RE: Best privacy chat apps

@martin Yup, also reminds me of the quote to paraphrase; "Bad things happen when good people do nothing."

@necrevistonnezr Don't know yet but will post some stats when I get to it. The project I have with it is for years of company email archives, so will have some good stats to compare from source to destination.

I might research file-system level deduplication, as I imagine there's a lot of duplicate files from email threads.

@jsuto You still with us here? Maybe someone can email him if the forum doesn't?

@timconsidine We haven't got to out setup and migration yet, working on 6 things at once, as always! Will bear in mind and answer when we do get to it.

@timconsidine Nice, more the merrier!

It's definitely another app that can help win mindshare for Cloudron as an enterprise considerate solution with this sort of auditing. Especially when it can be setup as a separate Cloudron instance too for further risk spreading.

@rmdes we're looking into the OCR stuff too, will get to that part very soon as well.

There's another element to choice of communications apps, and that's the democratic vote that it represents as to whether you endorse a company and its ethics or not.

Facebook raises it's value from the number of users and interactions, reduce that and you reduce their value to advertisers and shareholding investors.

Full privacy is almost impossible - but portability and freedom of choice should be encouraged, and even one movement away from a tech giant is a small win against their mindshare domination aspirations the seem to presume in trying to become an essential utility for most.

An interesting search string for anyone managing what multiple users do with these things is to search for password and see how many place plaintext passwords are stored in user's documents & spreadsheets!

Similar for things like passport number, driving licence, social security, national insurance. It's a handy way to do a review of personal data being stored in files and who has access to what.

Anecdotally, this fulltext search (using elastic search) seems to be as fast as the filename search, or even makes both of them faster.

The search results interface as a modal is still cramped and limited, but we will try to develop a full results page to show on hitting enter or clicking the search icon.

@girish We have 2 self-installed working instances, not given it a thorough test but can't see anything obvious that wouldn't work either. Could perhaps do with some more experienced eyes and feedback on it though.

@fmoeller I don't think anyone said no to anything, you just have to convince someone that packages apps to package this one. Someone that can't live without it would be the best ally, as they will be invested in keeping it updated too.

@jagan This does look good! Deserves its own post.

@timconsidine I've not tried it yet, just came up on my searching for something like this again, as I have a few times in hope. Usually inspired by yet another lock-in problem with proprietary extortion-ware.

I do have a couple of oldish Chromebooks I can try this on at some point though.

Using anything Google, Facebook or Microsoft now always just feels wrong.

I feel we are getting closer to open-source alternatives for everything, but they do need champions and how-tos for the much-needed simplicity that all users should expect for the greater value in what they can do with these tools in greater confidence of their privacy.

I've been hoping for a good Linux/Firefox-based alternative to ChromeOS for a long time, and it looks like there might finally be a front-runner for this:

• https://ubuntu-web.org
• https://fossbytes.com/ubuntu-web-remix-20-04-1-first-stable-version-of-chrome-os-alternative/
• https://e.foundation
• https://twitter.com/ubunweb

Anyone tried or interested in this?

Use cases:

• Shared coffee-table laptops.
• Repurpose older hardware with a better performing Web OS.
• Avoid sponsoring Google with implied endorsement of their Ts & Cs, which you should have alternatives to accepting, and by proxy endorsing all that they sponsor.
• Managed office administration clients that only need webapps such as those provided by Cloudron, Nextcloud, OnlyOffice, Rocket Chat, EspoCRM, Bitwarden etc.
• Use Firefox Sync and Share to have access to your bookmarks, history, settings, extensions seamlessly on multiple devices.

@jsuto You still with us? Want to give this a spin?

I have a couple of questions on the app, shall we discuss in the open here for the benefit of the community that I'm sure will enjoy championing this addition from your great work for you.

I tend not to use this on mobile, but still using rollover suggests that issue isn't covered with this update?

The Running / Stopped text sticks out more like a sore thumb now

@girish Makes sense, I'l give it another try and update if I find any clues.

The clue in the filename is that I've done this about 65 times before without an issue, same process every time, the source of the file is just a download of the same custom folder from another instance of the Espo app.

Hmmm, doesn't work without brackets in the filename either:

I'm using WebCatalogApp (Electron), should be a variant of Chromium.

@vladimir-d is working on packaging this for us all.

Expressions of interested and testing volunteers welcome.

Might be an outlier scenario but this worked regularly for me before the most recent updates.

Our guess is the brackets in the file name are the issue. This is just the way macOS names file downloads when there are multiple with the same name.

@jagan yeah, I've good experience with all 3 and highly recommend Espo, although it might depend on your time and expectations.

I'm actually going to recreate the Sales Pack stuff for Espo as I think their way can be improved.

Not knowing how urgent your needs are, if they are very urgent I'd recommend Odoo paid and hosted.

If you have a little time and prefer open-source control, Espo is great.

Anything the others do can be recreated in Espo, you just have to be organised with any CRM/ERP system.

DM me if you want access to my GitLab work on Espo, I just need your gitlab.com handle to add you to repos.

for this, adding some images from the links to bring more visual info here for interest...

Interesting, just stumbled across this, going to investigate further...

Just discovered this - looks great - going to investigate further!

• https://botpress.com
• https://github.com/botpress
• https://alternativeto.net/software/botstar/

from here - save me swearing at DBeaver periodically.

@vladimir-d Still need to see errors printing to logs when it does still occasionally happen. Let's keep this thread open for solving that.

Yup, we have this working now. It's OKish but Nextcloud's search interface is kinda sh*t, so next task is going to be fixing that to make it actually useful and hopefully work similarly to Google Drive with an actual sortable results page.

Elasticsearch as an App from @vladimir-d is a significant win for other uses too.

Curious to test this too.

Looks decent, and seems a bit faster than Nextcloud - I'm interested too.

@christiaan Nope, Cloudron handles the component parts that make up a whole Backup to restore from. You just don't need multiple copies of those parts.

Yeah, that should reduce your storage usage with Backblaze a lot.

You can try a test restore if you're not confident but I'm pretty confident from what you've explained.

As much as I wanted Rsync to work for us, I've moved to a weekly Tarball instead, relying instead on the daily host VPS snapshots as a low-resource cost version of the most recent data, with the Cloudron backups just as a secondary location backup for that redundancy.

@christiaan Ahh, that's even more confusing then as Backblaze is using the same word; "lifecycle", to mean something different to Amazon's. Devil is in the detail on these platforms, where they mostly rely on lack of user calculation or reading for the most profitable features.

@girish @christiaan Yes, that's part of their business model I guess.

Naughty of them not to offer the setting when creating the Bucket, but I guess that's providing significant profits from the amount of times I've seen otherwise smart and prudent people caught out by it.

It's under "Lifecycle Settings", you need to select "Keep only the last version of the file", given it is already versioned backups, there are no other versions you would need.

I also recommend that if your host takes daily snapshots and you have a lot of data, you probably only need weekly offsite backups on your quietest day of the week.

Revisiting this, the app runs on a localhost web server, hence could be a useful additional utility for teams to have access to at tabula.example.com.

@nebulon I'm not too sure - it happened in a demo meeting, so I was panicked and rushing to move onto talk about other things, whiles simultaneously knowing that I'd just deactivated access to a load of apps to all other users during the working day, and also trying to fix live in that meeting while talking about other things. Mental gymnastics I assure!

I know it wasn't my imagination. I know that what happened was the inverse of what should have happened.

Frustratingly my days are dawn-to-bed intense on user needs, so documenting needs time is escaping me.

If you are happy with all that I have detailed above, that you could be confident to edit the Apps that a Group has access to, without anything unexpected happening, then you know the code behind it, I still can't explain any more what happened other than it definitely happened.

Perhaps someone else here knows or can also test. Sorry, I'm just spread too thin right now and even greater needs are demanding all attention

These options:

@nebulon I'm scared to try and reproduce it, but I was in /#/users and start editing Groups, only to watch all the apps a user I was sitting with have everything disappear before our eyes.

Turned out that the ticks & unticks for Groups on that page were doing the inverse of what was expected. Tick hid apps and untick showed them. Suggests to me that somewhere in that code a == should be a != or visa versa.

@nebulon Ahhh @robi was making a funny

@robi where's that?

I went to edit Groups for the Apps accessible here: /#/users - but it seems the ticking has the inverted results of that expected and inverted all my App Access permissions.

@nebulon Gotchya, thanks - I have to vent somewhere

Nudge - frustratingly on this, our live production users are getting this message several times a day - the negative sentiment towards the systems grows every time.

I see this as an urgent issue because the time-costs of user push-back against new systems can be severe and swift.

I need to focus time on debugging the cause of the issues, but there is unnecessary extra overhead in diplomacy explaining that the system won't always be "going wrong" and that is ti a system in development, so it's not really wrong at all, it's actually being made better many times a day.

Are we waiting on a release for this update?

Negative sentiment weighs heavily when users can take opportunity to blame systems for things when they aren't alive throughout the day - and frustratingly I am battling an issue with an app in production that needs many restarts per day because or errors that are not showing in any logs anywhere.

@luckow added you here: https://gitlab.com/brandlight/espocrm

I bet everyone had got so used to seeing it, you hadn't thought about it - but now you see it, i bet you can't unsee it!

@luckow For membership websites, I highly recommend Ghost.

Ko-Fi.com is also worth a look from the SaaS world.

Espo you can base any business on with a bit of imagination. As I say, check out my GitLab repo on that and maybe you'll see what I see in it.

@luckow Yup, can 100% recommend EspoCRM, you could do what you describe in minutes and you won't look back.

Happy to share access to my epic ERP project repo for evolving it if you're interested. It is a work in progress and lots going on, but if you get software and you get business or organisations, I'm sure it will all speak to you.

I just need a GitLab.com handle from you and I'll add you for access.

I'm looking at all the tiles with "Running" under their main name, and wondering if that text is needed at all?

I can see the logic for other text, like "Starting..." or "Error" - but "Running" particularly seems unnecessary to me.

Perhaps the area could be used for a sub-text, to show when an app is running, and be replaced with "Starting..." (in yellow) or "Error" (in red) or Stopped (in grey) when the status is not Running?

@girish Gotchya and understood - will do.

Because EspoCRM is a single page application (SPA), often the application will be loading (so http checks will return OK), but the data content will not.

If the API isn't returning data, then the application is not working for the user, and it is better than System Admins should also know this before users have to report it.

Can you add the API endpoint to health checks too please?

• https://www.storj.io
• https://filebase.com

I realise these things can be done with the generic S3 API Compatible settings - but I think there's some good karma value in having them specifically detailed and documented; in that their communities and products seem ethically aligned with Cloudron's aims and community, and will likely bring cross-pollination of champions for each.

Related posts

• https://forum.cloudron.io/topic/5168/cost-effective-backup-backblaze-b2-or-wasabi-or/3
• https://forum.cloudron.io/topic/1805/backup-target-tardigrade-io-storj-io-a-secure-decentralised-storage-network
• https://forum.cloudron.io/topic/4170/storj-node

@jagan I'm hoping to give https://www.storj.io/ or https://filebase.com/ a try soon, which speaks more to my ideals, and I have a feeling will beat Wasabi & Backblaze on price.

Enable the Update Checker can probably be set to off by default, given you guys are updating.

Save us some user questions on the notifications.

Looks like a much better open-source alternative to Facebook Pages - good find!

Complete thread hijacking - but if you want to see if your users are password numpties, stick their email address into here: https://haveibeenpwned.com

Also interesting to see the sort of interests people have from the leaked websites they've sign up to!

@martinkbs Oh wow, good find - that does look very professional!

I hate captchas - although it is perhaps fair game to add one after a number of failed attempts.

As long as there's a minimum password length policy and 2FA enforceable, the rest doesn't keep me awake at night.

@dylightful Fail2Ban should already cover this.

@scooke I'd not thought of it until you said, maybe more in mind for North Americans. I'm sure they'll be open to a pow-wow