Technologies Under Evaluation¶
Technologies being researched for potential adoption. This is a bookmark/reference list.
Analytics¶
Rybbit¶
Privacy-focused web analytics, alternative to Google Analytics and Umami.
- GitHub: https://github.com/rybbit-io/rybbit
- Docs: https://rybbit.com/
- Notes: Session replay, funnels, cookieless tracking. More feature-rich than Umami. AGPL-3.0.
Authentication¶
Tinyauth¶
Simple authentication middleware for reverse proxies.
- GitHub: https://github.com/steveiliop56/tinyauth
- Docs: https://tinyauth.app/
- Notes: Supports Traefik/Nginx/Caddy. OAuth with GitHub/Google. Helm chart available. GPLv3. Simpler than Authentik but less features.
Backups¶
Postgresus¶
PostgreSQL backup tool with web UI.
- GitHub: https://github.com/RostislavDugin/postgresus
- Notes: Web dashboard, scheduled backups, supports AWS RDS/GCP/Azure. Role-based access. Apache 2.0. May overlap with CloudNativePG backup features.
Zerobyte¶
Backup automation built on Restic with web interface.
- GitHub: https://github.com/nicotsx/zerobyte
- Notes: End-to-end encryption, S3/GCS/rclone support (40+ providers), retention policies, notifications. AGPL-3.0.
Document Management¶
BentoPDF¶
Privacy-first PDF toolkit (client-side processing).
- GitHub: https://github.com/alam00000/bentopdf
- Docs: https://bentopdf.com/
- Notes: 50+ tools (merge, split, compress, convert). Runs entirely in browser, no server processing. Good Stirling PDF alternative.
BookLore¶
Self-hosted book/ebook library.
- GitHub: https://github.com/booklore-app/booklore
- Docs: https://booklore-app.github.io/booklore-docs/
- Notes: EPUB/PDF/comics reader, Kobo/KOReader sync, OPDS support, OIDC auth. Multi-user with permissions.
Papra¶
Minimalistic document archiving platform.
- GitHub: https://github.com/papra-hq/papra
- Docs: https://docs.papra.app/
- Notes: Long-term document storage, tags, email ingestion. AGPL-3.0. Simple and focused.
File Storage & Sync¶
Sync-in¶
File storage, sharing, and collaboration platform.
- GitHub: https://github.com/Sync-in/server
- Docs: https://sync-in.com/docs/
- Notes: OnlyOffice integration, WebDAV, desktop clients, granular permissions. Potential Nextcloud replacement. AGPL-3.0.
Notes & Knowledge¶
Outline¶
Modern wiki and knowledge base for teams.
- GitHub: https://github.com/outline/outline
- Docs: https://docs.getoutline.com/
- Notes: Real-time collaboration, Markdown, slash commands, embeds (Figma, Loom, etc.). Structured collections. Full-text search. SSO/OIDC support (Authentik compatible). Slack/Mattermost integrations. BSL license (free self-host). S3 for file storage. Requires PostgreSQL + Redis.
NoteDiscovery¶
Self-hosted markdown note-taking with wiki features.
- GitHub: https://github.com/gamosoft/NoteDiscovery
- Docs: https://www.notediscovery.com/
- Notes: Wikilinks, graph view, LaTeX, Mermaid diagrams. File-based (regular .md files). 8 themes. Pairs well with Obsidian.
AFFiNE¶
Open-source Notion alternative with local-first approach.
- GitHub: https://github.com/toeverything/AFFiNE
- Docs: https://docs.affine.pro/
- Notes: Docs + whiteboards + databases in one. Local-first with optional sync. AGPL-3.0. Electron app + web. Still maturing but promising.
Project Management¶
Plane¶
Modern, open-source Linear/Jira alternative.
- GitHub: https://github.com/makeplane/plane
- Docs: https://docs.plane.so/
- Notes: Issues, cycles (sprints), modules, roadmaps. Clean UI similar to Linear. GitHub/GitLab sync. OIDC/SAML support. AGPL-3.0. Docker/K8s deploy. Active development. Requires PostgreSQL + Redis + MinIO.
Planka¶
Trello-like kanban board.
- GitHub: https://github.com/plankanban/planka
- Docs: https://docs.planka.cloud/
- Notes: Real-time updates, drag-and-drop, attachments, due dates. Simple and focused. AGPL-3.0. Lightweight (just PostgreSQL). Good for small teams wanting simplicity.
Vikunja¶
Task management with multiple views.
- GitHub: https://github.com/go-vikunja/vikunja
- Docs: https://vikunja.io/docs/
- Notes: Lists, kanban, gantt, calendar views. CalDAV support. OIDC auth. Single Go binary + SQLite/PostgreSQL. AGPL-3.0. Lightweight and performant.
Tillywork¶
Open-source command center combining project management, sprints, and CRM.
- GitHub: https://github.com/tillywork/tillywork
- Docs: https://tillywork.com/
- Notes: Linear-like UI for fast issue creation. Projects, sprints (with burndown charts), kanban pipelines. Cards with relations (blocks/is blocked by). API-first design - can integrate with Forgejo via webhooks. MIT license, unlimited seats. TypeScript/GraphQL backend, Material UI. Requires PostgreSQL.
Huly¶
All-in-one project management platform (Linear + Jira + Slack + Notion alternative).
- GitHub: https://github.com/hcengineering/platform
- Self-host: https://github.com/hcengineering/huly-selfhost
- Docs: https://docs.huly.io/
- Notes: Issues, sprints, kanban, roadmaps, time-blocking. Built-in chat and video calls (LiveKit). Notion-like documents/wiki. CRM, HRM, ATS modules. OIDC/SSO support. EPL-2.0 license. Requires CockroachDB + MongoDB + Elasticsearch + Redpanda + MinIO. Overkill for small teams (<20 employees) - better suited for larger organizations needing all-in-one solution. Tested Dec 2025.
Developer Platform / IDP¶
Kubero¶
Heroku-like PaaS for Kubernetes with addon system.
- GitHub: https://github.com/kubero-dev/kubero
- Docs: https://www.kubero.dev/docs/
- Notes: Git push to deploy, 4 pipelines (review/test/staging/prod), 160+ app templates, one-click addons (PostgreSQL, Redis, MongoDB, MySQL, Elasticsearch). Review apps for PRs. Buildpacks or Dockerfile. OIDC support. Simple UI. AGPL-3.0. Kubernetes-native (stores config in CRDs, not Git). No external DB needed. Good for small teams wanting Heroku experience on K8s.
- Status: ⚠️ Not chosen (Dec 2025) - CRD-based (not Git-centric), addons are Kubero-managed (not CNPG), separate from existing backup strategy. Doesn't fit GitOps philosophy.
Qovery¶
Internal Developer Platform with full preview environment support.
- GitHub: https://github.com/Qovery/engine (engine is open source)
- Docs: https://www.qovery.com/docs/
- Notes: Runs on your AWS/GCP/Azure. Full preview environments including database clones. Supports managed DBs (RDS) or container DBs. Git-based deployments. BYOK (bring your own K8s). Has Replibyte for DB seeding and Torii for developer portal. Free tier available. Proprietary (open-source engine). Good for teams on major cloud providers.
Coolify¶
Self-hosted Heroku/Vercel/Netlify alternative.
- GitHub: https://github.com/coollabsio/coolify
- Docs: https://coolify.io/docs
- Notes: One-click database provisioning (PostgreSQL, MySQL, Redis, MongoDB). Git integration (GitHub, GitLab, Bitbucket). Docker-based (not K8s native). Very active development, large community. Free and open source. Simple and polished UI. Great for small teams. Not ideal if already invested in K8s.
Backstage¶
Spotify's developer portal and service catalog.
- GitHub: https://github.com/backstage/backstage
- Docs: https://backstage.io/docs
- Notes: Service catalog, software templates, TechDocs. Plugin ecosystem (Kubernetes, ArgoCD, etc.). OIDC/SAML. Apache 2.0. Powerful but complex to set up and maintain. Best for larger organizations (50+ engineers). Requires PostgreSQL.
Devtron¶
Kubernetes-native DevSecOps platform.
- GitHub: https://github.com/devtron-labs/devtron
- Docs: https://docs.devtron.ai/
- Notes: Full CI/CD with UI, GitOps (uses ArgoCD), security scanning, RBAC. Form-based UI abstracts K8s/Helm complexity. Configs stored in Git (true GitOps). Environment promotion (dev→staging→prod). OIDC support. Apache 2.0. Can integrate with existing CNPG for databases via custom Helm charts. More feature-complete than Kubero but heavier.
- Status: ❌ Rejected (Dec 2025) - Tested in production. ArgoCD ClusterRoleBinding conflicts with existing ArgoCD installation. Complex SSO/Dex setup. Heavy dependencies (PostgreSQL, many CRDs). Not designed for environments with pre-existing ArgoCD.
Sablier¶
Zero-scale/scale-to-zero for containers.
- GitHub: https://github.com/sablier-labs/sablier
- Docs: https://sablier.dev/
- Notes: Start containers on-demand, scale to zero when idle. Integrates with Traefik/Nginx/Caddy. Good for dev environments and cost savings. Apache 2.0.
Database Tools for Preview Environments¶
DBLab (PostgresAI)¶
Instant PostgreSQL thin clones for development and testing.
- GitHub: https://github.com/postgres-ai/database-lab-engine
- Docs: https://postgres.ai/docs/
- Notes: Copy-on-write database cloning. 1TB database clones in ~10 seconds. Multiple clones share storage (~90% cost savings). Perfect for preview environments needing production-scale data. API for CI/CD integration. Can complement CNPG for ephemeral environments. Open source (Apache 2.0).
Replibyte (Qovery)¶
Database seeding and anonymization tool.
- GitHub: https://github.com/Qovery/Replibyte
- Docs: https://www.replibyte.com/docs/
- Notes: Seed databases from production with data anonymization. Written in Rust. Supports PostgreSQL, MySQL, MongoDB. Good for creating realistic test data without exposing PII. MIT license.
Container Registry¶
Harbor¶
Enterprise container registry with security scanning.
- GitHub: https://github.com/goharbor/harbor
- Docs: https://goharbor.io/docs
- Notes: Vulnerability scanning (Trivy), RBAC, replication, Helm chart repository. OIDC support. Apache 2.0. Industry standard for enterprise. Note: Forgejo already has built-in container registry which may be sufficient for small teams.
Tunnels & Networking¶
Pangolin¶
All-in-one tunneling, reverse proxy, and VPN solution.
- GitHub: https://github.com/fosrl/pangolin
- Docs: https://pangolin.net/
- Features:
- WireGuard-based tunnels (expose services without public IPs)
- Wildcard subdomain support (*.domain.com routing)
- Identity-aware proxy with OAuth2/OIDC (Authentik, Keycloak)
- Built-in VPN for private network access
- Auto-SSL via Let's Encrypt
- TCP/UDP tunnel support (not just HTTP)
- Web UI for management
- License: AGPL-3.0 (self-hosted free), Commercial for enterprise
- Comparison to Cloudflare:
- ✅ Fully self-hosted (no third-party dependency)
- ✅ Wildcard subdomains included (Cloudflare charges for wildcards)
- ✅ VPN + tunnels in one tool (Cloudflare needs separate WARP/Teams)
- ✅ No per-seat pricing for Zero Trust equivalent
- ⚠️ UI-based config (less GitOps friendly than Terraform+Cloudflare)
- ⚠️ Self-managed infrastructure vs Cloudflare's edge network
- Notes: Strong contender for replacing Cloudflare Tunnels + Tailscale in one solution. Especially valuable when avoiding external dependencies is priority.
Evaluation Status¶
| Technology | Category | Priority | Status |
|---|---|---|---|
| Rybbit | Analytics | Medium | To evaluate |
| Tinyauth | Auth | Low | To evaluate |
| Keycloak | Auth | High | Enterprise SSO, recommended for scaling (Silver Frog) |
| Postgresus | Backup | Low | CloudNativePG may suffice |
| Zerobyte | Backup | Medium | To evaluate |
| BentoPDF | Docs | Low | Nice to have |
| BookLore | Docs | Low | Nice to have |
| Papra | Docs | Medium | To evaluate |
| Documenso | Doc Signing | Medium | Client contracts, e-signatures |
| DocuSeal | Doc Signing | Low | Simpler alternative to Documenso |
| Sync-in | Storage | High | Nextcloud replacement candidate |
| Outline | Notes | High | Wiki for meetings/collab docs |
| NoteDiscovery | Notes | Medium | To evaluate |
| AFFiNE | Notes | Low | Notion alternative, still maturing |
| Memos | Notes | Low | Quick notes/bookmarks |
| Plane | Project Mgmt | High | Best UX but SSO paywalled, fork exists (bitbay/plane-oidc) |
| Planka | Project Mgmt | High | Simple kanban, free OIDC, 11k stars |
| Vikunja | Project Mgmt | High | Free OIDC, team sync, Gantt+Kanban - best for SSO-first |
| Tillywork | Project Mgmt | High | Linear-like UI, sprints + CRM, Forgejo API integration |
| Huly | Project Mgmt | High | All-in-one, OIDC now available, unlimited users |
| Element | Chat | High | Matrix protocol, video rooms, free OIDC, Vates-tested |
| Zulip | Chat | Medium | Best threading, but mobile push paywalled >10 users |
| Mostlymatter | Chat | Low | Mattermost fork, use as last resort |
| Rocket.Chat | Chat | Medium | Free OIDC, Matrix federation, no boards |
| Netdata | Monitoring | Medium | Quick setup, per-node pricing at scale |
| Excalidraw | Collab | Medium | Whiteboard diagrams, architecture sketches |
| Penpot | Design | Medium | Figma alternative for UI mockups |
| NocoDB | Database UI | Medium | Airtable alternative, connect to existing DBs |
| Baserow | Database UI | Medium | No-code database, polished UI |
| Grist | Spreadsheets | Low | Python-powered spreadsheets |
| Open WebUI | AI/LLM | High | Self-hosted ChatGPT interface |
| Ollama | AI/LLM | High | Local LLM runner, pairs with Open WebUI |
| Listmonk | Mailing | Medium | Newsletter/mailing list manager |
| Tolgee | Localization | Low | Translation management for i18n projects |
| Weblate | Localization | Low | More mature but heavier than Tolgee |
| Tailscale | Network | Medium | Mesh VPN for internal access |
| GoDoxy | Network | Low | Tunnel alternative to Cloudflare |
| Kubero | IDP | - | ⚠️ Not chosen - CRD-based, not Git-centric |
| Devtron | IDP | - | ❌ Rejected - ArgoCD conflicts, complex setup |
| minnova-app | IDP | High | ✅ Chosen - Custom Helm chart + ArgoCD ApplicationSet |
| Qovery | IDP | Medium | Full preview envs with DB clones, but proprietary |
| Coolify | IDP | Low | Great UX but Docker-based (not K8s native) |
| Backstage | IDP | Low | Too complex for small teams (<50 engineers) |
| Sablier | IDP | Low | Scale-to-zero, nice for dev envs |
| DBLab | Database | Medium | Instant DB clones for preview envs, complements CNPG |
| Replibyte | Database | Low | DB seeding with anonymization |
| Harbor | Registry | Low | Forgejo registry may suffice |
| Pangolin | Network | High | VPN + tunnels + identity proxy, replaces CF+Tailscale |
Related Documentation¶
- Internal Developer Platform - Minnova's chosen IDP approach using ArgoCD ApplicationSets
Team Communication¶
Element (Matrix)¶
Self-hosted team chat with end-to-end encryption and video calls.
- GitHub: https://github.com/element-hq/synapse
- Docs: https://element.io/
- Self-host: ESS Community (free, AGPL)
- Notes: Matrix protocol, federation capable, Element Call for video, native OIDC via MAS. Video rooms are killer feature for remote teams. Vates (100+ people) migrated from Mattermost. Mobile via Element X (new rewrite, still maturing). Learning curve with spaces/rooms. ESS Community is free; ESS Pro for enterprise scale.
Zulip¶
Topic-based team chat with best-in-class threading.
- GitHub: https://github.com/zulip/zulip
- Docs: https://zulip.com/
- Notes: Apache 2.0. Superior threading model (topics within streams). Proven at 10k+ users (Fortune 500, Akamai). Full OIDC support. Caveat: Mobile push notifications require paid plan ($6.67/user/month) for >10 users. UI feels dated. Non-technical users struggle with stream/topic model.
Mostlymatter (Mattermost Fork)¶
Fork of Mattermost with limits removed.
- GitLab: https://framagit.org/framasoft/framateam/mostlymatter
- Docker: https://github.com/Fgruntjes/mostlymatter-docker
- Notes: Maintained by Framasoft (French non-profit). Removes user/message limits (multiplied 1000x). Based on Mattermost Entry. Caveat: Security patches lag upstream, small maintainer team. Use as last resort.
- Context: Mattermost v11 (Dec 2025) added 10k message limit to self-hosted, removed GitLab SSO from free tier, applied retroactively. Community calls it "ransomware behavior".
Rocket.Chat¶
Self-hosted team chat with Matrix federation.
- GitHub: https://github.com/RocketChat/Rocket.Chat
- Docs: https://rocket.chat/
- Notes: Free self-hosted, SAML/OIDC in free tier, Matrix federation built-in. No boards/playbooks like Mattermost had. Some notification bugs reported. $8/user/month for Pro cloud.
Monitoring¶
Netdata¶
Real-time infrastructure monitoring with auto-discovery.
- GitHub: https://github.com/netdata/netdata
- Docs: https://www.netdata.cloud/
- Notes: Per-second metrics, 800+ integrations, ML anomaly detection, zero config. Pricing: Free agent (unlimited), Cloud Business $4.5/node/month. Proven at 100k+ nodes. Good for quick setup. Concerns: Some features gated behind cloud, resource-hungry, confusing alerting. At scale, Prometheus + Grafana is more flexible and industry standard.
Identity Management¶
Keycloak¶
Enterprise-grade identity and access management.
- GitHub: https://github.com/keycloak/keycloak
- Docs: https://www.keycloak.org/
- Notes: Red Hat backed, 13 years mature. OIDC, SAML, LDAP/AD, UMA 2.0. Better for scaling to 100+ users than Authentik. More complex but more enterprise features. Apache 2.0.
Document Signing¶
Documenso¶
Open-source DocuSign alternative.
- GitHub: https://github.com/documenso/documenso
- Docs: https://documenso.com/
- Notes: E-signatures, templates, API. AGPL-3.0. Self-hosted free. Useful for client contracts. Modern UI.
DocuSeal¶
Document signing and form filling.
- GitHub: https://github.com/docuseal/docuseal
- Docs: https://www.docuseal.co/
- Notes: PDF forms, e-signatures, templates, API. AGPL-3.0. Simpler than Documenso. Good for internal forms.
Collaboration & Design¶
Excalidraw¶
Virtual whiteboard for sketching diagrams.
- GitHub: https://github.com/excalidraw/excalidraw
- Docs: https://excalidraw.com/
- Notes: Hand-drawn style diagrams. Real-time collaboration. Can self-host or use cloud. MIT license. Great for architecture discussions.
Penpot¶
Open-source Figma alternative.
- GitHub: https://github.com/penpot/penpot
- Docs: https://penpot.app/
- Notes: Design and prototyping. SVG-based, web standards. Team collaboration. MPL 2.0. Good for UI mockups without Figma costs.
Database UI (No-Code)¶
NocoDB¶
Airtable alternative, turns databases into spreadsheets.
- GitHub: https://github.com/nocodb/nocodb
- Docs: https://docs.nocodb.com/
- Notes: Connect to existing PostgreSQL/MySQL. Views (grid, kanban, gallery, form). API auto-generation. AGPL-3.0. Good for non-technical users to interact with data.
Baserow¶
Open-source Airtable alternative.
- GitHub: https://github.com/bram2w/baserow
- Docs: https://baserow.io/docs
- Notes: No-code database. Templates, automations, API. MIT license. Self-hosted. More polished UI than NocoDB.
Grist¶
Spreadsheets with database power.
- GitHub: https://github.com/gristlabs/grist-core
- Docs: https://www.getgrist.com/
- Notes: Python formulas, relational data, access control. Apache 2.0. Good for complex spreadsheet needs beyond Google Sheets.
AI / LLMs¶
Open WebUI¶
Self-hosted ChatGPT-like interface.
- GitHub: https://github.com/open-webui/open-webui
- Docs: https://docs.openwebui.com/
- Notes: Works with Ollama or OpenAI API. RAG, model switching, conversation history. MIT license. Clean UI. Good for team AI access without per-seat costs.
Ollama¶
Local LLM runner.
- GitHub: https://github.com/ollama/ollama
- Docs: https://ollama.ai/
- Notes: Run LLMs locally (Llama, Mistral, etc.). Simple CLI. MIT license. Pairs with Open WebUI for full solution.
Mailing Lists / Newsletters¶
Listmonk¶
Self-hosted newsletter and mailing list manager.
- GitHub: https://github.com/knadh/listmonk
- Docs: https://listmonk.app/docs/
- Notes: High performance (Go + PostgreSQL). Templates, campaigns, analytics. AGPL-3.0. Good for client newsletters or internal updates.
Localization¶
Tolgee¶
Translation management platform.
- GitHub: https://github.com/tolgee/tolgee-platform
- Docs: https://tolgee.io/docs
- Notes: In-context translation, machine translation, CLI. Self-hosted or cloud. Good for multi-language client projects. AGPL-3.0.
Weblate¶
Web-based translation management.
- GitHub: https://github.com/WeblateOrg/weblate
- Docs: https://docs.weblate.org/
- Notes: Git integration, quality checks, glossary. Proven at scale. GPL-3.0. More mature than Tolgee but heavier.
Quick Notes / Bookmarks¶
Memos¶
Lightweight note-taking with sharing.
- GitHub: https://github.com/usememos/memos
- Docs: https://usememos.com/
- Notes: Twitter-like notes. Markdown, tags, sharing. MIT license. Single binary. Good for quick thoughts and bookmarks.
Karakeep¶
Bookmark and read-later service.
- GitHub: https://github.com/karakeep-app/karakeep
- Notes: Self-hosted Pocket alternative. Tags, full-text search, archiving. Good for saving articles and links.
Remote Access¶
Tailscale¶
Zero-config mesh VPN.
- GitHub: https://github.com/tailscale/tailscale
- Docs: https://tailscale.com/
- Notes: WireGuard-based. SSO integration. Free for personal use, $6/user for teams. Easy setup. Good for internal service access without exposing to internet.
GoDoxy¶
Self-hosted tunnel server.
- GitHub: https://github.com/yusing/go-proxy
- Notes: Reverse proxy with auto-SSL. Docker-friendly. Alternative to Cloudflare Tunnels for self-hosted.
SSO Tax Reference¶
Many self-hosted tools paywall OIDC/SSO behind paid tiers. Critical consideration when selecting tools.
| Tool | OIDC Free? | Notes |
|---|---|---|
| Plane | No | Best PM UX but SSO paywalled. Fork exists: bitbay/plane-oidc |
| OpenProject | No | SSO in paid tiers |
| Taiga | Outdated | Old OIDC implementation, integration issues |
| Huly | WIP | Team actively developing, not ready |
| Docmost | No | SSO in enterprise edition |
| Vikunja | Yes | Full OIDC, Keycloak/Authentik examples |
| Planka | Yes | OpenID Connect support |
| Outline | Yes | Full OIDC support |
| Element | Yes | Native MAS (Matrix Auth Service) |
| Zulip | Yes | Full OIDC (but mobile push paywalled) |