this post was submitted on 21 Mar 2026
32 points (84.8% liked)

Selfhosted

57810 readers
837 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

  7. No low-effort posts. This is subjective and will largely be determined by the community member reports.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
32
NaiHe – lightweight E2E encrypted chat over any self-hosted MQTT broker (github.com)
submitted 2 days ago by clinamen0@lemmy.world to c/selfhosted@lemmy.world
5 comments fedilink hide all child comments
 

Built a small encrypted messenger that runs over any MQTT broker you host. The broker is just a dumb relay — it only sees ciphertext, never plaintext. Setup is dead simple: spin up an MQTT broker (EMQX, Mosquitto, whatever), share a room name and encryption key with someone, done. ChaCha20-Poly1305 + Argon2id, fresh salt and nonce per message. Rust backend (Tauri), React frontend, single portable exe around 5MB. There's also a clipboard encryption mode — type plaintext, it encrypts to clipboard, paste into any app. Useful if you don't want to run a dedicated chat client. Originally designed for people in censored regions, but it works as a minimal self-hosted secure chat for anyone who wants it. Limitations: no forward secrecy, no traffic obfuscation, Windows only for now. Tauri should make cross-compilation straightforward if anyone wants to build for Linux/macOS. Unlicense, public domain. I'm not maintaining it — fork and do what you want.

top 5 comments
sorted by: hot top controversial new old
[–] moonpiedumplings@programming.dev 13 points 2 days ago* (last edited 2 days ago) (1 children)

Journalists communicating with sources in censored regions

Whistleblowers sharing information securely

You and your peer agree on an encryption key (any string).

This is unacceptably unsecure for the usecases you mention. There is a reason why the most secure messaging apps don't use symetric encryption, don't use passphrases, and they also possess forward secrecy.

It's pointless to push this as a censhorship circumvention method when many other methods exist that already do so 10x better, in a secure way, over decentralized, hidden and unblockable infrastructure. (Tor's meek-azure bridges use microsoft's infrastructure, which nobody is able to block because everybody depends on it, even China).

I appreciate the project, and I am always happy to see people learning, progressing, and publishing their results, but you need to be honest about the weaknesses of your software compared to established solutions. It's not impossible for you to one day produce a secure messaging app, but today is not the day. Right now, using this is just a fast way to get killed.

[–] clinamen0@lemmy.world 1 points 2 days ago

Thank you for your reply. In fact, this project is a one-off project and a vision. The original idea came from fear — my fear. The fear of having your communications surveilled, and the legal risks that come with having your speech monitored. I face all of these.

My vision: the software should be simple, easy to use, quickly distributable, non-commercial, available to every ordinary person, maximizing the cost of censorship for authoritarian governments — until the day when we can finally see the light.

For this reason, I gave up many complex designs.

Its goal: "two people get the software and can use it right away." Only this way can more ordinary people in authoritarian countries embrace this kind of information protection. Indeed, more secure methods exist, but those tools are too complex. Moreover, citizens in authoritarian countries are naturally hostile toward such software. But an app that lets you chat in ciphertext directly on social media, or use it standalone, is something interesting. And citizens in many authoritarian countries are about to face ubiquitous surveillance — because of AI.

Based on this, anyone with some basic knowledge of Rust can quickly build and distribute it. For higher-risk scenarios, excellent community forks can address those needs.

This is my vision.

Note: This account will be retired soon to prevent tracing. And I hope we shall meet again, in the place where there is no darkness.

[–] Cyber@feddit.uk 3 points 2 days ago* (last edited 2 days ago) (1 children)

Why the 1-off release with no further development? (9 months ago)

Interestimg take though, using MQTT instead of XMPP

[–] clinamen0@lemmy.world 0 points 2 days ago

Thank you very much for your reply. In fact, this project is a one-off project and a vision. The original idea came from fear — the fear of having your communications surveilled, and the legal risks that come with having your speech monitored.

It had many ideas, which were eventually abandoned. I'm unable to continuously maintain and update this project, so it would need community forks.

The 9-month silence was also for the same reason. The account replying to you (clinamen0) will also be retired soon, to prevent tracing.

[–] clinamen0@lemmy.world 4 points 2 days ago

Due to throwaway account limitations, I can't post this in many places. If you think this project is useful, feel free to share it wherever you think it fits.