Building a fully FOSS environment – then and now
June 17, 2025
This post is about a few years too late. TLDR: I built a fully FOSS environment for an international non-profit. This post lays out what setup I chose then, and what I would choose now.
Background 7 years ago I worked at an international, feminist non-profit in Amsterdam, that wanted to use only ethical IT. They did not want to use any Big Tech, but instead wanted (free) open source IT, just like what the human rights activists that they funded were using. I had the exciting privilege of building this environment.
When I started our FOSS adventure I promised I would document our every step. Which I did for a while, on Fosstodon. But I never got around to writing about it in depth. So here we finally go: all the FOSS I chose back then and what I would choose now for a 100 user international organisation. Do keep in mind that I barely remember what I had for breakfast, let alone what I installed 7 years ago, but I’ll do my best.
What we had then The servers were second-hand HP (or maybe Dell?), managed through KVM and libvirt, with Ansible handling configuration of our linux VM’s. I honestly can’t recall what we used for storage. We used FreeIPA as our LDAP server and Apache Ipsilon for SSO. For email, we ran Zimbra, with Rocket.Chat as our chat application and Jitsi for video calls. Nextcloud + Collabora took care of file storage and online editing, with a cron job that synced our local drives. Zammad was fairly successful as a helpdesk tool, additionally we used Wiki.js for our knowledge base. Users were surprisingly okay with our Linux Mint desktops (considering these were non-technical users). And of course we used LibreOffice as our office suite. I don’t remember what we recommended in terms of mobile apps for email and calendars, but I do remember it was a hassle. We used LimeSurvey to frequently evaluate how our users were doing.
We still had a few Windows workstations for our financial application, some legacy software, and the occasional bloated MS Excel sheet full of macros that kept the whole org running. Our poor marketing lady couldn’t handle working with GIMP, so her iMac with Photoshop was returned to her at some point. And we still used Salesforce as our CRM. We maintained everything ourselves, in-house, with a 2 person IT team and a lot of duct tape.
But did it work? I mean, it did, sort of. When everything worked it was great. But when we had technical issues, they were hard to solve. There was no enterprise support, at best someone on a forum would respond a few weeks later. We would basically tinker until something was fixed. Funny enough, the biggest challenge wasn’t general tech support or user training. Despite everything looking different, these users were incredibly supportive and motivated to use our FOSS environment.
The biggest issue was file compatibility between MS Office and LibreOffice – especially with complex formatting, macros, or collaborative editing. There were a few times where files were corrupted to the point of losing days of work, which as you can imagine, was incredibly demotivating. This is in no way LibreOffice’s fault; LibreOffice does an admirable job reverse-engineering compatibility, but due to Microsoft’s efforts it will never be perfect.
This was when we started to see shadow IT and work-arounds; people quietly using Google Drive or MS office on their personal laptops. It wasn’t malicious; they just wanted to get their work done without worrying whether the formatting would explode before a big deadline. That’s when we realized that idealism alone unfortunately doesn’t keep a system running.
What I would choose now Guess what. In the year 2025, I would strongly recommend against self-hosting. There’s no way that a small IT dept has the resources to keep everything as secure and affordable as the average SaaS provider. So for Pete sake, choose a few SaaS apps, combined with Linux Mint on local workstations and laptops, OR choose an ethical hosting provider to host your apps. Also, migrate incrementally, DO NOT try to replace everything at once.
But, if I had to do it again? This is what I would go with:
For the infrastructure base, I’d use Proxmox as our virtualization layer and Linux VM’s on top. It’s stable, easy to manage, and supports containerization. I don’t have any specific recommendations for a shared file server, it’s been a while since I looked into that (open to suggestions!). I liked FreeIPA as our identity manager. Maybe I’d replace Ipsilon with Keycloack, but that might actually be overkill.
Moving on to apps. For files I’d start again with Nextcloud. It’s like the Swiss army knife of FOSS collaboration. Plus it’s a well-supported product, both by a company and FOSS community. I’d add Collabora for web-based document editing so people can work on files together without downloading and versioning issues.
Email? Honestly, it’s the worst thing to run yourself. Not because of all the constant battles to have your emails delivered – because of the groupware aspect of it. Having integrated calendar support, and advanced meeting planning functionality etc. That was the biggest frustration with Zimbra. Our office admin practically camped next to my desk. So if you must host your own mailserver, go with something that integrates well with Nextcloud’s groupware, like Dovecot Pro or Stalwart (per Nextcloud’s own recommendation). Mailcow might work too. I haven’t tried Nextcloud’s email front-end in a while, this I’d have to test.
For chat, I’d recommend Mattermost. It’s intuitive for users, easier to manage than Matrix, and has an integration with Nextcloud. Video calls? I’d still recommend Jitsi for everyday calls, and maybe BigBlueButton if you're doing workshops or trainings and need more features like breakout rooms or whiteboards. I was also quite happy with Zammad as a helpdesk tool. I believe Nextcloud offers a few collaboration tools, like Kanban boards. If more is necessary, I can recommend OpenProject as a project management tool. It supports both waterfall and Agile ways of working. I’d also still use wiki.js for our knowledge base and Limesurvey as our survey tool. If our CRM hadn’t been deeply captured by Salesforce, I would have happily traded it in for Odoo.
I’m sure I’m forgetting loads of things, but these are the basics. To summarize, here’s the setup I’d choose:
- Proxmox – for virtualization
- FreeIPA + Ipsilon/Keycloak – for user logins and SSO
- Nextcloud – for files, calendar, and as an email UI
- Collabora – for online document editing
- Mailcow / Dovecot Pro / Stalwart – as the email back-end
- Mattermost – for chat and motivational gifs
- Jitsi – for everyday video calls
- BigBlueButton – for workshops or trainings (with features like breakout rooms and whiteboards)
- Zammad – for helpdesk/ticketing
- OpenProject – for project management (supports both Agile and waterfall)
- Wiki.js – for the internal knowledge base
- LimeSurvey – for user surveys
- Odoo – CRM and ERP
- Linux Mint <3 – on desktops and laptops
Final thoughts If you're thinking about going the full FOSS route for your organization in 2025, my advice is this:
- Start small. Replace one tool at a time, not everything in one go.
- Train your users. And then train them again. And again.
- Write documentation. You will need it later.
- Have good backups. Have a disaster recovery strategy.
- Be realistic. Parts of this adventure will make you cry.
- Choose hosted FOSS services when you can. There are plenty of great ethical providers out there now. You don’t have to run your own servers to support FOSS.
Again, it’s a lot of work to maintain and I’m not sure if it’s worth the inevitable mental breakdown, but it’s certainly doable. But only with the right amount of preparation.
Do you or have you used FOSS in a professional setting? I’d love to hear about it on Mastodon! Thanks for reading <3