WingNews logo WingNews GitHub [2]
top | item 8783794

Ask HN: XMPP/Jabber self hosting

65 points| BreaXerox | 11 years ago | reply

I'd like to host my own XMPP server for OTR communications. I've previously used OTR on top of Google Chat/Hangouts, but I would like to try managing the server myself.

Does anyone have experience with a modern XMPP server? I found a list of server software at http://xmpp.org/xmpp-software/servers/, however I'd like to hear some experiences before selecting one.

46 comments

order
[+] structural|11 years ago|reply
I've set up a XMPP server using Prosody after evaluating what are typically regarded as the top 3 implementations (ejabberd, Openfire, and Prosody).

I ended up with a Prosody install primarily for two reasons: 1) Memory consumption/stability 2) Authentication support

The XMPP server hosts up to 700-800 simultaneous users and is located on a machine that provides many other services. With both ejabberd and openfire at this scale, memory consumption was in the several hundred megabyte range and (specifically ejabberd) typically had CPU load of 10-20% of a core.

The prosody setup I ended up using was significantly more lightweight and was simple to set up with server authenticating logins against TLS-enabled LDAP.

In the past, ejabberd was avoided because of serious security issues with the software, but in the past few years it looks like they've gotten their act together somewhat. That said, there's still some recent CVEs, you would want to pay attention to this if deploying ejabberd in any public-facinc infrastructure. As an example, ejabberd used to _require_ storing all passwords in plaintext, claiming that this was "more secure" than the alternatives (ref: https://www.ejabberd.im/plaintext-passwords-db)

[+] hackerboos|11 years ago|reply
mongooseIM (an ejabberd fork) is also worth considering.

If you are new to XMPP then I'd recommend Prosody, very approachable and written in Lua if I recall correctly.

[+] mike-cardwell|11 years ago|reply
+1 for Prosody. I run it from my server at home. Easy to install. Don't remember the last time I had to do any maintenance. My XMPP details are in my profile if anyone wants to test federation.
[+] thallian|11 years ago|reply
+1 for Prosody.

I run it on a much smaller scale with imap authentication and it works flawlessly.

[+] xorcist|11 years ago|reply
I've been though jabberd2, ejabberd and has since a couple of years stuck with Prosody.

The main strengths are that it is very simple and lightweight, and uses less resources. The drawbacks is that it is simple and lightweight, so anything more complicated for corporate deployments is something you often have to roll up your sleeves and implement yourself.

I was scared to run it at first because it is written in Lua, which is an unknown language to me. However, I must say it is quite an elegant language. I could get an authentication plugin running after looking at an existing one, and I trusted it enough to run in production internally for a small team (and it turned out to work well for us).

Edit: Be sure to get a real certificate (startssl is fine), if you intend to use s2s. During the past year or two, most public servers has started to care.

[+] Torgo|11 years ago|reply
>During the past year or two, most public servers has started to care.

By general consensus, the XMPP community set May 19, 2014 as a deadline for mandatory encryption:

https://lwn.net/Articles/599647/

[+] preillyme|11 years ago|reply
I use MongooseIM and it is a base platform for building high performance messaging systems leveraging XMPP. It is designed to provide communication for millions of concurrent online users in high growth sectors such as Social Media, Gaming and Telecommunications. It is highly customisable due to its clean and modular design allowing easy integration with pre-existing solutions within a company. MongooseIM is truly innovative for building high volume scalable instant messaging solutions, having features specifically designed for enterprise and business.

It's a port of eJabberd and brings it up to ErlangOTP standards.

https://www.erlang-solutions.com/products/mongooseim-massive...

[+] agwa|11 years ago|reply
I've been using Prosody for ~2 years on a couple servers and I can't recommend it highly enough: it's extremely simple, lightweight, and easy to configure. Its author is even on HN. https://prosody.im/

I don't recommend ejabberd, unless perhaps you need to cluster. It consumes a lot of memory, which is undesirable on a VPS, and once I managed to get an ejabberd server into such a weird state that it required dropping to its REPL and writing Erlang to fix it (fortunately I have a friend who knows Erlang)!

[+] deeviant|11 years ago|reply
Actually, ever since the string handling was moved from erlang strings to binary strings in ejabberd community edition, ejabberd's memory performance is equal or better than other offerings.

Source: Last company I worked for used XMPP as the data channel to and form our data center and IoT/SCADA devices, I oversaw the project of upgrading from a much older version of ejabberd (which used erlang strings) and the much newer community edition ejabberd(which uses binary strings).

You can also write a custom module and use ejabberd solely for it's XMPP wire protocol and excellent routing features, but immediately export incoming data from the server to other processes in your stack without ejabberd ever even parsing the incoming XML(in this case we wrote a rabbitMQ ejabberd module which allowed ejabberd to interact with our data center flawlessly), which is what we did and at that point, a single XMPP server was able to handle our entire traffic. Although we obviously used a cluster and HA load balancer for scalability and redundancy.

[+] rakoo|11 years ago|reply
Another +1 for Prosody. Extremely simple to setup and use (I only have my own account on my server), I have seen no problems that weren't caused by me.
[+] smacktoward|11 years ago|reply
I run ejabberd on my personal domain. It was easy to set up and has run without really needing any active management for a few years now.
[+] jwise0|11 years ago|reply
I've had similar success, probably over the course of 8 or so years. I've moved it from from machine to machine a few times, and generally haven't had any issues with it. I've had to hack the source once or twice to work around various stupid things on my machine (for instance, my Kerb setup was very slow once, and I had to hack epam not to time out); the source is pretty reasonably maintainable.

I've heard good things about Prosody, but haven't compared the two of them directly.

It is said that ejabberd supports XEP-0136 (server-side message archiving), but since it's not a default (at least, I don't think), I haven't turned it on yet. One of these days I will give that a try.

[+] __david__|11 years ago|reply
That's what I run, too. The only time it died on me is when I updated and they had changed the configuration format to yaml (without an automated conversion). Aside from that annoying hiccup, it's been very smooth sailing. It federates well (though I lost IM access to a lot of friends when Google killed gchat federation).

The nice thing about running my own server is that when I talk to other people that have accounts there (basically my extended family and some selected friends), I'm pretty confident about privacy, even if OTR isn't being used—I only export SSL/TLS enabled ports and the machine is in my house, not a datacenter.

[+] rasengan|11 years ago|reply
I second this. ejabberd is good for your health. This message should not be construed as a replacement for professional medical advice.
[+] foupfeiffer|11 years ago|reply
https://www.hipchat.com/server is all of the functionality (persistent searchable rooms, image uploads, mobile clients, video, emoticons (allthethings) etc.) of HipChat.com but behind the firewall (on premise). Disclaimer I'm a dev on the project, though to be fair everybody in the Beta has been happy with it.
[+] coned88|11 years ago|reply
I never knew hipchat was a jabber system
[+] deeviant|11 years ago|reply
I have worked pretty extensively with XMPP(specially, ejabberd) in a IoT/SCADA context. Setting up your own ejabberd server is fairly painless. Download ProcessOne's ejabberd community edition, and you should be running in an hour. Don't be afraid of erlang as you don't have to get much exposure to it unless want to.

I also had the pleasure working with ProcessOne via the Business edition ejabberd support, as well as commissioning them to build few custom modules that would have taken my C++(embedded team)/C#(back-end team) centric team much more time and money to build ourselves. So ejabberd is a great way to both get your feet wet(open source community version), then scale up in a big way with professional support(commercially licensed business version) should it be needed.

Note: I am not affiliated with ProcessOne in any way. Just had a pleasant experience working with them, and greatly enjoy their product.

[+] haidrali|11 years ago|reply
I'have been using Tigase for our chat application (https://play.google.com/store/apps/details?id=com.hyperon.sm...) the decision of selecting server depends totally upon your requirement. I have used Tigase, Openfire and Jabbered 2 for different projects and have done with lots of customization in them. If sclability is your main requirement my suggestion would be

1- Tigase 2- Jabbered 2 3- Openfire

I have also heard of Ejabbered a lot but that is in erlang ( which i don't like ) My top priority is always Tigase ( the only bad thing about it is you really need to dig into it to manage because there isn't lots of support available in term of blogs tutorials etc) Hope it will help you in choosing your preferred one ....

[+] lasermike026|11 years ago|reply
I've run ejabberd and openfire. I had issues with ejabberd and load issues. I use openfire now. XMPP is kind of beast. With ejabberd and openfire had to get into the code and debug it myself. If I stick with XMPP I'm can see myself wading hip deep in the code.

I'll have to take a look at prosody.

[+] praveenster|11 years ago|reply
I have also been researching this topic for a while. I was using Google hangouts for a while but lately it seems to be dropping messages. Tried Skype next but it will only keep message history on the cloud for 30 days. Next evaluated Facebook. It works quite well but I want to host my own on a VPS. The top three alternatives seem to be prosody, ejabberd and openfire. I was planning to use ejabberd but the issue I have with any of the XMPP solutions is that they have issues with iOS and you need to find a way to get it to work with the push mechanism otherwise the IM clients will go offline in 10 minutes. Any suggestions for this?
[+] structural|11 years ago|reply
There's really no good way around this for iOS - it's really a limitation of how push notifications work vs. how XMPP is designed. You'll find that things like IRC clients have the exact same problems on iOS (similar problem space, similar protocol that expects constant connections).

If you want to do this for real, what you end up doing is implementing your own server backend that receives XMPP messages and then sends out push notifications to a mobile client. Generally a pain in the rear, but do-able. Getting your own iOS developer key & dealing with app store approval for stuff like this is probably the hardest part (for shops that aren't already doing mobile development). There are 3rd-party services that help bridge this gap: examples are https://pushover.net/ or https://boxcar.io/

If you're okay with a hosted solution and don't really want to deal with development or deploying a XMPP solution yourself, many of our clients have had good success with Slack (https://slack.com/)

[+] raooll|11 years ago|reply
I would say you go with MoongooseIM. Its a much optimized fork of ejabberd with some things done in a much nicer way ... It support redis session backend , encrypted password, xmmp over websockets to name a few.

Disclaimer:- I personally work on chat server and personally prefer moongooseim to be one of the best available right now.

[+] andrewjwu|11 years ago|reply
I've been thinking about hosting my own XMPP server as well. Does anyone have any recommendations on the most cost-effective place to host it? Since it's for a small group of friends I'd imagine it wouldn't need anything too resource intensive. Perhaps something like Linode or DO?
[+] geeknik|11 years ago|reply
I'm using Prosody. Supports TLS1.2 and Forward Secrecy.

Check your score on xmpp.net if you haven't already. ;)

[+] mschirrmeister|11 years ago|reply
Depends on what you are looking for in terms of features. If you want to build a global cluster, give ejabberd or its forks a shot. I was running it in the past and it was just running without any problems.

I picked it because of its clustering features and ldap support.

[+] gdamjan1|11 years ago|reply
And how do you solve the problem of reliably delivering messages over XMPP?

For ex, if I switch from 3G to Wifi on my mobile (or just loose connectivity) the server still thinks I'm online and will send messages over the TCP socket (that hasn't timeouted yet).

[+] doppioslash|11 years ago|reply
I run MongooseIM, an ejabberd fork. It works fine. It needed a reboot once, after that been running continuously.
[+] debacle|11 years ago|reply
OpenFire is pretty stable, but not completely stable. It has never not recovered from a restart though.