Thanks to everyone for suggestions and ideas. My comments on some of the suggestions, in more or less chronological order:
> I would recommend something like Magento Magento is total overkill -- this is not an e-commerce site and the additional exposed attack surface is horrendous. > https://www.locomotivecms.com/ Worth looking into, at first glance. Thanks! > https://redaxo.org I guess it's ok, but the site is entirely in German, und mein Deutsch ist nicht gut. My staff's German is non-existent. About Drupal: > every major version of drupal is a pain. They generally don't have any > kind of same migration plan from version to version. Especially the user > interface, which changed a lot, so you're often better off reimporting > your data and starting the menu design from scratch This is a serious negative for me. Also that it's PHP-based -- I know PHP has gotten better, but there's been just too many potential problems in PHP for me to really feel good about it. > So, the suggestion is.. to just start setting up an OpenBSD web stack. > You are going to make good progress, just better compared to other OS. Actually, I can spin up OpenBSD pretty easily for myself, either in VirtualBox or vmm, but the point is to make it sustainable by my staff, who just don't have the technical skills to sysadmin OpenBSD or another unix variant, for that matter. The choice of a CMS is almost orthogonal to the choice of the underlying OS, since they're all pretty much built on common web programming languages (PHP, Python, Ruby, etc.) and databases (MySQL/MariaDB, Postgresql), all of which run on a variety of server OS platforms. > erpnext.com is the most featurefull free erp I have found, including cms. > may take a little work to port to OpenBSD and unfortunately uses nodejs Ugh, again complete overkill. This is using a tactical nuke to kill an ant. I'm not looking for a full ERP solution, really! And I'm not thrilled with anything based on node.js. Node.js has a really strange dependency system and any language that allows the JSF*ck mess is not something that I would trust in terms of security. Thanks again to everyone who chimed in. --Paul
smime.p7s
Description: S/MIME cryptographic signature
