Automate all the Things

During the past year, the team behind the XMPP Providers project worked on automating the process of gathering data about XMPP providers. Automating this process reduces manual work significantly (for example, checking websites by hand, verifying information, listing sources, etc.) and helps to sustain the team’s efforts. Automation also enables the project to be up to date – every day!

Last month , the project reached a state that allowed the suite of tools to automatically query many provider properties via XMPP and HTTP. All of these tools are working together in a GitLab pipeline running daily to keep the data up to date.

API v2

Much of the work needed to be done manually previously. After automating it, some provider properties did not seem fitting anymore. Thus, we changed them. While automating the process, additional properties were added because they were available through the tools.

Changed Properties

• lastCheck has been replaced by latestUpdate specifying when at least one provider property changed since checks now run daily.
• company has been replaced by organization allowing for a finer distinction of an organization’s type.

New Properties

• alternativeJids : A list of JIDs a provider offers for registration other than the main JID.
• serverTesting : Whether tests against the provider’s server are allowed (e.g., certificate checks and uptime monitoring).
• inBandRegistrationEmailAddressRequired : Whether an email address is required for registering an account.
• inBandRegistrationCaptchaRequired : Whether a CAPTCHA is needed to be solved for registering an account.

The FAQ section explains how these properties can be provided by server admins.

Provider Files for More Automation

There are properties that should be provided by the XMPP server instead of retrieving them via other methods. To enable automatic collection of those properties via XMPP, the team works on extending existing standards and, if necessary, creating new ones.

Until standards have been extended or created, and until those changes have been implemented and deployed in the wild, a provider file shall fill the gap. A provider file is a JSON file containing only the provider properties that cannot be retrieved via other methods. Each provider can generate a provider file and supply it via its web server.

To make this as easy as possible, a Provider File Generator has been developed. It generates a provider file from the information you enter in the form.

As soon as a provider file is discovered by the tools, all properties listed in the provider file are automatically fetched and processed.

Spread the Word

The project lives from the community and client implementations, so follow us and spread the word !

XMPP Providers Logo

Time flies, and it’s hard to believe that ejabberd, our beloved open-source project, celebrated its 21st anniversary last November 16th! It’s a milestone that we’ve proudly highlighted over the years – remember the 4th , 10th , 18th , and 20th anniversaries? Well, 21 is just as significant, marking over two decades of innovation and community effort.

In honor of this remarkable journey, we’ve launched a new section on the ejabberd Docs site, showcasing a timeline of all ejabberd releases alongside their major advancements. This walk down memory lane is not just nostalgic, but a testament to continuous improvement and adaptation. Check out the ejabberd roadmap to witness our evolutionary path.

2023: A Year of Significant Progress

Reflecting on the past year, ejabberd has seen substantial growth and development with three key releases:

• Version 23.01 : Introduced an innovative MQTT bridge, offering users and devices the ability to use either XMPP, MQTT, or both using the same credentials. This feature leverages the same scalability & clustering features that made ejabberd famous, enhancing flexibility and user experience in communication protocols.
• Version 23.04 : Enhanced chatroom functionalities with support for XEP-0425 (Message Moderation) and Real-Time Block List in MUC rooms , ensuring a safer, more controlled messaging environment.
• Version 23.10 : Focused on user experience improvements by adding support for XEP-0402 (PEP Native Bookmarks) and XEP-0421: Occupant Id .

Looking Ahead: What is Coming to ejabberd in Early 2024

As we step into the new year, our roadmap is already filled with exciting updates. The upcoming ejabberd releases are set to include:

• RFC 9266 : Introducing Channel Bindings for TLS 1.3, enhancing security and reliability.
• XEP-0388 (Extensible SASL Profile – SASL2)
• XEP-0440 (SASL Channel-Binding Type Capability) : These updates are aimed at bolstering our authentication mechanisms.
• XEP-0386 (Bind 2) : This is going to reduce the connection time for clients. This is especially important if you are using XMPP to connect from a mobile network.
• XEP-0424 (Message Retraction) : Further enhancing user control over their own message, with the ability to ask for deletion.
• Automatic SQL Schema Creation and Update: Streamlining database management.
• Commands API Versioning : Ensuring better compatibility and flexibility for developers.
• Support for Elixir 1.16.

But that’s not all. In our continuous effort to share the advancements of ejabberd Business Edition with a wider audience, we have some exciting news for early 2024:

• Matrix Protocol Bridge: Initially available exclusively for our supported customers, the Matrix protocol bridge will be integrated into the ejabberd Community Edition. This integration marks a significant step in expanding our interoperability and connectivity options.

We will also be adding significant scalability improvements in ejabberd Business Edition:

• Database Sharding for Scalability: Understanding the challenges of large-scale deployments, we are introducing database sharding features for our supported customers. This enhancement will significantly improve scalability, especially in scenarios where the database becomes a bottleneck.

The “Invisible Leader”

As we reflect on our milestones and look ahead, we owe immense gratitude to our community. Your support and feedback are the pillars of ejabberd’s success.

Looking into 2024, we’re set to strengthen ejabberd’s presence and affirm ProcessOne’s role as the “invisible leader” in Instant Messaging. With exciting developments on the horizon, we’re eager to make the next year a landmark for ejabberd.

Your continued feedback is vital as we forge ahead. Together, let’s shape 2024 into a remarkable year for ejabberd and our community.

Thank you for being part of this journey. Here’s to an innovative 2024!

The post Happy New Year: Celebrating 21 Years of Innovation with ejabberd first appeared on ProcessOne .

While watching a Strange Loop talk on concatenative programming , I learned about Uxn , a small virtual machine that runs games, editors, drawing programs, … Uxn has been ported to various platforms , including classic consoles such as the Nintendo DS, GBA, Playdate, …

There also is a JavaScript version: Uxn5 . Since the Uxn5 core was a straight translation of the C reference implementation to pure JavaScript, it wasn’t very performant. After my latest expeditions into WebAssembly , I wanted to give writing a pure emulator in WebAssembly a try as well, so I created uxn.wasm , a WebAssembly core for the Uxn virtual machine.

Our very own @danc was voted into the XMPP Standards Foundation Council not to long ago!

The XMPP Standards Foundation is an independent, nonprofit standards development organisation whose primary mission is to define open protocols for presence, instant messaging, and real-time communication and collaboration on top of the IETF’s Extensible Messaging and Presence Protocol (XMPP). Most of the projects that we’re maintaining in the Ignite Realtime community have a strong dependency on XMPP.

The XMPP Council, that Dan now is a member of, is the technical steering group that approves XMPP Extension Protocols. With that, he’s now on the forefront of new developments within the XMPP community! Congrats to you, Dan!

For other release announcements and news follow us on Mastodon or X

1 post - 1 participant

Read full topic

TLDR;

Thirty years after the advent of the first instant messaging services, we still haven’t reached the stage where instant messaging platforms can freely communicate with each other, as is the case with email. In 1999, the Jabber/XMPP protocol was created and standardized for this purpose by the Internet Engineering Task Force (IETF). Since then, proprietary messaging services have continuously leveraged the power of internet giants to dominate the market. Why do neither XMPP nor the more recent Matrix, which aimed to improve upon it, break through this barrier, when it’s clear that protocols must be open to enable exchange? Without this fundamental principle, the Internet itself wouldn’t exist.

In the following article, I revisit how the French government recently promoted the instant messaging service Olvid and what this reveals about our approach to digital technology. It’s frustrating to see France promote a secure, yet proprietary messaging service that offers no progress in terms of interoperability, especially at a time when the European Union is striving to open up the sector by requiring all messaging services to be capable of intercommunication, through the Digital Markets Act .

I conclude with reflections on our inability in Europe to collaborate on “commons,” our difficulty in building a foundation, an ecosystem that allows for healthy co-opetition, a blend of competition and collaboration, which is the only way to regain significance in the digital economy. Short-term political thinking forces our companies into an every-man-for-himself approach, preferring to dominate a small market rather than share a larger one.

Today, perhaps, it’s time for a change?

Thirty years and counting since the emergence of the first instant messaging services, we still lack a universally accepted exchange protocol, as is the case with email. The Jabber protocol, later renamed XMPP (eXtensible Messaging and Presence Protocol) and made a standard, was born with the hope of breaking the proliferation of isolated silos like MSN, ICQ, Yahoo!, which did not communicate with each other. Today, other silos have emerged, but the problem persists: it is still impossible to exchange messages between accounts from different major messaging providers. Why? Let me tell you the story of a clumsy communication operation around a French messaging service, Olvid, which illustrates well the familiar patterns we often find ourselves stuck in.

The French Government’s Endorsement of a Proprietary Messaging Service: A Closer Look

I discovered the messaging service Olvid in late November 2023, following a flood of articles in the French press. I wondered how a company of 15 employees, created in 2019, had managed to get such press coverage. It was promoted directly by Prime Minister Elisabeth Borne: “Popular messaging applications like WhatsApp, Telegram or Signal have ‘security flaws’,” justified the office of Elisabeth Borne, who urged her ministers to download the French application.” ( Les Échos, November 30, 2023 ). In November 2023, Matignon asked government members and ministerial offices to install this system on their phones and computers “to replace other instant messaging services to enhance the security of exchanges.” Then came the superlatives: “The most secure messaging service in the world” (Jean-Noël Barrot). “A step towards greater French sovereignty” (Elisabeth Borne). And it needs to be done quickly. Elisabeth Borne asked ministers to “take all necessary steps” to deploy Olvid in their ministry “by December 8, 2023, at the latest” ( Ouest France , November 29, 2023).

Why Olvid? The articles I read on the subject remain relatively vague; I know mainly that it is certified by ANSII, the organization guaranteeing the state’s IT security. Yet, it’s far from the first secure messaging service I’ve come across, and it’s the first time I’ve heard of Olvid. What about other services and especially Signal, which is recognized worldwide for its security, backed by audits? Among secure messengers, the list is long: Signal, Threema, Wire, Berty, etc. So, what security flaws are we talking about?

Signal Hits Back: A Strong Response to Security Claims

Signal’s response was swift, with a direct and clear position from Meredith Whittaker, president of the Signal Foundation:

The French PM is mandating ministers use a small French messaging app. OK. But I’m alarmed that she’s claiming “security flaws” in Signal (et al) to justify the move. This claim is not backed by any evidence, and is dangerously misleading esp. coming from gov.
If you want to use a French product go for it! But don’t spread misinfo in the process. Signal is independently audited, open source, and our protocol has been tested for >10yrs. We are serious about responsible disclosure and we prioritize all reports to security@signal.org
Numérama, December 1, 2023

Double Ratchet

Regarding Olvid’s security, the main argument seems to be as follows: The system does not rely on centralized directories, operates without identifiers, which means no user account is hosted in the cloud.

First, it seems to me that this is the principle of key-based authentication. Message routing is done solely based on a key, in the cryptographic sense. If it is lost, it’s impossible to recover the account. Nothing revolutionary, then; it’s cryptography, dating back to the encryption software PGP (Pretty Good Privacy) of the 1990s and even before.

Then, such a system generally requires the physical exchange of public keys. Where Olvid seems to stand out is in the alternative ways proposed to simplify and lighten the burden of key exchange by meeting physically. This can work, first because the product is not free, so the user base is limited, where Signal, for example, offers a global platform and says it needs an identifier, the phone number to limit spam. Then, these alternative methods rely on mobile device management (MDM) tools, interfacing with an enterprise version of the Olvid server. In one way or another, this goes through a central point of distribution and reintroduces a weakness. It’s far from a completely decentralized protocol like what the team building the Berty messaging service is trying to do, for instance.

Browsing their site to find the protocol, I admit I choked a bit on some mentions thrown a little freely on their site, for example, Post Quantum Cryptography , cryptography that resists quantum computing. It’s nice, it’s pleasant, but in practice, what’s the reality? I didn’t find more detail under this mention, but personally, being hit with such buzzwords makes me rather flee, as it smells of a commercial who got a bit carried away. But let’s assume, the Olvid team is composed of encryption experts. I skimmed their specifications, but I admit I’m not a mathematician, so who am I to judge their math formulas?

What I do understand, however, is that almost all secure messaging systems, including Olvid, rely on the Double Ratchet algorithm, which was first introduced by… Signal.

At the Heart of Messaging: The Critical Role of Protocols

In terms of protocol, however, I am an expert. I have been working on instant messaging protocols since 1999. And, it’s not beautiful… Olvid’s protocol is the antithesis of what I would like to see in an ambitious messaging protocol. It is a proprietary, ad hoc protocol, not based on any standard, minimalist for now, and condemns itself to reinventing the wheel, poorly. The burning question is, why not choose an open protocol that already works on a large scale, like XMPP, adding their value on top? The Internet protocol, TCP/IP, is open, all machines in the world can communicate, yet there are competing internet service providers. I am still looking for an answer. Because XMPP is too complex, some will say? I think any sufficiently advanced chat protocol tends to become a derivative of XMPP, less accomplished. Come on, why not even use Matrix, a competing protocol to my favorite? Apart from simple ignorance, I see no reason. Unless it’s to lock down the platform, perhaps? But, locking a communication protocol makes no sense. It’s replaying the battle of internet protocols, TCP/IP versus X.25. A communication protocol is meant to be open and interoperable. Personally, I would invite Olvid to adopt a messaging standard. Let them turn to the W3C or IETF, to XMPP or MLS. These organizations do good work. And it’s a guarantee of sustainability and above all, of interoperability.

We come to a very sore point. The European Commission, and therefore France as well, is discussing the implementation of the Digital Market Act. Among the points the European Union wants to impose is… the interoperability of instant messaging services. How can the French government promote a messaging solution that is not interoperable? And preferably standardized and open.

I talked about Olvid’s proprietary protocol, which is actually more of an API (Application Programming Interface), that is, a document that describes how to automate certain functions of their server. What about the implementation? The client is open source (on iOS and Android), but seeing in their exchange interface calls to URLs named /Freetrial. This implies payment. I am not sure that Olvid would welcome the idea of compiling and deploying one’s own version of the client. That’s the principle of Open Source, but such an initiative could try to circumvent payments to Olvid. As anyway, no open-source server is available and the only one running is operated by Olvid, the client code is of little use. Especially since the client code is published by Olvid, but to what extent can we know if it is 100% identical to the version distributed in the iOS and Android app stores? We don’t really have a way of knowing.

I know that Olvid promises one day to release the server as Open Source. What I’ve seen of the protocol, their business model, and what they say about their implementation, very tied to the Amazon infrastructure (an infrastructure managed by an American company, so much for sovereignty), makes me think that this will not happen, at least not for a very long time. I hope, of course, to be wrong.

Toward Openness and Collaboration in Digital Communication

In the meantime? I would really like us to be serious about instant messaging, that finally all players in the sector row in the same direction, those who work on open protocols, offering free servers and clients, that we build real collaboration, worthy of the construction of internet protocols, to build the foundation of a universal, open, open-source and truly interoperable messaging service. It doesn’t take much, to develop the culture of “coopetition,” collaboration around a common good between competing companies.

---

Found a mistake? I’m not perfect and would be happy to correct it. Contact us!

— Photo by Steve Johnson on Unsplash

The post Instant Messaging: Protocols are “Commons”, Let’s Take Them Seriously first appeared on ProcessOne .

Overview

This release adds important new functionality and adds further device drivers to Red/Black, a management tool that allows you to monitor and control devices and servers across a network, with a particular focus on HF Radio Systems.  A general summary is given in the white paper Red/Black Overview .

Rules

Red/Black 2.1 adds a Rules capability that allows rules to be specified in the Lua programming language, which allows flexible control.    Standard rules are provided along with sample rules to help creation of rules useful for a deployment.  There are a number of rule capabilities:

• A basic rule capability is control based on device parameter values.   Rules can generate alerts, for example to alert at operator at selected severity when a message queue exceeds a certain size.
• For devices with parameters that clearly show faults or exception status,  standard device type rules are provided that will alert the operator to the fault condition.   This standard rule can be selected for devices of that type.
• Rules can set parameters on devices, including control of device actions.   For example, this can be used to turn off  a device when a thermometer device records a high temperature.
• Rules can reference devices connected in the communications chain.  For example a rule can be created to alert an operator if the frequency used on a radio does not match the supported frequency range of a connected antenna.
• Rules can be used to reconfigure (soft) connectivity, for example to switch in a replacement device when a device fails.

Snapshot

Configuration snapshots can be taken, reflecting the current Red/Black configuration, and Red/Black configuration can be reset to a snapshot. The capability is intended to record standard operational status of a setup to allow convenient reversion after temporary changes.

eLogic Radio Gateway driver

The eLogic Radio Gateway provides conversion between synchronous serial and TCP, with multiple convertors in a single SNMP-managed box.  A key target for this is data connectivity to remote Tx/Rx sites.  The Red/Black driver enables configuration as TCP to Serial and Serial to TCP modes, enabling a Red/Black operator to change selected modem/radios.

Web (http) Drivers

Red/Black 2.1 has added an internal Isode framework for managing devices with an HTTP interface, which is being used in a number of new drivers.  This is Isode’s preferred approach for managing devices.   New drivers are:

1. M-Link.   Allows monitoring of M-Link servers, showing:
   1. Number of connected users.
   2. Number of peer connections.
   3. Number of queued stanzas.
2. Icon-5066.  Controlling  STANAG 5066 product:
   1. Enable/Disable node
   2. Show STANAG 5066 Address
   3. Show Number connected SIS clients
   4. Show If flow is on or off
3. Icon-PEP.  Providing:
   1. Enable/Disable service
   2. Show number of TCP connections
   3. Show current transfer rate
4. Sodium Sync.   Providing:
   1. Number of synchronizations
   2. Last synchronization that made changes
   3. List of synchronizations not working correctly
   4. Alerts for failed synchronizations
5. Supported Modems.   This replaces drivers working directly with modems included in Icon-5066 3.0.   The new driver talks directly to Proxy Modem or to Icon-5066 where Proxy Modem is not used.  This displays a wide range of modem parameters.   Various modem types can be selected to display appropriate information from the connected device:
   1. Narrowband Modem.
   2. Narrowband Modem with ALE.
   3. Wideband Modem.
   4. Modem/Radio combined variants of the previous three types.

Other

• Parameter Encryption.   Red/Black can securely store parameters, such as passwords, to prevent exposure as command line arguments to device drivers.
• Device Ordering.   Devices are now listed in alphabetical order.
• Alert Source.  Alerts now clearly show where they are generated (Red/Black; Rule; Device Driver; Device).
• Link to device management.   Where Red/Black monitored devices have Web management, the URL of the Web interface can be configured in Red/Black so that the management UI can be accessed with single click from Red/Black.

MongooseIM, which is our scalable, flexible and cost-efficient instant messaging server, is now easier to use than ever before. The latest release 6.2 introduces a completely new CETS in-memory storage backend, letting you easily deploy it with modern cloud infrastructure solutions such as Kubernetes. The XMPP extensions are also updated, which means that we support new features of the XMPP protocol.

The new version of MongooseIM is very easy to try out, as there are two new options:

• Firstly, you can check out trymongoose.im – a live demo installation of the latest version, which lets you create your own XMPP domain and experiment with it. It also showcases how a Phoenix web application can be integrated with MongooseIM using its GraphQL API.
• If you want to set up your own MongooseIM installation, you can now easily set it up in Kubernetes with Helm. Our new Helm chart automatically templates the configuration files, making it possible to quickly set up a running cluster of several nodes connected to a database.

One of the biggest new features is the support for CETS, which makes management of MongooseIM much easier than before. To fully appreciate this improvement, we need to start with an overview of the clustered storage options in MongooseIM. We will follow with a brief guide, helping you quickly set up a running server with the latest features enabled.

From Mnesia to CETS

MongooseIM is implemented in Erlang, making it possible to handle millions of connected clients exchanging messages.  However, a typical user should not need any Erlang knowledge to deploy and maintain a messaging server. Up to version 6.1 there is one component, which breaks this assumption, making management and maintenance much harder. This component is the built-in Erlang database, Mnesia , which is convenient when you are starting your journey with MongooseIM, because it resides on the local disk and does not need to be started as a separate service. All MongooseIM nodes are clustered together, and they replicate Mnesia tables between them.

Issues with Mnesia

When you go beyond small experiments on your local machine, it is essential not to store any persistent data in Mnesia, because it is not designed for storing large volumes of data. Also, network connectivity issues or incorrect restarts might make your database inconsistent, leading to unexpected errors and cluster nodes refusing to start. It is also difficult to migrate your data to another database. That is why it is strongly recommended to use a relational database management system (RDBMS) such as PostgreSQL or MySQL, which you can host yourself or use cloud-based solutions such as Amazon RDS. However, when you configure MongooseIM 6.1 and its extension modules to use RDBMS, you will find out that the server still needs Mnesia for its operation. This is because Mnesia is also used to store in-memory data shared between the cluster nodes. For example, by sharing user sessions MongooseIM can route messages between users connected to different nodes of the cluster.

When Mnesia was first created, a server node used to be a long-running physical unit that is very rarely restarted – actually one of the main advantages of Erlang was the ability to significantly reduce downtime. With the introduction of virtualisation and containers, a server node is no longer tied to the underlying hardware, and new nodes can be dynamically added or removed. This means that the cluster is much more dynamic, and nodes can be started more often. This brings us to another issue of Mnesia – the need for storing the database schema on disk, which contains the information about all nodes in the cluster and their tables. This is mostly a problem with platforms like Kubernetes, where adding disk storage requires use of persistent volumes, which are costly and need to be manually deleted when a node is removed from the cluster. As a result, the whole management process becomes more error-prone.

Another problem is the additional cluster management required for each node. When a new node starts up, it is not a member of any cluster. There is a join_cluster command that needs to be executed. Same happens with node removal, when leave_cluster needs to be called. For the convenience of the user, our Helm charts automatically call these commands for the started nodes, but they still need to be started in a particular order, which has to be respected when doing restarts and upgrades as well. If for some reason you change that order, the nodes might be locked until all of them are online (see the documentation ) – which is inconvenient, might result in overload and can even cause the whole cluster to be down if the final node does not start up for some reason. Finally, network connectivity issues might result in an inconsistent database or other errors (even without persistent tables), which can be difficult to understand for anyone but Erlang developers and may require manual intervention on the affected nodes. The solution is usually to stop the affected node, clean up the Mnesia volume, and start it again – which adds unwanted downtime for the server and workload for the operator.

It is important to note that we have these issues not because Mnesia is inherently bad, but because our use case has drifted away from its intended purpose, i.e. we need no persistence and transactions, but we would benefit from automatic features like simple conflict resolution and dynamic cluster discovery. This situation led us to develop a new library, which precisely meets our requirements.

Introducing Cluster ETS

CETS is a lightweight replication layer for ETS (Erlang Term Storage) tables. The main principle of this library is to replicate ETS data to other nodes of the cluster with simple and automatic conflict resolution. In most cases the conflicts are not even possible, because the key of each stored key-value tuple uniquely identifies the creating node. In MongooseIM, we are using the RDBMS cluster node discovery mechanism. This means that each cluster node updates the database periodically, storing its name and IP address in the discovery_nodes table. Other nodes check this table periodically to determine the cluster nodes, and connect to them. Nodes that are down for a long time (by default 1 hour) are removed from the table to avoid trying to connect them. The database used for CETS is the same one that is used to store other persistent data, so in a typical case there should be no extra databases required.

The first benefit visible to the user is that the nodes don’t need to be added to the cluster anymore. You don’t need commands like join_cluster or leave_cluster – actually you cannot use them anymore. Another immediate benefit is the lack of persistent volumes required by MongooseIM, which means that any node can be immediately replaced by another fresh instance. It is also no longer possible to have consistency errors, because there is no persistent schema and any (unlikely) conflicts are resolved automatically.

Using CETS

Let’s see how quickly the new MongooseIM with CETS can be set up. This simple example assumes that you have Docker and Kubernetes installed locally. These tools simplify the setup process a lot, but if you cannot use them, you can manually configure MongooseIM to use CETS as well – see the tutorial . In this example we will use PostgreSQL for all persistent storage in MongooseIM, including CETS node discovery. You only need to download the database schema file pg.sql to your current directory and execute the following command:

$ docker run -d --name mongooseim-postgres -e POSTGRES_PASSWORD=mongooseim_secret \
    -e POSTGRES_USER=mongooseim -v `pwd`/pg.sql:/docker-entrypoint-initdb.d/pgsql.sql:ro \
    -p 5432:5432 postgres

The database should be up and running – let’s check it with psql :

$ PGPASSWORD=mongooseim_secret psql -U mongooseim -h localhost
(...)
mongooseim=#

Next, let’s install MongooseIM in Kubernetes with Helm. The volatileDatabase and persistentDatabase options are used to populate the generated MongooseIM configuration file with the required database options. Since we have set the DB to use the default MongooseIM credentials, we don’t need to provide them here. If you want to use a different user name, password or other parameters, see the chart documentation for a complete list of options.

$ helm repo add mongoose https://esl.github.io/MongooseHelm/
$ helm install mim mongoose/mongooseim --set replicaCount=3 --set volatileDatabase=cets \
    --set persistentDatabase=rdbms
NAME: test-mim
LAST DEPLOYED: Tue Nov 28 08:56:16 2023
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
Thank you for installing MongooseIM 6.2.0
(...)

Your three-node cluster using CETS and RDBMS should start up quickly. You can monitor its progress with Kubernetes:

$ watch kubectl get sts,pod,svc

NAME                          READY   AGE
statefulset.apps/mongooseim   3/3     2m

NAME               READY   STATUS    RESTARTS   AGE
pod/mongooseim-0   1/1     Running   0          2m
pod/mongooseim-1   1/1     Running   0          2m
pod/mongooseim-2   1/1     Running   0          1m

NAME                    TYPE           CLUSTER-IP       EXTERNAL-IP   PORT(S)                    AGE
service/kubernetes      ClusterIP      10.96.0.1        <none>        443/TCP                    91d
service/mongooseim      ClusterIP      None             <none>        4369/TCP,5222/TCP, (...)   2m
service/mongooseim-lb   LoadBalancer   10.102.205.139   localhost     5222:32178/TCP, (...)      2m 

When the XMPP port 5222 is open on localhost by the load balancer, the whole service is ready to use. You can check CETS cluster status on each node with the CLI (or the GraphQL API ). The following command checks the status on mongooseim-0 (the first node in the cluster):

$ kubectl exec -it mongooseim-0 -- /usr/lib/mongooseim/bin/mongooseimctl cets systemInfo
{
  "data" : {
    "cets" : {
      "systemInfo" : {
        "unavailableNodes" : [],
        "remoteUnknownTables" : [],
        "remoteNodesWithoutDisco" : [],
        "remoteNodesWithUnknownTables" : [],
        "remoteNodesWithMissingTables" : [],
        "remoteMissingTables" : [],
        "joinedNodes" : [
          "mongooseim@mongooseim-0.mongooseim.default.svc.cluster.local",
          "mongooseim@mongooseim-1.mongooseim.default.svc.cluster.local",
          "mongooseim@mongooseim-2.mongooseim.default.svc.cluster.local"
        ],
        "discoveryWorks" : true,
        "discoveredNodes" : [
          "mongooseim@mongooseim-0.mongooseim.default.svc.cluster.local",
          "mongooseim@mongooseim-1.mongooseim.default.svc.cluster.local",
          "mongooseim@mongooseim-2.mongooseim.default.svc.cluster.local"
        ],
        "conflictTables" : [],
        "conflictNodes" : [],
        "availableNodes" : [
          "mongooseim@mongooseim-0.mongooseim.default.svc.cluster.local",
          "mongooseim@mongooseim-1.mongooseim.default.svc.cluster.local",
          "mongooseim@mongooseim-2.mongooseim.default.svc.cluster.local"
        ]
      }
    }
  }
}

You should see all nodes listed in joinedNodes, discoveredNodes and availableNodes . Other lists should be empty. There is tableInfo as well. This command shows information about each table:

$ kubectl exec -it mongooseim-0 -- /usr/lib/mongooseim/bin/mongooseimctl cets tableInfo
{
  "data" : {
    "cets" : {
      "tableInfo" : [
        {
          "tableName" : "cets_bosh",
          "size" : 0,
          "nodes" : [
            "mongooseim@mongooseim-0.mongooseim.default.svc.cluster.local",
            "mongooseim@mongooseim-1.mongooseim.default.svc.cluster.local",
            "mongooseim@mongooseim-2.mongooseim.default.svc.cluster.local"
          ],
          "memory" : 141
        },
        {
          "tableName" : "cets_cluster_id",
          "size" : 1,
          "nodes" : [
            "mongooseim@mongooseim-0.mongooseim.default.svc.cluster.local",
            "mongooseim@mongooseim-1.mongooseim.default.svc.cluster.local",
            "mongooseim@mongooseim-2.mongooseim.default.svc.cluster.local"
          ],
          "memory" : 156
        },
        {
          "tableName" : "cets_external_component",
          "size" : 0,
          "nodes" : [
            "mongooseim@mongooseim-0.mongooseim.default.svc.cluster.local",
            "mongooseim@mongooseim-1.mongooseim.default.svc.cluster.local",
            "mongooseim@mongooseim-2.mongooseim.default.svc.cluster.local"
          ],
          "memory" : 307
        },
        (...)
      ]
    }
  }
}

You can find more information about these commands in our GraphQL docs , because the CLI is actually using the GraphQL commands. To complete our example, let’s create our first XMPP user account:

$ kubectl exec -it mongooseim-0 -- /usr/lib/mongooseim/bin/mongooseimctl account registerUser \
  --username alice --domain localhost --password secret
{
  "data" : {
    "account" : {
      "registerUser" : {
        "message" : "User alice@localhost successfully registered",
        "jid" : "alice@localhost"
      }
    }
  }
}

Now you can connect to the server with an XMPP client as alice@localhost – see https://trymongoose.im/client-apps or https://xmpp.org/software/?platform=all-platforms for client software.

New extensions

MongooseIM 6.2 satisfies the XMPP Compliance Suites 2023 , as reported at xmpp.org . Thanks to the new extensible architecture of mongoose_c2s, we are implementing new extensions faster than before. For example, we have recently added support for XEP-0386: Bind 2 and XEP-0388: Extensible SASL Profile , allowing the client to authenticate, bind the resource and enable extensions like message carbons , stream management and client state indication . All of this can be done in a single step without the need for redundant roundtrips (see the example ). This way your clients can establish their sessions faster than before, putting less load on the client and the server. We have also updated multiple extensions to their latest versions, and we will continue the effort to keep them up to date, adding new ones as well. Do you think we should support a new XMPP extension? Feel free to request a feature , so we can put it on our roadmap, and if you really want it now, we can discuss possible sponsoring options.

Summary

With the latest release 6.2 we have brought MongooseIM closer to you. Now you can try it out online as well as easily install it in Kubernetes without caring about persistent state and volumes. Your next step is to try our live demo, install MongooseIM with Helm and experiment with it. You can do it all for free and without Erlang knowledge, so go ahead and use it as the foundation of your new messaging solution. You are also not left alone – should you have any questions, please feel free to contact us , and we will be happy to deploy, load-test, health-check, optimise and customise MongooseIM to fit your needs.

The post MongooseIM 6.2: Easy to set up, use and manage appeared first on Erlang Solutions .

Welcome to the XMPP Newsletter, great to have you here again! This issue covers the month of November 2023 and will be the last publication for 2023. Many thanks to all our readers and all contributors!

Like this newsletter, many projects and their efforts in the XMPP community are a result of people’s voluntary work. If you are happy with the services and software you may be using, please consider saying thanks or help these projects! Interested in supporting the Newsletter team? Read more at the bottom .

XSF Announcments

New XSF Board and Council

The XSF members have voted for a new XSF Board and XSF Council . Congratulations to the new Board members Nicola Fabiano, Edward Maurer, Ralph Meijer, Peter Saint-Andre and Matthew Wild. And congratulations to the new Council members Travis Burtrum, Dan Caseley, Daniel Gultsch, Stephen Paul Weber and Marvin Wissfeld.

Please welcome the members to their new or continuing role !

XMPP Summit 26 & FOSDEM 2024

The XSF is planning the XMPP Summit 26, which is to take place on February 1st & 2nd 2024 in Brussels (Belgium, Europe). Following the Summit, the XSF is also planning to be present at FOSDEM 2024, which takes place on February 3rd & 4th 2024. Find all the details in our Wiki . Please sign-up now if you are planning to attend, since this helps organizing. The event is of course open for everyone interested to participate. Spread the word within your circles!

XMPP and Google Summer of Code 2023

The XSF has been a hosting organisation at GSoC in 2023 again, and manages two successful slots for XMPP Contributors . Find the projects for “Windows Support for Dino” and “Implement group chats in Moxxy” .

We are planning to participate the next year. The time to reach out to the XMPP community is now :-)

XSF and Google Summer of Code 2023

XSF Fiscal Hosting Projects

The XSF offers fiscal hosting for XMPP projects. Please apply via Open Collective . For more information, see the announcement blog post . Current projects:

• Mellium Co-op

XMPP Events

• Berlin XMPP Meetup (remote) : monthly meeting of XMPP enthusiasts in Berlin, every 2nd Wednesday of the month
• XMPP Italian happy hour : monthly Italian XMPP web meeting, starting May 16th and then every third Tuesday of the month at 7:00 PM (online event, with web meeting mode and live streaming).

Talks

• XMPP Italian Happy Hour Podcast: Dive into the world of XMPP with the Italian Happy Hour podcast, a monthly event derived from recorded video sessions. Each episode is dedicated to the XMPP protocol, offering insights and discussions from enthusiasts and professionals within the community. Whether you’re commuting, working out, or simply seeking to listen to interesting conversation, this podcast delivers the essence of Italian XMPP gatherings directly to your ears. Tune in at XMPP Italian Happy Hour Podcast or subscribe to the RSS feed to never miss an episode. Find the link to podcast and the link to RSS feed to subscribe the podcast . Plus, join the conversation and keep up with updates by following the podcast page in the Fediverse: @xmpphappyhour@open.audio. The podcast is in Italian but but there may be contributions in English.

Articles

• Automating the automatable : During the past year, the team behind the XMPP Providers project worked on automating the process of gathering data about XMPP providers. Automating this process reduces manual work significantly (for example, checking websites by hand, verifying information, listing sources, etc.) and helps to sustain the team’s efforts. Automation also enables the project to be up to date - every day! A suite of tools has been developed since, providing the ability to query properties via XMPP and through the web. All of these tools are working together in a GitLab pipeline, which runs every night to keep the data up to date.
• Planned downtime + Happy 10th anniversary, yax.im! by Georg Lukas, discussing about the last ten years evolution of yaxim and what’s next.
• Automatic schema update in ejabberd by Jérôme Sautret: Previously, if you were using ejabberd with an external relational database, you might have to manually apply some schema changes that come with new features when you upgrade to a new ejabberd release. ejabberd can now handle this schema upgrade automatically. This articles discuss about this feature.
• Software is Political by SamWhited: adapted from closing remarks of an XMPP talk at FOSSY, this article discuss about why SamWhited thinks to use as a universal standardized chat protocol is the correct choice.
• The Power of Green Coding: Erlang and Elixir Leading the Charge by Simon El Nahas: In the era of the green revolution, Erlang and Elixir languages are helping industries reduce server consumption and minimise environmental impact. Here are some industry examples demonstrating this.
• Italian XMPP-IT Community - they have a website now: www.xmpp-it.net , a group chat: xmpp-it@conference.xmpp-it.net , they also have a Git to share, create and develop software, configurations and documents concerning the XMPP protocol: git.xmpp-it.net , and finally created a wiki for documentation in Italian: wiki.xmpp-it.net . There is a first translated guide in Snikket.

Software News

Clients and Applications

• Gajim 1.8.3 and 1.8.4 have been released. These releases come with improvements for the profile window, fail-safes for anonymous accounts, usability improvements, and several fixes.
• Psi+ 1.5.1653 has been released.
• Libervia has received new funding from NLnet/NGI0 for the development of an email-XMPP gateway. This project will enable the conversion of email messages to XMPP and vice versa, including the transformation of mailing lists into pubsub-based forums. Enhancements in Libervia will include UI/UX improvements, end-to-end encryption, and advanced handling of attachments. More details on the project are available here .
• monocles chat 1.7.7.5 has been released and got several fixes and improvements like the re-implementation of stickers or a DNSSEC and DANE check shown in the interface. Also an option to enforce DANE and further improvements in the latest Beta 1.7.8 .

Servers

• Openfire 4.8.0 Beta with a lot of security improvements…
• Openfire plugin maintenance release galore!
• New Openfire plugin: Reporting Account Affiliations
• More Openfire plugin maintenance releases!
• External Service Discovery plugin 1.0.2 released!
• REST API Openfire plugin 1.10.2 released!

Libraries & Tools

• nbxmpp 4.5.1 , 4.5.2 and 4.5.3 have been released and come with bug fixes.
• Smack 4.4.7 has been released

Extensions and specifications

The XMPP Standards Foundation develops extensions to XMPP in its XEP series in addition to XMPP RFCs .

Developers and other standards experts from around the world collaborate on these extensions, developing new specifications for emerging practices, and refining existing ways of doing things. Proposed by anybody, the particularly successful ones end up as Final or Active - depending on their type - while others are carefully archived as Deferred. This life cycle is described in XEP-0001 , which contains the formal and canonical definitions for the types, states, and processes. Read more about the standards process . Communication around Standards and Extensions happens in the Standards Mailing List ( online archive ).

Proposed

The XEP development process starts by writing up an idea and submitting it to the XMPP Editor. Within two weeks, the Council decides whether to accept this proposal as an Experimental XEP.

• No XEPs proposed this month.

New

• No new XEPs this month.

Deferred

If an experimental XEP is not updated for more than twelve months, it will be moved off Experimental to Deferred. If there is another update, it will put the XEP back onto Experimental.

• No XEPs deferred this month.

Updated

• No XEPs updated this month.

Last Call

Last calls are issued once everyone seems satisfied with the current XEP status. After the Council decides whether the XEP seems ready, the XMPP Editor issues a Last Call for comments. The feedback gathered during the Last Call can help improve the XEP before returning it to the Council for advancement to Stable.

• Community Code of Conduct
  • This document describes the XMPP Standard Foundation’s Code of Conduct. This Last Call begins today and shall end at the close of business on 2023-11-30.

Stable

• No XEP moved to stable this month.

Deprecated

• No XEP deprecated this month.

Spread the news

Please share the news on other networks:

• Mastodon
• Twitter
• YouTube
• LinkedIn
• Lemmy instance (unofficial)
• Reddit (unofficial)

Also check out our RSS Feed !

Looking for job offers or want to hire a professional consultant for your XMPP project? Visit our XMPP job board .

Newsletter Contributors & Translations

This is a community effort, and we would like to thank translators for their contributions. Volunteers are welcome! Translations of the XMPP Newsletter will be released here (with some delay):

• English (original): xmpp.org
  • General contributors: Adrien Bourmault (neox), Alexander “PapaTutuWawa”, Arne, cal0pteryx, emus, Federico, Jonas Stein, Kris “poVoq”, Licaon_Kter, Ludovic Bocquet, Mario Sabatino, melvo, MSavoritias (fae,ve), nicola, Simone Canaletti, XSF iTeam
• French: jabberfr.org and linuxfr.org
  • Translators: Adrien Bourmault (neox), alkino, anubis, Arkem, Benoît Sibaud, mathieui, nyco, Pierre Jarillon, Ppjet6, Ysabeau
• German: xmpp.org and anoxinon.de
  • Translators: Jeybe, wh0nix
• Italian: notes.nicfab.eu
  • Translators: nicola
• Spanish: xmpp.org
  • Translators: daimonduff, TheCoffeMaker

Help us to build the newsletter

This XMPP Newsletter is produced collaboratively by the XMPP community. Each month’s newsletter issue is drafted in this simple pad . At the end of each month, the pad’s content is merged into the XSF Github repository . We are always happy to welcome contributors. Do not hesitate to join the discussion in our Comm-Team group chat (MUC) and thereby help us sustain this as a community effort. You have a project and want to spread the news? Please consider sharing your news or events here, and promote it to a large audience.

Tasks we do on a regular basis:

• gathering news in the XMPP universe
• short summaries of news and events
• summary of the monthly communication on extensions (XEPs)
• review of the newsletter draft
• preparation of media images
• translations
• communication via media accounts

License

This newsletter is published under CC BY-SA license .