# Lightweight Groupware software



## hruodr (Aug 25, 2020)

Continuation from:









						What do you think about doing JS-Free sites?
					

It does not. The standard is the same assuming you mean closing tags such as  I see that often but that closing slash has never been part of any HTML standard including HTML5. In fact, the standard specifically states that slash has no meaning and does nothing in HTML.  XHTML has higher...




					forums.freebsd.org
				






Jose said:


> I've got most of an Ansible script that sets up a Freebsd server on Digital Ocean to run Postfix, Dovecot, and Roundcube. It includes a Roundcube plugin I wrote to allow you to change your password somewhat securely. I really need to finish that project.



I did not thought on a script, more on making an OS image, or just installing everything by hand when I need it.

Sendmail and cyrus use sasl. I use at the moment the ldap plugin, for chaning pass I wrote a
CGI script that calls `ldappasswd`.  Security is a question!

Since the whole project is generic, perhaps not everyone can login, perhaps not everyone has all
services, and perhaps a lot of people from outside can have some access, I am still thinking on
how the solution for authentication is.



Jose said:


> I could never get used to the way in which Cyrus lays out the inbox, so I use Dovecot. I'm never going back to sendmail.cf. It's Postfix for me, thanks.



But perhaps you can run the DAV capabilities separately.



Jose said:


> Had never heard of that one. The Freshports entry for it says it's broken and deprecated. That's a shame.



I got to it from this paper:



			Scaling up Cambridge University’s email service
		


Unfortunately it is not being mantained / developed anymore. I hope in the future someone comes to the idea.



Jose said:


> I tried Trac and Redmine, and have decided that integrating the wiki, bug tracker, and source browser into one is a bad idea. I prefer discrete projects for each of the roles. I've settled on Dokuwiki, Bugzilla, and Gitweb.



devel/fossil has not the unix philosophy: it is like a swiss knive, one uses one 
blade and holds in the hand a lot that one does not use. But since it is well done, this is 
very practical.

You have everything in one executable that can be moved without problem, the client and server
programs in one executable. The same with the data, source, tickets, wiki, forums, etc in one 
sqlite3 db that can be moved. For subprojects in the project server very good.



Jose said:


> Give net-im/prosody a try. Nice, simple, and lightweight.



I will see it. I installed net/kamailio, it is also lightweight, but I did not test it.
I also one to use Web Technology as VoIP phone. It is a big field and one needs time.


----------



## Jose (Aug 25, 2020)

hruodr said:


> ...
> Sendmail and cyrus use sasl. I use at the moment the ldap plugin, for chaning pass I wrote a
> CGI script that calls `ldappasswd`.  Security is a question!
> ...


I run LDAP for auth right now, and frankly it creates more problems than it solves for small sites. I'm slowly moving my home network to Kerberos. I'm going to use PAM (local auth) for my turnkey script.


----------



## hruodr (Aug 25, 2020)

Jose said:


> I run LDAP for auth right now, and frankly it creates more problems than it solves for small sites.



Indeed. ldap is terrible. But it is a standard and I thought I could deal with it with some scripts
and CGI scripts. I wanted first to try software, then to "glue" them with scripts.

Linux and FreeBSD have PAM, but not OpenBSD. That is why I want to avoid it. It has also not
the concept of authorization and authentication of SASL. In my CGI script for changing pass
someone can change the pass of other person if he is allowed.

As you see, I have a very small site with few resources, but try to use software that may scale
for very big sizes and thousands of users. That is also part of the plan.

Perhaps one could do a FreeBSD package that install all the software, scripts and configuration
files instead of your script?


----------



## rootbert (Aug 25, 2020)

roundcube and secure do not fit in the same sentence. I have run quite a lot of different groupware solutions at different scale, I have learned my lessons in a huge amount of hours spent on setting up, running, tweaking, automated testing, upgrading, migrating those groupware packages, however, for me it boils down to running the stable, fast, lightweight SOGO. I can highly recommend it to anyone interested in this topic, it is a great piece of software. I have run it with 5000 users with adequate speed on standard server software from 2014-2018 (no SSDs, all services on one hardware server - openldap, postgres, dovecot, postfix, amavis/spamassassin).


----------



## 20-100-2fe (Aug 25, 2020)

I have begun assembling such a solution based on Postfix+Dovecot for email and SabreDAV for CalDAV and CardDAV.
I wanted to add Roundcube as webmail but couldn't get CalDAV and CardDAV plugin to work.

CalDAV and CardDAV seem essential to me in order to be able to access one's contacts and calendar from any client.
However, I've been very surprised to see how poor CalDAV and CardDAV support is in open source software, particularly email clients.
The most "lightweight" working email client I've found is Thunderbird with the CardDAV add-on...


----------



## hruodr (Aug 25, 2020)

20-100-2fe said:


> However, I've been very surprised to see how poor CalDAV and CardDAV support is in open source software, particularly email clients.



I would prefer CalDAV and CardDAV in stand alone clients and be free to use any mail client I want.



20-100-2fe said:


> I wanted to add Roundcube as webmail but couldn't get CalDAV and CardDAV plugin to work.



For me the reason to offer webmail is: (1) I dont want to allow anyone to login, (2) I have
FEATURE(dnsbl, `zen.spamhaus.org') in sendmail.mc and most IPs that are offered
dynamically by my provider are blacklisted.



rootbert said:


> I have learned my lessons in a huge amount of hours spent on setting up, running, tweaking, automated testing, upgrading, migrating those groupware packages, however, for me it boils down to running the stable, fast, lightweight SOGO.



Perhaps everyone should learn the same way. There is a lot of ready Groupware solutions, but
I wanted to decide for each service what to use.


----------



## Jose (Aug 26, 2020)

rootbert said:


> roundcube and secure do not fit in the same sentence. I have run quite a lot of different groupware solutions at different scale, I have learned my lessons in a huge amount of hours spent on setting up, running, tweaking, automated testing, upgrading, migrating those groupware packages, however, for me it boils down to running the stable, fast, lightweight SOGO. I can highly recommend it to anyone interested in this topic, it is a great piece of software. I have run it with 5000 users with adequate speed on standard server software from 2014-2018 (no SSDs, all services on one hardware server - openldap, postgres, dovecot, postfix, amavis/spamassassin).


I can't find this SOGO anywhere. Could you give me more details?


----------



## rootbert (Aug 26, 2020)

its www/sogo4 or www/sogo4-activesync, but sogo5 was just recently announced on www.sogo.nu. Disclaimer: I am not affiliated with the project, just had really good experience with it ;-)


----------



## Jose (Aug 26, 2020)

rootbert said:


> its www/sogo4 or www/sogo4-activesync, but sogo5 was just recently announced on www.sogo.nu. Disclaimer: I am not affiliated with the project, just had really good experience with it ;-)


Interesting project. Don't love that they use LDAP, and their user management strategy is not for non-technical people:


			Installation and Configuration Guide
		


I do love that the backend is in Objective-C and uses the Gnustep libraries.


----------



## msplsh (Aug 26, 2020)

Going to second the Kerberos > LDAP.  My experience has been that LDAP files are impossible to secure at rest due to how binds send the password in the clear and there's no options for hashing.  Everyone is like "just use SSL" or "encrypt the disk" as if that's a complete solution.


----------



## rootbert (Aug 26, 2020)

Jose said:


> Don't love that they use LDAP


you can also use SQL, see https://sogo.nu/files/docs/SOGoInstallationGuide.html#Authentication-using-SQL


----------



## hruodr (Aug 27, 2020)

rootbert said:


> however, for me it boils down to running the stable, fast, lightweight SOGO



With google I see that many german universities are deploying it, including Heidelberg.

It seems to be a very good out of the box solution. In spite of it, I will continue with my
original approach.

Note that according to the paper of cambridge, prayer web-mail was deployed among
32.000 users, with old hardware of the time. That is sure lighter weight than sogo.

One must find a compromise between many things. I think sogo is putting too much weight
on the appearance and ease to use for non technical people. It is sure a professional system.
I prefer something more "home brew", putting more weight on functionality with little
resource requirements. At the time one can get very cheap VPS, perhaps thought mainly
for testing or for starting, and I want to use them eventually for "production".


----------



## 20-100-2fe (Aug 27, 2020)

I'm a bit puzzled here: if it's not for non-technical people, what do you call "production", then?

Building a home brew system is a very good learning path and this reason is sufficient to justify the time and effort.
That said, whenever I hear the word "production", it refers to some work being done for someone else (customers, users), hence my question.



hruodr said:


> One must find a compromise between many things. I think sogo is putting too much weight
> on the appearance and ease to use for non technical people. It is sure a professional system.
> I prefer something more "home brew", putting more weight on functionality with little
> resource requirements. At the time one can get very cheap VPS, perhaps thought mainly
> for testing or for starting, and I want to use them eventually for "production".


----------



## hruodr (Aug 27, 2020)

20-100-2fe said:


> what do you call "production", then?



That the goal is not the software itself, but what it is done with the software.

Hence: the goal is not only testing the software. Or perhaps yes, but for being prepared for
using it beyond that.

Here: make people that are far away connected and work together in a project, not necessarily a
software project, not necessarily a technical project. It may be business, political, entertainment,
social, etc. It must be productive, but perhaps production was not the right word.


----------



## msplsh (Aug 27, 2020)

This Sogo thing actually looks pretty awesome.  Going to look into replacing Roundcube with it.


----------



## rootbert (Aug 27, 2020)

it is great! When it comes to caldav/carddav client compatibility and performance it is by far the best free open source solution out there ... and you get activesync on top of that if you want to use it


----------



## Jose (Aug 27, 2020)

rootbert said:


> you can also use SQL, see https://sogo.nu/files/docs/SOGoInstallationGuide.html#Authentication-using-SQL


It seems to require both:


			Installation and Configuration Guide
		


That's puzzling given than modern SQL databases provide a superset of LDAP's functionality. Maybe it's for compatibility. In any case, managing users by SQL query is at least as bad as `ldapadd` plus hand-coded ldif.



rootbert said:


> it is great! When it comes to caldav/carddav client compatibility and performance it is by far the best free open source solution out there ... and you get activesync on top of that if you want to use it


I'm a little skeptical of integrated solutions after my misadventures with Trac and Own/Nextcloud, but I'm definitely going to give it a look. I'd still rather handle calendaring with something separate like Radicale.


----------



## Mjölnir (Sep 29, 2020)

hruodr said:


> Jose said: Give net-im/prosody a try. Nice, simple, and lightweight.
> I will see it. I installed net/kamailio, it is also lightweight, but I did not test it.  [...]


You may want to consider why the admin of https://trashserver.net/faq/ switched from Prosody to ejabberd.


----------



## Jose (Sep 30, 2020)

mjollnir said:


> You may want to consider why the admin of https://trashserver.net/faq/ switched from Prosody to ejabberd.


I've run prosody for years, and have never encountered any such problems. Then again, I have six users and trashserver has 8,000+. I also don't run any mods. I did look at ejabberd, and it was a nightmare to install and configure, though this was some years ago.

I also never got the Erlang hype. About 10 years ago, all the kids were super excited about this Youtube video: 



_View: https://www.youtube.com/watch?v=xrIjfIjssLE_


Suddenly everyone had a cool new project in that forgotten language. I never cared enough to take a look. Then again, I usually don't get the hype.


----------



## msplsh (Sep 30, 2020)

I understand why they use Erlang but I had no interest in worrying over if Erlang is going to be a boat anchor, so I chose something else too (also because the load was small and inconsequential).  If they chose Scheme, Haskell or Clojure, I wouldn't worry so much.  Erlang doesn't even break top 50 on TIOBE (just for spitballing popularity of functional programming languages). If I wanted to fiddle with it, I'd feel like I was wasting my time.


----------



## hruodr (Oct 1, 2020)

Jose said:


> I also never got the Erlang hype.



I think it is not hype, it seems to be designed to solve specific tasks in telecommunication.



msplsh said:


> Erlang doesn't even break top 50 on TIOBE



What is the advantage of popularity?


----------



## hruodr (Oct 2, 2020)

msplsh said:


> Erlang doesn't even break top 50 on TIOBE (just for spitballing popularity of functional programming languages). If I wanted to fiddle with it, I'd feel like I was wasting my time.



TIOBE compares apples, pears, bananas, carrots, tomatos, etc.

Not only Erlang, also Verilog, VHDL and TeX are the last of the list, C, java and pyton are on
the top, not far away javascript and php, assembly follows, then FORTRAN and LISP, but
after logo, J or APL are not even mentioned.

These languages are not interchangeable, if you have a task, you must select the appropriate one.

But please, back to the main theme: lightweight groupware software. I wrote a very simple,
primitive script in tcl in order to allow people to upload files and text messages in my server,
I mean it as a more private mail. I get the uploaded files and text as a big multipart/form-data
file. Since it is mostly binary, I decided to write a program in C for extracting the parts.
Since days I am wasting my time writing by hand a parser for this trivial file, I regret not
having doing it with tcl, or at least not have used lex. Should I have done it in VHDL, TeX
or logo?

Here the description of multipart/form-data:





						RFC 7578 - Returning Values from Forms: multipart/form-data
					

Returning Values from Forms: multipart/form-data (RFC 7578)




					tools.ietf.org


----------



## msplsh (Oct 2, 2020)

hruodr said:


> These languages are not interchangeable,



I listed three other functional programming languages that are interchangeable which _are_ in the top 50.

I shouldn't have to explain why popularity matters in open source on a FreeBSD forum, but succinctly, popularity means that you get more people working on a thing, keeps it feature set relevant, and increases its survival long-term.


----------



## hruodr (Oct 2, 2020)

msplsh said:


> I listed three other functional programming languages that are interchangeable which _are_ in the top 50.



It seems it is not the fact that it is functional what makes Erlang special. It is concurrency, real
time, fault tollerance, scalability, hot swapping, and such things. I do not think that Scheme,
Haskell or Clojure may replace Erlang.

Just see here:



			Erlang -- What is Erlang


----------



## msplsh (Oct 2, 2020)

Concurrency is available in those other languages, which is mostly a natural byproduct of them being functional.

The rest of those things are just attributes that can be picked up by other languages (except maybe the soft RT).  I mean, seriously, what does "scalability" mean in a programming language?  It's usually just something you are trying to "get" when you choose a functional language.

Anyway, I don't believe using Erlang _specifically_ confers any super powers.  Using a functional programming methodology, does.  Again, I understand why they use Erlang, but those concerns aren't going to translate to hobbyist randos here on a forum.  Prosody is going to be fine.


----------



## hruodr (Oct 2, 2020)

msplsh said:


> Concurrency is available in those other languages, which is mostly a natural byproduct of them being functional.



No, it is definitively not a byproduct of being functional. The only advantage I see of functional
programming is the conciseness of the code, normally at a cost.


----------



## msplsh (Oct 2, 2020)

Whatever





						Concurrency - HaskellWiki
					






					wiki.haskell.org
				








						Clojure - Concurrent Programming
					






					clojure.org
				








						Concurrent computing - Wikipedia
					






					en.wikipedia.org


----------



## hruodr (Oct 2, 2020)

But that is not the consequence of being functional.


----------



## msplsh (Oct 2, 2020)

Would you prefer "emergent property"?


----------

