Wagtail CMS

People here might be interested in Wagtail CRX (formerly CodeRed CMS). In the words of the developers, this is a set of extensions that "provides a large set of enhancements and pre-built components for Wagtail which are ready to use out-of-the box".

I've been playing around with it and it seems to be a nice option if you want to get a basic website up and running fast with basically no coding, but built on the solid framework of Wagtail/Django so you have a nice stack to build in when it's time to start writing code.

It does break the strict content/presentation separation of Wagtail, but I think the rationale for this makes sense and it's a good middle way.

Thanks for the pointers, once again I realise I should really read the docs properly before posting!

Collabora and Nextcloud are working well, but one annoyance is the splash screen that appears every time I open a document:

This might be confusing for some of the people I share documents with, so it would be really great if there is a way to disable the splash screen.

Is this possible?

@mehdi That is true in the case of a malicious admin. But it also places the benevolent admin in the position where they have the unencrypted data in their possession (or if full disk encryption is used, they have the keys).

However for some admins, mailbox encryption could also have benefits in cases where third parties attempt to gain access to data through legal disclosure orders.

As a journalist, I would like to be able to offer email accounts on my Cloudron to my peers. However, I would be uncomfortable being in a position where I might one day have to make a call on the validity of a disclosure order (and/or fight it in court on my users' behalf if I thought it was wrong). For me it would be much better if this responsibility rested with the users themselves.

In short, encryption of stored emails would be an extremely interesting feature for me.

@marcusquinn I don't object to those aims in principle, but I think this particular splash screen fails to deliver.

For one thing the message about using a supported version is only relevant to admins - it will not make sense to users who have merely been sent a link to view a document.

Secondly, as there is no 'Don't show this message again' option, it is effectively a nag screen.

I guess I could make these points upstream and suggest an alternate wording that would speak to a wider audience (something like 'The document you are viewing is powered by Collabora, a free and open-source office software suite. To learn more about why this ia a good thing...' etc) along with the addition of a 'Don't show again' checkbox.

But in the interests of user freedom I still think we should be able to switch this off

@marcusquinn said in Encryption of stored emails:

there is no privacy from a determined spy

Very true. But for a lot of journalistic work, the adversary is not a determined spy.

Different security technologies are appropriate and useful in different circumstances.

@nebulon Thanks for the info! I hadn't realised that is how it is supposed to work.

I have Firefox set to clear cookies and site data on exit, so this explains why I see the message again even after logging in to NextCloud.

I will allow site data for my domain and that will solve the problem for me.

@girish I am helping a small group of exiled human rights activists here in the EU and would like to provide them with a Matrix/Synapse server on my Cloudron for their internal communications.

They work specifically on human rights abuses in their home country, which is an authoritarian regime outside the EU with a track record of attempting to identify exile activsts and punishing their families in the authoritarian country for their activities.

The activists are concerned that if the authoritarian regime gained access to the server, the stored IP addresses could be used to identify them.

Maybe this is all too hot for Cloudron to handle, but for this risk profile it would be really nice if I could disable IP logging, so that the activists could use the server without information that could lead back to their real world identities being stored there.

Update: We have successfully triggered emails with an @all to 46 people without errors, so the fix seems to have worked.