I am searching for a selfhosted and secure (end to end encryption) chat platform for my family (5-20 users), possibly one i can host on a raspi.
Is matrix a good choice, or should i try something else?
For me you can try to host a SimpleX server and then connect to it (with SimpleX it is pretty as much secure to run its one server than use a public one).
Or maybe use XMPP but try to use a good encryption protocol. This option is great in term of power efficiency, XMPP would run great on a RasPI
Did you have trouble setting up XFTP one? SMP was fine but XFTP seemed to have some error in the systemd settings provided in the manual.
Matrix is good, secure, very versatile, Foss, and easy to use, but I think not easy to set up or manage.
Depends. If you use an intermediary layer like Yunohost/Cloudron/etc. or now your way around docker it’s manageable easily.
Any Reason Signal doesn’t do it?
Selfhosted isn’t always the Best option
deleted by creator
Edible paper, lemon juice, and hair dryers.
My threat model is not that big :)
I guess you’re not a furry then.
licks the edible paper, but it tastes like plant
meows
You could try Jami. It’s peer to peer, so essentially any participants are self-hosting it. Its E2E encrypted, supports group messaging, voice and video calling, has easily ‘linkable’ mobile and desktop apps for all platforms and requires no email address or phone number to use. It’s also the only messenger I’m aware of which is endorsed by the Free Software Foundation. I highly recommend it 👌
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters IP Internet Protocol RPi Raspberry Pi brand of SBC SBC Single-Board Computer SSL Secure Sockets Layer, for transparent encryption TLS Transport Layer Security, supersedes SSL VPS Virtual Private Server (opposed to shared hosting) XMPP Extensible Messaging and Presence Protocol (‘Jabber’) for open instant messaging
5 acronyms in this thread; the most compressed thread commented on today has 7 acronyms.
[Thread #809 for this sub, first seen 16th Jun 2024, 15:45] [FAQ] [Full list] [Contact] [Source code]
XMPP is fantastic IMHO
If you want to support a great project and have great uptime check out conversations.im
I don’t recommend self hosting something you want available all the time. That being said everyone has different needs/uses 😊
I recommend Matrix with the Conduit server. This server requires almost no resources and even runs on a Raspberry Pi.
Cinny works perfectly as a desktop client (in case you want to escape from the ubiquitous Element). And for mobile I would use Element for Android/iOS although FluffyChat also works very well.
Conduit seems to have next to no docs on actually installing it for some reason.
They are very focused on development and therefore the documentation is a bit sparse (maybe).
The truth is that it is not very complicated to install. It is simply to download the binary (it is statically compiled so it has no dependencies) place it in
/usr/bin
and execute it (the best is to create a user in the machine with the home in/var/lib/conduit
and then launch it with systemd).Another option is to simply launch it with docker.
In any case, if you have problems, comment it here and we will look to see what could be happening.
This is nice to know. Cinny looks beautiful from a UX perspective, wish they made an app too. Not enough good UX in open source stuff.
Yes, without a doubt, for me it is the most balanced client, a pity that there is not for Android, but well, in mobile Element does not give problems either.
Mattermost runs as a Docker container and is excellent. You can create channels and groups which is incredibly useful.
Can we use group meeting in self hosted version?
Is there e2e encryption available for mattermost that normies can use?
Mattermost is a lot like Slack, right?
Yes.
Mattermost does not have E2EE to my knowledge.
The other suggestions are probably better, but you can technically self-host Wire (from Wire Gmbh) but I’ve never done it successfully.
I’ve been using matrix for years to this purpose, but moving to xmpp/prosody now
What clients will you use for xmpp/prosody?
The easiest is to use the clients officially rebranded for Snikket, but there is a good overview on modern clients on https://joinjabber.org
Gajim on pc (I use arch btw - well endeavourOS because I can’t be bothered) and don’t remember what on android (there is the full list or clients and capabilities on xmpp.org)
How do you convince your family/friends to switch to a new app on their smartphone and use one just to talk with you/others in the crew?
Frienda no, but I do use whatsapp bridges so I can have all conversations in one place.
Family with extreme nagging, and because I’m the IT guy of the house so they kinda trust me/can’t be bothered to try and out-talk me.
WhatsApp bridge? How does it work?
The chat server (matrix and xmpp have different ones, but same functionality) that act like a whatsapp desktop client. Have you ever run whatsapp desktop client on your pc, where you have to pair it with your phone? Same thing, but you do it withing a special “bridge” (usually as a bot) in matrix or xmpp. So you get all the messages in one place. But it doesn’t work for calls, just for messages.
I’ve never heard about those bridges, thanks! I’ll have a look.
My dad suggested me this after i told him about the new upload filters the eu is thinking about. Here is a link to a german blog post about it: https://netzpolitik.org/2024/anlasslose-massenueberwachung-frankreich-wackelt-in-der-ablehnung-der-chatkontrolle/#dokument
Can I ask why you’re switching?
No.
Yeah ok. First of all, because I can 😁. I mean z what’s good being an IT nerd if I can’t change stuff when I want?
Jokes aside, I’ve been reading more recently on matrix and looks like there are some security issues in the design of the app/protocol. I’m on mobile now, I’ll look for sources when I’m on pc. Also I don’t like that it is a server centric system (so data is primarily on the server instead of the clients). Also it takes more resources than I was expecting. For less than 10 users I can’t have less than 4gb of ram (on a dedicated debian server, running docker) or it swaps so much it kills the system.
So basically I’m testing out if xmpp is a better system for those issues.
Conversations being paid on the google play store is what’s stopping me from going xmpp… I can’t just say “message me via xmpp, you can use the Conversations app”. Now I’d have to explain what F-Droid is and why would they even get another app store and enable “unknown apps”. it’s not doable. I remember telling my mom to install Signal (before I got into self hosting) because I deleted whatsapp and she got angry like she worked for the zuck, saying “what do you mean you don’t use whatsapp” with an astonished face, started lecturing me on why I was destroying my social life… That just made me realize right now they probably wouldn’t download conversations either…welp I just wanted to share
I know exactly what you mean. Just for general information, I’ve found another android client that I think it’s better than Conversations. It’s called Monocles chat (and it’s on f-droid). On matrix/xmpp I install the whatsapp bridge. I can convert a few close family members but no way everyone. For me it’s an acceptable compromise. I get the close members to use my servers/apps, everyone else through the bridge so I can at least have all the chat in one place
https://snikket.org/ (xmpp based) is perfect for that. Matrix will work, but you will likely reach the limits of your Raspi with it fairly soon if you allow federation with other servers.
three main ones I’ve seen in this comment section are
• XMPP
• Matrix
• SimpleX
So all of these encrypt the conversations so not even the server admin can access them?
XMPP only does it with certain client extensions. And Matrix only does it when the rooms are set up this way. SimpleX does what you want, but is kind of unintuitive for the average user.
I say go with Signal, it does what you want and is idiot-proof.It is literally one setting in Matrix to force all rooms to only do encrypted messages.
Signal is pretty unintuitive when it comes to multiple devices per user, device transfers after a device has been lost,etc.
Signal is perfectly good under normal usage. Everything is unintuitive when it comes to extremes like losing your device.
Signal is annoying to use if you don’t have a smartphone you can trust, since they do not allow registration from desktop. So either an Android VM or Signal-cli. But maybe it was just a one-off bug that the desktop client didn’t bind to signal-cli for me. Still, the fact that you need an unofficial command-line application just to register makes it not exactly user-friendly.
I imagine that most people’s families will find Singal easier than using a CLI program anyway. It’s rare to find an entire family without typical cellphones.
Yea, but a typical cellphone is not as easy to make private as a typical laptop or desktop. Lineage has some tradeoffs and not accessible on all devices, and Graphene needs even more specific, quite expensive hardware!
Wouldn’t say that. With most Matrix Clients, WhatsApp, etc. it’s far easier. Especially from a perspective of a elderly,less tech adept user.
To be fair, pretty much all major XMPP clients have adopted OMEMO encryption, so doesn’t seem like much of an issue.
But it’s not self hostable.
no idea, I’ve just seen these in the comments
Dendrite iirc is essentially in maintenance mode. I run a small one but I don’t think it’s expected to get any new features until there is more funding.
Also https://conduit.rs/