These tools support the day-to-day all-remote operations of all our teams. These should be kept always running as disruptions will slow the work of other teams.
Vendor-managed Services
As these services are hosted by cloud vendors, they’re maintenance-free. Our job is to configure security, billing, and align these services with our business objectives.
| Purpose | Vendor/Plan | Cluster/Service Names | Notes |
|---|---|---|---|
| Customer Authentication (OpenID Connect) | Migrating to FusionAuth from Firebase Auth | FusionAuth: Lovia (application) Firebase: heartenly-prd | Commercial: Google Cloud Identity Platform (upgrade to Firebase, $0.0055/MAU beyond 50,000 MAU + Firebase SAML $0.015/MAU). Firebase/Google Cloud Identity Platform can only use (not act as) an external SAML Identity Provider: Single Sign On (SSO) for your Firebase app with SAML. |
| π OpenID Connect Identity Provider | FusionAuth | login.lovia.life | Commercial: Auth0 External ($23/1,000 MAU = $0.023/MAU), Auth0 Internal ($200/100 employees/mo), AWS Cognito, Azure, JumpCloud ($5-$10/u/mo) OneLogin ($50+/mo for 25 users), Okta. Open source/core: Gluu, Keycloak, ORY Hydra, FusionAuth, FusionIAM/LemonLDAP::NG. Due to vast pricing difference (and access patterns) of workforce vs. customer security products, we decided to separate the identity platforms of workforce/SAML (ORY/Gluu/Keycloak) vs customers (Firebase). FusionIAM (includes LemonLDAP::NG). OpenAM no longer supported by ForgeRock. ORY doesn’t support SAML yet. For tools who need to support both identities (e.g. Lovia Chat), there are several alternatives: 1. Just use Firebase (may need custom development); 2. Configure Inbound SAML; 3. Support multiple authentication methods (like Rocket.Chat): probably the most practical. Note: Rocket.chat supports multiple OAuth IdP’s.  Gluu vs Keycloak: Gluu’s take, Gluu’s take again, OpenAppStack blog, bmaupin, FusionAuth’s take, Danny Varner’s take (TLDR: Auth0 wins but pricier, AWS Cognito is OK, Azure+Google no go for OIDC) FusionAuth (free license available for unlimited users, $75+/mo for 2 vCPU β 4GB RAM without user limit): FusionAuth vs AWS Cognito. Clients: DataStax, IBM, Deutsche Bank, Roche. About SAML: OpenID Connect should be preferred than SAML, due to ubiquity (ORY, AWS Cognito) π Configure Rocket.Chat to use Keycloak OpenID Connect π Security Practices π Serverless Secrets Management (AWS KMS, AWS Parameter Store) – serverless-secret-baker |
| β Email for Key Employees π General Documents π Calendar/Events | G Suite Free/Basic | @lovia.life (a.k.a. @miluv.app, @satukancinta.com, @heartenly.com) @soluvas.com | Google Mail + Calendar + Drive + Docs + Sheets + Slides + Forms. π Easy to use π Integrates with desktop & mobile Only key employees use G Suite, other users are shared G Suite folders/files using @team.lovia.life accounts. Basic plan: $6/user/mo (monthly) Pricing is not cost-effective with many users Google Account Personal: π Free for unlimited users π Limited storage, team members don’t want to use their own storage π Limited access control |
| β General Task List | Notion | Trello: π Easy to use π High quality app for all platforms π Private boards π Free features are generous π Custom webhooks π More powerups are paid π No private tickets in Free plan Alternatives: Notion ($8/user/mo, but SAML requires enterprise $20/user/mo), GitLab.com Issues, GitLab CE, Restya (open core OSL/PHP, premium addons), Taiga ($60/u/yr or AGPL/Python+PostgreSQL+RabbitMQ, used by Red Hat, HP), On Notion vs Coda vs Airtable: βI created an account with Coda and Airtable but they turned out not to be the kind of apps I was looking for. They were too complicated and I was worried people in my company would have not been able to use them. Notion instead was super simple to use.β Tip: May use Cloudron ($30/mo) to install Taiga | |
| π² Finance | Zoho Books | Lovia | Basic plan: $90/org/year |
| Xendit | Heartenly | Transaction fee | |
| β Email | Yandex.Connect | @team.lovia.life | π Ad-supported up to 1,000 users π Android/iOS apps π Less user friendly than G Suite π Less integration/support regarding e.g. authentication, security control, 3rd party apps |
Self-hosted Services
| Purpose | Software/License | Cluster/Service Names | Notes |
|---|---|---|---|
| π₯ Employee Portal, Knowledge Management | WordPress + BuddyPress + miniOrange Firebase plugin | about.lovia.life | π Dogfooding+experience with WordPress that we provide Soluvas Chat plugin π Polylang plugin support (Hendy think this plugin is not needed, just use English by default and create Indonesian pages for those who really need it) π Customizable with free, paid, and custom plugins π Some parts can be publicized, not just private (e.g. https://about.gitlab.com/handbook/) π Support versions if you want π Easy to edit with Gutenberg editor or Elementor π Can customize Gutenberg/Elementor blocks, a plus compared to Markdown (used by GitLab’s Web IDE), e.g. embed Camunda-compatible BPMN file or refer directly to live Camunda workflow (note: Gutenberg is good enough by default, Elementor for harder core ones) π Can create hierarchical content with table of contents π Easier to create tables/rich content π Potential dogfooding BuddyPress that we use at Lovia? (note: Lovia may use Soluvas instead to build BuddyPress core functionalities, since not all of BuddyPress is needed) π Need to maintain (lesser with WordOps+Lightsail+UpdraftPlus) π How to Create and Intranet for Small Businesses with WordPress [WPBeginner] Alternatives: Frappe, ERPNext, Alfresco |
| π¬ Chat | Rocket.Chat βMIT | chat.lovia.life | π SAML authentication |
| β General Workflow | Camunda | camunda.lovia.life | π Unlimited workflows and users π Migration path to Zeebe π Battle-tested π Permissive open source (Apache) π More technical than, say, ProcessStreet, Kissflow, etc. π Needs maintenance β³ Needs integration with WordPress Intranet / WPForms Alternatives: Joget DX & Workflow, Zeebe, n8n, Bonita, Activiti (note: Camunda was Activiti!), Bizagi, ProcessStreet, Flokzu, jBPM, UiPath ($4000+/user/yr), Automation Anywhere |
| π©βπ» Low-Code Application Platform | Soluvas | soluvas.lovia.life | π Extreme dogfooding π Still in development Alternatives: Joget DX & Workflow, Appsheet, Airtable ($12/user/mo) |
Blueprints
Integrations
| Integration | Project |
|---|---|
Appendix: Other Tools to Consider
| Purpose | Software/License | Cluster/Service Names | Notes |
|---|---|---|---|
| π¬ Chat | Discord | Lovia | π Easy to use π High-quality clients for web, desktop, mobile π No maintenance π Unlimited users π API & bot integrations π Both public (i.e. open source) and private channels π Channels (unlike WhatsApp/Telegram) π Voice & video call, Live streaming π Not dog-fooding Soluvas Live Chat product Alternatives: WhatsApp, Telegram, Slack |
| β General Workflow | Joget | π More user-friendly than Camunda π Open source but viral copyleft (GPL) | |
| β Email (forwarder + SMTP) | G Suite AWS SES (N. Virginia) | @lovia.life @miluv.app @soluvas.com | To provide @lovia.life / @miluv.app / @soluvas.com email addresses to non-G Suite users: 1. Setup forwarder in G Suite to their personal gmails 2. Create AWS SES users (N. Virginia) for each of them 3. Configure personal gmails to send using company email with SMTP π Some people don’t want to use personal email for work email π Setting up forwarder with proper SMTP is cumbersome (but manageable) |
| π Team Password Management (Vault) | HashiCorp Vault + raft + OIDC to ORY Hydra | pass.lovia.life | Alternatives: HashiCorp Vault, Passbolt CE (open-source, self-hosted), Bitwarden Teams ($60/yr for 5 users) Bitwarden Enterprise ($36/u/yr), Thycotic Secret Server Bitwarden: Requires SQL Server 2017 (AWS Singapore t3.small: $319+/yr or $0.062+/hr, AWS N.Virginia t3.small: $227+/yr or $0.044+/hr) |
| π€Ό Human Resource Information System + Payroll | ERPNext | Both Sentrifugo and ERPNext are open source. Sentrifugo has been described as “futuristic”, but lacks payroll module and responsive support. ERPNext has Human Resources module, and may integrate with other parts better (accounting, taxes, etc.) Since ERPNext/Frappe is a general purpose open source framework it is customizable and can be used for dogfooding potential future product offer (since it’s highly relevant to Lovia Jobs). An alternative is both Sentrifugo (for its extensive modules) plus ERPNext (without the HR module). Currently Hendy is leaning towards ERPNext, as the additional Sentrifugo’s niceties do not offset ERPNext’s overall benefits. Also, we have a history of ERPNext/Frappe contribution. Alternative: OpenHRMS (based on Odoo) Using SaaS like Freshteam/Zoho People/Workday/BambooHR/OrangeHRM seems to be not cost-effective due to potential number of our contractors & internships. | |
| Email Marketing | Mailtrain + ZoneMTA | π MJML templates support with GrapesJS π ZoneMTA support (claimed 500K messages/day) so we save on SES costs π GPL license π Mailtrain seems seldom maintained |