Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
view the rest of the comments
Yes, but Matrix a plague of questionable open-source and a metadata disaster.
Matrix is developed by a for profit entity, a group of venture capitalists and having a spec doesn’t mean everything. The way Matrix is designed is to force people into jumping through hoops and kind of drawing all attention to Matrix itself instead of the end result.
https://techcrunch.com/2023/11/06/decentralized-communication-protocol-matrix-shifts-to-less-permissive-agpl-open-source-license/
Stop recommending questionable open-source like Matrix. XMPP is the true and the OG federated and truly open solution that is very extensible. XMPP is tested, reliable, secure and above all a truly open standard and decentralized it just lacks some investment in better mobile clients.
What people fail to see is that XMPP is the only solution that treats messaging and video like email: just provide an address and the servers and clients will cooperate with each other in order to maintain a conversation and it can be configured to be secure and private. Everything else is just an attempt at yet another vendor lock-in. Here a quick overview of the architecture.
What also bothers me is how prominent matrix.org instance is. So you got a system that is supposed to be decentralized... Yet defederating from the one central server would break a lot.
That's just another detail where we see that.
Matrix does not "leak" metadata. It HAS metadata.
Fair enough 😂😂😂
Does XMPP not have the same metadata?
No, or rather not quite. XMPP is designed on a need-to-see system where basically only the meta-data that a server or client really requires to function is shared with it. This can mean that there is quite a bit of meta-data shared with various servers in a popular group-chat, but that is rather the exception.
Matrix on the other hand is designed as a replicated data-store, meaning that really everything is shared with every connected server by design. The reason for this is so that chats can continue to function even when the original server is removed etc. This was the big original selling point of Matrix, but lately they have been somewhat quiet about it as it largely contradicts privacy concerns and might even be fundamentally GDPR incompatible. In any case it is pretty much a meta-data nightmare.
Let me add the following: the problem is that that metadata is all over the place AND you can't remove it from those 3rd party servers. Also there's a ton of questionable stuff like read receipts and reactions that are never encrypted (not sure if this was fixed already). XMPP with OMEMO enables will encrypt everything.
Currently the OMEMO as implemented in most clients only encrypts message content, but not the meta-data. There is a newer, sadly incompatible version that encrypts more, but few XMPP clients support it (AFAIK only Kaidan and Moxxy).
About the metadata part: one of the issues with Matrix is that it considers some stuff like read receipts as metadata. In XMPP all that information is special messages inside your conversation thus they get encrypted as well.
Well you also can't remove shit on someone else's email servers so is that not GDPR compatible?
In the case of email you have to actively send something to someone for it to be on their server. In Matrix it is sufficient for a 3rd party to join a chat for them to get the entire chat history (hopefully e2ee) including all meta-data back to the very first day the chat was created.
They're actually working on that, which is nice. It's called lazy loading I think? Not sure if it's implemented yet.
No, that is only solving the problem of long loading times when first joining a chat (caused by the server having to download the entire chat history and meta-data). Eventually the server still has to synchronize the entire chat. There is no way around it by design.