XMPP Server (Prosody)

XMPP Logo and Icon

XMPP is a fantastically simple protocol that's usually used as a messenger. It's highly extensible, better than IRC, lighter and more decentralized and Matrix and Telegram and normie social media can't hold a candle to it.

XMPP is so decentralized and extensible that there are many different XMPP servers. Here, let's set up an Prosody XMPP server.

Installation

Prosody is in the Debian repositories, so we can easily install it on our server with the following command:

apt install prosody

Configuration

The Prosody configuration file is in /etc/prosody/prosody.cfg.lua. To set it all up, we will be changing several things.

Setting Admins

Let's go ahead and set who our admin(s) will be. Find the line that says admins = { } and to this we can specify one or more server admins.

# To add one admin:
admins = { "chad@example.org" }

# We can add more than one by separating them by commas. (This file is written in Lua.)
admins = { "chad@example.org", "chadmin@example.org" }

Note that we have not created these accounts yet, we will do this below.

Set the Server URL

Find the line VirtualHost "localhost" and replace localhost with your domain. In our case, we will have VirtualHost "example.org"

Multi-User Chats

Most people will probably want the ability to have chats with more than two users. This is easily enough to enable. In the config file, add the following:

Component "chat.example.org" "muc"
    modules_enabled = { "muc_mam" }
    restrict_room_creation = "admin"

On the first line, you must have a separate subdomain for your multi-user chats. I use the chat. subdomain, but some use muc.. Anything if possible.

The second line is important because it prevents non-admins from creating and squatting rooms on your server. The only situation where you might not want that is if you indend to open a general public chat system for people you don't know.

Other things to check

Check the config file for other settings you might want to change. For example, if you want to run a general public XMPP server, you can allow anyone to create an account by changing allow_registration to true.

Certificates

Obviously, we want to have client-to-server and server-to-server encryption. Nowadays, use can use Certbot to generate certificates and use a convenient command below prosodyctl to import them.

If you have multi-user chat enabled, be sure to get a certificate for that subdomain as well. Include the --nginx option assuming you have an Nginx server running.

certbot -d chat.example.org --nginx

Once you have the certificates for encryption, run the following to import them into Prosody.

prosodyctl --root cert import /etc/letsencrypt/live/

Note that you might get an error that a certificate has not been found if your muc subdomain and your main domain share a certificate. It should still work, this is just notifying you that no specific

For user privacy, we will definitely want to install and enable encryption with OMEMO.

Creating users/admins manually

Let's manually create the admin user we prepared for above. Note that you can indeed do this in your XMPP client if you have not disabled registration, but this is how it is done on the command line:

prosodyctl adduser chad@example.org

This will prompt you to create a password as well.

Make changes active

With any system service, use systemctl reload or systemctl restart to make the new settings active:

systemctl restart prosody

Using your Server!

Once your server is set up, you just need an XMPP client to use your new and secure chat system.

Install whichever of these clients you want on your computer or phone and you can log into your new XMPP server with the account you made. Note that if you enabled public registration, anyone can create an account on your server through one of these clients.

Account addresses

XMPP account addressed look just like email addresses: username@example.org. You can message any account on any XMPP server on the internet with that format.

Note on MUCs (multi-user chats)

Remember that MUCs are kept on a separate subdomain that we created and should've gotten a certificate for above, for example, chat.example.org. Chatrooms are created and referred to in the following format: #chatroomname@chat.example.org.