After the arrest of Pavel Durov, I wanted to move from Telegram to something end-to-end encrypted. I know Signal is pretty good, but I think it is better to have our messages in my own server.

I have already looked in XMPP, but it required SSL certs and I did not have the mood to configure them.

Do you know any other selfhosted messaging service for a group of 4-5 friends, or an easy way to configure an XMPP server? Or shall I use Signal after all (I don’t really care that much about being selfhosted, I just thought it would be more privacy friendly)?

UPDATE: I managed to set up an XMPP server using prosody with the SSL certs. We have been testing it with my friend and it seems to go well.

  • VitabytesDev@feddit.nlOPEnglish
    1·
    11 days ago

    I know, but for some reason my router does not let me access my domain (with duckdns) when connected to my network. So even if I get certs for the domain, I will not be able to access it. I have set up local DNS entries (with Pi-Hole) to point to my srrver, but I don’t know if it possible to get certs for that, since it is not a real domain.

    • qjkxbmwvz@startrek.websiteEnglish
      3·
      11 days ago

      I have set up local DNS entries (with Pi-Hole) to point to my srrver, but I don’t know if it possible to get certs for that, since it is not a real domain.

      So long as your certs are for your fully qualified domain there’s no problem. I do this, as do many people — mydoman.com is fully qualified, but on my own network I override the DNS to the local address. Not a problem at all — DNS is tied to the hostname, not the IP.

      • sugar_in_your_tea@sh.itjust.worksEnglish
        2·
        11 days ago

        Can confirm, I do this as well for my local services (especially important for Jellyfin), I just point my local DNS server at my local IP and everything works perfectly.

        • qjkxbmwvz@startrek.websiteEnglish
          1·
          11 days ago

          Another fun trick you can play is to use a private IP on your public DNS records. This is useful for Jellyfin on Chromecast for instance — it uses 8.8.8.8 for DNS lookup (and ignores your router settings), so it wants a fully qualified domain name. But it has no problem accessing local hosts, so long as it’s from 8.8.8.8’s record.

          • sugar_in_your_tea@sh.itjust.worksEnglish
            1·
            11 days ago

            I suppose, but then you’re kind of screwed if you want to access Jellyfin outside of your network. I suppose you could use a VPN, but it’s probably easier to just not use the Chromecast (or just accept that it’s going to hit the WAN regardless).