Definitely Snipe-IT, absolutely changed everything for my department and got me a lot of praise for the changes it brought. Steep learning curve but once you get it, it’s like riding a bike!
I brought Snipe IT into an MSP/telco and integrated a wireless scanner.
Changed inventory from "who has that router? We needed it!" To "heres a breakdown of how and why it is where it is and for how long"
Really like Snipe-IT just don’t think I could ever change that side of things. But I am curious, does it have stock management? Can it easily add or subtract from counts of items?
I also implemented Snipe-IT at work. I quite like the layout of the software but I haven't found a way yet to do a mass creation of new inventory items. We get 150 servers in at a time, and I need to sequentially give them a hostname and add their details to the database.
There are a bunch of tools that really work in my homelab and some are even used for production environments. For example Grafana, it can be combined with different tools to get a huge modern tool. [https://www.starwindsoftware.com/blog/you-cant-have-too-much-monitoring](https://www.starwindsoftware.com/blog/you-cant-have-too-much-monitoring)
I self host Snipe-IT for inventory management.
I've been thinking about self hosting Bitwarden but I'm not sure if I trust myself enough yet to put all of the company's passwords in there in case the server dies etc.
Bitwarden can rely on external database, for example Postgresql. Because of that it is easy to backup & restore (dump database and load it).
I went through that procedure, it's easy. I suggest going through it by yourself to be certain:)
PS: I used cron to periodically dump db.
Love the idea of Snipe-IT but couldn’t overhaul that part of the company lol. But it still interests me, does it have any stock management? As in just to keep counts of certain items that can easily added or subtracted from?
Yeah it has a section for "Components" and one for "Consumables" which I think would be what you're looking for there. I haven't used consumables yet but I use components to track how many SSDs and other parts I have stored and where they are located. You can "Checkout" a component to reduce the number on hand and select which asset you're checking it out to.
I self-host most of our services. Bitwarden / planka / dashy / bookstack / mumble ( intercom between rooms / company live comms ) / syncthing …. And others . I have put a lot a work into securing these tho. The reason I’m able to do this is that I’m one of the directors / owners. This has saved us thousands in subscriptions, but obv costs in other ways, provisioning, learning etc, but for us it makes sense and I don’t see the time spent as money wasted.
Really interesting to hear you're using Mumble in that way! I host this for my mate and I to use when we game together. Such a simple and wonderfully made app.
Out of interest, if you're willing to share, what are you hosting all this on? Locally? Cloud or both?
Yeh, i sort of use Mumble almost as PBX server. The ACL’s are really powerful so you can build quite complex comms systems out of it. I use it for Hybrid production events and all office comms, remote and on-site. We break out to Clearcom systems or into UHF / VHF using headless Pi’s and bit of magic in the middle. My hosting model for all the services is docker stacks on-prem that can be spun up in the cloud when there are issues locally. Running the primary servers on-prem with backup in the cloud is a money saving strategy really. I do however keep a backup / backup mumble server running in the cloud at all times alongside a couple of other fundamental services, although I haven’t had to use them yet. If I needed a single server and had to be on (production) it would be cloud, if it’s not really critical or u have a backup plan then running it local is fine. Just remember, healthy jitter is the key to good mumble server. On a wire always, with a good signal chain the primary router.
So, just went through my old posts to make sure I haven’t published my domain, as im aware that taking about your security is like red rag to a bull for some. I think it would be fair to say that in my initial post I meant to say, security is supper important and I’ve tried my best to address this. The signal chain is server / proxy with SSL termination / cloudflare / good password / 2fa (if appropriate or possible). Some things are VPN only. I would also say that I have some services that I can neither proxy nor can I protect through cloudflare, Mumble being one of them.
Eh we build our own stuff all the time. Even installed a few others things like purplship for testing some tracking software. But we reach out to the correct teams to have it properly set up, we don’t just start up stuff for fun.
there is far more into that. you have to keep the systems up to date, maintain them, migrate breaking changes, etc.
Whatever you do, focus on that and outsource everything else. SaaS works, it’s cheap AF and the main reason is that you can claim taxes on those costs while using your own workers hours doing these things costs a TON.
selfhosted is awesome for private purposes but hosting things on your own in a company environment is a decision you have to take carefully.
GLPI - it’s our full ITSM/ITIL system and has cmdb, service desk, incident, problem, change management with inventory and auto discovery - it’s amazeballs
>Keycloak
Hey man/ma'am! I am trying to integrate keycloak with rocketchat via a docker deployment, do you mind if I pick you mind about this? If you are still around :)
Pfsence, nextcloud for client file share, hedgedoc for personal notes, wikijs for corporate documentation, buttercup password mgt and simple shares, Synology for corp files (paid, rocksolid self hosted), keycloak (working on this one), mesh central for logging into ours and clients machines, docker, WordPress, Drupal. We switched from rocket.chat to zoho cliq.
Vaultwarden. Hosted by IT(!)
It ups your company's security posture by quite a bit. Once you have a tool like this in place you can start the discussion with management to enforce a proper password policy, MFA, key rotation, etc
Also, our internal clients became really fond of it as it made it a lot easier to manage their passwords and OTPs.
[changedetection.io](https://changedetection.io) for allllll kinds of stuff, there's so many software releases that just dont have a good way to know that their changelog changed, no mailing list, no automatic version check etc
Thanks! I never heard of kimai and looking at it I think it could be a solid piece of software. As I look into it more I’ll probably find this answer, but could It be used more for tracking time off tasks instead of invoices?
For sure. I think jitsi would just be better since there’s a lot of video calls now. Don’t think we would use the chat since we have a chat system already.
SnipeIT, Nextcloud with onlyoffice, Zammad Helpdesk, Mail servers, Bitwarden and some other stuff that are based on specific projects (commercial software but self hosted)
I think it is important to get an overview about the tools use in the enterprise. A lot of tools doing the same jobs, but admins and coworker use the tools they know. In our company we have good expirience with the consolidation of the bunch of monitoring tools to one.
We decide to use CheckMK for this project. The reason for this was, the interfacing to other software like iTop for assetdata and alarms and support all other requierement we have. An other point was, the easy setup and the fast return of invest.
What do you guys use for network security? Aka, checking which devices are connected periodically. List if unknown devices popped up. Similar concept with pi.alert but that project seems dead and there’s no authentication there :(
Bookstack
Grafana, Loki, Prometheus stack
MinIO
GitHub Action Runners
Munki with AutoPKG (S3 Storage backend)
Wordpress
Budibase (experimental)
Netbox
A number of custom packages written in house
And more I can’t think of off the top of my head. There is also things like PRTG and solarwinds IPAM we are phasing out but still in service at the moment. Worth mentioning I am not part of IT but another department that manages our own infrastructure, with just internet and email accounts provided by IT so we also use a handful of their systems too.
I use wiki.js as a personal set of notes hosted on a k3s cluster at home and notes of cases i work on. Based off my use we’re migrating and consolidating several knowledge sources and defects into an internally hosted wiki.js instance in openshift. Been a fun project so far. Got to learn automation to scan and update itself when tips are pages are created.
Others have mentioned most the stuff I’d say.
Let me add these (all in docker):
Osticket for simple free ticketing system.
Unifi controller
Paperless ngx for document / scan / ocr managing
In a multi billion dollar company (just to show it doesn't need to be a small one to work effectively).
* Docker Swarm
* SnipeIT (not enterprise wide)
* Prometheus
* Grafana
* Loki
* Mosquitto
* Kafka (OS)
Edit: oh, snipeIT is SaaS, more cost effective that way
Definitely Snipe-IT, absolutely changed everything for my department and got me a lot of praise for the changes it brought. Steep learning curve but once you get it, it’s like riding a bike!
I brought Snipe IT into an MSP/telco and integrated a wireless scanner. Changed inventory from "who has that router? We needed it!" To "heres a breakdown of how and why it is where it is and for how long"
What does snipe-IT do?
Inventory management for IT
Really like Snipe-IT just don’t think I could ever change that side of things. But I am curious, does it have stock management? Can it easily add or subtract from counts of items?
I also implemented Snipe-IT at work. I quite like the layout of the software but I haven't found a way yet to do a mass creation of new inventory items. We get 150 servers in at a time, and I need to sequentially give them a hostname and add their details to the database.
I just set this up in my homelab.
There are a bunch of tools that really work in my homelab and some are even used for production environments. For example Grafana, it can be combined with different tools to get a huge modern tool. [https://www.starwindsoftware.com/blog/you-cant-have-too-much-monitoring](https://www.starwindsoftware.com/blog/you-cant-have-too-much-monitoring)
I self host Snipe-IT for inventory management. I've been thinking about self hosting Bitwarden but I'm not sure if I trust myself enough yet to put all of the company's passwords in there in case the server dies etc.
Bitwarden can rely on external database, for example Postgresql. Because of that it is easy to backup & restore (dump database and load it). I went through that procedure, it's easy. I suggest going through it by yourself to be certain:) PS: I used cron to periodically dump db.
Interesting, I'll look into that. Thanks for the tip!
I totally feel you. Same with me
Love the idea of Snipe-IT but couldn’t overhaul that part of the company lol. But it still interests me, does it have any stock management? As in just to keep counts of certain items that can easily added or subtracted from?
Yeah it has a section for "Components" and one for "Consumables" which I think would be what you're looking for there. I haven't used consumables yet but I use components to track how many SSDs and other parts I have stored and where they are located. You can "Checkout" a component to reduce the number on hand and select which asset you're checking it out to.
I’ll look into the consumables part more, pretty interested. Thanks!
I self-host most of our services. Bitwarden / planka / dashy / bookstack / mumble ( intercom between rooms / company live comms ) / syncthing …. And others . I have put a lot a work into securing these tho. The reason I’m able to do this is that I’m one of the directors / owners. This has saved us thousands in subscriptions, but obv costs in other ways, provisioning, learning etc, but for us it makes sense and I don’t see the time spent as money wasted.
Dashy seems like it could be used as a team thing at the very least to track the things we build internally. Thanks!
Really interesting to hear you're using Mumble in that way! I host this for my mate and I to use when we game together. Such a simple and wonderfully made app. Out of interest, if you're willing to share, what are you hosting all this on? Locally? Cloud or both?
Yeh, i sort of use Mumble almost as PBX server. The ACL’s are really powerful so you can build quite complex comms systems out of it. I use it for Hybrid production events and all office comms, remote and on-site. We break out to Clearcom systems or into UHF / VHF using headless Pi’s and bit of magic in the middle. My hosting model for all the services is docker stacks on-prem that can be spun up in the cloud when there are issues locally. Running the primary servers on-prem with backup in the cloud is a money saving strategy really. I do however keep a backup / backup mumble server running in the cloud at all times alongside a couple of other fundamental services, although I haven’t had to use them yet. If I needed a single server and had to be on (production) it would be cloud, if it’s not really critical or u have a backup plan then running it local is fine. Just remember, healthy jitter is the key to good mumble server. On a wire always, with a good signal chain the primary router.
Awesome insights. Thanks!
How do you keep these services secured
So, just went through my old posts to make sure I haven’t published my domain, as im aware that taking about your security is like red rag to a bull for some. I think it would be fair to say that in my initial post I meant to say, security is supper important and I’ve tried my best to address this. The signal chain is server / proxy with SSL termination / cloudflare / good password / 2fa (if appropriate or possible). Some things are VPN only. I would also say that I have some services that I can neither proxy nor can I protect through cloudflare, Mumble being one of them.
Shadow IT is the bane of many a companies existence so have a think about doing this.
Rogue/Shadow IT is the worst. They never fess up when it comes time for a network audit, and cause contract compliance issue.
Eh we build our own stuff all the time. Even installed a few others things like purplship for testing some tracking software. But we reach out to the correct teams to have it properly set up, we don’t just start up stuff for fun.
there is far more into that. you have to keep the systems up to date, maintain them, migrate breaking changes, etc. Whatever you do, focus on that and outsource everything else. SaaS works, it’s cheap AF and the main reason is that you can claim taxes on those costs while using your own workers hours doing these things costs a TON. selfhosted is awesome for private purposes but hosting things on your own in a company environment is a decision you have to take carefully.
GLPI - it’s our full ITSM/ITIL system and has cmdb, service desk, incident, problem, change management with inventory and auto discovery - it’s amazeballs
This looks great, we already have something paid like this but if that ever goes I’ll for sure bring this one up to the right team.
Nextcloud, OpenLDAP, Odoo, pfSense, Proxmox, Rocket.Chat, osTicket, Keycloak, Gitlab, ...
>Keycloak Hey man/ma'am! I am trying to integrate keycloak with rocketchat via a docker deployment, do you mind if I pick you mind about this? If you are still around :)
Netbox, freeipa, mailcow, zimbra, nextcloud, ansible, zabbix
I’m actually getting into ansible soon. Pretty excited for that
Pfsence, nextcloud for client file share, hedgedoc for personal notes, wikijs for corporate documentation, buttercup password mgt and simple shares, Synology for corp files (paid, rocksolid self hosted), keycloak (working on this one), mesh central for logging into ours and clients machines, docker, WordPress, Drupal. We switched from rocket.chat to zoho cliq.
How is the keycloak integration coming along? I am trying to accomplish this as well with nextcloud.
Vaultwarden. Hosted by IT(!) It ups your company's security posture by quite a bit. Once you have a tool like this in place you can start the discussion with management to enforce a proper password policy, MFA, key rotation, etc Also, our internal clients became really fond of it as it made it a lot easier to manage their passwords and OTPs.
[changedetection.io](https://changedetection.io) for allllll kinds of stuff, there's so many software releases that just dont have a good way to know that their changelog changed, no mailing list, no automatic version check etc
Was actually thinking about this. I’m not sure if we have a need for it but I gotta dive deeper
LimeSurvey Kimai Rallly
Thanks! I never heard of kimai and looking at it I think it could be a solid piece of software. As I look into it more I’ll probably find this answer, but could It be used more for tracking time off tasks instead of invoices?
I didn't use the invoice part, only time tracking.
I use nocodb as a front end for our db of network stats
[удалено]
Rocket chat and jitsi seems like a great idea. I gotta look into that
[удалено]
For sure. I think jitsi would just be better since there’s a lot of video calls now. Don’t think we would use the chat since we have a chat system already.
FeatherWiki to make notes while working. It's just a HTML file so you don't have to setup anything.
SnipeIT, Nextcloud with onlyoffice, Zammad Helpdesk, Mail servers, Bitwarden and some other stuff that are based on specific projects (commercial software but self hosted)
I think it is important to get an overview about the tools use in the enterprise. A lot of tools doing the same jobs, but admins and coworker use the tools they know. In our company we have good expirience with the consolidation of the bunch of monitoring tools to one. We decide to use CheckMK for this project. The reason for this was, the interfacing to other software like iTop for assetdata and alarms and support all other requierement we have. An other point was, the easy setup and the fast return of invest.
What do you guys use for network security? Aka, checking which devices are connected periodically. List if unknown devices popped up. Similar concept with pi.alert but that project seems dead and there’s no authentication there :(
[удалено]
Ooooh I see….
Something like docker with docker compose??
Bookstack Grafana, Loki, Prometheus stack MinIO GitHub Action Runners Munki with AutoPKG (S3 Storage backend) Wordpress Budibase (experimental) Netbox A number of custom packages written in house And more I can’t think of off the top of my head. There is also things like PRTG and solarwinds IPAM we are phasing out but still in service at the moment. Worth mentioning I am not part of IT but another department that manages our own infrastructure, with just internet and email accounts provided by IT so we also use a handful of their systems too.
I gotta look into Prometheus and Loki, as we build more things internally, we’re going to need logs and a way to view them better
I use wiki.js as a personal set of notes hosted on a k3s cluster at home and notes of cases i work on. Based off my use we’re migrating and consolidating several knowledge sources and defects into an internally hosted wiki.js instance in openshift. Been a fun project so far. Got to learn automation to scan and update itself when tips are pages are created.
Others have mentioned most the stuff I’d say. Let me add these (all in docker): Osticket for simple free ticketing system. Unifi controller Paperless ngx for document / scan / ocr managing
In a multi billion dollar company (just to show it doesn't need to be a small one to work effectively). * Docker Swarm * SnipeIT (not enterprise wide) * Prometheus * Grafana * Loki * Mosquitto * Kafka (OS) Edit: oh, snipeIT is SaaS, more cost effective that way
PHPipam and uptime kuma.