• 2 Posts
  • 17 Comments
Joined 2 years ago
cake
Cake day: June 13th, 2023

help-circle


  • This is the approach I use, not sure if it’ll work for your use case but I can assure you it works for at least a few users. It’s all sort of manual set up but from your comments it sounds like you’re just doing this for friends and family and not on an enterprise level. I admire your efforts!

    First off, I have a purelymail account on which I set up domains and accounts for each user. I have mine set up so user1@anydomain.com all goes to the user1 mailbox (and user2@anydomain.com goes to the user2 inbox regardless of domain, etc.) but you can set up some pretty complex routing if you want - and if you know a bit of sieve there’s even that. Purelymail handles the actual email sending/receiving so I’m putting a lot of trust in them, but it seems like they have a good track record and I don’t think I could do better on my own. My big concern with email is always deliverability. Anyway, you’ll see this is all set up in such a way that I’m using purelymail now, but I’m not tied down to them.

    Second, I use this image (linking to the repo and not the docker hub version so you can inspect the Docker file for opsec reasons. In my set up I build it from source because I have a couple modifications) which is a dovecot IMAP server + getmail. This is python getmail not go-getmail and not fetchmail. The repo itself has some pretty straightforward instructions but the way it works is basically that users inside the docker container each map to a mail directory. So each user’s credentials is actually a Linux username and password within the container. I have mine set up so it’s like user1, user2, etc. (which confused my users initially because automatic set up forms are never set up this way) but you could set it up however you need. Then, there’s a Cron set up to run getmail which you have to configure yourself within a cron.d folder that you mount on the container. For mine I have it configured to use POP3 so that when it gets stuff off purelymail it’s automatically deleted.

    Finally, you just set up your mail clients to use this IMAP server and purelymail’s SMTP but if you know how to set up a forwarder you can always have it relay through purelymail. Purelymail even has the ability to relay emails to your SMTP server.


  • You could check out Frappe Drive (and Frappe, the framework it’s built on, it’s pretty awesome). They aren’t accepting contributions at the moment but I’m sure that’ll change once it’s out of beta like with the other frappe apps. There’s also Raven messenger also built on Frappe and you can use the two together (but without any real integration between the two yet, but that’s on the roadmap on the Raven side).

    I’ve spent a lot of time researching alternatives and NextCloud is the only one that does everything it does in one place. I’ve dug into the code a lot to find places to make it work faster and came out confused and mostly empty. It’s also federated, and I think it’s the only FOSS file sharing platform that is. It’'s a very mature application so you’ll be hard pressed to find features that are missing, but also to find things that could be further optimized without ripping out major chunks of the application which are likely interconnected with other major chunks of the application. For my personal use NextCloud instance I’ve resorted to just completely deleting the database and installing everything fresh between major versions, then just rescanning my local folder.






  • jcg@halubilo.socialtoSelfhosted@lemmy.worldDigital Wardrobe?
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    1
    ·
    edit-2
    1 year ago

    If you’re a little tech savvy (not necessarily a programmer) ERPNext is built on top of a framework called Frappe. You could easily set up some data objects (called DocTypes) and make some relational fields. It’s all done via a web GUI. DocTypes can then have images which you can have displayed as a gallery. I wouldn’t recommend setting up a full ERPNext installation. It’s got domain specific objects for HR, Payroll, Logistics, etc. You’re not gonna end up using them.





  • jcg@halubilo.socialtoSelfhosted@lemmy.worldI'm done with NextCloud
    link
    fedilink
    English
    arrow-up
    5
    ·
    edit-2
    1 year ago

    Honestly the official docker images are hot garbage. I used them when I first tried NextCloud and they load incredibly slow. Shelved it for a while, realized there was a bunch of shit they already have that I was looking for, and gave it a go with my own Dockerfile starting from the PHP alpine image. That one runs waaaayyy better.




  • I said it in a higher comment with other info but try looking up a remote community that isn’t already known by an instance, without being logged in. It won’t look it up for you and just silently fail. If unwanted content is what you’re worried about unfortunately a malicious actor can basically just drop content directly into your instance without prior notice if your federation is open. This is why db0 is working on systems that will in the future work like shared blacklists (opt-in of course).


  • Anonymous users can’t actually lookup other instance communities through yours in the same way logged in users can. They’ll only be able to see a remote community if a user who’s already been logged in on your instance has searched it up before and/or is subscribed, but they can’t just arbitrarily make your instance look up other instance communities.

    Then I guess you could configure nginx to not allow /c/ requests that have an @ unless the “jwt” cookie is present and do the same with your search endpoints. Of course, someone could just add an arbitrary jwt cookie to try and bypass it but if the point is more to make the average anon user not waste your server resources I think that should do. Without search and without the communities visible via /c/ everything within it wouldn’t be indexed in search results so the only way for them to see a federated post through your instance would be a direct link to one.