I've been using matrix for years to this purpose, but moving to xmpp/prosody now
this post was submitted on 16 Jun 2024
1 points (100.0% liked)
Selfhosted
40180 readers
518 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 1 year ago
MODERATORS
Can I ask why you're switching?
No.
Yeah ok. First of all, because I can 😁. I mean z what's good being an IT nerd if I can't change stuff when I want?
Jokes aside, I've been reading more recently on matrix and looks like there are some security issues in the design of the app/protocol. I'm on mobile now, I'll look for sources when I'm on pc. Also I don't like that it is a server centric system (so data is primarily on the server instead of the clients). Also it takes more resources than I was expecting. For less than 10 users I can't have less than 4gb of ram (on a dedicated debian server, running docker) or it swaps so much it kills the system.
So basically I'm testing out if xmpp is a better system for those issues.
Conversations being paid on the google play store is what's stopping me from going xmpp... I can't just say "message me via xmpp, you can use the Conversations app". Now I'd have to explain what F-Droid is and why would they even get another app store and enable "unknown apps". it's not doable. I remember telling my mom to install Signal (before I got into self hosting) because I deleted whatsapp and she got angry like she worked for the zuck, saying "what do you mean you don't use whatsapp" with an astonished face, started lecturing me on why I was destroying my social life... That just made me realize right now they probably wouldn't download conversations either...welp I just wanted to share
I know exactly what you mean. Just for general information, I've found another android client that I think it's better than Conversations. It's called Monocles chat (and it's on f-droid). On matrix/xmpp I install the whatsapp bridge. I can convert a few close family members but no way everyone. For me it's an acceptable compromise. I get the close members to use my servers/apps, everyone else through the bridge so I can at least have all the chat in one place
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:
| Fewer Letters | More Letters |
|---|---|
| IP | Internet Protocol |
| RPi | Raspberry Pi brand of SBC |
| SBC | Single-Board Computer |
| SSL | Secure Sockets Layer, for transparent encryption |
| TLS | Transport Layer Security, supersedes SSL |
| VPS | Virtual Private Server (opposed to shared hosting) |
| XMPP | Extensible Messaging and Presence Protocol ('Jabber') for open instant messaging |
5 acronyms in this thread; the most compressed thread commented on today has 7 acronyms.
[Thread #809 for this sub, first seen 16th Jun 2024, 15:45] [FAQ] [Full list] [Contact] [Source code]
XMPP is fantastic IMHO
If you want to support a great project and have great uptime check out conversations.im
I don’t recommend self hosting something you want available all the time. That being said everyone has different needs/uses 😊
Any Reason Signal doesn't do it?
Selfhosted isn't always the Best option
XMPP. It just works, requires very little resources, is stable and has decent clients.
I would go with Snikket instead of Prosody if I had been starting now.
Conversations on phones, Dino or Gajim on PCs, plus a conversejs install on the xmpp server, to allow web access when needed.
Conversations is easy for the family to figure out.
three main ones I've seen in this comment section are
• XMPP
• Matrix
• SimpleX
So all of these encrypt the conversations so not even the server admin can access them?
XMPP only does it with certain client extensions. And Matrix only does it when the rooms are set up this way. SimpleX does what you want, but is kind of unintuitive for the average user.
I say go with Signal, it does what you want and is idiot-proof.
To be fair, pretty much all major XMPP clients have adopted OMEMO encryption, so doesn't seem like much of an issue.
E2E is complicated, if you self-host for a group, having TLS and encrypting data at rest (storage) may be enough. Get a threat model. That being said, I would recommend snikket.org which is a superset of extensions over XMPP which is the open source IM that was the base of almost every app out there. Matrix and Rocket are both alright too. Depends too on your resources, synapse requires too much RAM (or so I heard)
Yes, XMPP with proper TLS on the server side and Conversations or one of its forks (preferably fetched from F-Droid) using OMEMO encryption should be good enough. If you are brave or paranoid, give Tox a try: https://tox.chat/
Except tox's graphical clients aren't maintained anymore