• @Jimbabwe
    link
    English
    8010 months ago

    I thought I’d give this a shot, but the metrics/data collection flag was turned on by default and when I added a command to my docker-compose to turn them off, it was ignored. Then, I created an account and looked for a way to turn them off in the settings and there was none. You expect people interested in self-hosting OSS to be cool with sending data out of their network every time the server is started, a memo is created, a comment is created, a webhook is dispatched, a resource or a user is created?! Also, the metrics are collected by a 3rd party with their own ToS that could change at any time?

    Holy hell, hard pass. I’d rather use a piece of paper.

    • @[email protected]
      link
      fedilink
      English
      1210 months ago

      Saved me the effort, thanks. Although, couldn’t you just block the container from talking outside your network? I can’t see why I’d need a memo app (server) to have access to the internet.

          • Midnight Wolf
            link
            English
            310 months ago

            I’d rather it be an initial setup question and/or at least a UI toggle in the settings, yeah

            • Norah - She/They
              link
              fedilink
              English
              410 months ago

              That’s not good enough in my opinion, it should be opt in, not opt out. They’re marketing it on their site as being more secure because you can self-host. It all just seems really skeevy.

      • @Jimbabwe
        link
        English
        410 months ago

        Yeah, I’d assumed it would respect the —metric=false flag when building with docker run, but docker-compose is ostensibly supported and easier to work with. I was able to successfully change other configuration options (such as setting the db to use MySQL instead of the default SQLite) using the docker-compose ‘command’ block, but the metric flag specifically was ignored. It’s entirely possible that this is a bug and not an intentional attempt to hoover up user data. Either way, data collection should be opt-in by default (by law, imo).

        • Midnight Wolf
          link
          English
          26 months ago

          Ah - I actually moved away from Memos (I just wasn’t using it and it was taking resources for no benefit) so I can’t actually directly help, buuuuuut I want to be optimistic and assume that the ‘feature’ was removed given the page 404ing.

          You could use something like NextDNS (or any other DNS solutions that offer logging, I just use ND on my network), set up as the server’s DNS provider, and see if the domain (above) shows up in the logs after a couple days. Though if you’re running other software alongside it, then it might not be from Memos, which can lead you down a ‘disable, wait, check, repeat’ rabbit hole. But that’s how I would do it, myself.

          Sorry I don’t have a quick and easy solution for you :(

  • @namelivia
    link
    English
    110 months ago

    Nice! But I’m currently using Obsidian for note taking

    • Midnight Wolf
      link
      English
      210 months ago

      “public” to registered users, it seems (but by default, memos are private; and the ability to set them as publicly can be disabled by the admin)