Thoughts and reviews about Passbolt? TOTP handling seems a bit off, extensions are not mostly read-only (OK for me). But the "share a single secret" access control seems nice:
> What we need in the small business space is a tier of services where small businesses can self host using their own on-premise, vertically scalable infrastructure (ie: 1 server). In most cases they can tolerate some downtime and, even if they don't want to, a lack of resources usually means they don't have a choice (ex: they're not running HA network connections).
I think the same: Small service businesses care most about Time To Recovery (TTR) when doing services. As long as they communicate at least by phone and the website is up, they usually tolerate downtime when they know when their backoffice services are back online.
This is classic Business Continuity Management, 5-10 questions usually make clear what must work in every case when and what has to be available for supporting this process. Example: I got a customer which prints all logistics / distribution labels in batches. They can still work where money comes in (=shipping stuff) for quite a long time (4h min, 8h max) if the next batch of labels cannot be printed / some system is going down needed to support shipping. So no need for expensive HA around legacy software, but enough time for a good process to get back online with the latest backup on replacement hardware which is already there on-site.
The thing is: HA is FAR more expensive and complicated than e.g. getting another stand-by server as fast replacement, maintain the hypervisor on this second server e.g. every six month and test restoring backups on it once a month (best: automated: IMPI boot, restore without VM networks, testing, shutdown). Same with a firewall; two used Enterprise Servers + Proxmox VE Subscription, OPNSense + 2 x N150 Hardware and two consumer WANs (e.g. Cable and VDSL) is really not that expensive if only the WAN is a bit more complicated from the POV of a SME admin because of failover. Classi VLANs+ACL and services like surveillance as needed...
> Businesses with <10-20 employees are often viewed as not being worth the effort of having as a customer, so they end up with self-serve, unsupported, non-discounted, over priced, trash subscriptions. By the time they grow enough to be a valuable customer their only experience with some products is misery.
Exactly. This is why I do SME IT since ever, no matter for which $BigCorp I've done consulting and DevOps. I automate them. I consult them. My company (plug: https://foundata.com) does it for a few bugs per month (Hypervisor, Groupware (Calendar, Mail) Firewalling, VPN, Directory Services, Jitsi/OpenCloud/BBB) if they understand that they finance the high quality of the managed services ON THEIR HARDWARE with all other customers and we do not work per-hour but per-service + we run Open Source also for other reasons than "no or fewer licensing costs".
And I like it even this does not make you rich. Because I REALLY share your concerns ("owning all the small businesses of certain types; family doctors, dentists, optometrists, vets" -> I don't know where you are from, but it is the very same here in Germany... example: https://www.ndr.de/fernsehen/sendungen/panorama3/Spekulanten...)
> If I had learned one thing from my past life was that if you see the signs of an abusive relationship, you have the option to walk out, and you don't, all that follows is your own fault.
No but they have the power to remove themselves from the situation and should have a prudence to do so. We have places for women and children to go to escape abuse, so find your hideout and escape the abusive relationship.
Thank you dang; here's the thing, even the most charitable reading of GPs comment indicates that he feels being unable to restrict a child's right of access to their parent is unfair in some way.
No matter what you may think of parents, it is absolutely horrific that someone will argue for restricting the rights of children, and do it in a way that he feels is acceptable in society (custody is only in small part about having access to one's children; the actual right is to the child, not the parent - the child has the right to access to their parent).
I wanted to make him understand that trampling over children's rights is not acceptable.
I'm not taking issue with your substantive points, but you need to make them in a respectful way that serves curious conversation.
When you feel like someone else is doing something outrageous (e.g. trampling over children's rights), that of course gets pretty hard to do. In such cases the better options are to (1) wait until the activation subsides before posting, or (2) just walk away.
Incidentally, the GP comment was also a provocation, I suppose mostly because of the "cool fact" snark intensifier. But it wasn't enough of a violation to clear the bar for a moderation reply, whereas your post was. That's often the case with responses to provocation - they end up being even more provocative in their own right.
and a convenience symlink ~/.local/bin/hugo, pointing to my "production" version. I can easliy call whichever version I like with hugo<tab><tab>. What am I missing?
It depends on your workflow I guess, but the advantages of having a Hugo version tagged in an image:
- sharing it easily between computers/users (docker pull registry/image:tag)
- having the appropriate binary version embedded in your code through a docker-compose in your repo
- having custom aliases dedicated to hugo included (build/serve/run...)
- using the exact same image in your CI/CD
- not "polluting" your local computer with some more stuff
Can't agree, even though I was also hit by breaking changes from time to time with my own templates. Because this has a BIG upside: I am very happy with Hugo and how they love to solve problems in detail and think through features to the end. Because of these frequent re-factorings and sometimes (!) breaking changes, it gets more elegant every year.
And this is really not a production problem. As stated in the comments before, just don't upgrade if you don't want to / have no time yet. It is a self-contained static site generator without external dependencies. It won't break. And the security of an old Hugo binary is mostly a non-issue if you do not load remote content.
And, if you have some time: Their changes are really well documented. The changelogs are really good.
The main problem is sticking with an unmaintained template of a third party which breaks when you finally want to upgrade and don't want to fork / don't know when a an template update comes along. But that's the reason I write my own. It was worth the effort.
This is useless from my point of view until there is licensing information (I found none, correct me if I'm wrong). And https://iconsroom.com/pricing is producing an "Collection not found" error.
Sadly, LinkedIn has replaced email for initial contact after fairs or in-person client meetings. New real-world contacts look you up on LinkedIn and then use it to ask for things like your email address or mobile number. Because of this, I'm even verified :-(.
Even though I use LinkedIn basically the same way Internet Explorer was used in 2009 (purely as a Firefox or Chrome downloader but not for browsing). LinkedIn is my initial contact details exchange, but not the platform to communicate.
> Isn't that just all ai slop?
It is. I basically get zero useful input. Just biased, shallow rubbish. If there is valuable content it is usually cross-posted from authors who also run blogs I already follow.
> You can verify yourself using company email address
LinkedIn does not support smaller companies; it appears to rely on some kind of whitelist or known-enterprise system. This option is simply not available for at least 90% of users.
I keep wondering why Zulip is so often left out of reviews and tooling comparisons. For me it ticks a lot of important boxes, yet it barely gets mentioned. Is there a downside I'm missing, or is it just under the radar?
The concept that every message belongs to a topic and the async communication focus makes so much sense to me. I read conversations, not timelines.
It doesn't have an installer or even a starter compose.yml now. Even the much-ridiculed NextCloud has had a turnkey AIO installer for 5 years now. When no one is coming into the shop, maybe check if anyone unlocked the entrance.
Sadly Zulip does not have a big marketing budget, and many reviews/tooling comparisons are paid for in some way, directly or otherwise, or are SEO spam that starts with reading other similar SEO spam.
It is highly ranked on some platforms that do validated reviews, like Capterra.
I feel like the average person isn't looking for something professional grade, sadly it's hard to get people to go away from Discord at the moment. Hard to suggest alternatives if people aren't seeking them yet.
If I had to say it would have to be something customizable, letting a user to delete their data even after getting kicked from a server, very fast and seamless joining process ,great gif/sticker support without any premium features etc. But really that's just some fantasy app lol. Discord is doing just fine destroying itself however
By the way, I didn't know there was an instant online test app because when I searched for Zulip I was in the download page and it doesn't say anything about trying it online. Seems like a strange suggestion UX wise but that's how I feel about it (wonder how many people missed out on this?), same thing after you enter the app. It should have a test area for the new user to chat around by himself with a bot or something with locally/session stored messages.
Hey, cool :-). I've used Zulip for a bit and really enjoyed it.
We're planning to roll it out at our company (foundata) in Q4, so you’ll get at least a few bucks from us. I'll also happily recommend it to our customers. As an OSS company and service provider, I can very much relate to the lack of marketing budget and the constant SEO spam.
Oh please, fix your self-deployment story first. Search "zulip docker" or "zulip self host". It seems like you guys just deleted your compose file right when folks are looking for alternatives. Even before this refactor I gave it a good try for an hour before just moving on to RocketChat/Mattermost. It seems like you just don't try the product as if you're a customer.
https://www.passbolt.com/pricing/pro
https://www.passbolt.com/vs/bitwarden/overview
https://www.passbolt.com/docs/hosting/install/
PHP backend (IMHO a downside): https://github.com/passbolt/passbolt_api. But There appears to be a significant amount of auditing behind Passbolt's security claims, assuming the information on https://www.passbolt.com/security is accurate.