Yes, I know as well as it works with all other users I have but this one…
Maybe have a quick step in the chat to clarify this : xmpp:yunohost-xmpp@muc.chapril.org?join
1 Like
Hi @anubis, I’m looking at your prosody installation for yunohost and it seems very promising !
Do you know snikket ? It’s an xmpp chat network relying on prosody with some additional modules : snikket-server/snikket-modules at master · snikket-im/snikket-server · GitHub
I guess they would be very happy to get ported into yunohost, and I would find it awesome to get snikket enhanced with a multidomain ldap authentication solution!
1 Like
I used XMPP built-in at the beginning with my 4-5 family members but never could get audio and video calls to work. I gave up on using it and switched over my family to SimpleX and Signal.
I tried some of the things talked about in this 4 year old issue on github but gave up.
If it can work out of the box with audio + video reliably, I’d like to try again with this prosody or whatever is coming next.
1 Like
Yeah I know, I think it is a good initiative for people not running Yunohost! We might import or propose some functionalities (like invites), but a packaging is in my opinion not an option on mid-term (not easy to integrate in Yunohost as it is relying on Docker), but feel free to have a try!
This is exactly the purpose of this app, to avoid to dig into tricky configurations steps to make basic functions work!
Let us know on the chat or on a dedicated forum thread if you need assistance.
[sorry if i’m too late, i only just saw this thread, logging in to search for info about the problems i describe below]
i have used ynh for 4-5 years now, and really appreciate the xmpp functionality it offers.
but i have had various issues with metronome that i never manged to solve, such as messages not syncing across devices and also messages being dropped (seemingly if the mobile device was not recently active, but not always, we never really nailed it down). i found debugging this would end up taking up too much time and i still couldn’t solve it. i had tested on two different ynh installs (different hardware and locations), and encountered had similar issues. this despite the requisite modules showing up as enabled in gajim.
i would hope moving to prosody might help this. but also, i would also add my support for ynh having a snikket install. it’s a smooth experience as the devs (who are the prosody devs) made both the server and client, and aim to iron out any compatibility issues or hiccups. it seems like it is also aimed a similar target audience to ynh.
either way, i’m glad some attention is being paid to the issue, and i hope it is for the best in the long run. thanks!
1 Like
@anubis I just installed prosody_ynh on bookworm and it seems to be completely unconfigured.
I just went back to metronome for now 
Probably because you install the master version instead of testing (GitHub - YunoHost-Apps/prosody_ynh at testing)? (we are not yet the default version but should become soon)
2 Likes
For those who installed from your (anubister) repo, is the migration done by directly install from the yuno repo, or should we first remove the current package?
1 Like
First remove the current package (AFAIK there is not yet the possibility to migrate an app from one place to another).
When installing the package again, DO NOT answer yes to the import of Metronome datas.
1 Like
Isn’t it possible to do sudo yunohost app upgrade prosody -u https://github.com/yunohost-apps/prosody_ynh - F? I think this would install the yuno repo version
Snikket is rad! Yunohost then Tigerbrew!
Have you tried Cheogram Android?
1 Like
In order to better tune the parameters to be integrated on the control panel (and their default values), let’s have an idea of the number of XMPP users you are actually dealing with!
How many XMPP users to you have on your Yunohost server?
- 1 to 2 users
- 3 to 10 users
- 11 to 20 users
- 21 to 50 users
- 51 to 100 users
- 101+ users
0
voters
I have installed Snikket on my Yunohost server. I’m not sure if this is offtopic, so I’ll put my findings in spoilers. Please tell me to move it if it’s not the appropriate place.
1. Install Docker
First, I installed docker, as described in the official documentation:
sudo apt update
sudo apt install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
# Add the repository to Apt sources:
sudo tee /etc/apt/sources.list.d/docker.sources <<EOF
Types: deb
URIs: https://download.docker.com/linux/debian
Suites: $(. /etc/os-release && echo "$VERSION_CODENAME")
Components: stable
Architectures: $(dpkg --print-architecture)
Signed-By: /etc/apt/keyrings/docker.asc
EOF
sudo apt update
sudo apt install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
2. Create domain and set up Snikket docker-compose
I created my domain in the admin panel, and made sure I got a valid letsencrypt certificate. I’ll call this domain chat.example.org here. You need to create 3 domains:
chat.example.orggroups.chat.example.orgshare.chat.example.org
I then created the /opt/snikker directory, and added this docker-compose.yml:
version: "3.3"
services:
snikket_proxy:
container_name: snikket-proxy
image: snikket/snikket-web-proxy:stable
env_file: snikket.conf
network_mode: host
volumes:
- snikket_data:/snikket
- acme_challenges:/var/www/html/.well-known/acme-challenge
- /etc/yunohost/certs/chat.example.org/crt.pem:/snikket/letsencrypt/live/chat.example.org/fullchain.pem:ro
- /etc/yunohost/certs/chat.example.org/key.pem:/snikket/letsencrypt/live/chat.example.org/privkey.pem:ro
restart: "unless-stopped"
# snikket_certs:
# container_name: snikket-certs
# image: snikket/snikket-cert-manager:stable
# network_mode: host
# env_file: snikket.conf
# volumes:
# - snikket_data:/snikket
# - acme_challenges:/var/www/.well-known/acme-challenge
# restart: "unless-stopped"
snikket_portal:
container_name: snikket-portal
image: snikket/snikket-web-portal:stable
network_mode: host
env_file: snikket.conf
restart: "unless-stopped"
snikket_server:
container_name: snikket
image: snikket/snikket-server:stable
network_mode: host
volumes:
- snikket_data:/snikket
- /etc/yunohost/certs/chat.example.org/crt.pem:/snikket/letsencrypt/live/chat.example.org/fullchain.pem:ro
- /etc/yunohost/certs/chat.example.org/key.pem:/snikket/letsencrypt/live/chat.example.org/privkey.pem:ro
env_file: snikket.conf
restart: "unless-stopped"
volumes:
acme_challenges:
snikket_data:
Notable differences with the official docker compose is:
- I proxied the certificates inside the container so that snikket can read them
- I commented out the auto-certificate thing
I created also the recommended snikket.conf file:
# The primary domain of your Snikket instance
SNIKKET_DOMAIN=chat.example.org
SNIKKET_TWEAK_HTTP_PORT=5080
SNIKKET_TWEAK_HTTPS_PORT=5443
# An email address where the admin can be contacted
# (also used to register your Let's Encrypt account to obtain certificates)
SNIKKET_ADMIN_EMAIL=me@example.org
After than, I ran docker compose up -d.
3. Set up Proxy
Back to the Yunohost admin panel. I installed the Redirect app, setting its path to / and pointing it to 127.0.0.1:5080. For the icon, I used the official logo. Yunohost needs a PNG, so I converted it. Here it is, for convenience:
Snikket needs a more granular configuration. There are examples of reverse proxies in the official docs. Here’s what I’ve done:
- edit
/etc/nginx/conf.d/chat.example.org.conf:
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 80;
listen [::]:80;
server_name chat.example.org;
server_name groups.chat.example.org;
server_name share.chat.example.org;
access_by_lua_file /usr/share/ssowat/access.lua;
location ^~ /.well-known/ {
proxy_pass http://127.0.0.1:5080;
proxy_set_header Host $host;
}
location / {
proxy_pass http://localhost:5080/;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# This is the maximum size of uploaded files in Snikket
client_max_body_size 104857616; # 100MB + 16 bytes
}
include /etc/nginx/conf.d/yunohost_http_errors.conf.inc;
access_log /var/log/nginx/chat.example.org-access.log;
error_log /var/log/nginx/chat.example.org-error.log;
}
server {
listen 443 ssl;
listen [::]:443 ssl ipv6only=on;
server_name chat.example.org;
server_name groups.chat.example.org;
server_name share.chat.example.org;
include /etc/nginx/conf.d/security.conf.inc;
ssl_certificate /etc/yunohost/certs/chat.example.org/crt.pem;
ssl_certificate_key /etc/yunohost/certs/chat.example.org/key.pem;
access_by_lua_file /usr/share/ssowat/access.lua;
include /etc/nginx/conf.d/chat.example.org.d/*.conf;
# include /etc/nginx/conf.d/yunohost_sso.conf.inc;
# include /etc/nginx/conf.d/yunohost_admin.conf.inc;
# include /etc/nginx/conf.d/yunohost_api.conf.inc;
# include /etc/nginx/conf.d/yunohost_http_errors.conf.inc;
access_log /var/log/nginx/chat.example.org-access.log;
error_log /var/log/nginx/chat.example.org-error.log;
}
- Edit
/etc/nginx/conf.d/chat.example.org.d/redirect.conf:
#sub_path_only rewrite ^/$ / permanent;
location / {
proxy_pass https://127.0.0.1:5443;
# proxy_pass http://127.0.0.1:5080;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Port $server_port;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# Include SSOWAT user panel.
include conf.d/yunohost_panel.conf.inc;
more_clear_input_headers 'Accept-Encoding';
}
Restart nginx with sudo systemctl restart nginx
4. Finishing touches
Now you can access https://chat.example.org, and you should see a login panel if all went well.
Now, invite yourself with:
docker exec snikket create-invite --admin --group default
This will create an invite URL. Open it on your phone to finish the setup.
Hope this helps someone!
Note: Snikket does not use ldap/oidc, so there’s no way to use yunohost users with it. The SSO stuff is left in the proxy config in case you don’t want visitors to access the domain; but then people will have to log in twice (once to YNH, once to Snikket)
2 Likes
Thanks for your writeup, I will test this