The one liner is great to have. I love that homebrew does that. For a project that you host, to be able to install it super fast and just get on with it is a huge plus.
However I chose not run this because it's a compiled binary and the source is nowhere to be seen. I choose not to trust a binary that I found on a forum from the internets. :)
I'm much more likely to try something like Wekan and evaluate it seriously just because I know that me and my team can build whatever features we need and we can trust the code because we can read it.
So does the business model work in the environment you're in? Eg giving the source to people who pay for it? Maybe it would be better to do something like eg nginx or cassandra or gitlab - have an OSS version and some premium version or at least some support contract with gold support or similar. It's a tough space to be fighting in with mature products and free products. How can you separate yourself from these other guys in a way that will still make you money? If it's just a self hosted trello alternative, that space may already be cloudy with Wekan. You need some differentiating quality to sit beside trello and wekan I think.
They have a unique offering and they are a trusted brand. If you have neither, you are relying on blind faith. For the vast majority of business to consumer products, this isn't a problem. However, in your case, you have a product that requires the installer to be somewhat knowledgeable, hence the scrutiny.
The easiest way to gain credibility is to have an incumbent vouch for you. For example, if Trello were to say, if you want to host your own Trello like solution, there is no better option than X, then most people wouldn't really care about installing a binary.
Since your solution isn't novel enough for people to take that leap of faith, you really have no other choice but to make the source available or try to align yourself with an established incumbent.
For example, create your product so it has tight integration with an Atlassian product and sell your solution through Atlasisan's marketplace. Or create a tight integration with GitHub and try to get it listed as an integration partner. And so forth.
Spot on. Couldn't agree more. I didn't download it because I didn't know anything about the creator, couldn't see the source, and had not evidence that it wasn't just some malware with a useful looking screenshot.
An about page about who you are would be a good start. Additionally, what country your from would be of interest. Most importantly would be your incentives for doing this project. If it's money, how to you plan to monetize? Do you plan to sell your users data? etc.
Trust is critical. Almost all of us Linux users run at least a few prepackaged binaries on our systems. But they come from trustworthy sources such as big companies like Github. These proprietary binaries are usually vetted by security researchers as well to detect any malicious behaviour.
Additionally, I'd recommend posting SHA checksums and offering a more traditional "Download" button as an alternative to the one-liner.
TLDR: You're asking people to take a risk on a new project, without any indiciation of who's behind it or why they should trust you.
> Trust is critical. Almost all of us [GNU/]Linux users run at least a few prepackaged binaries on our systems. But they come from trustworthy sources such as big companies like Github. These proprietary binaries are usually vetted by security researchers as well to detect any malicious behaviour.
Speak for yourself. I explicitly have removed all proprietary software from my machine. The whole "vetted by security researchers" is such a vague metric with mixed results. One researcher will find 30 bugs while another will find 5 in the same time.
> Additionally, I'd recommend posting SHA checksums and offering a more traditional "Download" button as an alternative to the one-liner.
> TLDR: You're asking people to take a risk on a new project, without any indiciation of who's behind it or why they should trust you.
Which is why he should just release the source. Then trust isn't a factor. I don't trust random people on the internet. And no, I don't trust GitHub or whoever you want to pick.
I use Intel's free software drivers. I've got libreboot on one or two of my machines (the others are work machines, so I'm fairly sure my employer wouldn't let me flash libreboot onto the BIOS).
I wish RISC-V and free hardware design FPGAs would be a thing soon so I can get rid of the proprietary Intel microcode. Not sure what I'll do about video then though.
I use Arch Linux, with the proprietary blobs shipped with Linux removed. As for a smartphone, yes I have a smartphone, and yes it does bother me that I cannot run one in freedom. This is a compromise that's necessary, and I am doing my best to find alternatives that are viable. Replicant is great, but it only supports 2G (which is known to be insecure at a protocol level). Ultimately, if someone was pitching a smartphone with free hardware designs and was running completely free (or free enough that it could be made completely free) software, I would totally pitch in >$1000 for such a project, even if the phone was only objectively worth $300. That's how important the future of software freedom is to me, personally.
But you might have different views, and that's fine. I just wanted to make clear that trusting a proprietary software vendor is something that I find to be extremely foolish (they will always screw you over eventually).
There are several distributions that come with no binary blobs, it's not only trisquel, but also Arch (-libre- from AUR), he could compile Gentoo himself or any BSD with flags to remove the blobs... It's easier than you think.
If it's money, how to you plan to monetize? Do you plan to sell your users data? etc.
From the webpage:
Skadi is free for projects with less than 3 users, public projects hosted on our servers, and non-profit organizations. For everyone else it's only $1/month per user.
I can't speak for dmix, but some things that pop to my mind:
Some companies have information security policies that certain types of data cannot be stored on (or sent through) servers in other countries. It's not about nationalism. It's about having it all under one legal jurisdiction (or limited set of jurisdictions). Having something like this self-hosted would be a great way to solve that problem vs using cloud services, (if it was verified not to phone home, leak data, update itself without permission, or allow remote access - hence why people want to see the source).
> I guess I have no other choice but to provide the source code to the clients, just like Atlassian does.
Is there a reason you don't want to do that? It clearly works. Release your code under the BSD or GPL licenses and provide it to your customers. If you did that, I'd be happy to pay for software like that. But for me, free (as in freedom) software is a requirement for anything I'm going to run on my machine.
I'd like to get your opinion on this project. It's still in beta and under heavy development. Some of the basic features like voting and checklists are missing, but they will be implemented by the end of February.
There are so many Kanban boards out there. Why create another?
They key advantage of Skadi is easy installation on your own server. You can literally do it in 10 seconds. It's a binary file with zero dependencies. It uses a built in web server and a LevelDB database. Even the static files are embedded in the binary, which allows easier updates.
So the primary audience is companies who would like to use Trello but can't store sensitive data on outside servers or simply prefer a self-hosted solution.
It also does some things better than Trello. For example, it is extremely light and fast and can handle a lot more cards without freezing. Search is always instant, unlike in Trello.
Nice project, I was looking for something similar to Trello but self-hosted, but there wasn't anything interesting out there :)
By the way, the entire "sensitive data" argument is not valid, since you're distributing a compiled binary. Do you really trust compiled binaries for sensitive data? I won't until I'll be able to review the source code.
Good point. I think I will do it the Atlassian way: companies who care about protecting their data will get the sources, just like with JIRA. They'll have to "go run" them themselves, but it's nothing like setting up JIRA.
For what it's worth, we use the free / open source https://wekan.io/ at Bytemark and it's really smooth, runs our whole-company to-do board with 28 people.
As a hosting co we'd rather have self-hosted than SaaS, but we'll use (& pay for) free software over both of those options if at all possible.
Yes, wekan.io is great. Right now the only advantages Skadi offers are a much easier installation/administration and instant search.
However the set of features will grow. I plan to implement functionality similar to Hackpad/Confluence, time management, and even source code management, so that companies have everything in one place for a very affordable price.
Sure, but the fact that you have to search these commands on a wiki inspires less confidence that if you have a clean documentation with an imperative “type that to install”. That should be fairly easy to implement though.
I’m also not certain about the canonical way to update Docker containers. I feel like we miss a standard “pod” (ie set of containers) orchestration tool (as docker-compose doesn’t really matches production requirements).
Maybe you'll become the next Atlassian but self hosted closed source is both better and worse than hosted closed source. Better because we have the data and worse because we don't know what runs on our server. Data security is the same.
It's not clear if the limit of 3 users apply to the self hosted server. Maybe you should clarify this point on your site.
They get away with it by being a well established known player with a long history of trustworthiness and branding. Github enterprise is not a guy I've never heard of just saying "Hey run this closed source binary on your computer." They also offer an amazing product that was revolutionary when it first came out. They weren't copying an already well known good product. There are some open source competitors now, but they had an enormous head start.
Nice. I'm currently seeking out a lean kanban-like board to self-host. It could be just me, but this seems to be closed-source and as such ranks a good way below libre alternatives like kanboard [1]. Interop with other systems is also a big deal for me, and the option to extend it myself if need be seems impossible with a closed system.
Are there plans to release the source code, or is there a documented API somewhere?
New 1.10 release out today with Git-Hub like search of public projects. With 100,000+ users and nearly as many projects activated the community at Taiga is growing quickly.
Thanks for having suggesting taiga.. I didn't know about it but it looks great. Seems like a great opinated tool for small-medium projects, I'll give it a try.
Another recommendation for Taiga here. It's very flexible (though this can be good or bad depending on you knowing already what you're doing) and fast enough.
Whoever comes up with an on-prem Trello that supports LDAP and group management wins the on-prem Trello-like enterprise market. To my knowledge, only Redbooth does this. $30/user per month. Insanity.
Kanboard[0] supports both LDAP authentication[1] and group management[2][3].
I've been using this in a professional context for the last four months or so. It's been pretty good. As well as a kanboard it supports a calendar view, task list view (similar to ToDoist) and a very basic Gantt view (no dependency tracking).
You might want to add some information about yourself to the website, or alternatively share the source code somewhere. I was put off of trying it when I noticed it was an executable. There's too little info about the project to trust it.
Nice project!
So far some things that would improve it (for me personally):
* show a shadow under the card when dragging that snaps to the list, this means I can accurately see where the card is dropped because sometimes it doesn't go where I want it.
* making a list would be nicer if it didn't have to refresh the page
* also there are some glitches with moving the cards where it indents them or overlaps them, it's hard to explain (I appreciate that this is beta though so you are probably aware of this)
But that's my 2 pence, I'll definitely consider using this once it's more polished on my server :)
Why not a one-time fee? It's probably nicer for people to
have a software without a built-in kill switch that will magically activate if they stop paying money
Were phasing the org put of trello because search/history is a pain after adding a mass of issues to the system. Improve that and you'll have me as a customer
Thanks! Good performance and instant search are two very important features of Skadi. For the next couple of weeks I'll be working hard to fix the bugs and implement missing features (e.g. searching in descriptions and comments).
It's not the speed, its the way results are returned. Problems start when you have to decide to implement something that was discussed a year ago and you want to understand why a decision was taken.
I'll second this. Would love faceted/filtered/advanced search (things like limit search by board, label, time range, include/exclude archived, etc.). Once you have a sizable team creating a lot of cards on a lot of boards over the course of multiple years, a simple text search returns too many results to find what you are looking for.
Hi,
I'm a lavagna.io developer so I'm surely biased but the search / filter feature is deeply integrated and plays a key role once a team starts to handle a lots of cards, take a look if you like the idea.
However I chose not run this because it's a compiled binary and the source is nowhere to be seen. I choose not to trust a binary that I found on a forum from the internets. :)
I'm much more likely to try something like Wekan and evaluate it seriously just because I know that me and my team can build whatever features we need and we can trust the code because we can read it.
So does the business model work in the environment you're in? Eg giving the source to people who pay for it? Maybe it would be better to do something like eg nginx or cassandra or gitlab - have an OSS version and some premium version or at least some support contract with gold support or similar. It's a tough space to be fighting in with mature products and free products. How can you separate yourself from these other guys in a way that will still make you money? If it's just a self hosted trello alternative, that space may already be cloudy with Wekan. You need some differentiating quality to sit beside trello and wekan I think.