After the arrest of Pavel Durov, I wanted to move from Telegram to something end-to-end encrypted. I know Signal is pretty good, but I think it is better to have our messages in my own server.

I have already looked in XMPP, but it required SSL certs and I did not have the mood to configure them.

Do you know any other selfhosted messaging service for a group of 4-5 friends, or an easy way to configure an XMPP server? Or shall I use Signal after all (I don’t really care that much about being selfhosted, I just thought it would be more privacy friendly)?

UPDATE: I managed to set up an XMPP server using prosody with the SSL certs. We have been testing it with my friend and it seems to go well.

  • wildbus8979@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    22
    ·
    2 months ago

    SSL certs is so easy with let’s encrypt, that really shouldn’t be a blocker.

    If you want something easy I think you have your answer with Signal

    • VitabytesDev@feddit.nlOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      2 months ago

      I know, but for some reason my router does not let me access my domain (with duckdns) when connected to my network. So even if I get certs for the domain, I will not be able to access it. I have set up local DNS entries (with Pi-Hole) to point to my srrver, but I don’t know if it possible to get certs for that, since it is not a real domain.

      • qjkxbmwvz@startrek.website
        link
        fedilink
        English
        arrow-up
        3
        ·
        2 months ago

        I have set up local DNS entries (with Pi-Hole) to point to my srrver, but I don’t know if it possible to get certs for that, since it is not a real domain.

        So long as your certs are for your fully qualified domain there’s no problem. I do this, as do many people — mydoman.com is fully qualified, but on my own network I override the DNS to the local address. Not a problem at all — DNS is tied to the hostname, not the IP.

        • sugar_in_your_tea@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          2
          ·
          2 months ago

          Can confirm, I do this as well for my local services (especially important for Jellyfin), I just point my local DNS server at my local IP and everything works perfectly.

          • qjkxbmwvz@startrek.website
            link
            fedilink
            English
            arrow-up
            1
            ·
            2 months ago

            Another fun trick you can play is to use a private IP on your public DNS records. This is useful for Jellyfin on Chromecast for instance — it uses 8.8.8.8 for DNS lookup (and ignores your router settings), so it wants a fully qualified domain name. But it has no problem accessing local hosts, so long as it’s from 8.8.8.8’s record.

            • sugar_in_your_tea@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              1
              ·
              2 months ago

              I suppose, but then you’re kind of screwed if you want to access Jellyfin outside of your network. I suppose you could use a VPN, but it’s probably easier to just not use the Chromecast (or just accept that it’s going to hit the WAN regardless).