Use open-source where it improves EyeLogs without creating legal, privacy, or maintenance traps.
EyeLogs can use proven open-source building blocks for interface quality, documentation,
monitoring, analytics, support, and internal automation. Anything that stores customer data,
moves data between systems, handles identity, or runs as a backend must be self-hosted,
reviewed, backed up, and maintained before it becomes part of a client rollout.
Adoption rule
What we can use now, later, and not yet.
Use nowStatic frontend assetsTailwind CSS, shadcn/ui patterns, Tabler UI/icons, Docusaurus-style docs, AdminLTE dashboard references, and local-only diagram components can improve UI without adding live data processors.Use with controlsSelf-hosted operations toolsUmami, Uptime Kuma, PocketBase, Hoppscotch, Excalidraw collaboration, Chatwoot, Activepieces, and Node-RED need approved hosting, access rules, backups, updates, retention, and privacy notice.Avoid for nowHeavy customer-data systemsInvoicePlane, Appwrite, Keycloak, Authelia, BookStack, Jitsi Meet, and Helpy are not blocked forever, but they add operational burden before EyeLogs has dedicated owners for patches, security, and data governance.
Approved immediate improvements
GitHub and Vercel friendly, no hidden network calls.
UITailwind/shadcn/Tabler design languageUse their patterns to make EyeLogs pages, forms, dashboards, badges, empty states, and product cards more consistent. Implement as local CSS/HTML so no runtime dependency or external script is required.DocsDocusaurus-style help centerAdd static buyer docs, onboarding checklists, product guides, support promises, and security posture pages. Deploy through GitHub and Vercel without a server.Finance UIInvoice generator patternsUse invoice UI ideas only inside LedgerWise after license review. Do not copy payment processing, tax claims, or customer data storage without backend ownership.DiagramsLocal architecture diagramsUse diagram/whiteboard ideas for implementation maps and client workflows, with collaboration disabled unless a secure backend is configured.
Railway/self-host path
Useful tools after an owner is assigned.
Umami analyticsUse only after consent and privacy wording are ready. Host the database and app under EyeLogs control. Track product interest, dead clicks, and consultation flow completion, not private workspace data.Uptime Kuma statusUse for public status and API monitoring once alert owners and incident wording are defined. Status should show service health without exposing internal diagnostics.PocketBase for low-risk prototypesGood for lead capture, docs, small internal tools, or demo data. Avoid HR payroll, finance records, and regulated evidence until tenant isolation, backup, and access reviews are complete.Chatwoot support inboxUseful for support only after transcript retention, agent access, customer notices, backups, and update ownership are approved.Hoppscotch API workspaceUse internally for API testing with local/self-hosted configuration. Do not place customer tokens or production secrets into third-party workspaces.Activepieces or Node-REDUse for internal automation only after secrets handling, connector review, logging, and no-silent-data-transfer rules are documented.
Safety checklist
Every open-source component must pass this before client use.
License allowedPrefer MIT, BSD, or Apache-2.0. Keep required notices and do not claim the original project as our own product.
No hidden data transferNo telemetry, widget, CDN, analytics, support chat, or automation connector is enabled without privacy wording and opt-in controls.
Self-hosted where data existsCustomer data, documents, HR records, finance data, support transcripts, and analytics events stay inside EyeLogs-controlled hosting.
Maintenance owner assignedBackend tools need patch cadence, backups, restore test, monitoring, secrets rotation, and incident owner before go-live.
Public claims stay honestOpen-source tools improve implementation quality; they do not create instant compliance certification, payroll authority, tax filing authority, or enterprise SSO readiness.
Recommended next move
Improve the public site with static UI/docs first, then add self-hosted ops tools only after the controls are ready.
That gives EyeLogs a better buyer experience now while keeping future Railway/Vercel/GitHub deployments secure, cheap, and maintainable.