XMPP is a fantastically simple protocol that's usually used as a messenger. It's highly extensible, better than IRC, lighter and more decentralized and Matrix and Telegram and normie social media can't hold a candle to it.
XMPP is so decentralized and extensible that there are many different XMPP servers. Here, let's set up an Prosody XMPP server.
Installation
Prosody is in the Debian repositories, so we can easily install it on our server with the following command:
apt install prosody
Configuration
The Prosody configuration file is in /etc/prosody/prosody.cfg.lua
.
To set it all up, we will be changing several things.
Setting Admins
Let's go ahead and set who our admin(s) will be.
Find the line that says admins = { }
and to this we can specify one or more server admins.
# To add one admin:
admins = { "chad@example.org" }
# We can add more than one by separating them by commas. (This file is written in Lua.)
admins = { "chad@example.org", "chadmin@example.org" }
Note that we have not created these accounts yet, we will do this below.
Set the Server URL
Find the line VirtualHost "localhost"
and replace localhost
with your domain.
In our case, we will have VirtualHost "example.org"
Multi-User Chats
Most people will probably want the ability to have chats with more than two users. This is easily enough to enable. In the config file, add the following:
Component "chat.example.org" "muc"
modules_enabled = { "muc_mam" }
restrict_room_creation = "admin"
On the first line, you must have a separate subdomain for your multi-user chats.
I use the chat.
subdomain, but some use muc.
.
Anything if possible.
The second line is important because it prevents non-admins from creating and squatting rooms on your server. The only situation where you might not want that is if you indend to open a general public chat system for people you don't know.
Other things to check
Check the config file for other settings you might want to change.
For example, if you want to run a general public XMPP server, you can allow anyone to create an account by changing allow_registration
to true
.
Certificates
Obviously, we want to have client-to-server and server-to-server encryption.
Nowadays, use can use Certbot to generate certificates and use a convenient command below prosodyctl
to import them.
If you have multi-user chat enabled, be sure to get a certificate for that subdomain as well.
Include the --nginx
option assuming you have an Nginx server running.
certbot -d chat.example.org --nginx
Once you have the certificates for encryption, run the following to import them into Prosody.
prosodyctl --root cert import /etc/letsencrypt/live/
Note that you might get an error that a certificate has not been found if your muc
subdomain and your main domain share a certificate.
It should still work, this is just notifying you that no specific
For user privacy, we will definitely want to install and enable encryption with OMEMO.
Creating users/admins manually
Let's manually create the admin user we prepared for above. Note that you can indeed do this in your XMPP client if you have not disabled registration, but this is how it is done on the command line:
prosodyctl adduser chad@example.org
This will prompt you to create a password as well.
Make changes active
With any system service, use systemctl reload
or systemctl restart
to make the new settings active:
systemctl restart prosody
Using your Server!
Once your server is set up, you just need an XMPP client to use your new and secure chat system.
- GNU/Linux: Dino or Gajim
- Windows: Gajim also runs on Windows.
- Android: Conversations.im
- Mac/iOS: Monal IM or Siskin for iOS alone
- command-line (GNU/Linux, MacOS, Windows): Profanity
- See a more complete list kept by XMPP
Install whichever of these clients you want on your computer or phone and you can log into your new XMPP server with the account you made. Note that if you enabled public registration, anyone can create an account on your server through one of these clients.
Account addresses
XMPP account addressed look just like email addresses: username@example.org
.
You can message any account on any XMPP server on the internet with that format.
Note on MUCs (multi-user chats)
Remember that MUCs are kept on a separate subdomain that we created and should've gotten a certificate for above, for example, chat.example.org
.
Chatrooms are created and referred to in the following format: #chatroomname@chat.example.org
.