Suggestions for self-hosted online petition creator application
from yodeljunkmanenvy@piefed.social to selfhosted@lemmy.world on 25 Jan 23:35
https://piefed.social/c/selfhosted/p/1702632/suggestions-for-online-petitions
from yodeljunkmanenvy@piefed.social to selfhosted@lemmy.world on 25 Jan 23:35
https://piefed.social/c/selfhosted/p/1702632/suggestions-for-online-petitions
I want to create an online petition that collects info from people who sign it and then sends an email from them to email account/accounts that I designate. Can anyone suggest one?
I have a homelab running docker, so preferably running via Docker Compose.
Thanks!
threaded - newest
I don’t know of one, just want to warn you that you’ll likely be collecting personal identifying information (PII), which requires careful storage and protection. You may want to seek some legal advice before going down this road.
The only dockerized one that I know of is Petition-Engine, however, after 11 years, I’d say it’s time to poke it with a fork. I’ll tell you quite honestly, I would use any number of petition services on the internet and place a link on your site vs running it yourself for reasons @CameronDev@programming.dev @programming.dev mentioned. You could use a link, or some type of iframe.
Another option I considered is a form to mail script. I thought that this is a common use case and something would already exist, haha.
I’m not okay with a self hosted personal information collection aggregation. Do petitions even fucking work? If yes, please direct me to the last latest one that was successful.
All apps collect some information. Piefed requires your email to sign up.
I don’t want the free petition websites online getting my personal network’s info and sharing or selling it, hence the interest in self hosting.
But aliases exist.
Ok, but by the same token I would not sign a serious, selfhosted, petition entering pii. I don’t know what you’re doing with my information. You could be sharing it or selling it even.
I promise I’m not shitting on your project. It just makes me very uncomfortable. Data protection regulations aren’t something to dismiss offhand.
So either you’re creating a petition with a size of exactly “1” or you’re asking other people to trust YOU with their personal info instead, or you’re asking for a federated solution (extremely difficult to establish a verifiable web of trust framework, and STILL shares your “personal network’s info” whenever it federates or validates its data to dozens of other servers).
None of these scenarios are viable for creating a petition that anyone is going to take seriously (to the extent that anyone takes petitions seriously at all)
I did not expect all of this debate over a software recommendation, haha.
For your information, petitions can be quite effective at the local level. The problem is, if you sign a petition on Change.org or something like that, they start bombarding you with emails to sign other similar petitions (kind of like the recommendation algorithms on sites like Youtube or Facebook).
People who sign these things know full well what they are doing. Advocacy is not anonymous. I am guess the folks giving me grief about asking for a petition tool won’t sign them, and that’s fine. I just don’t see why there is so much hate.
FYI: tl;Dr version: there is a very good reason why System administration and integration is a 3 year long education, and trust me, from what I’ve seen you don’t meet that criteria.
::: spoiler FYI: Long version. (Btw, I’m not working in the field, but I’m planning to, so please correct any misconceptions)
The GDPR Exists, data protection laws exist, and it is your duty to inform other of what you are doing with that info, not the users. Premade docker images are shit for security, they are almost every time based on an old Version and such are vulnerable to Hacks like the SQL CVE just some Weeks ago. Your data will get leaked, your users data will get leaked, and you will be liable to all damage. If you want an alternative to the usual petition sites, you will also need to implement a working bot protection, trolls, etc, of which cloudflare or other CDNs will only do a fraction of. Your homelab needs to have a good uptime, regular sec updates, and competent security. Your own network will get ddosed as a result of the traffic, if you don’t have a good network plan. All of those are just a few things you have to think about when publishing to the internet, and which you apparently just don’t have the knowledge to do.
Okay buddy, you are way overthinking this. I’m not trying to create the next change.org here. The scope of this is a petition to put a stop sign on main street and get maybe 50 people to sign on.
I could always use a Google Form or a Wordpress plugin for this, I thought there might be a more private way to go about it.
Cryptpad.fr
If it’s that local of an issue, why not just go around with a clipboard and piece of paper and talk to your neighbours about it? Modern technology isn’t always the solution, sometimes the tried and true methods are still valid for a reason.
I am very politically active. I do calling campaigns, protest, vote, march, et al. I don’t think the majority of people here are giving you grief about advocacy. Scanning back through the thread, I get the impression that what people are trying to get you to understand is that personally identifiable information is not something you take lightly.
I received a letter the other week telling me that a medical firm that houses my data, was breached. The hackers potentially got SSN, names, addresses, and a fist full of other data. They are offering me free life time credit scanning security services in a bid not to be sued in court by hundreds of thousands of people en masse. This is a multi billion dollar corporation, not some selfhosted mini server running fail2ban. So there are serious ramifications when it comes to personal data being leaked, and if it happens on your server, you are liable.
That is not how petitions work.
If anything, you need to know the Form for your specific country through which you can actually submit the Petition, for example in the EU its their official site
Going on about EU, you also need their passport info and such in order to be a verifiable vote, and for that you will need a gdpr compliant Server, which you will probably not manage to do without at least 10k in Audits alone
That totally depends which institution you want to petition!? Like, how do I officially petition my neighbourhood council? Or how do I petition my boy scout association for something?
There are many cases where it’s just “I and those 50 people want something from a very local instance of something”.
Hell, it could be, that I want to ask my local grocer to list a specific sort of pepper and show them, that he would have more customers than just me, so it’s worth his while.
I wouldn’t want to input my personal data on the self-hosted website of some random person.
Also, frequently there are official petition websites for national and European bodies, predominantly parliaments, that will actually force parliaments to discuss the issue instead of just screaming into the void.