudron server. The software I host on my home server is FOSS via Cloudron, but Cloudron itself is a service that keeps each of the FOSS apps up to date with security upgrades and data migrations when necessary. It’s a huge boon to running a self-hosted server.

But when it comes down to it, they could potentially close up somehow (new leadership, get bought out, shut down etc.) They’ve left an escape hatch though–you can bundle and build your own apps, with a CloudronManifest.json etc. This would allow me to continue to run and update software if I absolutely needed to, without their support.

theinternet.com

It’s tricky. There is code involved, and the code is open source. There is a neural net involved, and it is released as open weights. The part that is not available is the “input” that went into the training. This seems to be a common way in which models are released as both “open source” and “open weights”, but you wouldn’t necessarily be able to replicate the outcome with $5M or whatever it takes to train the foundation model, since you’d have to guess about what they used as their input training corpus.