Does anyone have any experience in successfully self-hosting Signal server using docker?
Thanks in advance.
You really can’t in practice. Maybe look into Simplex Chat
Self hosting Signal server
Submitted 2 days ago by KarnaSubarna@lemmy.ml to selfhosted@lemmy.world
Comments
possiblylinux127@lemmy.zip 2 days ago
buedi@feddit.org 2 days ago
Thanks for pointing out Simplex Chat, I did not know that it exists. It looks very interesting, but reading more about it, they will have to implement some kind of business model in the future. My fear is, that even when self-hosting, some features will be behind a paywall in the future, so it is not a solution I would switch to… switching to a new messenger is a long-term endeavour. It is hard to convince friends to move over too, let alone switching to a new one every few years. That’s near impossible. But the technology of Simplex looks really interesting and reading through the Docs it makes the impression that it is very polished.
iopq@lemmy.world 2 days ago
Yeah, it’s really going viral
litchralee@sh.itjust.works 2 days ago
This doesn’t answer OP’s question, but is more of a PSA for anyone that seeks to self-host the backend of an E2EE messaging app: only proceed if you’re willing and able to upkeep your end of the bargain to your users. In the case of Signal, the server cannot decrypt messages when they’re relayed. But this doesn’t mean we can totally ignore where the server is physically located, nor how users connect to it.
As Soatok rightly wrote, the legal jurisdiction of the Signal servers is almost entirely irrelevant when the security model is premised on cryptographic keys that only the end devices have. But also:
They [attackers] can surely learn metadata (message length, if padding isn’t used; time of transmission; sender/recipients). Metadata resistance isn’t a goal of any of the mainstream private messaging solutions, and generally builds atop the Tor network. This is why a threat model is important to the previous section.
So if you’re going to be self-hosting from a country where superinjunctions or the right against unreasonable searches is being eroded, consider that well before an agent with a wiretap warrant demands that you attach a logger for “suspicious” IP addresses.
If you do host your Signal server and it’s only accessible through Tor, this is certainly an improvement. But still, you must adequately inform your users about what they’re getting into, because even Tor is not fully resistant to deanonymization, and then by the very nature of using a non-standard Signal server, your users would be under immediate suspicion and subject to IRL side-channel attacks.
I don’t disagree with the idea of wanting to self-host something which is presently centralized. But also recognize that the network effect with Signal is the same as with Tor: more people using it for mundane, everyday provides “herd immunity” to those most vulnerable in society.
If you do proceed, don’t oversell what you cannot provide, and make sure your users are fully abreast of this arrangement and they fully consent. This is not targeted at OP, but anyone that hasn’t considered the things above needs to pause before proceeding.
Pastime0293@discuss.tchncs.de 1 day ago
Yeah Matrix is a good choice 👍
uranibaba@lemmy.world 2 days ago
From their README. Have you looked at their forum?
We cannot provide direct technical support. Get help running this software in your own environment in our unofficial community forum.
This thread has a link to someone’s Dockerfile for their development.
UnfortunateShort@lemmy.world 2 days ago
You cannot selfhost Signal, because the regular app won’t connect to your server. You could probably bridge it to Matrix I guess? I’m pretty sure it’s a thing, but I see little benefit here, besides your phone not connecting to Signal and your messages being collected in one app, if you so desire.
KarnaSubarna@lemmy.ml 2 days ago
I though Signal Android client is open source and I can changed the server url if I can get server selfhosted.
chrisp@cyberplace.social 2 days ago
@UnfortunateShort @KarnaSubarna I think you are right about the official client, they really want to own the service so you can only connect to their decentralized service via their centralized servers 🙄 I haven't done it, but I think you can run your own client, either modifying and building it yourself, or surely one of the existing forks can connect to arbitrary servers? But anyone who wants to use your server will have to also use one of the forks.
chrisp@cyberplace.social 2 days ago
@UnfortunateShort @KarnaSubarna And you'll want to audit the client code of the fork, including dependencies and make sure it is keeping up to date with official development for security patches. And Signal may try to break the interoperability at some point in the future.
slazer2au@lemmy.world 2 days ago
Does signal allow self hosting? Unless we are thinking of different things called Signal.
curbstickle@lemmy.dbzer0.com 2 days ago
github.com/signalapp/Signal-Server
hendrik@palaver.p3x.de 2 days ago
Signal is not a federated protocol, though. I guess you can run that server code. But it won't connect you to your friends on the regular Signal network.