stratself
It's claimed to be official. But I went with https://continuwuity.org/ since it seemed to have a more active community. Plus ever since then, the core maintainer of Tuwunel has been making threats against Continuwuity including personal attacks, and seems to be quite unpleasant to deal with in general. There's also been a thread about it here. So I honestly lost all taste to reconsider.
For Matrix consider Continuwuity instead of Synapse if you want something easier to maintain. You'll also want to set up Element Call (i.e. the "new" calling stack) for wider client support.
Notifications can be unreliable but it depends on your push provider (e.g. don't use the default ntfy.sh instance, use another one or selfhost yours). Do let me know of any other nits though.
For XMPP, notifications is most reliable as it maintains an in-band connection to the server. A/V is a bit more lacking, as mobile clients can only do 1:1 calls, and it misses some smaller features compared to matrix. But it's very lightweight and should be more than capable for use with family and friends.
Look into DNS-01 challenge where instead of exposing 80/443, you obtain a cert by creating a TXT record for your domain. This requires your ACME client to support talking to your DNS provider's API. For certbot they're installable via plugins, for lego-acme many providers are included.
Hello,
Is it safe to use bridges at all? Who can read what on the server if I am using a bridge?
The Whatsapp/Signal bridge-bot thing can decrypt your chat and store them in plain text. So technically, the bridge operators can see the contents of your messages. In your case, they are probably the same people running nope.chat.
Unfortunately this is required for bridges to work across platforms.
If you are technically inclined, you may consider selfhosting your own server and bridges to fully control your data. You can also enable end-to-bridge-encryption if need be.
Second Concern: I keep getting invitations to a WhatsApp-Community I have never joined. I have declined the invitation but it keeps popping up. If I wanted to ban this chat I would have to ban the whole WhatsApp-Bot.
I believe the best way is to ban this chat from the WhatsApp client directly. Alternatively, you can try banning the room in Matrix too.
I know this will happen lol
most of the guides can be outdated because the software changes a lot. You'd find some better support writing on their Discord guild
Caddy supports the HTTP-01 and TLS-ALPN-01 challenges by default, you just need to expose 80/443 and it just works. But if you want to use the DNS-01 challenge you'd need to build it with a plugin of your DNS provider.
Traefik supports all 3 challenges equally ootb, with a wide range of DNS providers. But it is a bit harder to configure and doesn't support being a web server.
I wanna reshare my experiences here. Essentially it doesn't scale well with large rooms, and isn't friendly with janky/underpowered equipment like XMPP. But with a lot of performance tuning it can go a long way.
For a room, the amount of servers you federate with is a more reliable metric than member count (so 5000 accounts on 2 servers would likely take less load than 500 accounts on 500 servers, as an example). There are some large public rooms that are very broken, and I advise banning them before users get to join
Search "selfhosting" on matrixrooms.info and sort by most members, you should find a few
I believe as of now, the databases do not diverge and hence a binary swap/container image swap is doable. If you already set up SSO logins, then I'm not sure because Continuwuity doesn't support that yet.
Please re-ask the question with the folks in #continuwuity:continuwuity.org to be extra sure before doing anything. Oh and without saying, do clone and backup the data paths for easy reverts later