I thought I’d give this a shot, but the metrics/data collection flag was turned on by default and when I added a command to my docker-compose to turn them off, it was ignored. Then, I created an account and looked for a way to turn them off in the settings and there was none. You expect people interested in self-hosting OSS to be cool with sending data out of their network every time the server is started, a memo is created, a comment is created, a webhook is dispatched, a resource or a user is created?! Also, the metrics are collected by a 3rd party with their own ToS that could change at any time?
Holy hell, hard pass. I’d rather use a piece of paper.
Saved me the effort, thanks. Although, couldn’t you just block the container from talking outside your network? I can’t see why I’d need a memo app (server) to have access to the internet.
That’s not good enough in my opinion, it should be opt in, not opt out. They’re marketing it on their site as being more secure because you can self-host. It all just seems really skeevy.
It would appear that blocking app.posthog.com on the host/network resolves this. But I got the parameter to work, too, as per https://www.usememos.com/docs/advanced-settings/metrics use '--metric=false' and bam, no DNS queries!
Yeah, I’d assumed it would respect the —metric=false flag when building with docker run, but docker-compose is ostensibly supported and easier to work with. I was able to successfully change other configuration options (such as setting the db to use MySQL instead of the default SQLite) using the docker-compose ‘command’ block, but the metric flag specifically was ignored. It’s entirely possible that this is a bug and not an intentional attempt to hoover up user data. Either way, data collection should be opt-in by default (by law, imo).
I thought I’d give this a shot, but the metrics/data collection flag was turned on by default and when I added a command to my docker-compose to turn them off, it was ignored. Then, I created an account and looked for a way to turn them off in the settings and there was none. You expect people interested in self-hosting OSS to be cool with sending data out of their network every time the server is started, a memo is created, a comment is created, a webhook is dispatched, a resource or a user is created?! Also, the metrics are collected by a 3rd party with their own ToS that could change at any time?
Holy hell, hard pass. I’d rather use a piece of paper.
Saved me the effort, thanks. Although, couldn’t you just block the container from talking outside your network? I can’t see why I’d need a memo app (server) to have access to the internet.
See my adjacent comment
Ah, nice one. Still, a bit annoying that it’s opt out, rather than opt in.
I’d rather it be an initial setup question and/or at least a UI toggle in the settings, yeah
That’s not good enough in my opinion, it should be opt in, not opt out. They’re marketing it on their site as being more secure because you can self-host. It all just seems really skeevy.
It would appear that blocking
app.posthog.com
on the host/network resolves this. But I got the parameter to work, too, as per https://www.usememos.com/docs/advanced-settings/metrics use'--metric=false'
and bam, no DNS queries!Yeah, I’d assumed it would respect the —metric=false flag when building with docker run, but docker-compose is ostensibly supported and easier to work with. I was able to successfully change other configuration options (such as setting the db to use MySQL instead of the default SQLite) using the docker-compose ‘command’ block, but the metric flag specifically was ignored. It’s entirely possible that this is a bug and not an intentional attempt to hoover up user data. Either way, data collection should be opt-in by default (by law, imo).