Snikket XMPP Server Manager is a complete bash toolkit I built for managing a self-hosted Snikket XMPP server with TURN relay, SSLH traffic multiplexing, file sharing server, and automated SSL certificates. The Snikket XMPP Server Manager handles the complete lifecycle, deployment, configuration, backup, certificate renewal, and service monitoring, all through a single management script running on xmpp.ilia.ae.
Why Self-Hosted XMPP
For private team communications, dependency on third-party platforms means accepting their data policies, outage risks, and pricing changes. XMPP with Snikket gives full control: end-to-end encryption (OMEMO), federation capability, own data storage, and zero per-user licensing. This is the same principle behind deploying self-hosted Rocket.Chat, own your communications infrastructure.
System Components
- Snikket XMPP Server, full-featured XMPP server with modern client support, OMEMO encryption, group chats, and mobile push notifications
- TURN Server, NAT traversal relay for voice/video calls, configured for turn.ilia.ae and stun.ilia.ae
- SSLH Proxy, port 443 traffic multiplexer routing HTTPS and XMPP-over-TLS through a single port
- File Server, HTTP file upload/download server at share.xmpp.ilia.ae for media sharing
- SSL Automation, automatic certificate renewal for all subdomains
Management Script
The snikket-manager.sh script provides single-command operations: status checks across all services, backup creation before changes, service restarts, certificate renewal, and log inspection. For infrastructure that runs 24/7, having reliable one-liner operations for common tasks eliminates human error during maintenance windows.
Practical Application
As a Fractional CTO, I use this XMPP deployment for secure internal communications. The SSLH proxy is particularly valuable, it allows XMPP traffic on port 443, bypassing restrictive corporate firewalls that block standard XMPP ports. Combined with automated DNS and SSL management, the entire stack is self-maintaining.
The management toolkit is available upon request. Contact me for access or messaging infrastructure consulting.
FAQ
Can Snikket federate with other XMPP servers?
Yes. Snikket supports standard XMPP federation, allowing users to communicate with any XMPP server. Federation can be enabled or restricted per policy.
Why SSLH instead of separate ports?
Many corporate and hotel networks only allow port 443 outbound. SSLH multiplexes HTTPS and XMPP-over-TLS on a single port.
How does TURN handle video calls?
TURN relays media traffic when direct peer-to-peer connections fail due to symmetric NAT. STUN handles the simpler cases. Both are configured with proper credentials and TLS.
What about mobile push notifications?
Snikket includes built-in push notification support for iOS and Android clients.
