We’re excited to announce the latest enhancement to Fluux.io services – the integration of WebPush support. This significant update extends our services beyond
FCM / APNs , enabling push notifications for XMPP across various platforms. Now, our push notification capabilities are not limited to native mobile clients on iOS, MacOS and Android, but also extend to web applications on browsers like Safari, Chrome, Firefox and more . This includes support for mobile versions of Safari and Chrome. This advancement broadens the scope for XMPP clients, offering new possibilities and a more extensive reach. Please also note that the Webpush support is also available to our customers using our on-premise ejabberd Business Edition.

To enable it, go to your services in your fluux.io console , select “ Push Notifications ” and then “ + WebPush ”

You will be prompted for an appid (typically the domain you want to enable WebPush on). For example here fluux.io . It will generate a VAPID key that will be used by ejabberd to sign the push notification sent to the user’s browser.

Checking “ View Config ” will allow you to see the VAPID public key. It will be required to let the browser subscribe to notifications. Your website also needs to register a service worker that will be responsible for displaying the notification when a push is received.

As an example, we provide a small ejabberd client to test the whole workflow. It is pre-populated with a test user and associated appid/key.

The first step is to authenticate an XMPP user through your service. Then click “ Enable Push “.

It will ask authorization to enable push notification and create a subscription to FCM/Apple/Mozilla services. Then the XMPP client (using strophe.js ) will send a stanza to enable offline messaging. ejabberd will now send a notification to this entry point, which will send a push to the user’s browser.

To trigger it, disconnect/close all opened XMPP sessions of your test user and send him a message from another test user. Your browser will display a notification from your website with the message snippet and its author.

Alternatively, you can check the test user and its associated devices:

and send a test notification:

WombatOAM, a well-established tool for operations and maintenance in both proprietary and open-source Erlang and Elixir systems, is here to simplify your monitoring and management tasks, allowing you to concentrate on your business logic while benefiting from decades of operational expertise in Erlang-based systems. It’s now accessible on the Amazon Web Services (AWS) Marketplace. So, let’s dive in and explore how WombatOAM can elevate your tech experience.

Process tree

Unveiling WombatOAM

In the Erlang and Elixir systems realm, WombatOAM stands out as the go-to tool. It’s not about flashy features; instead, it excels in discreetly managing operational intricacies, enabling you to concentrate on the exciting aspects of your projects. Whether it’s monitoring, metrics, or alarms, think of WombatOAM as your dependable sidekick on this tech journey.

Navigating WombatOAM Monitoring

Have you ever felt overwhelmed by metrics and logs? WombatOAM takes charge as the organised expert, transforming troubleshooting into a well-structured process. Moreover, it effortlessly integrates with your current tools, ensuring a smooth collaboration without unnecessary complications.

The logs appear in real-time.

The Heart of WombatOAM

Let’s take a stroll through the architecture of WombatOAM. It’s not just a tool; it’s a companion for your Erlang and Elixir systems, adapting effortlessly to different scenarios.

• Autodiscovery: WombatOAM is a tool that efficiently identifies and groups nodes in your system, providing a more organised and coherent view.

• Anomaly Detection: WombatOAM functions as a reliable technological tool. It includes an early warning system that notifies you in advance of potential issues, helping you address them before they become more severe.

• Metrics Collection: WombatOAM is a data enthusiast, effortlessly collecting a myriad of metrics – from memory usage to system limits. It’s your go-to source for insights.

• Plug-and-Play: With many plugins, WombatOAM seamlessly integrates with other OTP applications, making it a versatile addition to your tech stack.

• WombatOAM offers seamless integration with popular OAM infrastructure tools like Graphite, Grafana, Cacti, Graylog, Splunk, Zabbix, Datadog, Nagios, Logstash, AppDynamics, and PagerDuty through existing plugins.

• WombatOAM’s dashboard displays both historical and real-time metrics, offering insights into real-time memory usage and detecting unnoticed spikes. Users can compare multiple metrics on a single graph, including numeric metrics like counters and gauges, meters, spirals, and histograms.

Process list

Integrations with 3rd party tools

Welcome to the AWS Marketplace Magic

Now, here’s the exciting part – WombatOAM has officially landed on the AWS Marketplace. Imagine the convenience of deploying and managing Erlang and Elixir systems in the cloud with just a few clicks.

Where to start:

1. Go to “WombatOAM on AWS”
2. Select the WombatOAM plan that aligns with your tech stack.
3. Launch Your Instance: Follow the straightforward steps to launch WombatOAM instances in your AWS account.
4. Integrate and Flourish: Bring WombatOAM into your systems, and watch as it effortlessly enhances your monitoring experience because operations should be smooth, not complicated.

Metrics page

Wrapping Up – A Tech Journey Redefined

WombatOAM on AWS Marketplace is more than just a tool; it’s an invitation to a smoother tech journey. Join the WombatOAM community, explore the possibilities, and witness your Erlang and Elixir systems thrive without the unnecessary complexities. Here’s to streamlined operations and exciting tech ventures!

Visit the official WombatOAM documentation .

The alarms are described in the Alarms page.

The post Enhancing the Efficiency of Erlang and Elixir System Management: WombatOAM Now Accessible on AWS Marketplace appeared first on Erlang Solutions .

The goal of this post is to make an easily accessible (anonymous) webchat for any chatrooms hosted on a prosody XMPP server, using the web client converse.js .

Motivation and prerequisites

There are two use cases:

1. Have an easily accessible default support room for users having trouble with the server or their accounts.

2. Have a working "Join using browser" button on search.jabber.network

This setup will require:

• A running prosody 0.12+ instance with a muc component ( chat.yax.im in our example)

• The willingness to operate an anomyous login and to handle abuse coming from it ( anon.yax.im )

• A web-server to host the static HTML and JavaScript for the webchat ( https://yaxim.org/ )

There are other places that describe how to set up a prosody server and a web server, so our focus is on configuring anonymous access and the webchat.

Prosody: BOSH / websockets

The web client needs to access the prosody instance over HTTPS. This can be accomplished either by using Bidirectional-streams Over Synchronous HTTP (BOSH) or the more modern WebSocket . We enable both mechanisms in prosody.cfg by adding the following two lines to the gloabl modules_enabled list, they can also be used by regular clients:

modules_enabled = {
    ...
    -- add HTTP modules:
    "bosh"; -- Enable BOSH access, aka "Jabber over HTTP"
    "websocket"; -- Modern XMPP over HTTP stream support
    ...
}

You can check if the BOSH endpoint works by visiting the /http-bind/ endpoint on your prosody's HTTPS port (5281 by default). The yax.im server is using mod_net_multiplex to allow both XMPP with Direct TLS and HTTPS on port 443, so the resulting URL is https://xmpp.yaxim.org/http-bind/ .

Prosody: allowing anonymous logins

We need to add a new anonymous virtual host to the server configuration. By default, anonymous domains are only allowed to connect to services running on the same prosody instance, so they can join rooms on your server, but not connect out to other servers.

Add the new virtualhost at the end of prosody.cfg.lua :

-- add at the end, after the other VirtualHost sections, add:
VirtualHost "anon.yax.im"
    authentication = "anonymous"

    -- to allow file uploads for anonymous users, uncomment the following
    -- two lines (THIS IS NOT RECOMMENDED!)
    -- modules_enabled = { "discoitems"; }
    -- disco_items = { {"upload.yax.im"}; }

This is a new domain that needs to be made accessible to clients, so you also need to create an SRV record and ensure that your TLS certificate covers the new hostname as well, e.g. by updating the parameter list to certbot .

_xmpp-client._tcp.anon.yax.im.  3600 IN SRV 5 1 5222 xmpp.yaxim.org.
_xmpps-client._tcp.anon.yax.im. 3600 IN SRV 5 1  443 xmpp.yaxim.org.

Converse.js webchat

Converse.js is a full XMPP client written in JavaScript. The default mode is to embed Converse into a website where you have a small overlay window with the chat, that you can use while navigating the site.

However, we want to have a full-screen chat under the /chat/ URL and use that to join only one room at a time (either the support room or a room address that was explicitly passed) instead. For this, Converse has the fullscreen and singleton modes that we need to enable.

Furthermore, Converse does not (properly) support parsing room addresses from the URL, so we are using custom JavaScript to identify whether an address was passed as an anchor, and fall back to the support room yaxim@chat.yax.im otherwise.

The following is based on release 10.1.6 of Converse.

1. Download the converse tarball (not converse-headless) and copy the dist folder into your document root.

2. Create a folder chat/ or webchat/ in the document root, where the static HTML will be placed

3. Create an index.html with the following content (minimal example):

<html lang="en">
<head>
    <title>yax.im webchat</title>
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <meta name="description" content="browser-based access to the xmpp/jabber chatrooms on chat.yax.im" />
    <link type="text/css" rel="stylesheet" media="screen" href="/dist/converse.min.css" />
    <script src="/dist/converse.min.js"></script>
</head>

<body style="width: 100vw; height: 100vh; margin:0">
<div id="conversejs">
</div>
<noscript><h1>This chat only works with JavaScript enabled!</h1></noscript>
<script>
let room = window.location.search || window.location.hash;
room = decodeURIComponent(room.substring(room.indexOf(&apos#&apos) + 1, room.length));
if (!room) {
        room = "yaxim@chat.yax.im";
}
converse.initialize({
   "allow_muc_invitations" : false,
   "authentication" : "anonymous",
   "auto_join_on_invite" : true,
   "auto_join_rooms" : [
      room
   ],
   "auto_login" : true,
   "auto_reconnect" : false,
   "blacklisted_plugins" : [
      "converse-register"
   ],
   "jid" : "anon.yax.im",
   "keepalive" : true,
   "message_carbons" : true,
   "use_emojione" : true,
   "view_mode" : "fullscreen",
   "singleton": true,
   "websocket_url" : "wss://xmpp.yaxim.org:5281/xmpp-websocket"
});
</script>
</div>
</body>
</html>

🎉 It’s here! We’re happy to introduce the January 2024 Snikket Server release.

This is the core software of the Snikket project - a self-hostable “personal messaging server in a box”. If you wish for something like Messenger, WhatsApp or Signal, but not using their servers, Snikket is for you. Once deployed, you can create invitation links for family, friends, colleagues… any kind of social group is a good fit for Snikket. The invitation links walk people through downloading the Snikket app and joining your private Snikket instance.

What’s new in this release?

Changes to Circles

While Snikket is designed for groups of people to easily communicate with each other, we know that often people have multiple social groups. Our Circles feature allows the admin of the Snikket instance to decide which people will see each other within the Snikket apps, by grouping them into “circles”. For example, you could use this to separate your family from your friends, even within the same Snikket instance.

In previous releases, the Snikket server automatically created a group chat, and added everyone in the circle to that chat automatically. We received a lot of feedback that these chats were either not really used, or sometimes confusing (for example, because they are managed automatically by the server and you cannot manage them yourself within the Snikket app). Other people liked the group chats, but wished that more than one could be made!

In this new release, creating a circle will no longer create a group chat automatically. However you can also now create as many “circle chats” as you want, and give them individual names. This can be useful for creating per-topic chats for all members of a circle.

Of course if you just want normal private group chats, you can still create those within the Snikket app as usual, and manage the group yourself.

Last activity display

Sometimes people drop off Snikket, intentionally or unintentionally. For example, if they get a new phone and forget to reinstall the app or have problems connecting. In the web interface you can now see when the user was last active.

You can use this information to clean up unused accounts, or reach out to people who might need help regaining access to their account.

Connectivity and security

We have made a number of connectivity improvements. Snikket now enables IPv6 by default (previously it had to be enabled manually). If you don’t have IPv6, that’s fine… thanks to new changes we have made, Snikket will now adapt automatically to network conditions and connect using the best method that works. We expect IPv6-only networks to become increasingly common in the years ahead, so if your server is not currently set up for IPv6, consider doing that.

The new release now also supports DNSSEC and DANE 🔒, both of these are used to improve connection security. Currently these are disabled by default, however, because Snikket does not know if your system’s DNS resolver actually supports DNSSEC. We may enable it automatically in future releases if Snikket can determine that reliably. For now, it’s opt-in .

Faster and stronger authentication

We’ve also been working on optimizing and strengthening app-to-server authentication. A lot of this work was funded by NGI0+NLnet and is available in our sister project, Prosody. You can read more details in the blog post Bringing FASTer authentication to Prosody and XMPP .

Snikket already supported a neat security measure called “channel binding”, but it previously only worked over TLS 1.2 connections. TLS 1.3 usage has increased rapidly in recent years, and we now support channel binding on TLS 1.3 connections too. Channel binding prevents machine-in-the-middle attacks if the TLS certificate is compromised somehow.

All these features help protect against certain kinds of attack that were deemed unlikely until recently .

Dropping older security protocols

Mainly for compatibility reasons, Snikket previously supported an authentication mechanism where the client sends the user’s password to the server, but only over TLS-encrypted connections. This is how almost all website login forms work today, from your webmail to your online banking. However the Snikket apps actually use a more secure login method , which has many additional security features that you won’t find on most other online services.

Prioritizing security over compatibility, we have decided to disable less secure mechanisms entirely. If you use your Snikket account with third-party XMPP apps, bots or utilities that are not up to date with modern best practices, this may affect you.

Similarly, we have again reviewed and updated the TLS versions and ciphers that Snikket supports, in line with Mozilla’s recommendations , as we do in every release. This change also has the potential to affect connectivity from some very old apps and devices.

Easy account restoration

The Snikket apps, as well as many third-party apps, allow people to delete their Snikket account from within the app.

However, as the number of Snikket users has grown, so have reports from people who accidentally deleted their account! This can be due to confusion - e.g. intending to remove the account from the app, rather than removing it from the server. A number of these cases were due to confusing or buggy third-party apps. It doesn’t happen very often, but it was happening too often.

Of course, deleted accounts can be restored from backups (which you have, of course 😇) - but it was a complex time-consuming process to selectively restore a single account without rolling back everyone else’s data.

In this release, when a request is received from an app to delete a user’s account, the server will lock the account and schedule its deletion in 7 days (or whatever the server’s data retention time is set to). During this time, the account can be restored easily from the web interface if it turns out to have been a mistake.

Farewell to the welcome message

In previous releases, new accounts would receive an auto-generated “welcome message” from the server. This had a number of issues , and we have decided to remove it for now. Instead we will work on integrating any “welcome” functionality directly into the apps.

Languages and translations

Many languages received updates in this release, including French, German, Indonesian, Polish, Italian and Swedish.

We added support for two additional languages: Russian and Ukranian.

Many thanks to all translators for their help with this effort!

Other changes

We only listed a handful of the main features here. The reality is that beneath the hood, we have made a large number of changes to improve security, performance and reliability. And we have in place the foundations for other exciting things we have in the pipeline!

Installing and upgrading

Choose your adventure:

• If you’re new to Snikket, you can head straight to the setup guide for instructions on how to get started.

• To upgrade an existing self-hosted instance to the new release, read the upgrading guide .

• Customers on our hosting platform can expect the new release to be rolled out soon, we’ll be in touch! If you have any questions, you can contact support .

Happy chatting!

P.S. If you’re planning to be at FOSDEM in a few weeks, we’ll be there, come and say hi! We’d love to meet you :)

The XMPP Standards Foundation (XSF) will hold its 26th XMPP Summit in Brussels, Belgium this year again! These are the two days preceding FOSDEM 2024 . The XSF invites everyone interested in development of the XMPP protocol to attend, and discuss all things XMPP in person and remote!

Time & Address

The venue will take place at the Thon Hotel EU including coffee break (from 08:30 o’clock) and lunch (12:00 to 14:00 o’clock) paid by the XSF in the hotel restaurant.

Date: Thursday 1st - Friday 2nd February 2024 Time: 09:00 - 17:00 o’clock (CET) (both days)

Thon Hotel EU
Room: FRANCE
Wetstraat / Rue de la Loi 75
1040 Brussels
Openstreetmap

Furthermore, the XSF will have its dinner Thursday night which is paid for XSF members. Everyone else is of course invited to participate, however at their own expense. Please reach out if you are participating as a non-member (see list below).

Participation

So that we can make final arrangements with the hotel, you must register before Monday 15th January 2024!

Please note that, although we welcome everyone to join, you must announce your attendance beforehand, as the venue is not publicly accessible. If you’re interested in attending, please make yourself known by filling out your details on the wiki page for Summit 26 . To edit the page, reach out to an XSF member to enter and update your details or you’ll need a wiki account, which we’ll happily provide for you. Reach out in the XSF public chatroom . When you sign-up please book the accomodation and your travel. Please also unsign if you will not attend anymore.

Please also consider signing up if you plan to:

• present in the Lightning talks or Show-and-Tell
• remote participate

Communication

To ensure you receive all the relevant information, updates and announcements about the event, make sure that you’re signed up to the Summit mailing list and the Summit chatroom .

Spread the word also via our communication channels such as Mastodon and Twitter .

Sponsors

We would like to kindly thank the direct sponsors for the event which are so far Isode , Snikket and the two individuals of Alexander Gnauck and Edward Maurer. We appreciate their support so that we can keep the event open and accessible for everyone.

We are really excited seeing so many people already signing up. Looking forward to meeting all of you!

The XMPP Standards Foundation

Today marks the 25th birthday of Jeremie Miller’s announcement of “a new project to create a complete open-source platform for Instant Messaging” on Slashdot.

How have things progressed since then!

By far most of the projects that we maintain here in the IgniteRealtime.org community make direct use of the XMPP protocol, which is the name used for the IETF standards based on the Jabber technology, and we’re still going strong.

With countless different people and organisations creating and using XMPP applications, even today, it has truly proven itself to be a rock-sold, tried and tested, versatile protocol. It’s not often that so much development happens around a technology that’s older than … well, some of us!

Happy birthday, Jabber!

1 post - 1 participant

Read full topic

We’re very excited to be back at FOSDEM in person in 2024. Once again, many members of the XSF and the XMPP community will be attending, and we hope to see you there!

Realtime Lounge

As usual, we will host the Realtime Lounge , where you can come and meet community members, project developers, see demos and ask us questions. We’ll be in our traditional location - find us on the K building 2nd floor, beside the elevator (map below). Come and say Hi! Yes, we got stickers :-)

Map of the K building level 2

Talks

There are talks in the Real Time Communications devroom that relate to XMPP. These are so far:

• Bridging Open Protocols: XMPP and ActivityPub Gateway via Libervia . In this session, we’ll explore the architecture of this gateway, detailing how it facilitates communication between XMPP and ActivityPub. We’ll delve into the intricacies of protocol mapping and discuss how Libervia integrates features such as microblogging, reactions, likes/favorites, mentions, and calendar events across these platforms.

XMPP Summit 26

Prior to FOSDEM, the XSF will also hold its 26th XMPP summit . This is where community members gather to discuss protocol changes and exchange within the developer community. We’ll be reporting live from the event and also from FOSDEM.

Spread the word

Please share the news on other networks:

• Mastodon
• Twitter
• YouTube
• LinkedIn
• Lemmy instance (unofficial)
• Reddit (unofficial)