-
abdullah
Happy Christmas happy holidays to everyone.
-
Trung
😊 Merry Xmas abdullah
-
coleman
Same to you all
-
reload
Merry xmas everybody! We are setting up an xmpp Server and have a few questions. Maybe somebody is willing to answer
-
reload
Can xmpp be handled over http(s) only? I.e. connections via subdomains on 443 instead of 5223/5270 Is there a backend which can handle xmpp on a single port but instead use a load-balance or reverse proxy of web socket to accomplish the multiple port use What xmpp clients work best for connecting to an xmpp that is a hidden service only
-
Peter Waher
Merry Christmas
-
Peter Waher
On first question: You can use BOSH (XMPP over HTTP) or Websockets to connect to the XMPP network as well
-
Peter Waher
References: * XEP-0124 * XEP-0206 * RFC-7395
-
moparisthebest
reload: do you want it to federate with the rest of the XMPP network or not
-
Licaon_Kter
reload: XEP-368 multiplexing over sslh or nginx
-
Licaon_Kter
reload: hidden servico means .onion?✎ -
Licaon_Kter
reload: hidden service means .onion? ✏
-
reload
> reload: do you want it to federate with the rest of the XMPP network or not Federate is ideally yes
-
reload
> reload: XEP-368 multiplexing over sslh or nginx I’m more familiar with Nginx
-
reload
> reload: hidden service means .onion? Yes
-
moparisthebest
reload: so you can accept all incoming connections on one port no problem, if that port can only do http that will severely limit the clients that can be used to only those that can do WebSocket, and in practice cut you off from federating with public servers because only 1 currently can do s2s over WebSocket
-
moparisthebest
Also very few servers can successfully federate with .onion domains
-
Licaon_Kter
reload: .onion does not need http or multiplexing or anything
-
Licaon_Kter
> Also very few servers can successfully federate with .onion domains This too, yes
-
reload
> reload: so you can accept all incoming connections on one port no problem, if that port can only do http that will severely limit the clients that can be used to only those that can do WebSocket, and in practice cut you off from federating with public servers because only 1 currently can do s2s over WebSocket Satori Hoshi: Websocket then I just mean http assuming I am running on 443 Can still be websocket at that port✎ -
reload
> reload: so you can accept all incoming connections on one port no problem, if that port can only do http that will severely limit the clients that can be used to only those that can do WebSocket, and in practice cut you off from federating with public servers because only 1 currently can do s2s over WebSocket Websocket then I just mean http assuming I am running on 443 Can still be websocket at that port ✏
-
reload
Also. I don’t mind subdomains. My big question is what backend is best to do the summary of these
-
Licaon_Kter
Multiplexing means that the connection to that one single port is forwarded to xmpp or http or whatever, so it appear you only have 443 but...several services live behind it
-
reload
Getting clients to connect to non-traditional methods is the main issue
-
Licaon_Kter
Backend? Summary?
-
moparisthebest
But what I'm saying is you can run regular XMPP on port 443 too, not just https, then you'll be able to federate with the whole public network (just add srv records so they know what port to use)
-
Licaon_Kter
reload: SRV settings in your DNS are respected by most clients so they'll connect to 443 or whatever you put there
-
moparisthebest
Clients will use SRV records as well
-
reload
> Multiplexing means that the connection to that one single port is forwarded to xmpp or http or whatever, so it appear you only have 443 but...several services live behind it Perfect!
-
reload
> Backend? Summary? Ejabberd, prosody or open fire? What will work best for this?
-
reload
And a client for connection via hidden service Built in tor proxy
-
Trung
😊 i say Prosŏdy, Licaon_Kter gonna say Ejabberd, i don't know what that moparisthebest guy is gonna say
-
Licaon_Kter
reload: > Ejabberd, prosody or open fire? What will work best for this? All work I use ejabberd, others use prosody Read about Snikket too
-
moparisthebest
reload: this is an example of how I host multiple services behind port 443, I use sslh myself https://wiki.xmpp.org/web/Tech_pages/XEP-0368, any XMPP server should work fine for that, I use prosody
-
Sapotaceae
prosody is the only one that can easily do s2s to other onions afaik
-
Licaon_Kter
reload: > And a client for connection via hidden service > Built in tor proxy Not included, no Dino Gajim Conversations All can use .onion and normal Not sure on iOS/mac
-
reload
Sorry it is mostly that there is a lot of people doing a lot of things. The ideal tools for the ideal application
-
Licaon_Kter
Sapotaceae: > prosody is the only one that can easily do s2s to other onions afaik mod_dark or mod_onion or something, yes
-
reload
> reload: this is an example of how I host multiple services behind port 443, I use sslh myself https://wiki.xmpp.org/web/Tech_pages/XEP-0368, any XMPP server should work fine for that, I use prosody Amazing. Thanks
-
Licaon_Kter
> The ideal tools for the ideal application Funny, you won't have this here, they're all ideal :))
-
reload
Nice to hear :))
-
reload
Thanks all. We will send a welcome as soon as it is setup :)