
Show HN: Skadi – self-hosted Trello alternative with a 10 second installation - medvednikov
https://getskadi.com
======
ninjakeyboard
The one liner is great to have. I love that homebrew does that. For a project
that you host, to be able to install it super fast and just get on with it is
a huge plus.

However I chose not run this because it's a compiled binary and the source is
nowhere to be seen. I choose not to trust a binary that I found on a forum
from the internets. :)

I'm much more likely to try something like Wekan and evaluate it seriously
just because I know that me and my team can build whatever features we need
and we can trust the code because we can read it.

So does the business model work in the environment you're in? Eg giving the
source to people who pay for it? Maybe it would be better to do something like
eg nginx or cassandra or gitlab - have an OSS version and some premium version
or at least some support contract with gold support or similar. It's a tough
space to be fighting in with mature products and free products. How can you
separate yourself from these other guys in a way that will still make you
money? If it's just a self hosted trello alternative, that space may already
be cloudy with Wekan. You need some differentiating quality to sit beside
trello and wekan I think.

~~~
medvednikov
Thanks a lot for such a thorough comment!

You are right, asking people to run the binary on their servers is not a good
idea.

I guess I have no other choice but to provide the source code to the clients,
just like Atlassian does.

I just did some research, and it looks like GitHub are protecting their source
code:

[http://stackoverflow.com/questions/13185814/how-github-
enter...](http://stackoverflow.com/questions/13185814/how-github-enterprise-
protects-the-code-they-deliver-on-virtual-machines)

How do they get away with this?

~~~
dmix
An about page about who you are would be a good start. Additionally, what
country your from would be of interest. Most importantly would be your
incentives for doing this project. If it's money, how to you plan to monetize?
Do you plan to sell your users data? etc.

Trust is critical. Almost all of us Linux users run at least a few prepackaged
binaries on our systems. But they come from trustworthy sources such as big
companies like Github. These proprietary binaries are usually vetted by
security researchers as well to detect any malicious behaviour.

Additionally, I'd recommend posting SHA checksums and offering a more
traditional "Download" button as an alternative to the one-liner.

TLDR: You're asking people to take a risk on a new project, without any
indiciation of who's behind it or why they should trust you.

~~~
cyphar
> Trust is critical. Almost all of us [GNU/]Linux users run at least a few
> prepackaged binaries on our systems. But they come from trustworthy sources
> such as big companies like Github. These proprietary binaries are usually
> vetted by security researchers as well to detect any malicious behaviour.

Speak for yourself. I explicitly have removed all proprietary software from my
machine. The whole "vetted by security researchers" is such a vague metric
with mixed results. One researcher will find 30 bugs while another will find 5
in the same time.

> Additionally, I'd recommend posting SHA checksums and offering a more
> traditional "Download" button as an alternative to the one-liner.

> TLDR: You're asking people to take a risk on a new project, without any
> indiciation of who's behind it or why they should trust you.

Which is why he should just release the source. Then trust isn't a factor. I
don't trust random people on the internet. And no, I don't trust GitHub or
whoever you want to pick.

~~~
dmix
> I explicitly have removed all proprietary software from my machine.

So you don't use a desktop operating system? Or smartphone?

~~~
cyphar
I use Arch Linux, with the proprietary blobs shipped with Linux removed. As
for a smartphone, yes I have a smartphone, and yes it does bother me that I
cannot run one in freedom. This is a compromise that's necessary, and I am
doing my best to find alternatives that are viable. Replicant is great, but it
only supports 2G (which is known to be insecure at a protocol level).
Ultimately, if someone was pitching a smartphone with free hardware designs
and was running completely free (or free enough that it could be made
completely free) software, I would totally pitch in >$1000 for such a project,
even if the phone was only objectively worth $300. That's how important the
future of software freedom is to me, personally.

But you might have different views, and that's fine. I just wanted to make
clear that trusting a proprietary software vendor is something that I find to
be extremely foolish (they will _always_ screw you over eventually).

------
medvednikov
Hello,

I'd like to get your opinion on this project. It's still in beta and under
heavy development. Some of the basic features like voting and checklists are
missing, but they will be implemented by the end of February.

There are so many Kanban boards out there. Why create another?

They key advantage of Skadi is easy installation on your own server. You can
literally do it in 10 seconds. It's a binary file with zero dependencies. It
uses a built in web server and a LevelDB database. Even the static files are
embedded in the binary, which allows easier updates.

So the primary audience is companies who would like to use Trello but can't
store sensitive data on outside servers or simply prefer a self-hosted
solution.

It also does some things better than Trello. For example, it is extremely
light and fast and can handle a lot more cards without freezing. Search is
always instant, unlike in Trello.

Of course, it supports JSON imports from Trello.

Thanks for your time.

~~~
ff_
Nice project, I was looking for something similar to Trello but self-hosted,
but there wasn't anything interesting out there :)

By the way, the entire "sensitive data" argument is not valid, since you're
distributing a compiled binary. Do you really trust compiled binaries for
sensitive data? I won't until I'll be able to review the source code.

~~~
medvednikov
Good point. I think I will do it the Atlassian way: companies who care about
protecting their data will get the sources, just like with JIRA. They'll have
to "go run" them themselves, but it's nothing like setting up JIRA.

------
mattbee
For what it's worth, we use the free / open source
[https://wekan.io/](https://wekan.io/) at Bytemark and it's really smooth,
runs our whole-company to-do board with 28 people.

As a hosting co we'd rather have self-hosted than SaaS, but we'll use (& pay
for) free software over both of those options if at all possible.

~~~
medvednikov
Yes, wekan.io is great. Right now the only advantages Skadi offers are a much
easier installation/administration and instant search.

However the set of features will grow. I plan to implement functionality
similar to Hackpad/Confluence, time management, and even source code
management, so that companies have everything in one place for a very
affordable price.

~~~
mquandalle
Wekan lead developer here. It's good to have some competition, expect to have
a one liner installation for Wekan pretty soon :-)

~~~
ake1
two docker run commands is easy enough and could be considered a one liner
install.

~~~
mquandalle
Sure, but the fact that you have to search these commands on a wiki inspires
less confidence that if you have a clean documentation with an imperative
“type that to install”. That should be fairly easy to implement though.

I’m also not certain about the canonical way to update Docker containers. I
feel like we miss a standard “pod” (ie _set_ of containers) orchestration tool
(as docker-compose doesn’t really matches production requirements).

------
galaktor
Nice. I'm currently seeking out a lean kanban-like board to self-host. It
could be just me, but this seems to be closed-source and as such ranks a good
way below libre alternatives like kanboard [1]. Interop with other systems is
also a big deal for me, and the option to extend it myself if need be seems
impossible with a closed system.

Are there plans to release the source code, or is there a documented API
somewhere?

[1] [http://kanboard.net/](http://kanboard.net/)

~~~
zlatan_todoric
Maybe you want to take a look at [https://taiga.io/](https://taiga.io/)

~~~
eposner
New 1.10 release out today with Git-Hub like search of public projects. With
100,000+ users and nearly as many projects activated the community at Taiga is
growing quickly.

------
medlazik
Whoever comes up with an on-prem Trello that supports LDAP and group
management wins the on-prem Trello-like enterprise market. To my knowledge,
only Redbooth does this. $30/user per month. Insanity.

~~~
TheLogothete
Jira has LDAP, no?

~~~
medlazik
Sorry I meant "Trello-like", its appeal to non techies.

------
rmsaksida
You might want to add some information about yourself to the website, or
alternatively share the source code somewhere. I was put off of trying it when
I noticed it was an executable. There's too little info about the project to
trust it.

~~~
medvednikov
Yes, this is actually worse than the notorious installation scripts run as
root.

At least Skadi doesn't require root access.

I will definitely be adding more information and researching other ways of
distributing executables safely.

------
0xbadb002
Nice project! So far some things that would improve it (for me personally):

* show a shadow under the card when dragging that snaps to the list, this means I can accurately see where the card is dropped because sometimes it doesn't go where I want it.

* making a list would be nicer if it didn't have to refresh the page

* also there are some glitches with moving the cards where it indents them or overlaps them, it's hard to explain (I appreciate that this is beta though so you are probably aware of this)

But that's my 2 pence, I'll definitely consider using this once it's more
polished on my server :)

------
davexunit
"Self-hosting" is moot when the software is proprietary. Check out Wekan
instead, it's free software.

------
VFisa
Nice project. I would also recommend self-hosted Kanboard
[http://kanboard.net](http://kanboard.net) It has full API a reporting
capabilities.

------
sqrt17
Why not a one-time fee? It's probably nicer for people to have a software
without a built-in kill switch that will magically activate if they stop
paying money

~~~
medvednikov
Good point. A lot of companies would definitely prefer a one-time fee. The
pricing policy is not final of course.

------
Numberwang
What are your plans for the Windows release? How do you make secure backups
with this?

~~~
medvednikov
Windows support will be implemented next week.

Backups are run automatically and saved in the "bkups" directory (next to the
executable).

------
skaplun
Were phasing the org put of trello because search/history is a pain after
adding a mass of issues to the system. Improve that and you'll have me as a
customer

~~~
medvednikov
Thanks! Good performance and instant search are two very important features of
Skadi. For the next couple of weeks I'll be working hard to fix the bugs and
implement missing features (e.g. searching in descriptions and comments).

~~~
skaplun
It's not the speed, its the way results are returned. Problems start when you
have to decide to implement something that was discussed a year ago and you
want to understand why a decision was taken.

~~~
Falkon1313
I'll second this. Would love faceted/filtered/advanced search (things like
limit search by board, label, time range, include/exclude archived, etc.).
Once you have a sizable team creating a lot of cards on a lot of boards over
the course of multiple years, a simple text search returns too many results to
find what you are looking for.

~~~
SitoCH
Hi, I'm a lavagna.io developer so I'm surely biased but the search / filter
feature is deeply integrated and plays a key role once a team starts to handle
a lots of cards, take a look if you like the idea.

------
vin123
Hey!

Try Brightpod for project management - recurring tasks, focus mode, cal, time
tracking & more - bit.ly/17GZqhe

