I've been using matrix for years to this purpose, but moving to xmpp/prosody now
Can I ask why you're switching?
No.
Yeah ok. First of all, because I can 😁. I mean z what's good being an IT nerd if I can't change stuff when I want?
Jokes aside, I've been reading more recently on matrix and looks like there are some security issues in the design of the app/protocol. I'm on mobile now, I'll look for sources when I'm on pc. Also I don't like that it is a server centric system (so data is primarily on the server instead of the clients). Also it takes more resources than I was expecting. For less than 10 users I can't have less than 4gb of ram (on a dedicated debian server, running docker) or it swaps so much it kills the system.
So basically I'm testing out if xmpp is a better system for those issues.
What clients will you use for xmpp/prosody?
The easiest is to use the clients officially rebranded for Snikket, but there is a good overview on modern clients on https://joinjabber.org
Gajim on pc (I use arch btw - well endeavourOS because I can't be bothered) and don't remember what on android (there is the full list or clients and capabilities on xmpp.org)
How do you convince your family/friends to switch to a new app on their smartphone and use one just to talk with you/others in the crew?
Frienda no, but I do use whatsapp bridges so I can have all conversations in one place.
Family with extreme nagging, and because I'm the IT guy of the house so they kinda trust me/can't be bothered to try and out-talk me.
Any Reason Signal doesn't do it?
Selfhosted isn't always the Best option
three main ones I've seen in this comment section are
• XMPP
• Matrix
• SimpleX
So all of these encrypt the conversations so not even the server admin can access them?
XMPP only does it with certain client extensions. And Matrix only does it when the rooms are set up this way. SimpleX does what you want, but is kind of unintuitive for the average user.
I say go with Signal, it does what you want and is idiot-proof.
It is literally one setting in Matrix to force all rooms to only do encrypted messages.
Signal is pretty unintuitive when it comes to multiple devices per user, device transfers after a device has been lost,etc.
Signal is perfectly good under normal usage. Everything is unintuitive when it comes to extremes like losing your device.
Signal is annoying to use if you don't have a smartphone you can trust, since they do not allow registration from desktop. So either an Android VM or Signal-cli. But maybe it was just a one-off bug that the desktop client didn't bind to signal-cli for me. Still, the fact that you need an unofficial command-line application just to register makes it not exactly user-friendly.
I imagine that most people's families will find Singal easier than using a CLI program anyway. It's rare to find an entire family without typical cellphones.
To be fair, pretty much all major XMPP clients have adopted OMEMO encryption, so doesn't seem like much of an issue.
XMPP. It just works, requires very little resources, is stable and has decent clients.
I would go with Snikket instead of Prosody if I had been starting now.
Conversations on phones, Dino or Gajim on PCs, plus a conversejs install on the xmpp server, to allow web access when needed.
Conversations is easy for the family to figure out.
This is what my family (and a few friends) use. We have been using it for a while now because it just works. Also, the kids have never complained about using Conversations, or about using it only for us (like if you have that one family member who won't leave SMS behind - we're that guy, I guess), and we can make as many channels as we need for the house, the kids, with each kid individually, for our MTG cards, with our couple of friends that use it, etc…
I don't personally do the hosting, so I can't speak to that. That's the hubby's thing
¯\_(ツ)_/¯
https://snikket.org/ (xmpp based) is perfect for that. Matrix will work, but you will likely reach the limits of your Raspi with it fairly soon if you allow federation with other servers.
E2E is complicated, if you self-host for a group, having TLS and encrypting data at rest (storage) may be enough. Get a threat model. That being said, I would recommend snikket.org which is a superset of extensions over XMPP which is the open source IM that was the base of almost every app out there. Matrix and Rocket are both alright too. Depends too on your resources, synapse requires too much RAM (or so I heard)
Yes, XMPP with proper TLS on the server side and Conversations or one of its forks (preferably fetched from F-Droid) using OMEMO encryption should be good enough. If you are brave or paranoid, give Tox a try: https://tox.chat/
I know it's not self hosted but why not Signal? Matrix is demanding on a SBC and your family would probably get the 'unable to decrypt message, please re-verify keys' error that happens in encrypted matrix group chats and Element does not have the best UI especially if you want your grandma to use it.
Very unlikely by now, these issues have been adressed a while ago.
What's your source on the reverify thing? I use matrix a lot, and this hasn't been an issue I ever experienced anymore since they introduced cross-signing a couple years ago.
Same goes for the common clients such as element. It has been clunky in the past, but after the past major overhauls ( also years ago now) everything has been silky smooth for me, if not better than others. The one thing left I prefer from Signal is the one-time photo share.
Matrix is great, clients are great too, only the server part still is annoyingly complicated and messy. Would only recommend that for tinkerers, on that case it's a great path to learning about the complexity of addressing lots of security concerns that others gloss over.
Edit: to add - there's a reason why the French government and the German military decided to build their secure internal IM infrastructure on Matrix. Obviously they are hosting their own private network, but if the concept is good enough for European government and military, it is an indicator for quality especially in terms of security and privacy.
i had slightly issues with the failed to decrypt on element, just on a chat where the other person left
Still no suggestion that has wide cross platform and it’s just simple . Matrix has that all . So for now I choose matrix and clients
Lol, Snikket/xmpp has been suggested multiple times, and it is as good if not better regarding "wide cross platform" support. To get the same with Matrix you basically have to use a web-client or Electron, while XMPP has very efficient native clients.
I recommend Matrix with the Conduit server. This server requires almost no resources and even runs on a Raspberry Pi.
Cinny works perfectly as a desktop client (in case you want to escape from the ubiquitous Element). And for mobile I would use Element for Android/iOS although FluffyChat also works very well.
For me you can try to host a SimpleX server and then connect to it (with SimpleX it is pretty as much secure to run its one server than use a public one).
Or maybe use XMPP but try to use a good encryption protocol. This option is great in term of power efficiency, XMPP would run great on a RasPI
matrix should cover everything you need with the added bonus that you can chat with people from other instances
You could try Jami. It's peer to peer, so essentially any participants are self-hosting it. Its E2E encrypted, supports group messaging, voice and video calling, has easily 'linkable' mobile and desktop apps for all platforms and requires no email address or phone number to use. It's also the only messenger I'm aware of which is endorsed by the Free Software Foundation. I highly recommend it 👌
Mattermost runs as a Docker container and is excellent. You can create channels and groups which is incredibly useful.
Matrix is good, secure, very versatile, Foss, and easy to use, but I think not easy to set up or manage.
Rocket chat is like slack but FOSS.. haven't tried it myself but it could be something
The other suggestions are probably better, but you can technically self-host Wire (from Wire Gmbh) but I've never done it successfully.
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
Resources:
Any issues on the community? Report it using the report flag.
Questions? DM the mods!